Nowe rangi grup użytkowników
|
qdlacz007 |
Dodany dnia 19.02.2009 16:10:23
|
Przedszkolak
Postów: 18
Data rejestracji: 04.01.2009 01:22
|
Przy przypisaniu gif'ów rang mam możliwość przypisania tylko do (moderatorów, adminów, superadminów, użytkowników), jak zrobić żeby dodać jeszcze jakąś grupę która będzie miała stałą nie zmienna rangę??
Wiadomość doklejona:
Może ktoś podpowie które pliki trzeba edytować chociaż??Albo w jaki sposób można nadać określonemu userowi inny gif rang na forum??
Wiadomość doklejona:
Ok udało mi się to zrobić , w bazie danych przypisałem do grupy nowy level ( 108 ) i do rangi ten sam. Tylko teraz jest inny problem , w kodzie php. Przy takim level'u nadaje admina userowi bez możliwości wejścia w PA, może on tylko ustawić hasło admina.
I pytanie gdzie dopisac ten level żeby był na poziomie zwykłego (101) ??
PW od moderatora:
- Zmiana nazwy tematu - bartek124 19.02 - 16:22
- Przeniesienie tematu - bartek124 19.02 - 16:22
Edytowane przez Pieka dnia 15.03.2009 10:40:10
|
|
|
|
Wścibski Gość |
Dodany dnia 25.11.2024 23:02:52
|
Pan Kontekstualny
Postów: n^x
Data rejestracji: Zawsze
|
|
IP: localhost |
|
|
eridor |
Dodany dnia 11.04.2009 19:22:02
|
Przedszkolak
Postów: 68 Ostrzeżeń: 2
Data rejestracji: 25.10.2008 21:42
|
Hmm.. dołączam się do tych dwóch pytań
- Jak dodać listę niestandardowych grup
oraz
- Jak dodać nowy rodzaj konta do tych wszystkich list (przykładowo o numerze 104 -> VIP)
...
|
|
|
|
VirtualPS |
Dodany dnia 24.04.2009 22:09:04
|
Przedszkolak
Postów: 41 Ostrzeżeń: 4
Data rejestracji: 02.11.2008 12:26
ZBANOWANY: Dożywotnio
|
Mimo tego, że moja rada nie jest dokładnie tym o co wam chodziło postanawiam zamieścić wskazówkę (choć zapewne już o niej wiecie), dla użytkowników fusionboard 4, która w pewnym sensie zastąpi dodatkowe rangi.
Tak więc oprócz tego, że danego użytkownika mamy np. w grupie GRAFIK, to by zrobić prowizoryczny obrazek rangi wchodzimy we wtyczki-->fusionboard-->Nagrody-->wpisujemy nick usera--> i z listy wybieramy obrazek Rangi, który wcześniej umieściliśmy na serwerze w /infusions/fusionboard4/images/awards/ . Nie jest to filozofią, lecz może komuś pomoże.
Pozdrawiam.
|
|
|
|
eridor |
Dodany dnia 03.06.2009 23:03:47
|
Przedszkolak
Postów: 68 Ostrzeżeń: 2
Data rejestracji: 25.10.2008 21:42
|
Hmm.. Prowizorka.. Ale może da się jakoś dopisać grupy do listy?
...
|
|
|
|
DJPromo |
Dodany dnia 04.06.2009 01:32:20
|
Bywalec
Postów: 630 Pomógł: 41
v7.02.07 Data rejestracji: 13.06.2006 18:51
|
Ok mam dla was rozwiązanie jest ono nowatorskie bo trzeba trochę plików edytować, ale działa. Zaznaczam że modyfikacje wprowadzacie na własną odpowiedzialność.
To tak otwieramy plik maincore.php szukamy funkcji:
// Display the user's level
function getuserlevel($userlevel) {
global $locale;
if ($userlevel == 101) { return $locale['user1'];
} elseif ($userlevel == 102) { return $locale['user2'];
} elseif ($userlevel == 103) { return $locale['user3']; }
}
Zamieniamy na:
// Display the user's level
function getuserlevel($userlevel) {
global $locale;
if ($userlevel == 101) { return $locale['user1'];
} elseif ($userlevel == 102) { return $locale['user2'];
} elseif ($userlevel == 103) { return $locale['user3'];
} elseif ($userlevel == 108) { return $locale['user4']; }
}
Dalej szukamy // Compile access levels & user group array
function getusergroups() {
global $locale, $groups_cache;
$groups_array = array(
array("0", $locale['user0']),
array("101", $locale['user1']),
array("102", $locale['user2']),
array("103", $locale['user3'])
);
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
array_push($groups_array, array($group['group_id'], $group['group_name']));
}
}
return $groups_array;
}
Zamieniamy na:
// Compile access levels & user group array
function getusergroups() {
global $locale, $groups_cache;
$groups_array = array(
array("0", $locale['user0']),
array("101", $locale['user1']),
array("102", $locale['user2']),
array("103", $locale['user3']),
array("108", $locale['user4'])
);
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
array_push($groups_array, array($group['group_id'], $group['group_name']));
}
}
return $groups_array;
}
Dalej // Get the name of the access level or user group
function getgroupname($group_id, $return_desc = false) {
global $locale, $groups_cache;
if ($group_id == "0") { return $locale['user0'];
} elseif ($group_id == "101") { return $locale['user1']; exit;
} elseif ($group_id == "102") { return $locale['user2']; exit;
} elseif ($group_id == "103") { return $locale['user3']; exit;
} else {
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
if ($group_id == $group['group_id']) { return ($return_desc ? ($group['group_description'] ? $group['group_description'] : '-') : $group['group_name']); exit; }
}
}
}
return "N/A";
}
Zamieniamy na: // Get the name of the access level or user group
function getgroupname($group_id, $return_desc = false) {
global $locale, $groups_cache;
if ($group_id == "0") { return $locale['user0'];
} elseif ($group_id == "101") { return $locale['user1']; exit;
} elseif ($group_id == "102") { return $locale['user2']; exit;
} elseif ($group_id == "103") { return $locale['user3']; exit;
} elseif ($group_id == "108") { return $locale['user4']; exit;
} else {
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
if ($group_id == $group['group_id']) { return ($return_desc ? ($group['group_description'] ? $group['group_description'] : '-') : $group['group_name']); exit; }
}
}
}
return "N/A";
}
Zapisujemy teraz otwieramy plik locale/global.php
Szukamy $locale['user3'] = "Główny administrator";
pod dodajemy $locale['user4'] = "Newsman";
Zapisujemy i wgrywamy
Oki Pierwszy etap mamy za sobą jak wyżej widać powielałem w funkcji wpisy dotyczące grupy oznaczając ja jako "108" nadając jej napis Newsman można w ten sposób dodać masę grup. Teraz została nam edycja pliku administrators.php
Który podam cały bo myślę, że go nie macie edytowanego albo zmienionego w czystej postaci z paczki php-fusion-7-00-05-pl.
<?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: administrators.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at http://www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../maincore.php";
require_once THEMES."templates/admin_header.php";
include LOCALE.LOCALESET."admin/admins.php";
if (!checkrights("AD") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect("../index.php"); }
if (isset($_GET['status']) && !isset($message)) {
if ($_GET['status'] == "sn") {
$message = $locale['400'];
} elseif ($_GET['status'] == "su") {
$message = $locale['401'];
} elseif ($_GET['status'] == "del") {
$message = $locale['402'];
} elseif ($_GET['status'] == "pw") {
$message = $locale['global_182'];
}
if ($message) { echo "<div class='admin-message'>".$message."</div>\n"; }
}
if (isset($_POST['cancel'])) {
redirect(FUSION_SELF.$aidlink);
}
//dodawanie z ograniczonym dostępem DJPromo
if (isset($_POST['add_admin2']) && (isset($_POST['user_id']) && isnum($_POST['user_id']))) {
if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || (isset($_POST['admin_password']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password'])) {
if (isset($_POST['restricted_rights'])) {
$admin_rights2 = "A.AC.NC.N";
$result = dbquery("UPDATE ".DB_USERS." SET user_level='108', user_rights='$admin_rights2' WHERE user_id='".$_POST['user_id']."'");
}
if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password']) {
setcookie(COOKIE_PREFIX."admin", md5($_POST['admin_password']), time() + 3600, "/", "", "0");
}
redirect(FUSION_SELF.$aidlink."&status=sn", true);
} else {
redirect(FUSION_SELF.$aidlink."&status=pw");
}
}
//koniec dodawania z ograniczonym dostępem DJPromo
if (isset($_POST['add_admin']) && (isset($_POST['user_id']) && isnum($_POST['user_id']))) {
if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || (isset($_POST['admin_password']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password'])) {
if (isset($_POST['all_rights']) || isset($_POST['make_super'])) {
$admin_rights = "";
$result = dbquery("SELECT DISTINCT admin_rights AS admin_right FROM ".DB_ADMIN." ORDER BY admin_right");
while ($data = dbarray($result)) {
$admin_rights .= (isset($admin_rights) ? "." : "").$data['admin_right'];
}
$result = dbquery("UPDATE ".DB_USERS." SET user_level='".(isset($_POST['make_super']) ? "103" : "102")."', user_rights='$admin_rights' WHERE user_id='".$_POST['user_id']."'");
} else {
$result = dbquery("UPDATE ".DB_USERS." SET user_level='102' WHERE user_id='".$_POST['user_id']."'");
}
if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password']) {
setcookie(COOKIE_PREFIX."admin", md5($_POST['admin_password']), time() + 3600, "/", "", "0");
}
redirect(FUSION_SELF.$aidlink."&status=sn", true);
} else {
redirect(FUSION_SELF.$aidlink."&status=pw");
}
}
if (isset($_GET['remove']) && (isset($_GET['remove']) && isnum($_GET['remove']) && $_GET['remove'] != 1)) {
if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || (isset($_POST['admin_password']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password'])) {
$result = dbquery("UPDATE ".DB_USERS." SET user_admin_password='', user_level='101', user_rights='' WHERE user_id='".$_GET['remove']."' AND user_level>='102'");
if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password']) {
setcookie(COOKIE_PREFIX."admin", md5($_POST['admin_password']), time() + 3600, "/", "", "0");
}
redirect(FUSION_SELF.$aidlink."&status=del", true);
} else {
if (isset($_POST['confirm'])) {
echo "<div class='admin-message'>".$locale['global_182']."</div>\n";
}
opentable($locale['470']);
echo "<div style='text-align:center'>\n";
echo "<form action='".FUSION_SELF.$aidlink."&remove=".$_GET['remove']."' method='post'>\n";
echo $locale['471']."<br /><br />\n<input class='textbox' type='password' name='admin_password' /><br /><br />\n";
echo "<input class='button' type='submit' name='confirm' value='".$locale['472']."' />\n";
echo "<input class='button' type='submit' name='cancel' value='".$locale['473']."' />\n";
echo "</form>\n</div>\n";
closetable();
}
}
if (isset($_POST['update_admin']) && (isset($_GET['user_id']) && isnum($_GET['user_id']) && $_GET['user_id'] != 1)) {
if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || (isset($_POST['admin_password']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password'])) {
if (isset($_POST['rights'])) {
$user_rights = "";
for ($i = 0;$i < count($_POST['rights']);$i++) {
$user_rights .= ($user_rights != "" ? "." : "").stripinput($_POST['rights'][$i]);
}
$result = dbquery("UPDATE ".DB_USERS." SET user_rights='$user_rights' WHERE user_id='".$_GET['user_id']."' AND user_level>='102'");
} else {
$result = dbquery("UPDATE ".DB_USERS." SET user_rights='' WHERE user_id='".$_GET['user_id']."' AND user_level>='102'");
}
if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password']) {
setcookie(COOKIE_PREFIX."admin", md5($_POST['admin_password']), time() + 3600, "/", "", "0");
}
redirect(FUSION_SELF.$aidlink."&status=su", true);
} else {
redirect(FUSION_SELF.$aidlink."&status=pw");
}
}
if (isset($_GET['edit']) && isnum($_GET['edit']) && $_GET['edit'] != 1) {
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_id='".$_GET['edit']."' AND user_level>='102' ORDER BY user_id");
if (dbrows($result)) {
$data = dbarray($result);
$user_rights = explode(".", $data['user_rights']);
$result2 = dbquery("SELECT * FROM ".DB_ADMIN." ORDER BY admin_page ASC,admin_title");
opentable($locale['440']." [".$data['user_name']."]");
$columns = 2; $counter = 0; $page = 1;
$admin_page = array($locale['441'], $locale['442'], $locale['443'], $locale['444']);
echo "<form name='rightsform' method='post' action='".FUSION_SELF.$aidlink."&user_id=".$_GET['edit']."'>\n";
echo "<table cellpadding='0' cellspacing='1' width='450' class='tbl-border center'>\n";
echo "<tr>\n<td colspan='2' class='tbl2'><strong>".$admin_page['0']."</strong></td>\n</tr>\n<tr>\n";
while ($data2 = dbarray($result2)) {
if ($page != $data2['admin_page']) {
echo ($counter % $columns == 0 ? "</tr>\n" : "<td width='50%' class='tbl1'></td>\n</tr>\n");
echo "<tr>\n<td colspan='2' class='tbl2'><strong>".$admin_page[$page]."</strong></td>\n</tr>\n<tr>\n";
$page++; $counter = 0;
}
if ($counter != 0 && ($counter % $columns == 0)) { echo "</tr>\n<tr>\n"; }
echo "<td width='50%' class='tbl1'><label><input type='checkbox' name='rights[]' value='".$data2['admin_rights']."'".(in_array($data2['admin_rights'], $user_rights) ? " checked='checked'" : "")." /> ".$data2['admin_title']."</label></td>\n";
$counter++;
}
echo "</tr>\n<tr>\n</table>\n";
echo "<div style='text-align:center'><br />\n";
echo "<input type='button' class='button' onclick=\"setChecked('rightsform','rights[]',1);\" value='".$locale['445']."' />\n";
echo "<input type='button' class='button' onclick=\"setChecked('rightsform','rights[]',0);\" value='".$locale['446']."' /><br /><br />\n";
if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && (!isset($_POST['admin_password']) || md5(md5($_POST['admin_password'])) != $userdata['user_admin_password'])) {
echo $locale['447']." <input type='password' name='admin_password' class='textbox' style='width:150px;' /><br /><br />\n";
}
echo "<input type='submit' name='update_admin' value='".$locale['448']."' class='button' />\n";
echo "</div>\n</form>\n";
closetable();
echo "<script type='text/javascript'>"."\n"."function setChecked(frmName,chkName,val) {"."\n";
echo "dml=document.forms[frmName];"."\n"."len=dml.elements.length;"."\n"."for(i=0;i < len;i++) {"."\n";
echo "if(dml.elements[i].name == chkName) {"."\n"."dml.elements[i].checked = val;"."\n";
echo "}\n}\n}\n</script>\n";
}
} else {
opentable($locale['410']);
if (!isset($_POST['search_users']) || !isset($_POST['search_criteria'])) {
echo "<form name='searchform' method='post' action='".FUSION_SELF.$aidlink."'>\n";
echo "<table cellpadding='0' cellspacing='0' width='450' class='center'>\n";
echo "<tr>\n<td align='center' class='tbl'>".$locale['411']."<br /><br />\n";
echo "<input type='text' name='search_criteria' class='textbox' style='width:300px' />\n</td>\n";
echo "</tr>\n<tr>\n<td align='center' class='tbl'>\n";
echo "<label><input type='radio' name='search_type' value='user_name' checked='checked' />".$locale['413']."</label>\n";
echo "<label><input type='radio' name='search_type' value='user_id' />".$locale['412']."</label></td>\n";
echo "</tr>\n<tr>\n<td align='center' class='tbl'><input type='submit' name='search_users' value='".$locale['414']."' class='button' /></td>\n";
echo "</tr>\n</table>\n</form>\n";
} elseif (isset($_POST['search_users']) && isset($_POST['search_criteria'])) {
$mysql_search = "";
if ($_POST['search_type'] == "user_id" && isnum($_POST['search_criteria'])) {
$mysql_search .= "user_id='".$_POST['search_criteria']."' ";
} elseif ($_POST['search_type'] == "user_name" && preg_match("/^[-0-9A-Z_@\s]+$/i", $_POST['search_criteria'])) {
$mysql_search .= "user_name LIKE '".$_POST['search_criteria']."%' ";
}
if ($mysql_search) {
$result = dbquery("SELECT user_id, user_name FROM ".DB_USERS." WHERE ".$mysql_search." AND user_level='101' ORDER BY user_name");
}
if (isset($result) && dbrows($result)) {
echo "<form name='add_users_form' method='post' action='".FUSION_SELF.$aidlink."'>\n";
echo "<table cellpadding='0' cellspacing='1' width='450' class='tbl-border center'>\n";
$i = 0; $users = "";
while ($data = dbarray($result)) {
$row_color = ($i % 2 == 0 ? "tbl1" : "tbl2"); $i++;
$users .= "<tr>\n<td class='$row_color'><label><input type='radio' name='user_id' value='".$data['user_id']."' /> ".$data['user_name']."</label></td>\n</tr>";
}
if ($i > 0) {
echo "<tr>\n<td class='tbl2'><strong>".$locale['413']."</strong></td>\n</tr>\n";
echo $users."<tr>\n<td align='center' class='tbl'>\n";
echo "<input type='checkbox' name='all_rights' value='1' /> ".$locale['415']."<br />\n";
echo "<input type='checkbox' name='restricted_rights' value='2' /> Dodaj ograniczone uprawnienia<br />\n";
if ($userdata['user_level'] == 103) { echo "<label><input type='checkbox' name='make_super' value='1' /> ".$locale['416']."</label><br />\n"; }
if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && (!isset($_POST['admin_password']) || md5(md5($_POST['admin_password'])) != $userdata['user_admin_password'])) {
echo $locale['447']." <input type='password' name='admin_password' class='textbox' style='width:150px;' /><br /><br />\n";
}
echo "<br />\n<input type='submit' name='add_admin' value='".$locale['417']."' class='button' />\n";
echo "<br /><br /> <span style='font-size: 9px;'>Tylko w przypadku zaznaczenia<br><b> Dodaj ograniczone uprawnienia</b></span><br><input type='submit' name='add_admin2' value='Dodaj uprawnienia' class='button' />\n";
echo "</td>\n</tr>\n";
} else {
echo "<tr>\n<td align='center' class='tbl'>".$locale['418']."<br /><br />\n";
echo "<a href='".FUSION_SELF.$aidlink."'>".$locale['419']."</a>\n</td>\n</tr>\n";
}
echo "</table>\n</form>\n";
} else {
echo "<table cellpadding='0' cellspacing='1' width='450' class='tbl-border center'>\n";
echo "<tr>\n<td align='center' class='tbl'>".$locale['418']."<br /><br />\n";
echo "<a href='".FUSION_SELF.$aidlink."'>".$locale['419']."</a>\n</td>\n</tr>\n</table>\n";
}
}
closetable();
opentable($locale['420']);
$i = 0;
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_level>='102' ORDER BY user_level DESC, user_name");
echo "<table cellpadding='0' cellspacing='1' width='450' class='tbl-border center'>\n<tr>\n";
echo "<td class='tbl2'>".$locale['421']."</td>\n";
echo "<td align='center' width='1%' class='tbl2' style='white-space:nowrap'>".$locale['422']."</td>\n";
echo "<td align='center' width='1%' class='tbl2' style='white-space:nowrap'>".$locale['423']."</td>\n";
echo "</tr>\n";
while ($data = dbarray($result)) {
$row_color = $i % 2 == 0 ? "tbl1" : "tbl2";
echo "<tr>\n<td class='$row_color'><span title='".($data['user_rights'] ? str_replace(".", " ", $data['user_rights']) : "".$locale['425']."")."' style='cursor:hand;'>".$data['user_name']."</span></td>\n";
echo "<td align='center' width='1%' class='$row_color' style='white-space:nowrap'>".getuserlevel($data['user_level'])."</td>\n";
echo "<td align='center' width='1%' class='$row_color' style='white-space:nowrap'>\n";
if ($data['user_level'] == "103" && $userdata['user_id'] == "1") { $can_edit = true;
} elseif ($data['user_level'] != "103") { $can_edit = true;
} else { $can_edit = false; }
if ($can_edit == true && $data['user_id'] != "1") {
echo "<a href='".FUSION_SELF.$aidlink."&edit=".$data['user_id']."'>".$locale['426']."</a> |\n";
echo "<a href='".FUSION_SELF.$aidlink."&remove=".$data['user_id']."' onclick=\"return confirm('".$locale['460']."');\">".$locale['427']."</a>\n";
}
echo "</td>\n</tr>\n";
$i++;
}
echo "</table>\n";
closetable();
}
require_once THEMES."templates/footer.php";
?>
Uprawnienia jakie nadałem maja wartości A.AC.NC.N takie sobie wybrałem np: dla newsmana do testów w chwili jak dodam go do grupy ( po edycji możemy dać mu wszystkie, albo dodać jeszcze jakieś uprawnienia :)
w lini 45 zmienimy te wartości $admin_rights2 = "A.AC.NC.N";
Lub możemy zostawić puste wtedy będzie miał zero uprawnień i dopiero edytując go nadamy te,które nas interesują :)
Z przyczyn iż jest to chwilowe rozwiązanie z mojej strony dla was może kogoś zainspiruje i wykona wtyczkę która ominie wszystkie te edycje aby po dodaniu np kolejnych grup nie musimy powielać kilku rzeczy w pliku jedna jest Funkcja:
//dodawanie z ograniczonym dostępem DJPromo
if (isset($_POST['add_admin2']) && (isset($_POST['user_id']) && isnum($_POST['user_id']))) {
if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || (isset($_POST['admin_password']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password'])) {
if (isset($_POST['restricted_rights'])) {
$admin_rights2 = "A.AC.NC.N";
$result = dbquery("UPDATE ".DB_USERS." SET user_level='108', user_rights='$admin_rights2' WHERE user_id='".$_POST['user_id']."'");
}
if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($_POST['admin_password'])) == $userdata['user_admin_password']) {
setcookie(COOKIE_PREFIX."admin", md5($_POST['admin_password']), time() + 3600, "/", "", "0");
}
redirect(FUSION_SELF.$aidlink."&status=sn", true);
} else {
redirect(FUSION_SELF.$aidlink."&status=pw");
}
}
//koniec dodawania z ograniczonym dostępem DJPromo
dalej powielić musimy echo "<input type='checkbox' name='restricted_rights' value='2' /> Dodaj ograniczone uprawnienia<br />\n";
i echo "<br /><br /> <span style='font-size: 9px;'>Tylko w przypadku zaznaczenia<br><b> Dodaj ograniczone uprawnienia</b></span><br><input type='submit' name='add_admin2' value='Dodaj uprawnienia' class='button' />\n";
Mam nadzieje, że komuś to na początek wystarczy i pomoże :) daje też fotki jak to wygląda
Edytowane przez DJPromo dnia 04.06.2009 01:36:01
Pomogłem Kliknij Pomógł
Życie to chwila zbyt krótka aby móc .... Życie to chwila / trzeba patrzeć i podziwiać
|
|
|
|
eridor |
Dodany dnia 06.06.2009 22:47:21
|
Przedszkolak
Postów: 68 Ostrzeżeń: 2
Data rejestracji: 25.10.2008 21:42
|
Hmm.. wtyczka pod to cy się przydała.. Bo rozumiem, że dodaje typ kont, uprawnienia w PA itd.. ale mam pytanie:
1. Jak powiązać to z if (iXXX) {echo (...)?
2. Czy pojawia się ta grupa np: w uprawnieniach widoku stron, bądź w przyznawaniu rang na forum?
...
|
|
|
|
DJPromo |
Dodany dnia 06.06.2009 23:06:28
|
Bywalec
Postów: 630 Pomógł: 41
v7.02.07 Data rejestracji: 13.06.2006 18:51
|
Z pierwszym nie ma najmniejszego problemu szukasz funkcji function checkgroup
i zamieniasz na // Check if user is assigned to the specified user group
function checkgroup($group) {
if (iSUPERADMIN) { return true; }
elseif (iADMIN && ($group == "0" || $group == "101" || $group == "102")) { return true;
} elseif (iMEMBER && ($group == "0" || $group == "101")) { return true;
} elseif (iNewsman && ($group == "0" || $group == "102" || $group == "108"))) { return true;
} elseif (iGUEST && $group == "0") { return true;
} elseif (iMEMBER && in_array($group, explode(".", iUSER_GROUPS))) {
return true;
} else {
return false;
}
}
Teraz używasz sobie if (iNewsman) {echo (...)? uprawnienia masz jak i dla admina i dla grupy 108 czyli newsmana wszystko możesz sobie ustalić.
Co do forum zaraz sprawdzę i napisze :)
Pomogłem Kliknij Pomógł
Życie to chwila zbyt krótka aby móc .... Życie to chwila / trzeba patrzeć i podziwiać
|
|
|
|
zezol |
Dodany dnia 07.06.2009 01:37:43
|
Bywalec
Postów: 593 Pomógł: 34
Data rejestracji: 09.12.2006 22:16
|
Nie dawno myślałem żeby zrobić wtyczkę, dzięki której można by było właśnie dodawać własne rangi i przypisywać danym userom/grupom.
Co do Twojego ostatniego posta @DJPromo, to funkcja checkgroup swoją drogą, ale żeby móc używać "if (iNewsman)" to trzeba pierwsze zdefiniować stałą przy pozostałych jak tą:
define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0);
Kliknij i zaczekaj na załadowanie kodu ...
Teraz się tym nie będę bawił bo idę spać już. Ale co do definiowania tych stałych to tu trzeba pomyśleć trochę.
|
|
|
|
tOmaSz000 |
Dodany dnia 15.06.2009 15:15:44
|
Przedszkolak
Postów: 15
Data rejestracji: 14.05.2007 09:05
|
Zrobiłem tak samo jak napisał @DJPromo lecz:
1. Nie ma możliwości dodania rangi na forum,
2. fusionBoard 4 Newsman'a widzi Newsaman'a jako Grupę, a nie Poziom oraz po nadaniu tekstowi np. odpowiedniego koloru w tabelce Etykiety użytkownika dodaje się puste pole,
3. Nie wiem jak inne wtyczki, ale Nicks Mod mi nie widzi "Newsman'a".
|
|
|
|
DJPromo |
Dodany dnia 15.06.2009 17:11:34
|
Bywalec
Postów: 630 Pomógł: 41
v7.02.07 Data rejestracji: 13.06.2006 18:51
|
@tOmaSz000 Czy ja gdzieś tam pisałem o forum ? nie wydaje mi się modyfikacja, która podałem działa na zasadzie dodania tak zwanego kolejnego Konta typu VIp czy newsman z uprawnieniami do panelu admina i napisem w profilu. Rozwiązanie to jest spartańskie i nowatorskie na ta chwile obecna. Z racji ze PF7 daje nam większe pole manewru używajac funkcji output_handling, której uczę się prawidłowo używać na ta chwile nie napisze jak zrobić z tego wtyczkę bez grzebania w plikach
Co do forum też się da trzeba dopisać do forum kod który pozwoli dodać nowym grupa rangi. (Znajdę chwile to napiszę.)
Co to fusionBoard 4 nie wiem i nie testowałem Modyfikacje, które podam opierać się będę o zwykłe forum.
Co do Nicks Mod nie wiem i nie pomogę.
Edytowane przez hoopak dnia 15.06.2009 19:01:36
Pomogłem Kliknij Pomógł
Życie to chwila zbyt krótka aby móc .... Życie to chwila / trzeba patrzeć i podziwiać
|
|
|
|
Deejay Reeva |
Dodany dnia 16.04.2010 18:45:07
|
Przedszkolak
Postów: 3 Ostrzeżeń: 1
Data rejestracji: 16.04.2010 17:09
|
Mam jeden problem. Zrobiłem wszystko tak jak napisał DJPromo i wszystko pięknie śmiga, tylko jak dodać kolejne rangi? np. jest ten Newsman i chcę zrobić jeszcze Uploader itp. Czy mógłby ktoś wytłumaczyć jak dodac następne rangi? Pozdro
|
|
|
|
damian2221 |
Dodany dnia 21.05.2010 19:17:24
|
Przedszkolak
Postów: 80 Pomógł: 1 Ostrzeżeń: 5
Data rejestracji: 17.04.2010 12:36
|
Heh robisz kolejne linie kodu takie same tylko zmienione nr.
EDIT:Jednak to nie jest takie proste ;/
EDIT2: Aby to zrobić z czymś innym musimy w global dodać znowu nową linie nazwę naprzykład grafik a user4
zmienić na user5
w maincore też tak wszystko edytujemy zmieniając 108 na 109a administration <?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: maincore.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at http://www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (preg_match("/maincore.php/i", $_SERVER['PHP_SELF'])) { die(); }
error_reporting(E_ALL);
// Calculate script start/end time
function get_microtime() {
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
// Define script start time
define("START_TIME", get_microtime());
// Prevent any possible XSS attacks via $_GET.
foreach ($_GET as $check_url) {
if (!is_array($check_url)) {
$check_url = str_replace("\"", "", $check_url);
if ((preg_match("/<[^>]*script*\"?[^>]*>/i", $check_url)) || (preg_match("/<[^>]*object*\"?[^>]*>/i", $check_url)) ||
(preg_match("/<[^>]*iframe*\"?[^>]*>/i", $check_url)) || (preg_match("/<[^>]*applet*\"?[^>]*>/i", $check_url)) ||
(preg_match("/<[^>]*meta*\"?[^>]*>/i", $check_url)) || (preg_match("/<[^>]*style*\"?[^>]*>/i", $check_url)) ||
(preg_match("/<[^>]*form*\"?[^>]*>/i", $check_url)) || (preg_match("/\([^>]*\"?[^)]*\)/i", $check_url)) ||
(preg_match("/\"/i", $check_url))) {
die ();
}
}
}
unset($check_url);
// Start Output Buffering
//ob_start("ob_gzhandler"); //Uncomment this line to enable output compression.
ob_start();
// Locate config.php and set the basedir path
$folder_level = ""; $i = 0;
while (!file_exists($folder_level."config.php")) {
$folder_level .= "../"; $i++;
if ($i == 5) { die("Config file not found"); }
}
require_once $folder_level."config.php";
define("BASEDIR", $folder_level);
// If config.php is empty, activate setup.php script
if (!isset($db_name)) { redirect("setup.php"); }
// Multisite definitions
require_once BASEDIR."includes/multisite_include.php";
// Establish mySQL database connection
$link = dbconnect($db_host, $db_user, $db_pass, $db_name);
// Fetch the Site Settings from the database and store them in the $settings variable
$settings = dbarray(dbquery("SELECT * FROM ".DB_SETTINGS));
// Sanitise $_SERVER globals
$_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']);
$_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : "";
$_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : "";
$PHP_SELF = cleanurl($_SERVER['PHP_SELF']);
// Common definitions
define("IN_FUSION", TRUE);
define("FUSION_REQUEST", isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] != "" ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']);
define("FUSION_QUERY", isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : "");
define("FUSION_SELF", basename($_SERVER['PHP_SELF']));
define("USER_IP", $_SERVER['REMOTE_ADDR']);
define("QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE));
// Path definitions
define("ADMIN", BASEDIR."administration/");
define("IMAGES", BASEDIR."images/");
define("IMAGES_A", IMAGES."articles/");
define("IMAGES_N", IMAGES."news/");
define("IMAGES_NC", IMAGES."news_cats/");
define("RANKS", IMAGES."ranks/");
define("INCLUDES", BASEDIR."includes/");
define("LOCALE", BASEDIR."locale/");
define("LOCALESET", $settings['locale']."/");
define("FORUM", BASEDIR."forum/");
define("INFUSIONS", BASEDIR."infusions/");
define("PHOTOS", IMAGES."photoalbum/");
define("THEMES", BASEDIR."themes/");
// Predefine mysql_cache variables
$smiley_cache = ""; $bbcode_cache = ""; $groups_cache = ""; $forum_rank_cache = ""; $forum_mod_rank_cache = "";
// MySQL database functions
function dbquery($query) {
$result = @mysql_query($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbcount($field, $table, $conditions = "") {
$cond = ($conditions ? " WHERE ".$conditions : "");
$result = @mysql_query("SELECT Count".$field." FROM ".$table.$cond);
if (!$result) {
echo mysql_error();
return false;
} else {
$rows = mysql_result($result, 0);
return $rows;
}
}
function dbresult($query, $row) {
$result = @mysql_result($query, $row);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbrows($query) {
$result = @mysql_num_rows($query);
return $result;
}
function dbarray($query) {
$result = @mysql_fetch_assoc($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbarraynum($query) {
$result = @mysql_fetch_row($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbconnect($db_host, $db_user, $db_pass, $db_name) {
$db_connect = @mysql_connect($db_host, $db_user, $db_pass);
$db_select = @mysql_select_db($db_name);
if (!$db_connect) {
die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to establish connection to MySQL</b><br />".mysql_errno()." : ".mysql_error()."</div>");
} elseif (!$db_select) {
die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to select MySQL database</b><br />".mysql_errno()." : ".mysql_error()."</div>");
}
}
// Initialise the $locale array
$locale = array();
// Load the Global language file
include LOCALE.LOCALESET."global.php";
// Check if users full or partial ip is blacklisted
$sub_ip1 = substr(USER_IP, 0, strlen(USER_IP) - strlen(strrchr(USER_IP, ".")));
$sub_ip2 = substr($sub_ip1, 0, strlen($sub_ip1) - strlen(strrchr($sub_ip1, ".")));
if (dbcount("(*)", DB_BLACKLIST, "blacklist_ip='".USER_IP."' OR blacklist_ip='$sub_ip1' OR blacklist_ip='$sub_ip2'")) {
redirect("http://www.google.com/");
}
// PHP-Fusion user cookie functions
if (!isset($_COOKIE[COOKIE_PREFIX.'visited'])) {
$result = dbquery("UPDATE ".DB_SETTINGS." SET counter=counter+1");
setcookie(COOKIE_PREFIX."visited", "yes", time() + 31536000, "/", "", "0");
}
//check that site or user theme exists
function theme_exists($theme) {
if (!file_exists(THEMES) || !is_dir(THEMES)) {
return false;
} else if (file_exists(THEMES.$theme."/theme.php") && file_exists(THEMES.$theme."/styles.css")) {
define("THEME", THEMES.$theme."/");
return true;
} else {
$dh = opendir(THEMES);
while (false !== ($entry = readdir($dh))) {
if ($entry != "." && $entry != ".." && is_dir(THEMES.$entry)) {
if (file_exists(THEMES.$entry."/theme.php") && file_exists(THEMES.$entry."/styles.css")) {
define("THEME", THEMES.$entry."/");
return true;
exit;
}
}
}
closedir($dh);
if (!defined("THEME")) {
return false;
}
}
}
if (isset($_POST['login']) && isset($_POST['user_name']) && isset($_POST['user_pass'])) {
$user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name']));
$user_pass = md5($_POST['user_pass']);
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_name='".$user_name."' AND user_password='".md5($user_pass)."' LIMIT 1");
if (dbrows($result)) {
$data = dbarray($result);
$cookie_value = $data['user_id'].".".$user_pass;
if ($data['user_status'] == 0) {
$cookie_exp = isset($_POST['remember_me']) ? time() + 3600 * 24 * 30 : time() + 3600 * 3;
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", $cookie_value, $cookie_exp, "/", "", "0");
redirect(BASEDIR."setuser.php?user=".$data['user_name'], true);
} elseif ($data['user_status'] == 1) {
redirect(BASEDIR."setuser.php?error=1", true);
} elseif ($data['user_status'] == 2) {
redirect(BASEDIR."setuser.php?error=2", true);
}
} else {
redirect(BASEDIR."setuser.php?error=3");
}
}
if (isset($_COOKIE[COOKIE_PREFIX.'user'])) {
$cookie_vars = explode(".", $_COOKIE[COOKIE_PREFIX.'user']);
$cookie_1 = isnum($cookie_vars['0']) ? $cookie_vars['0'] : "0";
$cookie_2 = (preg_check("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : "");
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_id='$cookie_1' AND user_password='".md5($cookie_2)."' LIMIT 1");
unset($cookie_vars,$cookie_1,$cookie_2);
if (dbrows($result)) {
$userdata = dbarray($result);
if ($userdata['user_status'] == 0) {
if ($userdata['user_theme'] != "Default" && file_exists(THEMES.$userdata['user_theme']."/theme.php") && ($settings['userthemes'] == 1 || $userdata['user_level'] >= 102)) {
if (!theme_exists($userdata['user_theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
} else {
if (!theme_exists($settings['theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
}
if ($userdata['user_offset'] <> 0) {
$settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset'];
}
if (!isset($_COOKIE[COOKIE_PREFIX.'lastvisit']) || !isnum($_COOKIE[COOKIE_PREFIX.'lastvisit'])) {
$result = dbquery("UPDATE ".DB_USERS." SET user_threads='' WHERE user_id='".$userdata['user_id']."'");
setcookie(COOKIE_PREFIX."lastvisit", $userdata['user_lastvisit'], time() + 3600, "/", "", "0");
$lastvisited = $userdata['user_lastvisit'];
} else {
$lastvisited = $_COOKIE[COOKIE_PREFIX.'lastvisit'];
}
if ($userdata['user_level'] > 101) {
if (isset($_COOKIE[COOKIE_PREFIX.'admin']) && (!preg_match("#" . str_replace("../", "", "/".ADMIN) . "#i", FUSION_REQUEST) || USER_IP != $userdata['user_ip'])) {
setcookie(COOKIE_PREFIX."admin", "", time() - 7200, "/", "", "0");
}
}
} else {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
redirect(BASEDIR."index.php", true);
}
} else {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
redirect(BASEDIR."index.php", true);
}
} else {
if (!theme_exists($settings['theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
$userdata = ""; $userdata['user_level'] = 0; $userdata['user_rights'] = ""; $userdata['user_groups'] = "";
}
// Redirect browser using header or script function
function redirect($location, $script = false) {
if (!$script) {
header("Location: ".str_replace("&", "&", $location));
exit;
} else {
echo "<script type='text/javascript'>document.location.href='".str_replace("&", "&", $location)."'</script>\n";
exit;
}
}
// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
$bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", "*");
$safe_entities = array("&", "", "", "", "", "", "", "", "", "");
$url = str_replace($bad_entities, $safe_entities, $url);
return $url;
}
// Strip Input Function, prevents HTML in unwanted places
function stripinput($text) {
if (QUOTES_GPC) $text = stripslashes($text);
$search = array("&", "\"", "'", "\\", '\"', "\'", "<", ">", " ");
$replace = array("&", """, "'", "\", """, "'", "<", ">", " ");
$text = str_replace($search, $replace, $text);
return $text;
}
// stripslash function, only stripslashes if magic_quotes_gpc is on
function stripslash($text) {
if (QUOTES_GPC) { $text = stripslashes($text); }
return $text;
}
// stripslash function, add correct number of slashes depending on quotes_gpc
function addslash($text) {
if (!QUOTES_GPC) {
$text = addslashes(addslashes($text));
} else {
$text = addslashes($text);
}
return $text;
}
// htmlentities is too agressive so we use this function
function phpentities($text) {
$search = array("&", "\"", "'", "\\", "<", ">");
$replace = array("&", """, "'", "\", "<", ">");
$text = str_replace($search, $replace, $text);
return $text;
}
// Trim a line of text to a preferred length
function trimlink($text, $length) {
$dec = array("&", "\"", "'", "\\", '\"', "\'", "<", ">");
$enc = array("&", """, "'", "\", """, "'", "<", ">");
$text = str_replace($enc, $dec, $text);
if (strlen($text) > $length) $text = substr($text, 0, ($length-3))."...";
$text = str_replace($dec, $enc, $text);
return $text;
}
// Validate numeric input
function isnum($value) {
if (!is_array($value)) {
return (preg_match("/^[0-9]+$/", $value));
} else {
return false;
}
}
// custom preg-match function
function preg_check($expression, $value) {
if (!is_array($value)) {
return preg_match($expression, $value);
} else {
return false;
}
}
// Cache smileys mysql
function cache_smileys() {
global $smiley_cache;
$result = dbquery("SELECT * FROM ".DB_SMILEYS);
if (dbrows($result)) {
$smiley_cache = array();
while ($data = dbarray($result)) {
$smiley_cache[] = array(
"smiley_code" => $data['smiley_code'],
"smiley_image" => $data['smiley_image'],
"smiley_text" => $data['smiley_text']
);
}
} else {
$smiley_cache = array();
}
}
// Parse smiley bbcode
function parsesmileys($message) {
global $smiley_cache;
if (!preg_match("#(\[code\](.*?)\[/code\]|\[geshi=(.*?)\](.*?)\[/geshi\]|\[php\](.*?)\[/php\])#si", $message)) {
if (!$smiley_cache) { cache_smileys(); }
if (is_array($smiley_cache) && count($smiley_cache)) {
foreach ($smiley_cache as $smiley) {
$smiley_code = preg_quote($smiley['smiley_code']);
$smiley_image = "<img src='".get_image("smiley_".$smiley['smiley_text'])."' alt='".$smiley['smiley_text']."' style='vertical-align:middle;' />";
$message = preg_replace("#{$smiley_code}#si", $smiley_image, $message);
}
}
}
return $message;
}
// Show smiley icons in comments, forum and other post pages
function displaysmileys($textarea, $form = "inputform") {
global $smiley_cache;
$smileys = ""; $i = 0;
if (!$smiley_cache) { cache_smileys(); }
if (is_array($smiley_cache) && count($smiley_cache)) {
foreach ($smiley_cache as $smiley) {
if ($i != 0 && ($i % 10 == 0)) { $smileys .= "<br />\n"; $i++; }
$smileys .= "<img src='".get_image("smiley_".$smiley['smiley_text'])."' alt='".$smiley['smiley_text']."' onclick=\"insertText('".$textarea."', '".$smiley['smiley_code']."', '".$form."');\" />\n";
}
}
return $smileys;
}
// Cache bbcode mysql
function cache_bbcode() {
global $bbcode_cache;
$result = dbquery("SELECT * FROM ".DB_BBCODES." ORDER BY bbcode_order ASC");
if (dbrows($result)) {
$bbcode_cache = array();
while ($data = dbarray($result)) {
$bbcode_cache[] = $data['bbcode_name'];
}
} else {
$bbcode_cache = array();
}
}
// Parse bbcode
function parseubb($text, $selected=false) {
global $bbcode_cache;
if (!$bbcode_cache) { cache_bbcode(); }
if (is_array($bbcode_cache) && count($bbcode_cache)) {
if ($selected) { $sel_bbcodes = explode("|", $selected); }
foreach ($bbcode_cache as $bbcode) {
if ($selected && in_array($bbcode, $sel_bbcodes)) {
if (file_exists(INCLUDES."bbcodes/".$bbcode."_bbcode_include.php")) {
if (file_exists(LOCALE.LOCALESET."bbcodes/".$bbcode.".php")) {
include (LOCALE.LOCALESET."bbcodes/".$bbcode.".php");
} elseif (file_exists(LOCALE."English/bbcodes/".$bbcode.".php")) {
include (LOCALE."English/bbcodes/".$bbcode.".php");
}
include (INCLUDES."bbcodes/".$bbcode."_bbcode_include.php");
}
} elseif (!$selected) {
if (file_exists(INCLUDES."bbcodes/".$bbcode."_bbcode_include.php")) {
if (file_exists(LOCALE.LOCALESET."bbcodes/".$bbcode.".php")) {
include (LOCALE.LOCALESET."bbcodes/".$bbcode.".php");
} elseif (file_exists(LOCALE."English/bbcodes/".$bbcode.".php")) {
include (LOCALE."English/bbcodes/".$bbcode.".php");
}
include (INCLUDES."bbcodes/".$bbcode."_bbcode_include.php");
}
}
}
}
$text = descript($text, false);
return $text;
}
// Javascript email encoder by Tyler Akins
// http://rumkin.com/tools/mailto_encoder/
function hide_email($email, $title = "", $subject = "") {
if (strpos($email, "@")) {
$parts = explode("@", $email);
$MailLink = "<a href='mailto:".$parts[0]."@".$parts[1];
if ($subject != "") { $MailLink .= "?subject=".urlencode($subject); }
$MailLink .= "'>".($title?$title:$parts[0]."@".$parts[1])."</a>";
$MailLetters = "";
for ($i = 0; $i < strlen($MailLink); $i++) {
$l = substr($MailLink, $i, 1);
if (strpos($MailLetters, $l) === false) {
$p = rand(0, strlen($MailLetters));
$MailLetters = substr($MailLetters, 0, $p).$l.substr($MailLetters, $p, strlen($MailLetters));
}
}
$MailLettersEnc = str_replace("\\", "\\\\", $MailLetters);
$MailLettersEnc = str_replace("\"", "\\\"", $MailLettersEnc);
$MailIndexes = "";
for ($i = 0; $i < strlen($MailLink); $i ++) {
$index = strpos($MailLetters, substr($MailLink, $i, 1));
$index += 48;
$MailIndexes .= chr($index);
}
$MailIndexes = str_replace("\\", "\\\\", $MailIndexes);
$MailIndexes = str_replace("\"", "\\\"", $MailIndexes);
$res = "<script type='text/javascript'>";
$res .= "ML=\"".str_replace("<", "xxxx", $MailLettersEnc)."\";";
$res .= "MI=\"".str_replace("<", "xxxx", $MailIndexes)."\";";
$res .= "ML=ML.replace(/xxxx/g, '<');";
$res .= "MI=MI.replace(/xxxx/g, '<');"; $res .= "OT=\"\";";
$res .= "for(j=0;j < MI.length;j++){";
$res .= "OT+=ML.charAt(MI.charCodeAt(j)-48);";
$res .= "}document.write(OT);";
$res .= "</script>";
return $res;
} else {
return $email;
}
}
// Format spaces and tabs in code bb tags
function formatcode($text) {
$text = str_replace(" ", " ", $text);
$text = str_replace(" ", " ", $text);
$text = str_replace("\t", " ", $text);
$text = preg_replace("/^ {1}/m", " ", $text);
return $text;
}
// Highlights given words in subject
function highlight_words($word, $subject) {
if (is_array($word)) {
$regex_chars = "*|#.+?(){}[]^$/";
for ($j = 0; $j < count($word); $j++) {
for ($i = 0; $i < strlen($regex_chars); $i++) {
$char = substr($regex_chars, $i, 1);
$word[$j] = str_replace($char, '\\'.$char, $word[$j]);
}
$subject = preg_replace("/(".$word[$j].")/is", "<span style='background-color:yellow;font-weight:bold;padding-left:2px;padding-right:2px'>\\1</span>", $subject);
}
}
return $subject;
}
// This function sanitises news & article submissions
function descript($text, $striptags = true) {
// Convert problematic ascii characters to their true values
$search = array("40","41","58","65","66","67","68","69","70",
"71","72","73","74","75","76","77","78","79","80","81",
"82","83","84","85","86","87","88","89","90","97","98",
"99","100","101","102","103","104","105","106","107",
"108","109","110","111","112","113","114","115","116",
"117","118","119","120","121","122"
);
$replace = array("(",")",":","a","b","c","d","e","f","g","h",
"i","j","k","l","m","n","o","p","q","r","s","t","u",
"v","w","x","y","z","a","b","c","d","e","f","g","h",
"i","j","k","l","m","n","o","p","q","r","s","t","u",
"v","w","x","y","z"
);
$entities = count($search);
for ($i=0; $i < $entities; $i++) {
$text = preg_replace("#(&\#)(0*".$search[$i]."+);*#si", $replace[$i], $text);
}
$text = preg_replace('#(&\#x)([0-9A-F]+);*#si', "", $text);
$text = preg_replace('#(<[^>]+[/\"\'\s])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onfocus|onload|xmlns)[^>]*>#iU', ">", $text);
$text = preg_replace('#([a-z]*)=([\`\'\"]*)script:#iU', '$1=$2nojscript...', $text);
$text = preg_replace('#([a-z]*)=([\`\'\"]*)javascript:#iU', '$1=$2nojavascript...', $text);
$text = preg_replace('#([a-z]*)=([\'\"]*)vbscript:#iU', '$1=$2novbscript...', $text);
$text = preg_replace('#(<[^>]+)style=([\`\'\"]*).*expression\([^>]*>#iU', "$1>", $text);
$text = preg_replace('#(<[^>]+)style=([\`\'\"]*).*behaviour\([^>]*>#iU', "$1>", $text);
if ($striptags) {
do {
$thistext = $text;
$text = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i', "", $text);
} while ($thistext != $text);
}
return $text;
}
// Scan image files for malicious code
function verify_image($file) {
$txt = file_get_contents($file);
$image_safe = true;
if (preg_match('#&(quot|lt|gt|nbsp|<?php);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#&\#x([0-9a-f]+);#i", $txt)) { $image_safe = false; }
elseif (preg_match('#&\#([0-9]+);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\`\'\"]*)script:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\`\'\"]*)javascript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\'\"]*)vbscript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\`\'\"]*).*expression\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\`\'\"]*).*behaviour\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#</*(applet|link|style|script|iframe|frame|frameset)[^>]*>#i", $txt)) { $image_safe = false; }
return $image_safe;
}
// captcha routines
function make_captcha() {
global $settings;
$captcha_string = ""; $captcha_encode = "";
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < 5; $i++) {
$captcha_string .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
for ($i = 0; $i < 31; $i++) {
$captcha_encode .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
$result = mysql_query("INSERT INTO ".DB_PREFIX."captcha (captcha_datestamp, captcha_ip, captcha_encode, captcha_string) VALUES('".time()."', '".USER_IP."', '$captcha_encode', '$captcha_string')");
if ($settings['validation_method'] == "image") {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><img src='".INCLUDES."captcha_include.php?captcha_code=".$captcha_encode."' alt='' />\n";
} else {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><strong>".$captcha_string."</strong>\n";
}
}
function check_captcha($captchs_encode, $captcha_string) {
if (preg_check("/^[0-9A-Za-z]+$/", $captchs_encode) && preg_check("/^[0-9A-Za-z]+$/", $captcha_string)) {
$result = dbquery("SELECT * FROM ".DB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
if (dbrows($result)) {
$result = dbquery("DELETE FROM ".DB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
return true;
} else {
return false;
}
} else {
return false;
}
}
// Replace offensive words with the defined replacement word
function censorwords($text) {
global $settings;
if ($settings['bad_words_enabled'] == "1" && $settings['bad_words'] != "" ) {
$word_list = explode("\r\n", $settings['bad_words']);
for ($i=0; $i < count($word_list); $i++) {
if ($word_list[$i] != "") $text = preg_replace("/".$word_list[$i]."/si", $settings['bad_word_replace'], $text);
}
}
return $text;
}
// Display the user's level
function getuserlevel($userlevel) {
global $locale;
if ($userlevel == 101) { return $locale['user1'];
} elseif ($userlevel == 108) { return $locale['user2'];
} elseif ($userlevel == 102) { return $locale['user3'];
} elseif ($userlevel == 103) { return $locale['user4'];
} elseif ($userlevel == 109) { return $locale['user5']; }
}
// Check if Administrator has correct rights assigned
function checkrights($right) {
if (iADMIN && in_array($right, explode(".", iUSER_RIGHTS))) {
return true;
} else {
return false;
}
}
// Check if user is assigned to the specified user group
function checkgroup($group) {
if (iSUPERADMIN) { return true; }
elseif (iADMIN && ($group == "0" || $group == "101" || $group == "102")) { return true;
} elseif (iMEMBER && ($group == "0" || $group == "101")) { return true;
} elseif (iGUEST && $group == "0") { return true;
} elseif (iMEMBER && in_array($group, explode(".", iUSER_GROUPS))) {
return true;
} else {
return false;
}
}
// Cache groups mysql
function cache_groups() {
global $groups_cache;
$result = dbquery("SELECT * FROM ".DB_USER_GROUPS." ORDER BY group_id ASC");
if (dbrows($result)) {
$groups_cache = array();
while ($data = dbarray($result)) {
$groups_cache[] = $data;
}
} else {
$groups_cache = array();
}
}
// Compile access levels & user group array
function getusergroups() {
global $locale, $groups_cache;
$groups_array = array(
array("0", $locale['user0']),
array("101", $locale['user1']),
array("108", $locale['user2']),
array("102", $locale['user3']),
array("103", $locale['user4']),
array("109", $locale['user5'])
);
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
array_push($groups_array, array($group['group_id'], $group['group_name']));
}
}
return $groups_array;
}
// Get the name of the access level or user group
function getgroupname($group_id, $return_desc = false) {
global $locale, $groups_cache;
if ($group_id == "0") { return $locale['user0'];
} elseif ($group_id == "101") { return $locale['user1']; exit;
} elseif ($group_id == "108") { return $locale['user2']; exit;
} elseif ($group_id == "102") { return $locale['user3']; exit;
} elseif ($group_id == "103") { return $locale['user4']; exit;
} elseif ($group_id == "109") { return $locale['user5']; exit;
} else {
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
if ($group_id == $group['group_id']) { return ($return_desc ? ($group['group_description'] ? $group['group_description'] : '-') : $group['group_name']); exit; }
}
}
}
return "N/A";
}
function groupaccess($field) {
if (iGUEST) { return "$field = '0'";
} elseif (iSUPERADMIN) { return "1 = 1";
} elseif (iADMIN) { $res = "($field='0' OR $field='101' OR $field='102'";
} elseif (iMEMBER) { $res = "($field='0' OR $field='101'";
}
if (iUSER_GROUPS != "" && !iSUPERADMIN) { $res .= " OR $field='".str_replace(".", "' OR $field='", iUSER_GROUPS)."'"; }
$res .= ")";
return $res;
}
// Create a list of files or folders and store them in an array
function makefilelist($folder, $filter, $sort=true, $type="files") {
$res = array();
$filter = explode("|", $filter);
$temp = opendir($folder);
while ($file = readdir($temp)) {
if ($type == "files" && !in_array($file, $filter)) {
if (!is_dir($folder.$file)) { $res[] = $file; }
} elseif ($type == "folders" && !in_array($file, $filter)) {
if (is_dir($folder.$file)) { $res[] = $file; }
}
}
closedir($temp);
if ($sort) { sort($res); }
return $res;
}
// Create a selection list from an array created by makefilelist()
function makefileopts($files, $selected = "") {
$res = "";
for ($i = 0; $i < count($files); $i++) {
$sel = ($selected == $files[$i] ? " selected='selected'" : "");
$res .= "<option value='".$files[$i]."'$sel>".$files[$i]."</option>\n";
}
return $res;
}
function makepagenav($start, $count, $total, $range = 0, $link = "") {
global $locale;
if ($link == "") { $link = FUSION_SELF."?"; }
$pg_cnt = ceil($total / $count);
if ($pg_cnt <= 1) { return ""; }
$idx_back = $start - $count;
$idx_next = $start + $count;
$cur_page = ceil(($start + 1) / $count);
$res = $locale['global_092']." ".$cur_page.$locale['global_093'].$pg_cnt.": ";
if($idx_back >= 0) {
if($cur_page > ($range + 1)) {
$res .= "<a href='".$link."rowstart=0'>1</a>...";
}
}
$idx_fst = max($cur_page - $range, 1);
$idx_lst = min($cur_page + $range, $pg_cnt);
if ($range == 0) {
$idx_fst = 1;
$idx_lst = $pg_cnt;
}
for ($i = $idx_fst; $i <= $idx_lst; $i++) {
$offset_page = ($i - 1) * $count;
if ($i == $cur_page) {
$res .= "<span><strong>".$i."</strong></span>";
} else {
$res .= "<a href='".$link."rowstart=".$offset_page."'>".$i."</a>";
}
}
if ($idx_next < $total) {
if ($cur_page < ($pg_cnt - $range)) {
$res .= "...<a href='".$link."rowstart=".($pg_cnt - 1) * $count."'>".$pg_cnt."</a>\n";
}
}
return "<div class='pagenav'>\n".$res."</div>\n";
}
// Format the date & time accordingly
function showdate($format, $val) {
global $settings;
if ($format == "shortdate" || $format == "longdate" || $format == "forumdate") {
return strftime($settings[$format], $val + ($settings['timeoffset']*3600));
} else {
return strftime($format, $val + ($settings['timeoffset'] * 3600));
}
}
// Translate bytes into kb, mb, gb or tb by CrappoMan
function parsebytesize($size, $digits = 2, $dir = false) {
$kb = 1024; $mb = 1024 * $kb; $gb= 1024 * $mb; $tb = 1024 * $gb;
if (($size == 0) && ($dir)) { return "Empty"; }
elseif ($size < $kb) { return $size."Bytes"; }
elseif ($size < $mb) { return round($size / $kb,$digits)."Kb"; }
elseif ($size < $gb) { return round($size / $mb,$digits)."Mb"; }
elseif ($size < $tb) { return round($size / $gb,$digits)."Gb"; }
else { return round($size / $tb, $digits)."Tb"; }
}
// User level, Admin Rights & User Group definitions
define("iGUEST", $userdata['user_level'] == 0 ? 1 : 0);
define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0);
define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0);
define("iSUPERADMIN", $userdata['user_level'] == 103 ? 1 : 0);
define("iUSER", $userdata['user_level']);
define("iUSER_RIGHTS", $userdata['user_rights']);
define("iUSER_GROUPS", substr($userdata['user_groups'], 1));
if (iADMIN) {
define("iAUTH", substr($userdata['user_password'], 16, 32));
$aidlink = "?aid=".iAUTH;
}
include INCLUDES."system_images.php";
?>
Edytowane przez damian2221 dnia 21.05.2010 20:31:42
|
|
|
|
zezol |
Dodany dnia 22.05.2010 17:00:28
|
Bywalec
Postów: 593 Pomógł: 34
Data rejestracji: 09.12.2006 22:16
|
!!! UWAGA !!!
Sposób przedstawiony przez DJPromo NIE jest bezpieczny!
Tak stworzona nowa ranga osób - czyli grupa osób - może mieć dostęp do zasobów dostępnych dla Admina. Krócej: taka osoba może mieć niepowołany dostęp do strony. Mogą wystąpić także inne problemy.
Kiedyś próbowałem stworzyć wtyczkę/mod który pozwoliłby dodawanie nowych rang dla userów/grup ale nie mogłem znaleźć odpowiedniego i bezpiecznego sposobu bez większych modyfikacji rdzenia Fusiona.
Edytowane przez zezol dnia 22.05.2010 23:11:50
|
|
|
|
adi2 |
Dodany dnia 13.07.2010 22:51:46
|
Przedszkolak
Postów: 82 Ostrzeżeń: 4
v7.02.03 Data rejestracji: 20.01.2010 15:46
|
Mój plik maincore.php
<?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: maincore.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at http://www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (eregi("maincore.php", $_SERVER['PHP_SELF'])) { die(); }
error_reporting(E_ALL);
// Calculate script start/end time
function get_microtime() {
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
// Define script start time
define("START_TIME", get_microtime());
// Prevent any possible XSS attacks via $_GET.
foreach ($_GET as $check_url) {
if (!is_array($check_url)) {
$check_url = str_replace("\"", "", $check_url);
if ((eregi("<[^>]*script*\"?[^>]*>", $check_url)) || (eregi("<[^>]*object*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $check_url)) || (eregi("<[^>]*applet*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $check_url)) || (eregi("<[^>]*style*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*form*\"?[^>]*>", $check_url)) || (eregi("\([^>]*\"?[^)]*\)", $check_url)) ||
(eregi("\"", $check_url))) {
die ();
}
}
}
unset($check_url);
// Start Output Buffering
//ob_start("ob_gzhandler"); //Uncomment this line to enable output compression.
ob_start();
// Locate config.php and set the basedir path
$folder_level = ""; $i = 0;
while (!file_exists($folder_level."config.php")) {
$folder_level .= "../"; $i++;
if ($i == 5) { die("Config file not found"); }
}
require_once $folder_level."config.php";
define("BASEDIR", $folder_level);
// If config.php is empty, activate setup.php script
if (!isset($db_name)) { redirect("setup.php"); }
// Multisite definitions
require_once BASEDIR."includes/multisite_include.php";
// Establish mySQL database connection
$link = dbconnect($db_host, $db_user, $db_pass, $db_name);
// Fetch the Site Settings from the database and store them in the $settings variable
$settings = dbarray(dbquery("SELECT * FROM ".DB_SETTINGS));
// Sanitise $_SERVER globals
$_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']);
$_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : "";
$_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : "";
$PHP_SELF = cleanurl($_SERVER['PHP_SELF']);
// Common definitions
define("IN_FUSION", TRUE);
define("FUSION_REQUEST", isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] != "" ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']);
define("FUSION_QUERY", isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : "");
define("FUSION_SELF", basename($_SERVER['PHP_SELF']));
define("USER_IP", $_SERVER['REMOTE_ADDR']);
define("QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE));
// Path definitions
define("ADMIN", BASEDIR."administration/");
define("IMAGES", BASEDIR."images/");
define("IMAGES_A", IMAGES."articles/");
define("IMAGES_N", IMAGES."news/");
define("IMAGES_NC", IMAGES."news_cats/");
define("RANKS", IMAGES."ranks/");
define("INCLUDES", BASEDIR."includes/");
define("LOCALE", BASEDIR."locale/");
define("LOCALESET", $settings['locale']."/");
define("FORUM", BASEDIR."forum/");
define("INFUSIONS", BASEDIR."infusions/");
define("PHOTOS", IMAGES."photoalbum/");
define("THEMES", BASEDIR."themes/");
// Predefine mysql_cache variables
$smiley_cache = ""; $bbcode_cache = ""; $groups_cache = ""; $forum_rank_cache = ""; $forum_mod_rank_cache = "";
// MySQL database functions
function dbquery($query) {
$result = @mysql_query($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbcount($field, $table, $conditions = "") {
$cond = ($conditions ? " WHERE ".$conditions : "");
$result = @mysql_query("SELECT Count".$field." FROM ".$table.$cond);
if (!$result) {
echo mysql_error();
return false;
} else {
$rows = mysql_result($result, 0);
return $rows;
}
}
function dbresult($query, $row) {
$result = @mysql_result($query, $row);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbrows($query) {
$result = @mysql_num_rows($query);
return $result;
}
function dbarray($query) {
$result = @mysql_fetch_assoc($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbarraynum($query) {
$result = @mysql_fetch_row($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbconnect($db_host, $db_user, $db_pass, $db_name) {
$db_connect = @mysql_connect($db_host, $db_user, $db_pass);
$db_select = @mysql_select_db($db_name);
if (!$db_connect) {
die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to establish connection to MySQL</b><br />".mysql_errno()." : ".mysql_error()."</div>");
} elseif (!$db_select) {
die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to select MySQL database</b><br />".mysql_errno()." : ".mysql_error()."</div>");
}
}
// Initialise the $locale array
$locale = array();
// Load the Global language file
include LOCALE.LOCALESET."global.php";
// Check if users full or partial ip is blacklisted
$sub_ip1 = substr(USER_IP, 0, strlen(USER_IP) - strlen(strrchr(USER_IP, ".")));
$sub_ip2 = substr($sub_ip1, 0, strlen($sub_ip1) - strlen(strrchr($sub_ip1, ".")));
if (dbcount("(*)", DB_BLACKLIST, "blacklist_ip='".USER_IP."' OR blacklist_ip='$sub_ip1' OR blacklist_ip='$sub_ip2'")) {
redirect("http://www.google.com/");
}
// PHP-Fusion user cookie functions
if (!isset($_COOKIE[COOKIE_PREFIX.'visited'])) {
$result = dbquery("UPDATE ".DB_SETTINGS." SET counter=counter+1");
setcookie(COOKIE_PREFIX."visited", "yes", time() + 31536000, "/", "", "0");
}
//check that site or user theme exists
function theme_exists($theme) {
if (!file_exists(THEMES) || !is_dir(THEMES)) {
return false;
} else if (file_exists(THEMES.$theme."/theme.php") && file_exists(THEMES.$theme."/styles.css")) {
define("THEME", THEMES.$theme."/");
return true;
} else {
$dh = opendir(THEMES);
while (false !== ($entry = readdir($dh))) {
if ($entry != "." && $entry != ".." && is_dir(THEMES.$entry)) {
if (file_exists(THEMES.$entry."/theme.php") && file_exists(THEMES.$entry."/styles.css")) {
define("THEME", THEMES.$entry."/");
return true;
exit;
}
}
}
closedir($dh);
if (!defined("THEME")) {
return false;
}
}
}
if (isset($_POST['login']) && isset($_POST['user_name']) && isset($_POST['user_pass'])) {
$user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name']));
$user_pass = md5($_POST['user_pass']);
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_name='".$user_name."' AND user_password='".md5($user_pass)."' LIMIT 1");
if (dbrows($result)) {
$data = dbarray($result);
$cookie_value = $data['user_id'].".".$user_pass;
if ($data['user_status'] == 0) {
$cookie_exp = isset($_POST['remember_me']) ? time() + 3600 * 24 * 30 : time() + 3600 * 3;
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", $cookie_value, $cookie_exp, "/", "", "0");
redirect(BASEDIR."setuser.php?user=".$data['user_name'], true);
} elseif ($data['user_status'] == 1) {
redirect(BASEDIR."setuser.php?error=1", true);
} elseif ($data['user_status'] == 2) {
redirect(BASEDIR."setuser.php?error=2", true);
}
} else {
redirect(BASEDIR."setuser.php?error=3");
}
}
if (isset($_COOKIE[COOKIE_PREFIX.'user'])) {
$cookie_vars = explode(".", $_COOKIE[COOKIE_PREFIX.'user']);
$cookie_1 = isnum($cookie_vars['0']) ? $cookie_vars['0'] : "0";
$cookie_2 = (preg_check("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : "");
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_id='$cookie_1' AND user_password='".md5($cookie_2)."' LIMIT 1");
unset($cookie_vars,$cookie_1,$cookie_2);
if (dbrows($result)) {
$userdata = dbarray($result);
if ($userdata['user_status'] == 0) {
if ($userdata['user_theme'] != "Default" && file_exists(THEMES.$userdata['user_theme']."/theme.php") && ($settings['userthemes'] == 1 || $userdata['user_level'] >= 102)) {
if (!theme_exists($userdata['user_theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
} else {
if (!theme_exists($settings['theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
}
if ($userdata['user_offset'] <> 0) {
$settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset'];
}
if (!isset($_COOKIE[COOKIE_PREFIX.'lastvisit']) || !isnum($_COOKIE[COOKIE_PREFIX.'lastvisit'])) {
$result = dbquery("UPDATE ".DB_USERS." SET user_threads='' WHERE user_id='".$userdata['user_id']."'");
setcookie(COOKIE_PREFIX."lastvisit", $userdata['user_lastvisit'], time() + 3600, "/", "", "0");
$lastvisited = $userdata['user_lastvisit'];
} else {
$lastvisited = $_COOKIE[COOKIE_PREFIX.'lastvisit'];
}
if ($userdata['user_level'] > 101) {
if (isset($_COOKIE[COOKIE_PREFIX.'admin']) && (!eregi(str_replace("../", "", "/".ADMIN), FUSION_REQUEST) || USER_IP != $userdata['user_ip'])) {
setcookie(COOKIE_PREFIX."admin", "", time() - 7200, "/", "", "0");
}
}
} else {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
redirect(BASEDIR."index.php", true);
}
} else {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
redirect(BASEDIR."index.php", true);
}
} else {
if (!theme_exists($settings['theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
$userdata = ""; $userdata['user_level'] = 0; $userdata['user_rights'] = ""; $userdata['user_groups'] = "";
}
// Redirect browser using header or script function
function redirect($location, $script = false) {
if (!$script) {
header("Location: ".str_replace("&", "&", $location));
exit;
} else {
echo "<script type='text/javascript'>document.location.href='".str_replace("&", "&", $location)."'</script>\n";
exit;
}
}
// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
$bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", "*");
$safe_entities = array("&", "", "", "", "", "", "", "", "", "");
$url = str_replace($bad_entities, $safe_entities, $url);
return $url;
}
// Strip Input Function, prevents HTML in unwanted places
function stripinput($text) {
if (QUOTES_GPC) $text = stripslashes($text);
$search = array("&", "\"", "'", "\\", '\"', "\'", "<", ">", " ");
$replace = array("&", """, "'", "\", """, "'", "<", ">", " ");
$text = str_replace($search, $replace, $text);
return $text;
}
// stripslash function, only stripslashes if magic_quotes_gpc is on
function stripslash($text) {
if (QUOTES_GPC) { $text = stripslashes($text); }
return $text;
}
// stripslash function, add correct number of slashes depending on quotes_gpc
function addslash($text) {
if (!QUOTES_GPC) {
$text = addslashes(addslashes($text));
} else {
$text = addslashes($text);
}
return $text;
}
// htmlentities is too agressive so we use this function
function phpentities($text) {
$search = array("&", "\"", "'", "\\", "<", ">");
$replace = array("&", """, "'", "\", "<", ">");
$text = str_replace($search, $replace, $text);
return $text;
}
// Trim a line of text to a preferred length
function trimlink($text, $length) {
$dec = array("&", "\"", "'", "\\", '\"', "\'", "<", ">");
$enc = array("&", """, "'", "\", """, "'", "<", ">");
$text = str_replace($enc, $dec, $text);
if (strlen($text) > $length) $text = substr($text, 0, ($length-3))."...";
$text = str_replace($dec, $enc, $text);
return $text;
}
// Validate numeric input
function isnum($value) {
if (!is_array($value)) {
return (preg_match("/^[0-9]+$/", $value));
} else {
return false;
}
}
// custom preg-match function
function preg_check($expression, $value) {
if (!is_array($value)) {
return preg_match($expression, $value);
} else {
return false;
}
}
// Cache smileys mysql
function cache_smileys() {
global $smiley_cache;
$result = dbquery("SELECT * FROM ".DB_SMILEYS);
if (dbrows($result)) {
$smiley_cache = array();
while ($data = dbarray($result)) {
$smiley_cache[] = array(
"smiley_code" => $data['smiley_code'],
"smiley_image" => $data['smiley_image'],
"smiley_text" => $data['smiley_text']
);
}
} else {
$smiley_cache = array();
}
}
// Parse smiley bbcode
function parsesmileys($message) {
global $smiley_cache;
if (!preg_match("#(\[code\](.*?)\[/code\]|\[geshi=(.*?)\](.*?)\[/geshi\]|\[php\](.*?)\[/php\])#si", $message)) {
if (!$smiley_cache) { cache_smileys(); }
if (is_array($smiley_cache) && count($smiley_cache)) {
foreach ($smiley_cache as $smiley) {
$smiley_code = preg_quote($smiley['smiley_code']);
$smiley_image = "<img src='".get_image("smiley_".$smiley['smiley_text'])."' alt='".$smiley['smiley_text']."' style='vertical-align:middle;' />";
$message = preg_replace("#{$smiley_code}#si", $smiley_image, $message);
}
}
}
return $message;
}
// Show smiley icons in comments, forum and other post pages
function displaysmileys($textarea, $form = "inputform") {
global $smiley_cache;
$smileys = ""; $i = 0;
if (!$smiley_cache) { cache_smileys(); }
if (is_array($smiley_cache) && count($smiley_cache)) {
foreach ($smiley_cache as $smiley) {
if ($i != 0 && ($i % 10 == 0)) { $smileys .= "<br />\n"; $i++; }
$smileys .= "<img src='".get_image("smiley_".$smiley['smiley_text'])."' alt='".$smiley['smiley_text']."' onclick=\"insertText('".$textarea."', '".$smiley['smiley_code']."', '".$form."');\" />\n";
}
}
return $smileys;
}
// Cache bbcode mysql
function cache_bbcode() {
global $bbcode_cache;
$result = dbquery("SELECT * FROM ".DB_BBCODES." ORDER BY bbcode_order ASC");
if (dbrows($result)) {
$bbcode_cache = array();
while ($data = dbarray($result)) {
$bbcode_cache[] = $data['bbcode_name'];
}
} else {
$bbcode_cache = array();
}
}
// Parse bbcode
function parseubb($text, $selected=false) {
global $bbcode_cache;
if (!$bbcode_cache) { cache_bbcode(); }
if (is_array($bbcode_cache) && count($bbcode_cache)) {
if ($selected) { $sel_bbcodes = explode("|", $selected); }
foreach ($bbcode_cache as $bbcode) {
if ($selected && in_array($bbcode, $sel_bbcodes)) {
if (file_exists(INCLUDES."bbcodes/".$bbcode."_bbcode_include.php")) {
if (file_exists(LOCALE.LOCALESET."bbcodes/".$bbcode.".php")) {
include (LOCALE.LOCALESET."bbcodes/".$bbcode.".php");
} elseif (file_exists(LOCALE."English/bbcodes/".$bbcode.".php")) {
include (LOCALE."English/bbcodes/".$bbcode.".php");
}
include (INCLUDES."bbcodes/".$bbcode."_bbcode_include.php");
}
} elseif (!$selected) {
if (file_exists(INCLUDES."bbcodes/".$bbcode."_bbcode_include.php")) {
if (file_exists(LOCALE.LOCALESET."bbcodes/".$bbcode.".php")) {
include (LOCALE.LOCALESET."bbcodes/".$bbcode.".php");
} elseif (file_exists(LOCALE."English/bbcodes/".$bbcode.".php")) {
include (LOCALE."English/bbcodes/".$bbcode.".php");
}
include (INCLUDES."bbcodes/".$bbcode."_bbcode_include.php");
}
}
}
}
$text = descript($text, false);
return $text;
}
// Javascript email encoder by Tyler Akins
// http://rumkin.com/tools/mailto_encoder/
function hide_email($email, $title = "", $subject = "") {
if (strpos($email, "@")) {
$parts = explode("@", $email);
$MailLink = "<a href='mailto:".$parts[0]."@".$parts[1];
if ($subject != "") { $MailLink .= "?subject=".urlencode($subject); }
$MailLink .= "'>".($title?$title:$parts[0]."@".$parts[1])."</a>";
$MailLetters = "";
for ($i = 0; $i < strlen($MailLink); $i++) {
$l = substr($MailLink, $i, 1);
if (strpos($MailLetters, $l) === false) {
$p = rand(0, strlen($MailLetters));
$MailLetters = substr($MailLetters, 0, $p).$l.substr($MailLetters, $p, strlen($MailLetters));
}
}
$MailLettersEnc = str_replace("\\", "\\\\", $MailLetters);
$MailLettersEnc = str_replace("\"", "\\\"", $MailLettersEnc);
$MailIndexes = "";
for ($i = 0; $i < strlen($MailLink); $i ++) {
$index = strpos($MailLetters, substr($MailLink, $i, 1));
$index += 48;
$MailIndexes .= chr($index);
}
$MailIndexes = str_replace("\\", "\\\\", $MailIndexes);
$MailIndexes = str_replace("\"", "\\\"", $MailIndexes);
$res = "<script type='text/javascript'>";
$res .= "ML=\"".str_replace("<", "xxxx", $MailLettersEnc)."\";";
$res .= "MI=\"".str_replace("<", "xxxx", $MailIndexes)."\";";
$res .= "ML=ML.replace(/xxxx/g, '<');";
$res .= "MI=MI.replace(/xxxx/g, '<');"; $res .= "OT=\"\";";
$res .= "for(j=0;j < MI.length;j++){";
$res .= "OT+=ML.charAt(MI.charCodeAt(j)-48);";
$res .= "}document.write(OT);";
$res .= "</script>";
return $res;
} else {
return $email;
}
}
// Format spaces and tabs in code bb tags
function formatcode($text) {
$text = str_replace(" ", " ", $text);
$text = str_replace(" ", " ", $text);
$text = str_replace("\t", " ", $text);
$text = preg_replace("/^ {1}/m", " ", $text);
return $text;
}
// Highlights given words in subject
function highlight_words($word, $subject) {
if (is_array($word)) {
$regex_chars = "*|#.+?(){}[]^$/";
for ($j = 0; $j < count($word); $j++) {
for ($i = 0; $i < strlen($regex_chars); $i++) {
$char = substr($regex_chars, $i, 1);
$word[$j] = str_replace($char, '\\'.$char, $word[$j]);
}
$subject = preg_replace("/(".$word[$j].")/is", "<span style='background-color:yellow;font-weight:bold;padding-left:2px;padding-right:2px'>\\1</span>", $subject);
}
}
return $subject;
}
// This function sanitises news & article submissions
function descript($text, $striptags = true) {
// Convert problematic ascii characters to their true values
$search = array("40","41","58","65","66","67","68","69","70",
"71","72","73","74","75","76","77","78","79","80","81",
"82","83","84","85","86","87","88","89","90","97","98",
"99","100","101","102","103","104","105","106","107",
"108","109","110","111","112","113","114","115","116",
"117","118","119","120","121","122"
);
$replace = array("(",")",":","a","b","c","d","e","f","g","h",
"i","j","k","l","m","n","o","p","q","r","s","t","u",
"v","w","x","y","z","a","b","c","d","e","f","g","h",
"i","j","k","l","m","n","o","p","q","r","s","t","u",
"v","w","x","y","z"
);
$entities = count($search);
for ($i=0; $i < $entities; $i++) {
$text = preg_replace("#(&\#)(0*".$search[$i]."+);*#si", $replace[$i], $text);
}
$text = preg_replace('#(&\#x)([0-9A-F]+);*#si', "", $text);
$text = preg_replace('#(<[^>]+[/\"\'\s])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onfocus|onload|xmlns)[^>]*>#iU', ">", $text);
$text = preg_replace('#([a-z]*)=([\`\'\"]*)script:#iU', '$1=$2nojscript...', $text);
$text = preg_replace('#([a-z]*)=([\`\'\"]*)javascript:#iU', '$1=$2nojavascript...', $text);
$text = preg_replace('#([a-z]*)=([\'\"]*)vbscript:#iU', '$1=$2novbscript...', $text);
$text = preg_replace('#(<[^>]+)style=([\`\'\"]*).*expression\([^>]*>#iU', "$1>", $text);
$text = preg_replace('#(<[^>]+)style=([\`\'\"]*).*behaviour\([^>]*>#iU', "$1>", $text);
if ($striptags) {
do {
$thistext = $text;
$text = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i', "", $text);
} while ($thistext != $text);
}
return $text;
}
// Scan image files for malicious code
function verify_image($file) {
$txt = file_get_contents($file);
$image_safe = true;
if (preg_match('#&(quot|lt|gt|nbsp|<?php);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#&\#x([0-9a-f]+);#i", $txt)) { $image_safe = false; }
elseif (preg_match('#&\#([0-9]+);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\`\'\"]*)script:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\`\'\"]*)javascript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\'\"]*)vbscript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\`\'\"]*).*expression\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\`\'\"]*).*behaviour\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#</*(applet|link|style|script|iframe|frame|frameset)[^>]*>#i", $txt)) { $image_safe = false; }
return $image_safe;
}
// captcha routines
function make_captcha() {
global $settings;
$captcha_string = ""; $captcha_encode = "";
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < 5; $i++) {
$captcha_string .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
for ($i = 0; $i < 31; $i++) {
$captcha_encode .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
$result = mysql_query("INSERT INTO ".DB_PREFIX."captcha (captcha_datestamp, captcha_ip, captcha_encode, captcha_string) VALUES('".time()."', '".USER_IP."', '$captcha_encode', '$captcha_string')");
if ($settings['validation_method'] == "image") {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><img src='".INCLUDES."captcha_include.php?captcha_code=".$captcha_encode."' alt='' />\n";
} else {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><strong>".$captcha_string."</strong>\n";
}
}
function check_captcha($captchs_encode, $captcha_string) {
if (preg_check("/^[0-9A-Za-z]+$/", $captchs_encode) && preg_check("/^[0-9A-Za-z]+$/", $captcha_string)) {
$result = dbquery("SELECT * FROM ".DB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
if (dbrows($result)) {
$result = dbquery("DELETE FROM ".DB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
return true;
} else {
return false;
}
} else {
return false;
}
}
// Replace offensive words with the defined replacement word
function censorwords($text) {
global $settings;
if ($settings['bad_words_enabled'] == "1" && $settings['bad_words'] != "" ) {
$word_list = explode("\r\n", $settings['bad_words']);
for ($i=0; $i < count($word_list); $i++) {
if ($word_list[$i] != "") $text = preg_replace("/".$word_list[$i]."/si", $settings['bad_word_replace'], $text);
}
}
return $text;
}
// Display the user's level
function getuserlevel($userlevel) {
global $locale;
if ($userlevel == 101) { return $locale['user1'];
} elseif ($userlevel == 102) { return $locale['user2'];
} elseif ($userlevel == 103) { return $locale['user3'];
} elseif ($userlevel == 108) { return $locale['user4']; }
}
// Check if Administrator has correct rights assigned
function checkrights($right) {
if (iADMIN && in_array($right, explode(".", iUSER_RIGHTS))) {
return true;
} else {
return false;
}
}
// Check if user is assigned to the specified user group
function checkgroup($group) {
if (iSUPERADMIN) { return true; }
elseif (iADMIN && ($group == "0" || $group == "101" || $group == "102")) { return true;
} elseif (iMEMBER && ($group == "0" || $group == "101")) { return true;
} elseif (iGUEST && $group == "0") { return true;
} elseif (iMEMBER && in_array($group, explode(".", iUSER_GROUPS))) {
return true;
} else {
return false;
}
}
// Cache groups mysql
function cache_groups() {
global $groups_cache;
$result = dbquery("SELECT * FROM ".DB_USER_GROUPS." ORDER BY group_id ASC");
if (dbrows($result)) {
$groups_cache = array();
while ($data = dbarray($result)) {
$groups_cache[] = $data;
}
} else {
$groups_cache = array();
}
}
// Compile access levels & user group array
function getusergroups() {
global $locale, $groups_cache;
$groups_array = array(
array("0", $locale['user0']),
array("101", $locale['user1']),
array("102", $locale['user2']),
array("103", $locale['user3']),
array("108", $locale['user4'])
);
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
array_push($groups_array, array($group['group_id'], $group['group_name']));
}
}
return $groups_array;
}
// Get the name of the access level or user group
function getgroupname($group_id, $return_desc = false) {
global $locale, $groups_cache;
if ($group_id == "0") { return $locale['user0'];
} elseif ($group_id == "101") { return $locale['user1']; exit;
} elseif ($group_id == "102") { return $locale['user2']; exit;
} elseif ($group_id == "103") { return $locale['user3']; exit;
} elseif ($group_id == "108") { return $locale['user4']; exit;
} else {
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
if ($group_id == $group['group_id']) { return ($return_desc ? ($group['group_description'] ? $group['group_description'] : '-') : $group['group_name']); exit; }
}
}
function groupaccess($field) {
if (iGUEST) { return "$field = '0'";
} elseif (iSUPERADMIN) { return "1 = 1";
} elseif (iADMIN) { $res = "($field='0' OR $field='101' OR $field='102'";
} elseif (iMEMBER) { $res = "($field='0' OR $field='101'";
}
if (iUSER_GROUPS != "" && !iSUPERADMIN) { $res .= " OR $field='".str_replace(".", "' OR $field='", iUSER_GROUPS)."'"; }
$res .= ")";
return $res;
}
// Create a list of files or folders and store them in an array
function makefilelist($folder, $filter, $sort=true, $type="files") {
$res = array();
$filter = explode("|", $filter);
$temp = opendir($folder);
while ($file = readdir($temp)) {
if ($type == "files" && !in_array($file, $filter)) {
if (!is_dir($folder.$file)) { $res[] = $file; }
} elseif ($type == "folders" && !in_array($file, $filter)) {
if (is_dir($folder.$file)) { $res[] = $file; }
}
}
closedir($temp);
if ($sort) { sort($res); }
return $res;
}
// Create a selection list from an array created by makefilelist()
function makefileopts($files, $selected = "") {
$res = "";
for ($i = 0; $i < count($files); $i++) {
$sel = ($selected == $files[$i] ? " selected='selected'" : "");
$res .= "<option value='".$files[$i]."'$sel>".$files[$i]."</option>\n";
}
return $res;
}
function makepagenav($start, $count, $total, $range = 0, $link = "") {
global $locale;
if ($link == "") { $link = FUSION_SELF."?"; }
$pg_cnt = ceil($total / $count);
if ($pg_cnt <= 1) { return ""; }
$idx_back = $start - $count;
$idx_next = $start + $count;
$cur_page = ceil(($start + 1) / $count);
$res = $locale['global_092']." ".$cur_page.$locale['global_093'].$pg_cnt.": ";
if($idx_back >= 0) {
if($cur_page > ($range + 1)) {
$res .= "<a href='".$link."rowstart=0'>1</a>...";
}
}
$idx_fst = max($cur_page - $range, 1);
$idx_lst = min($cur_page + $range, $pg_cnt);
if ($range == 0) {
$idx_fst = 1;
$idx_lst = $pg_cnt;
}
for ($i = $idx_fst; $i <= $idx_lst; $i++) {
$offset_page = ($i - 1) * $count;
if ($i == $cur_page) {
$res .= "<span><strong>".$i."</strong></span>";
} else {
$res .= "<a href='".$link."rowstart=".$offset_page."'>".$i."</a>";
}
}
if ($idx_next < $total) {
if ($cur_page < ($pg_cnt - $range)) {
$res .= "...<a href='".$link."rowstart=".($pg_cnt - 1) * $count."'>".$pg_cnt."</a>\n";
}
}
return "<div class='pagenav'>\n".$res."</div>\n";
}
// Format the date & time accordingly
function showdate($format, $val) {
global $settings;
if ($format == "shortdate" || $format == "longdate" || $format == "forumdate") {
return strftime($settings[$format], $val + ($settings['timeoffset']*3600));
} else {
return strftime($format, $val + ($settings['timeoffset'] * 3600));
}
}
// Translate bytes into kb, mb, gb or tb by CrappoMan
function parsebytesize($size, $digits = 2, $dir = false) {
$kb = 1024; $mb = 1024 * $kb; $gb= 1024 * $mb; $tb = 1024 * $gb;
if (($size == 0) && ($dir)) { return "Empty"; }
elseif ($size < $kb) { return $size."Bytes"; }
elseif ($size < $mb) { return round($size / $kb,$digits)."Kb"; }
elseif ($size < $gb) { return round($size / $mb,$digits)."Mb"; }
elseif ($size < $tb) { return round($size / $gb,$digits)."Gb"; }
else { return round($size / $tb, $digits)."Tb"; }
}
// User level, Admin Rights & User Group definitions
define("iGUEST", $userdata['user_level'] == 0 ? 1 : 0);
define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0);
define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0);
define("iSUPERADMIN", $userdata['user_level'] == 103 ? 1 : 0);
define("iUSER", $userdata['user_level']);
define("iUSER_RIGHTS", $userdata['user_rights']);
define("iUSER_GROUPS", substr($userdata['user_groups'], 1));
if (iADMIN) {
define("iAUTH", substr($userdata['user_password'], 16, 32));
$aidlink = "?aid=".iAUTH;
}
function check_rang($userek_id)
{
global $db_prefix;
$ddd = dbarray(dbquery("SELECT user_rang from ".$db_prefix."users WHERE user_id='".$userek_id."'"));
if ($ddd['user_rang']=="")
{
$points = dbarray(dbquery("SELECT points_normal,points_bonus,points_punishment FROM ".$db_prefix."users WHERE user_id ='".$userek_id."'"));
$points_total = $points['points_normal'] + $points['points_bonus'] - $points['points_punishment'];
$bbb = dbarray(dbquery("SELECT rang_name from ".$db_prefix."eps_rangs WHERE rang_points<=".$points_total." ORDER BY rang_points DESC LIMIT 1"));
return $bbb['rang_name'];
} else return $ddd['user_rang'];
}
function show_points($userek_id)
{
global $db_prefix;
$eee = dbarray(dbquery("SELECT user_points from ".$db_prefix."users WHERE user_id='".$userek_id."'"));
if ($eee['user_points']<1)
{
$points = dbarray(dbquery("SELECT points_normal,points_bonus,points_punishment FROM ".$db_prefix."users WHERE user_id=".$userek_id.""));
return $points['points_normal'] + $points['points_bonus'] - $points['points_punishment'];
} else return $eee['user_points'];
}
function points($i){
switch ($i) {
case 'f':
echo $id_points = 1;
break;
case 's':
$id_points = 2;
break;
case 'l':
$id_points = 3;
break;
case 'a':
$id_points = 4;
break;
case 'n':
$id_points = 5;
break;
}
return dbresult(dbquery("SELECT point_ammount FROM ".DB_EPS_POINTS." WHERE point_id ='".$id_points."'"),0);
}
include INCLUDES."system_images.php";
?>
Wywala errora:
Parse error: syntax error, unexpected $end in /virtual/w/s/wszystkoinic.ugu.pl/maincore.php on line 876
Gdy usunę linie ta liczba w errorze jest o 1 mniejsza ,a gdy dodam o 1 większa ;/
Proszę o szybką odpowiedź z pomocą :)
Stało się tak po zrobieniu twojego sposobu ;/
|
|
|
|
Geneoo |
Dodany dnia 14.07.2010 09:47:08
|
Przedszkolak
Postów: 94 Pomógł: 4 Ostrzeżeń: 2
Data rejestracji: 19.10.2008 14:14
|
Jeżeli nie masz zbyt wielu userów, którym chcesz dać te rangi, to polecam połączenie 2 modów - Nick mod, oraz Admin Rank.
W Nick modzie dodajesz grupy userów i przydzielasz ich do jakiej grupy chcesz. Następnie edytujesz profil usera i w polu Admin Rank dodajesz mu obrazek, który ma być wyświetlany.
Ja sobie tak poradziłem.
|
|
|
|
adi2 |
Dodany dnia 14.07.2010 19:58:40
|
Przedszkolak
Postów: 82 Ostrzeżeń: 4
v7.02.03 Data rejestracji: 20.01.2010 15:46
|
Niestety ja mam dużo userów...
Proszę o pomoc...(post wyżej)
|
|
|
|
eldiablo |
Dodany dnia 14.07.2010 20:27:50
|
Bywalec
Postów: 671 Pomógł: 80
Data rejestracji: 13.07.2009 19:20
|
adi2 napisał/a:
Niestety ja mam dużo userów...
Proszę o pomoc...(post wyżej)
Chodzi o ten przykład co @DJPromo przedstawił ?
A teraz:
<?php
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: maincore.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at http://www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (eregi("maincore.php", $_SERVER['PHP_SELF'])) { die(); }
error_reporting(E_ALL);
// Calculate script start/end time
function get_microtime() {
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
// Define script start time
define("START_TIME", get_microtime());
// Prevent any possible XSS attacks via $_GET.
foreach ($_GET as $check_url) {
if (!is_array($check_url)) {
$check_url = str_replace("\"", "", $check_url);
if ((eregi("<[^>]*script*\"?[^>]*>", $check_url)) || (eregi("<[^>]*object*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $check_url)) || (eregi("<[^>]*applet*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $check_url)) || (eregi("<[^>]*style*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*form*\"?[^>]*>", $check_url)) || (eregi("\([^>]*\"?[^)]*\)", $check_url)) ||
(eregi("\"", $check_url))) {
die ();
}
}
}
unset($check_url);
// Start Output Buffering
//ob_start("ob_gzhandler"); //Uncomment this line to enable output compression.
ob_start();
// Locate config.php and set the basedir path
$folder_level = ""; $i = 0;
while (!file_exists($folder_level."config.php")) {
$folder_level .= "../"; $i++;
if ($i == 5) { die("Config file not found"); }
}
require_once $folder_level."config.php";
define("BASEDIR", $folder_level);
// If config.php is empty, activate setup.php script
if (!isset($db_name)) { redirect("setup.php"); }
// Multisite definitions
require_once BASEDIR."includes/multisite_include.php";
// Establish mySQL database connection
$link = dbconnect($db_host, $db_user, $db_pass, $db_name);
// Fetch the Site Settings from the database and store them in the $settings variable
$settings = dbarray(dbquery("SELECT * FROM ".DB_SETTINGS));
// Sanitise $_SERVER globals
$_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']);
$_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : "";
$_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : "";
$PHP_SELF = cleanurl($_SERVER['PHP_SELF']);
// Common definitions
define("IN_FUSION", TRUE);
define("FUSION_REQUEST", isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] != "" ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']);
define("FUSION_QUERY", isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : "");
define("FUSION_SELF", basename($_SERVER['PHP_SELF']));
define("USER_IP", $_SERVER['REMOTE_ADDR']);
define("QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE));
// Path definitions
define("ADMIN", BASEDIR."administration/");
define("IMAGES", BASEDIR."images/");
define("IMAGES_A", IMAGES."articles/");
define("IMAGES_N", IMAGES."news/");
define("IMAGES_NC", IMAGES."news_cats/");
define("RANKS", IMAGES."ranks/");
define("INCLUDES", BASEDIR."includes/");
define("LOCALE", BASEDIR."locale/");
define("LOCALESET", $settings['locale']."/");
define("FORUM", BASEDIR."forum/");
define("INFUSIONS", BASEDIR."infusions/");
define("PHOTOS", IMAGES."photoalbum/");
define("THEMES", BASEDIR."themes/");
// Predefine mysql_cache variables
$smiley_cache = ""; $bbcode_cache = ""; $groups_cache = ""; $forum_rank_cache = ""; $forum_mod_rank_cache = "";
// MySQL database functions
function dbquery($query) {
$result = @mysql_query($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbcount($field, $table, $conditions = "") {
$cond = ($conditions ? " WHERE ".$conditions : "");
$result = @mysql_query("SELECT Count".$field." FROM ".$table.$cond);
if (!$result) {
echo mysql_error();
return false;
} else {
$rows = mysql_result($result, 0);
return $rows;
}
}
function dbresult($query, $row) {
$result = @mysql_result($query, $row);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbrows($query) {
$result = @mysql_num_rows($query);
return $result;
}
function dbarray($query) {
$result = @mysql_fetch_assoc($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbarraynum($query) {
$result = @mysql_fetch_row($query);
if (!$result) {
echo mysql_error();
return false;
} else {
return $result;
}
}
function dbconnect($db_host, $db_user, $db_pass, $db_name) {
$db_connect = @mysql_connect($db_host, $db_user, $db_pass);
$db_select = @mysql_select_db($db_name);
if (!$db_connect) {
die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to establish connection to MySQL</b><br />".mysql_errno()." : ".mysql_error()."</div>");
} elseif (!$db_select) {
die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to select MySQL database</b><br />".mysql_errno()." : ".mysql_error()."</div>");
}
}
// Initialise the $locale array
$locale = array();
// Load the Global language file
include LOCALE.LOCALESET."global.php";
// Check if users full or partial ip is blacklisted
$sub_ip1 = substr(USER_IP, 0, strlen(USER_IP) - strlen(strrchr(USER_IP, ".")));
$sub_ip2 = substr($sub_ip1, 0, strlen($sub_ip1) - strlen(strrchr($sub_ip1, ".")));
if (dbcount("(*)", DB_BLACKLIST, "blacklist_ip='".USER_IP."' OR blacklist_ip='$sub_ip1' OR blacklist_ip='$sub_ip2'")) {
redirect("http://www.google.com/");
}
// PHP-Fusion user cookie functions
if (!isset($_COOKIE[COOKIE_PREFIX.'visited'])) {
$result = dbquery("UPDATE ".DB_SETTINGS." SET counter=counter+1");
setcookie(COOKIE_PREFIX."visited", "yes", time() + 31536000, "/", "", "0");
}
//check that site or user theme exists
function theme_exists($theme) {
if (!file_exists(THEMES) || !is_dir(THEMES)) {
return false;
} else if (file_exists(THEMES.$theme."/theme.php") && file_exists(THEMES.$theme."/styles.css")) {
define("THEME", THEMES.$theme."/");
return true;
} else {
$dh = opendir(THEMES);
while (false !== ($entry = readdir($dh))) {
if ($entry != "." && $entry != ".." && is_dir(THEMES.$entry)) {
if (file_exists(THEMES.$entry."/theme.php") && file_exists(THEMES.$entry."/styles.css")) {
define("THEME", THEMES.$entry."/");
return true;
exit;
}
}
}
closedir($dh);
if (!defined("THEME")) {
return false;
}
}
}
if (isset($_POST['login']) && isset($_POST['user_name']) && isset($_POST['user_pass'])) {
$user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name']));
$user_pass = md5($_POST['user_pass']);
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_name='".$user_name."' AND user_password='".md5($user_pass)."' LIMIT 1");
if (dbrows($result)) {
$data = dbarray($result);
$cookie_value = $data['user_id'].".".$user_pass;
if ($data['user_status'] == 0) {
$cookie_exp = isset($_POST['remember_me']) ? time() + 3600 * 24 * 30 : time() + 3600 * 3;
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", $cookie_value, $cookie_exp, "/", "", "0");
redirect(BASEDIR."setuser.php?user=".$data['user_name'], true);
} elseif ($data['user_status'] == 1) {
redirect(BASEDIR."setuser.php?error=1", true);
} elseif ($data['user_status'] == 2) {
redirect(BASEDIR."setuser.php?error=2", true);
}
} else {
redirect(BASEDIR."setuser.php?error=3");
}
}
if (isset($_COOKIE[COOKIE_PREFIX.'user'])) {
$cookie_vars = explode(".", $_COOKIE[COOKIE_PREFIX.'user']);
$cookie_1 = isnum($cookie_vars['0']) ? $cookie_vars['0'] : "0";
$cookie_2 = (preg_check("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : "");
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_id='$cookie_1' AND user_password='".md5($cookie_2)."' LIMIT 1");
unset($cookie_vars,$cookie_1,$cookie_2);
if (dbrows($result)) {
$userdata = dbarray($result);
if ($userdata['user_status'] == 0) {
if ($userdata['user_theme'] != "Default" && file_exists(THEMES.$userdata['user_theme']."/theme.php") && ($settings['userthemes'] == 1 || $userdata['user_level'] >= 102)) {
if (!theme_exists($userdata['user_theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
} else {
if (!theme_exists($settings['theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
}
if ($userdata['user_offset'] <> 0) {
$settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset'];
}
if (!isset($_COOKIE[COOKIE_PREFIX.'lastvisit']) || !isnum($_COOKIE[COOKIE_PREFIX.'lastvisit'])) {
$result = dbquery("UPDATE ".DB_USERS." SET user_threads='' WHERE user_id='".$userdata['user_id']."'");
setcookie(COOKIE_PREFIX."lastvisit", $userdata['user_lastvisit'], time() + 3600, "/", "", "0");
$lastvisited = $userdata['user_lastvisit'];
} else {
$lastvisited = $_COOKIE[COOKIE_PREFIX.'lastvisit'];
}
if ($userdata['user_level'] > 101) {
if (isset($_COOKIE[COOKIE_PREFIX.'admin']) && (!eregi(str_replace("../", "", "/".ADMIN), FUSION_REQUEST) || USER_IP != $userdata['user_ip'])) {
setcookie(COOKIE_PREFIX."admin", "", time() - 7200, "/", "", "0");
}
}
} else {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
redirect(BASEDIR."index.php", true);
}
} else {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
redirect(BASEDIR."index.php", true);
}
} else {
if (!theme_exists($settings['theme'])) {
echo "<strong>".$settings['sitename']." - ".$locale['global_300'].".</strong><br /><br />\n";
echo $locale['global_301'];
die();
}
$userdata = ""; $userdata['user_level'] = 0; $userdata['user_rights'] = ""; $userdata['user_groups'] = "";
}
// Redirect browser using header or script function
function redirect($location, $script = false) {
if (!$script) {
header("Location: ".str_replace("&", "&", $location));
exit;
} else {
echo "<script type='text/javascript'>document.location.href='".str_replace("&", "&", $location)."'</script>\n";
exit;
}
}
// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
$bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", "*");
$safe_entities = array("&", "", "", "", "", "", "", "", "", "");
$url = str_replace($bad_entities, $safe_entities, $url);
return $url;
}
// Strip Input Function, prevents HTML in unwanted places
function stripinput($text) {
if (QUOTES_GPC) $text = stripslashes($text);
$search = array("&", "\"", "'", "\\", '\"', "\'", "<", ">", " ");
$replace = array("&", """, "'", "\", """, "'", "<", ">", " ");
$text = str_replace($search, $replace, $text);
return $text;
}
// stripslash function, only stripslashes if magic_quotes_gpc is on
function stripslash($text) {
if (QUOTES_GPC) { $text = stripslashes($text); }
return $text;
}
// stripslash function, add correct number of slashes depending on quotes_gpc
function addslash($text) {
if (!QUOTES_GPC) {
$text = addslashes(addslashes($text));
} else {
$text = addslashes($text);
}
return $text;
}
// htmlentities is too agressive so we use this function
function phpentities($text) {
$search = array("&", "\"", "'", "\\", "<", ">");
$replace = array("&", """, "'", "\", "<", ">");
$text = str_replace($search, $replace, $text);
return $text;
}
// Trim a line of text to a preferred length
function trimlink($text, $length) {
$dec = array("&", "\"", "'", "\\", '\"', "\'", "<", ">");
$enc = array("&", """, "'", "\", """, "'", "<", ">");
$text = str_replace($enc, $dec, $text);
if (strlen($text) > $length) $text = substr($text, 0, ($length-3))."...";
$text = str_replace($dec, $enc, $text);
return $text;
}
// Validate numeric input
function isnum($value) {
if (!is_array($value)) {
return (preg_match("/^[0-9]+$/", $value));
} else {
return false;
}
}
// custom preg-match function
function preg_check($expression, $value) {
if (!is_array($value)) {
return preg_match($expression, $value);
} else {
return false;
}
}
// Cache smileys mysql
function cache_smileys() {
global $smiley_cache;
$result = dbquery("SELECT * FROM ".DB_SMILEYS);
if (dbrows($result)) {
$smiley_cache = array();
while ($data = dbarray($result)) {
$smiley_cache[] = array(
"smiley_code" => $data['smiley_code'],
"smiley_image" => $data['smiley_image'],
"smiley_text" => $data['smiley_text']
);
}
} else {
$smiley_cache = array();
}
}
// Parse smiley bbcode
function parsesmileys($message) {
global $smiley_cache;
if (!preg_match("#(\[code\](.*?)\[/code\]|\[geshi=(.*?)\](.*?)\[/geshi\]|\[php\](.*?)\[/php\])#si", $message)) {
if (!$smiley_cache) { cache_smileys(); }
if (is_array($smiley_cache) && count($smiley_cache)) {
foreach ($smiley_cache as $smiley) {
$smiley_code = preg_quote($smiley['smiley_code']);
$smiley_image = "<img src='".get_image("smiley_".$smiley['smiley_text'])."' alt='".$smiley['smiley_text']."' style='vertical-align:middle;' />";
$message = preg_replace("#{$smiley_code}#si", $smiley_image, $message);
}
}
}
return $message;
}
// Show smiley icons in comments, forum and other post pages
function displaysmileys($textarea, $form = "inputform") {
global $smiley_cache;
$smileys = ""; $i = 0;
if (!$smiley_cache) { cache_smileys(); }
if (is_array($smiley_cache) && count($smiley_cache)) {
foreach ($smiley_cache as $smiley) {
if ($i != 0 && ($i % 10 == 0)) { $smileys .= "<br />\n"; $i++; }
$smileys .= "<img src='".get_image("smiley_".$smiley['smiley_text'])."' alt='".$smiley['smiley_text']."' onclick=\"insertText('".$textarea."', '".$smiley['smiley_code']."', '".$form."');\" />\n";
}
}
return $smileys;
}
// Cache bbcode mysql
function cache_bbcode() {
global $bbcode_cache;
$result = dbquery("SELECT * FROM ".DB_BBCODES." ORDER BY bbcode_order ASC");
if (dbrows($result)) {
$bbcode_cache = array();
while ($data = dbarray($result)) {
$bbcode_cache[] = $data['bbcode_name'];
}
} else {
$bbcode_cache = array();
}
}
// Parse bbcode
function parseubb($text, $selected=false) {
global $bbcode_cache;
if (!$bbcode_cache) { cache_bbcode(); }
if (is_array($bbcode_cache) && count($bbcode_cache)) {
if ($selected) { $sel_bbcodes = explode("|", $selected); }
foreach ($bbcode_cache as $bbcode) {
if ($selected && in_array($bbcode, $sel_bbcodes)) {
if (file_exists(INCLUDES."bbcodes/".$bbcode."_bbcode_include.php")) {
if (file_exists(LOCALE.LOCALESET."bbcodes/".$bbcode.".php")) {
include (LOCALE.LOCALESET."bbcodes/".$bbcode.".php");
} elseif (file_exists(LOCALE."English/bbcodes/".$bbcode.".php")) {
include (LOCALE."English/bbcodes/".$bbcode.".php");
}
include (INCLUDES."bbcodes/".$bbcode."_bbcode_include.php");
}
} elseif (!$selected) {
if (file_exists(INCLUDES."bbcodes/".$bbcode."_bbcode_include.php")) {
if (file_exists(LOCALE.LOCALESET."bbcodes/".$bbcode.".php")) {
include (LOCALE.LOCALESET."bbcodes/".$bbcode.".php");
} elseif (file_exists(LOCALE."English/bbcodes/".$bbcode.".php")) {
include (LOCALE."English/bbcodes/".$bbcode.".php");
}
include (INCLUDES."bbcodes/".$bbcode."_bbcode_include.php");
}
}
}
}
$text = descript($text, false);
return $text;
}
// Javascript email encoder by Tyler Akins
// http://rumkin.com/tools/mailto_encoder/
function hide_email($email, $title = "", $subject = "") {
if (strpos($email, "@")) {
$parts = explode("@", $email);
$MailLink = "<a href='mailto:".$parts[0]."@".$parts[1];
if ($subject != "") { $MailLink .= "?subject=".urlencode($subject); }
$MailLink .= "'>".($title?$title:$parts[0]."@".$parts[1])."</a>";
$MailLetters = "";
for ($i = 0; $i < strlen($MailLink); $i++) {
$l = substr($MailLink, $i, 1);
if (strpos($MailLetters, $l) === false) {
$p = rand(0, strlen($MailLetters));
$MailLetters = substr($MailLetters, 0, $p).$l.substr($MailLetters, $p, strlen($MailLetters));
}
}
$MailLettersEnc = str_replace("\\", "\\\\", $MailLetters);
$MailLettersEnc = str_replace("\"", "\\\"", $MailLettersEnc);
$MailIndexes = "";
for ($i = 0; $i < strlen($MailLink); $i ++) {
$index = strpos($MailLetters, substr($MailLink, $i, 1));
$index += 48;
$MailIndexes .= chr($index);
}
$MailIndexes = str_replace("\\", "\\\\", $MailIndexes);
$MailIndexes = str_replace("\"", "\\\"", $MailIndexes);
$res = "<script type='text/javascript'>";
$res .= "ML=\"".str_replace("<", "xxxx", $MailLettersEnc)."\";";
$res .= "MI=\"".str_replace("<", "xxxx", $MailIndexes)."\";";
$res .= "ML=ML.replace(/xxxx/g, '<');";
$res .= "MI=MI.replace(/xxxx/g, '<');"; $res .= "OT=\"\";";
$res .= "for(j=0;j < MI.length;j++){";
$res .= "OT+=ML.charAt(MI.charCodeAt(j)-48);";
$res .= "}document.write(OT);";
$res .= "</script>";
return $res;
} else {
return $email;
}
}
// Format spaces and tabs in code bb tags
function formatcode($text) {
$text = str_replace(" ", " ", $text);
$text = str_replace(" ", " ", $text);
$text = str_replace("\t", " ", $text);
$text = preg_replace("/^ {1}/m", " ", $text);
return $text;
}
// Highlights given words in subject
function highlight_words($word, $subject) {
if (is_array($word)) {
$regex_chars = "*|#.+?(){}[]^$/";
for ($j = 0; $j < count($word); $j++) {
for ($i = 0; $i < strlen($regex_chars); $i++) {
$char = substr($regex_chars, $i, 1);
$word[$j] = str_replace($char, '\\'.$char, $word[$j]);
}
$subject = preg_replace("/(".$word[$j].")/is", "<span style='background-color:yellow;font-weight:bold;padding-left:2px;padding-right:2px'>\\1</span>", $subject);
}
}
return $subject;
}
// This function sanitises news & article submissions
function descript($text, $striptags = true) {
// Convert problematic ascii characters to their true values
$search = array("40","41","58","65","66","67","68","69","70",
"71","72","73","74","75","76","77","78","79","80","81",
"82","83","84","85","86","87","88","89","90","97","98",
"99","100","101","102","103","104","105","106","107",
"108","109","110","111","112","113","114","115","116",
"117","118","119","120","121","122"
);
$replace = array("(",")",":","a","b","c","d","e","f","g","h",
"i","j","k","l","m","n","o","p","q","r","s","t","u",
"v","w","x","y","z","a","b","c","d","e","f","g","h",
"i","j","k","l","m","n","o","p","q","r","s","t","u",
"v","w","x","y","z"
);
$entities = count($search);
for ($i=0; $i < $entities; $i++) {
$text = preg_replace("#(&\#)(0*".$search[$i]."+);*#si", $replace[$i], $text);
}
$text = preg_replace('#(&\#x)([0-9A-F]+);*#si', "", $text);
$text = preg_replace('#(<[^>]+[/\"\'\s])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onfocus|onload|xmlns)[^>]*>#iU', ">", $text);
$text = preg_replace('#([a-z]*)=([\`\'\"]*)script:#iU', '$1=$2nojscript...', $text);
$text = preg_replace('#([a-z]*)=([\`\'\"]*)javascript:#iU', '$1=$2nojavascript...', $text);
$text = preg_replace('#([a-z]*)=([\'\"]*)vbscript:#iU', '$1=$2novbscript...', $text);
$text = preg_replace('#(<[^>]+)style=([\`\'\"]*).*expression\([^>]*>#iU', "$1>", $text);
$text = preg_replace('#(<[^>]+)style=([\`\'\"]*).*behaviour\([^>]*>#iU', "$1>", $text);
if ($striptags) {
do {
$thistext = $text;
$text = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i', "", $text);
} while ($thistext != $text);
}
return $text;
}
// Scan image files for malicious code
function verify_image($file) {
$txt = file_get_contents($file);
$image_safe = true;
if (preg_match('#&(quot|lt|gt|nbsp|<?php);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#&\#x([0-9a-f]+);#i", $txt)) { $image_safe = false; }
elseif (preg_match('#&\#([0-9]+);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\`\'\"]*)script:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\`\'\"]*)javascript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\'\"]*)vbscript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\`\'\"]*).*expression\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\`\'\"]*).*behaviour\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#</*(applet|link|style|script|iframe|frame|frameset)[^>]*>#i", $txt)) { $image_safe = false; }
return $image_safe;
}
// captcha routines
function make_captcha() {
global $settings;
$captcha_string = ""; $captcha_encode = "";
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < 5; $i++) {
$captcha_string .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
for ($i = 0; $i < 31; $i++) {
$captcha_encode .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
$result = mysql_query("INSERT INTO ".DB_PREFIX."captcha (captcha_datestamp, captcha_ip, captcha_encode, captcha_string) VALUES('".time()."', '".USER_IP."', '$captcha_encode', '$captcha_string')");
if ($settings['validation_method'] == "image") {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><img src='".INCLUDES."captcha_include.php?captcha_code=".$captcha_encode."' alt='' />\n";
} else {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><strong>".$captcha_string."</strong>\n";
}
}
function check_captcha($captchs_encode, $captcha_string) {
if (preg_check("/^[0-9A-Za-z]+$/", $captchs_encode) && preg_check("/^[0-9A-Za-z]+$/", $captcha_string)) {
$result = dbquery("SELECT * FROM ".DB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
if (dbrows($result)) {
$result = dbquery("DELETE FROM ".DB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
return true;
} else {
return false;
}
} else {
return false;
}
}
// Replace offensive words with the defined replacement word
function censorwords($text) {
global $settings;
if ($settings['bad_words_enabled'] == "1" && $settings['bad_words'] != "" ) {
$word_list = explode("\r\n", $settings['bad_words']);
for ($i=0; $i < count($word_list); $i++) {
if ($word_list[$i] != "") $text = preg_replace("/".$word_list[$i]."/si", $settings['bad_word_replace'], $text);
}
}
return $text;
}
// Display the user's level
function getuserlevel($userlevel) {
global $locale;
if ($userlevel == 101) { return $locale['user1'];
} elseif ($userlevel == 102) { return $locale['user2'];
} elseif ($userlevel == 103) { return $locale['user3'];
} elseif ($userlevel == 108) { return $locale['user4']; }
}
// Check if Administrator has correct rights assigned
function checkrights($right) {
if (iADMIN && in_array($right, explode(".", iUSER_RIGHTS))) {
return true;
} else {
return false;
}
}
// Check if user is assigned to the specified user group
function checkgroup($group) {
if (iSUPERADMIN) { return true; }
elseif (iADMIN && ($group == "0" || $group == "101" || $group == "102")) { return true;
} elseif (iMEMBER && ($group == "0" || $group == "101")) { return true;
} elseif (iGUEST && $group == "0") { return true;
} elseif (iMEMBER && in_array($group, explode(".", iUSER_GROUPS))) {
return true;
} else {
return false;
}
}
// Cache groups mysql
function cache_groups() {
global $groups_cache;
$result = dbquery("SELECT * FROM ".DB_USER_GROUPS." ORDER BY group_id ASC");
if (dbrows($result)) {
$groups_cache = array();
while ($data = dbarray($result)) {
$groups_cache[] = $data;
}
} else {
$groups_cache = array();
}
}
// Compile access levels & user group array
function getusergroups() {
global $locale, $groups_cache;
$groups_array = array(
array("0", $locale['user0']),
array("101", $locale['user1']),
array("102", $locale['user2']),
array("103", $locale['user3']),
array("108", $locale['user4'])
);
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
array_push($groups_array, array($group['group_id'], $group['group_name']));
}
}
return $groups_array;
}
// Get the name of the access level or user group
function getgroupname($group_id, $return_desc = false) {
global $locale, $groups_cache;
if ($group_id == "0") { return $locale['user0'];
} elseif ($group_id == "101") { return $locale['user1']; exit;
} elseif ($group_id == "102") { return $locale['user2']; exit;
} elseif ($group_id == "103") { return $locale['user3']; exit;
} elseif ($group_id == "108") { return $locale['user4']; exit;
} else {
if (!$groups_cache) { cache_groups(); }
if (is_array($groups_cache) && count($groups_cache)) {
foreach ($groups_cache as $group) {
if ($group_id == $group['group_id']) { return ($return_desc ? ($group['group_description'] ? $group['group_description'] : '-') : $group['group_name']); exit; }
}
}
}
return "N/A";
}
function groupaccess($field) {
if (iGUEST) { return "$field = '0'";
} elseif (iSUPERADMIN) { return "1 = 1";
} elseif (iADMIN) { $res = "($field='0' OR $field='101' OR $field='102'";
} elseif (iMEMBER) { $res = "($field='0' OR $field='101'";
}
if (iUSER_GROUPS != "" && !iSUPERADMIN) { $res .= " OR $field='".str_replace(".", "' OR $field='", iUSER_GROUPS)."'"; }
$res .= ")";
return $res;
}
// Create a list of files or folders and store them in an array
function makefilelist($folder, $filter, $sort=true, $type="files") {
$res = array();
$filter = explode("|", $filter);
$temp = opendir($folder);
while ($file = readdir($temp)) {
if ($type == "files" && !in_array($file, $filter)) {
if (!is_dir($folder.$file)) { $res[] = $file; }
} elseif ($type == "folders" && !in_array($file, $filter)) {
if (is_dir($folder.$file)) { $res[] = $file; }
}
}
closedir($temp);
if ($sort) { sort($res); }
return $res;
}
// Create a selection list from an array created by makefilelist()
function makefileopts($files, $selected = "") {
$res = "";
for ($i = 0; $i < count($files); $i++) {
$sel = ($selected == $files[$i] ? " selected='selected'" : "");
$res .= "<option value='".$files[$i]."'$sel>".$files[$i]."</option>\n";
}
return $res;
}
function makepagenav($start, $count, $total, $range = 0, $link = "") {
global $locale;
if ($link == "") { $link = FUSION_SELF."?"; }
$pg_cnt = ceil($total / $count);
if ($pg_cnt <= 1) { return ""; }
$idx_back = $start - $count;
$idx_next = $start + $count;
$cur_page = ceil(($start + 1) / $count);
$res = $locale['global_092']." ".$cur_page.$locale['global_093'].$pg_cnt.": ";
if($idx_back >= 0) {
if($cur_page > ($range + 1)) {
$res .= "<a href='".$link."rowstart=0'>1</a>...";
}
}
$idx_fst = max($cur_page - $range, 1);
$idx_lst = min($cur_page + $range, $pg_cnt);
if ($range == 0) {
$idx_fst = 1;
$idx_lst = $pg_cnt;
}
for ($i = $idx_fst; $i <= $idx_lst; $i++) {
$offset_page = ($i - 1) * $count;
if ($i == $cur_page) {
$res .= "<span><strong>".$i."</strong></span>";
} else {
$res .= "<a href='".$link."rowstart=".$offset_page."'>".$i."</a>";
}
}
if ($idx_next < $total) {
if ($cur_page < ($pg_cnt - $range)) {
$res .= "...<a href='".$link."rowstart=".($pg_cnt - 1) * $count."'>".$pg_cnt."</a>\n";
}
}
return "<div class='pagenav'>\n".$res."</div>\n";
}
// Format the date & time accordingly
function showdate($format, $val) {
global $settings;
if ($format == "shortdate" || $format == "longdate" || $format == "forumdate") {
return strftime($settings[$format], $val + ($settings['timeoffset']*3600));
} else {
return strftime($format, $val + ($settings['timeoffset'] * 3600));
}
}
// Translate bytes into kb, mb, gb or tb by CrappoMan
function parsebytesize($size, $digits = 2, $dir = false) {
$kb = 1024; $mb = 1024 * $kb; $gb= 1024 * $mb; $tb = 1024 * $gb;
if (($size == 0) && ($dir)) { return "Empty"; }
elseif ($size < $kb) { return $size."Bytes"; }
elseif ($size < $mb) { return round($size / $kb,$digits)."Kb"; }
elseif ($size < $gb) { return round($size / $mb,$digits)."Mb"; }
elseif ($size < $tb) { return round($size / $gb,$digits)."Gb"; }
else { return round($size / $tb, $digits)."Tb"; }
}
// User level, Admin Rights & User Group definitions
define("iGUEST", $userdata['user_level'] == 0 ? 1 : 0);
define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0);
define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0);
define("iSUPERADMIN", $userdata['user_level'] == 103 ? 1 : 0);
define("iUSER", $userdata['user_level']);
define("iUSER_RIGHTS", $userdata['user_rights']);
define("iUSER_GROUPS", substr($userdata['user_groups'], 1));
if (iADMIN) {
define("iAUTH", substr($userdata['user_password'], 16, 32));
$aidlink = "?aid=".iAUTH;
}
function check_rang($userek_id)
{
global $db_prefix;
$ddd = dbarray(dbquery("SELECT user_rang from ".$db_prefix."users WHERE user_id='".$userek_id."'"));
if ($ddd['user_rang']=="")
{
$points = dbarray(dbquery("SELECT points_normal,points_bonus,points_punishment FROM ".$db_prefix."users WHERE user_id ='".$userek_id."'"));
$points_total = $points['points_normal'] + $points['points_bonus'] - $points['points_punishment'];
$bbb = dbarray(dbquery("SELECT rang_name from ".$db_prefix."eps_rangs WHERE rang_points<=".$points_total." ORDER BY rang_points DESC LIMIT 1"));
return $bbb['rang_name'];
} else return $ddd['user_rang'];
}
function show_points($userek_id)
{
global $db_prefix;
$eee = dbarray(dbquery("SELECT user_points from ".$db_prefix."users WHERE user_id='".$userek_id."'"));
if ($eee['user_points']<1)
{
$points = dbarray(dbquery("SELECT points_normal,points_bonus,points_punishment FROM ".$db_prefix."users WHERE user_id=".$userek_id.""));
return $points['points_normal'] + $points['points_bonus'] - $points['points_punishment'];
} else return $eee['user_points'];
}
function points($i){
switch ($i) {
case 'f':
echo $id_points = 1;
break;
case 's':
$id_points = 2;
break;
case 'l':
$id_points = 3;
break;
case 'a':
$id_points = 4;
break;
case 'n':
$id_points = 5;
break;
}
return dbresult(dbquery("SELECT point_ammount FROM ".DB_EPS_POINTS." WHERE point_id ='".$id_points."'"),0);
}
include INCLUDES."system_images.php";
?>
Jeżeli teraz działa, to powód był taki -> patrz uważnie co i gdzie kopiujesz oraz czy wygląda to tak jak podany kod w danym poście.
A jeżeli nie działa to luknij czy gdzieś } nie brakuje.
Edytowane przez eldiablo dnia 14.07.2010 20:28:21
|
|
|
|
adi2 |
Dodany dnia 15.07.2010 10:10:04
|
Przedszkolak
Postów: 82 Ostrzeżeń: 4
v7.02.03 Data rejestracji: 20.01.2010 15:46
|
@eldiablo Wielkie thx
Śmiga super!
Tylko pytanie co zrobić jak zrobiłem 2 grupę i też chcę jej dać prawa w PA ? ;D
|
|
|
|
outchorn1 |
Dodany dnia 15.09.2010 21:56:12
|
Przedszkolak
Postów: 71 Ostrzeżeń: 3
Data rejestracji: 14.04.2010 20:16
|
Jeżeli ktoś by mógł podać pliki jakie należy edytować to nawet sam bym spróbował wykonać ten modzik.
Wiadomość doklejona:
Udało mi się dodać, nowy "level" użytkownika w tym przypadku jest to Redaktor (nazwę można zmienić w pliku local/Polish/global.php).
W załączniku gotowe pliki do podmiany. Pliki modyfikowane z najnowszej paczki PHP-Fusion 7.1.01. Pliki z folderu files, należy wrzucić na serwer. Kiedy program zapyta czy zastąpić istniejące klikamy Tak. I to wszystko. Mam nadzieje, że się przyda.
PW od moderatora:
- Przeniesienie posta - Pieka 15.09 - 21:56
outchorn1 dodał/a następującą plik:
Edytowane przez outchorn1 dnia 15.09.2010 13:41:52
|
|
|
|
DJPromo |
Dodany dnia 15.09.2010 22:01:23
|
Bywalec
Postów: 630 Pomógł: 41
v7.02.07 Data rejestracji: 13.06.2006 18:51
|
@outchorn1
Nie wiem czy sam to wymyśliłeś ale pachnie mi to kodem który Podałem w tym temacie http://www.php-fu...ost_126540
rozwiązanie jest nowatorskie !
Do tego zacytuje !!! UWAGA !!!
Sposób przedstawiony przez DJPromo NIE jest bezpieczny!
Tak stworzona nowa ranga osób - czyli grupa osób - może mieć dostęp do zasobów dostępnych dla Admina. Krócej: taka osoba może mieć niepowołany dostęp do strony. Mogą wystąpić także inne problemy.
To tak dla zrozumienia pokazany kod jest dla testów i przemyśleń jak to wtedy można było zrobić to na tyle wyjaśnień.
PW od moderatora:
- Przeniesienie posta - Pieka 15.09 - 22:01
Pomogłem Kliknij Pomógł
Życie to chwila zbyt krótka aby móc .... Życie to chwila / trzeba patrzeć i podziwiać
|
|
|