github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-22 22:33:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

частичный перенос базовых классов на автозагрузку

Browse source
This commit is contained in:
PheRum 2015-05-12 19:08:53 +03:00
commit 7a9dc820c3
6 changed files with 408 additions and 308 deletions
Download patch file Download diff file Expand all files Collapse all files

133
library/includes/functions_upload.php → library/TorrentPier/Upload.php
View file

@ -1,44 +1,95 @@
<?php <?php
if (!defined('BB_ROOT')) die(basename(__FILE__)); if (!defined('BB_ROOT'))
class upload_common
{ {
var $cfg = array( die(basename(__FILE__));
}
class Upload
{
/**
* @type array
*/
public $cfg = [
'max_size' => 0, 'max_size' => 0,
'max_width' => 0, 'max_width' => 0,
'max_height' => 0, 'max_height' => 0,
'allowed_ext' => array(), 'allowed_ext' => [],
'upload_path' => '', 'upload_path' => '',
); ];
var $file = array(
'name' => '', /**
'type' => '', * @type array
'size' => 0, */
'tmp_name' => '', public $file = [
'error' => UPLOAD_ERR_NO_FILE, 'name' => '',
); 'type' => '',
var $orig_name = ''; 'size' => 0,
var $file_path = ''; // Stored file path 'tmp_name' => '',
var $file_ext = ''; 'error' => UPLOAD_ERR_NO_FILE,
var $file_ext_id = ''; ];
var $file_size = '';
var $ext_ids = array(); // array_flip($bb_cfg['file_id_ext']) /**
var $errors = array(); * @type string
var $img_types = array( */
public $orig_name = '';
/**
* @type string
*/
public $file_path = '';
/**
* @type string
*/
public $file_ext = '';
/**
* @type string
*/
public $file_ext_id = '';
/**
* @type string
*/
public $file_size = '';
/**
* array_flip($bb_cfg['file_id_ext'])
*
* @type array
*/
public $ext_ids = [];
/**
* @type array
*/
public $errors = [];
/**
* @type array
*/
public $img_types = [
1 => 'gif', 1 => 'gif',
2 => 'jpg', 2 => 'jpg',
3 => 'png', 3 => 'png',
6 => 'bmp', 6 => 'bmp',
7 => 'tiff', 7 => 'tiff',
8 => 'tiff', 8 => 'tiff',
); ];
function init ($cfg = array(), $post_params = array(), $uploaded_only = true) /**
* @param array $cfg
* @param array $post_params
* @param bool $uploaded_only
*
* @return bool
*/
public function init ($cfg = [], $post_params = [], $uploaded_only = true)
{ {
global $bb_cfg, $lang; global $bb_cfg, $lang;
$this->cfg = array_merge($this->cfg, $cfg); $this->cfg = array_merge($this->cfg, $cfg);
$this->file = $post_params; $this->file = $post_params;
// upload errors from $_FILES // upload errors from $_FILES
@ -47,34 +98,39 @@ class upload_common
$msg = $lang['UPLOAD_ERROR_COMMON']; $msg = $lang['UPLOAD_ERROR_COMMON'];
$msg .= ($err_desc =& $lang['UPLOAD_ERRORS'][$this->file['error']]) ? " ($err_desc)" : ''; $msg .= ($err_desc =& $lang['UPLOAD_ERRORS'][$this->file['error']]) ? " ($err_desc)" : '';
$this->errors[] = $msg; $this->errors[] = $msg;
return false; return false;
} }
// file_exists // file_exists
if (!file_exists($this->file['tmp_name'])) if (!file_exists($this->file['tmp_name']))
{ {
$this->errors[] = "Uploaded file not exists: {$this->file['tmp_name']}"; $this->errors[] = "Uploaded file not exists: {$this->file['tmp_name']}";
return false; return false;
} }
// size // size
if (!$this->file_size = filesize($this->file['tmp_name'])) if (!$this->file_size = filesize($this->file['tmp_name']))
{ {
$this->errors[] = "Uploaded file is empty: {$this->file['tmp_name']}"; $this->errors[] = "Uploaded file is empty: {$this->file['tmp_name']}";
return false; return false;
} }
if ($this->cfg['max_size'] && $this->file_size > $this->cfg['max_size']) if ($this->cfg['max_size'] && $this->file_size > $this->cfg['max_size'])
{ {
$this->errors[] = sprintf($lang['UPLOAD_ERROR_SIZE'], humn_size($this->cfg['max_size'])); $this->errors[] = sprintf($lang['UPLOAD_ERROR_SIZE'], humn_size($this->cfg['max_size']));
return false; return false;
} }
// is_uploaded_file // is_uploaded_file
if ($uploaded_only && !is_uploaded_file($this->file['tmp_name'])) if ($uploaded_only && !is_uploaded_file($this->file['tmp_name']))
{ {
$this->errors[] = "Not uploaded file: {$this->file['tmp_name']}"; $this->errors[] = "Not uploaded file: {$this->file['tmp_name']}";
return false; return false;
} }
// get ext // get ext
$this->ext_ids = array_flip($bb_cfg['file_id_ext']); $this->ext_ids = array_flip($bb_cfg['file_id_ext']);
$file_name_ary = explode('.', $this->file['name']); $file_name_ary = explode('.', $this->file['name']);
$this->file_ext = strtolower(end($file_name_ary)); $this->file_ext = strtolower(end($file_name_ary));
// img // img
@ -88,6 +144,7 @@ class upload_common
if (!$width || !$height || !$type || !isset($this->img_types[$type])) if (!$width || !$height || !$type || !isset($this->img_types[$type]))
{ {
$this->errors[] = $lang['UPLOAD_ERROR_FORMAT']; $this->errors[] = $lang['UPLOAD_ERROR_FORMAT'];
return false; return false;
} }
$this->file_ext = $this->img_types[$type]; $this->file_ext = $this->img_types[$type];
@ -96,12 +153,14 @@ class upload_common
if (($this->cfg['max_width'] && $width > $this->cfg['max_width']) || ($this->cfg['max_height'] && $height > $this->cfg['max_height'])) if (($this->cfg['max_width'] && $width > $this->cfg['max_width']) || ($this->cfg['max_height'] && $height > $this->cfg['max_height']))
{ {
$this->errors[] = sprintf($lang['UPLOAD_ERROR_DIMENSIONS'], $this->cfg['max_width'], $this->cfg['max_height']); $this->errors[] = sprintf($lang['UPLOAD_ERROR_DIMENSIONS'], $this->cfg['max_width'], $this->cfg['max_height']);
return false; return false;
} }
} }
else else
{ {
$this->errors[] = $lang['UPLOAD_ERROR_NOT_IMAGE']; $this->errors[] = $lang['UPLOAD_ERROR_NOT_IMAGE'];
return false; return false;
} }
} }
@ -109,24 +168,33 @@ class upload_common
if ($uploaded_only && (!isset($this->ext_ids[$this->file_ext]) || !in_array($this->file_ext, $this->cfg['allowed_ext'], true))) if ($uploaded_only && (!isset($this->ext_ids[$this->file_ext]) || !in_array($this->file_ext, $this->cfg['allowed_ext'], true)))
{ {
$this->errors[] = sprintf($lang['UPLOAD_ERROR_NOT_ALLOWED'], htmlCHR($this->file_ext)); $this->errors[] = sprintf($lang['UPLOAD_ERROR_NOT_ALLOWED'], htmlCHR($this->file_ext));
return false; return false;
} }
$this->file_ext_id = $this->ext_ids[$this->file_ext]; $this->file_ext_id = @$this->ext_ids[$this->file_ext];
return true; return true;
} }
function store ($mode = '', $params = array()) /**
* @param string $mode
* @param array $params
*
* @return bool
*/
public function store ($mode = '', $params = [])
{ {
if ($mode == 'avatar') if ($mode == 'avatar')
{ {
delete_avatar($params['user_id'], $params['avatar_ext_id']); delete_avatar($params['user_id'], $params['avatar_ext_id']);
$file_path = get_avatar_path($params['user_id'], $this->file_ext_id); $file_path = get_avatar_path($params['user_id'], $this->file_ext_id);
return $this->_move($file_path); return $this->_move($file_path);
} }
else if ($mode == 'attach') else if ($mode == 'attach')
{ {
$file_path = get_attach_path($params['topic_id']); $file_path = get_attach_path($params['topic_id']);
return $this->_move($file_path); return $this->_move($file_path);
} }
else else
@ -135,7 +203,12 @@ class upload_common
} }
} }
function _move ($file_path) /**
* @param $file_path
*
* @return bool
*/
private function _move ($file_path)
{ {
$dir = dirname($file_path); $dir = dirname($file_path);
if (!file_exists($dir)) if (!file_exists($dir))
@ -143,6 +216,7 @@ class upload_common
if (!bb_mkdir($dir)) if (!bb_mkdir($dir))
{ {
$this->errors[] = "Cannot create dir: $dir"; $this->errors[] = "Cannot create dir: $dir";
return false; return false;
} }
} }
@ -151,6 +225,7 @@ class upload_common
if (!@copy($this->file['tmp_name'], $file_path)) if (!@copy($this->file['tmp_name'], $file_path))
{ {
$this->errors[] = 'Cannot copy tmp file'; $this->errors[] = 'Cannot copy tmp file';
return false; return false;
} }
@unlink($this->file['tmp_name']); @unlink($this->file['tmp_name']);

459
library/includes/sessions.php → library/TorrentPier/sessions.php
View file

@ -1,24 +1,22 @@
<?php <?php
if (!defined('BB_ROOT')) die(basename(__FILE__));
define('ONLY_NEW_POSTS', 1); class Sessions
define('ONLY_NEW_TOPICS', 2);
class user_common
{ {
/** /**
* Config * @type array
*/ */
var $cfg = array( public $cfg = [
'req_login' => false, // requires user to be logged in 'req_login' => false, // requires user to be logged in
'req_session_admin' => false, // requires active admin session (for moderation or admin actions) 'req_session_admin' => false, // requires active admin session (for moderation or admin actions)
); ];
/** /**
* PHP-JS exchangeable options (JSON'ized as {USER_OPTIONS_JS} in TPL) * PHP-JS exchangeable options (JSON'ized as {USER_OPTIONS_JS} in TPL)
*/ *
var $opt_js = array( * @type array
*/
public $opt_js = [
'only_new' => 0, // show ony new posts or topics 'only_new' => 0, // show ony new posts or topics
'h_av' => 0, // hide avatar 'h_av' => 0, // hide avatar
'h_rnk_i' => 0, // hide rank images 'h_rnk_i' => 0, // hide rank images
@ -31,54 +29,68 @@ class user_common
'hl_tr' => 1, // show cursor in tracker.php 'hl_tr' => 1, // show cursor in tracker.php
'i_aft_l' => 0, // show images only after full loading 'i_aft_l' => 0, // show images only after full loading
'h_tsp' => 0, // show released title {...} 'h_tsp' => 0, // show released title {...}
); ];
/** /**
* Defaults options for guests * Defaults options for guests
*
* @type array
*/ */
var $opt_js_guest = array( public $opt_js_guest = [
'h_av' => 1, // hide avatar 'h_av' => 1, // hide avatar
'h_rnk_i' => 1, // hide rank images 'h_rnk_i' => 1, // hide rank images
'h_smile' => 1, // hide smilies 'h_smile' => 1, // hide smilies
'h_sig' => 1, // hide signatures 'h_sig' => 1, // hide signatures
); ];
/** /**
* Sessiondata * Sessiondata
*/ *
var $sessiondata = array( * @type array
*/
public $sessiondata = [
'uk' => null, 'uk' => null,
'uid' => null, 'uid' => null,
'sid' => '', 'sid' => '',
); ];
/** /**
* Old $userdata * Old $userdata
*/ *
var $data = array(); * @type array
*/
public $data = [];
/** /**
* Shortcuts * Shortcuts
*/ *
var $id = null; * @type
*/
public $id;
public $active;
public $name;
public $lastvisit;
public $regdate;
public $level;
public $opt;
/**
* Constructor function __construct ()
*/
function user_common ()
{ {
$this->get_sessiondata(); $this->get_sessiondata();
} }
/** /**
* Start session (restore existent session or create new) * @param array $cfg
*/ *
function session_start ($cfg = array()) * @return array|bool
*/
public function session_start ($cfg = [])
{ {
global $bb_cfg; global $bb_cfg;
$update_sessions_table = false; $update_sessions_table = false;
$this->cfg = array_merge($this->cfg, $cfg); $this->cfg = array_merge($this->cfg, $cfg);
$session_id = $this->sessiondata['sid']; $session_id = $this->sessiondata['sid'];
@ -89,8 +101,8 @@ class user_common
$SQL['SELECT'][] = "u.*, s.*"; $SQL['SELECT'][] = "u.*, s.*";
$SQL['FROM'][] = BB_SESSIONS ." s"; $SQL['FROM'][] = BB_SESSIONS . " s";
$SQL['INNER JOIN'][] = BB_USERS ." u ON(u.user_id = s.session_user_id)"; $SQL['INNER JOIN'][] = BB_USERS . " u ON(u.user_id = s.session_user_id)";
if ($session_id) if ($session_id)
{ {
@ -98,16 +110,16 @@ class user_common
if ($bb_cfg['torhelp_enabled']) if ($bb_cfg['torhelp_enabled'])
{ {
$SQL['SELECT'][] = "th.topic_id_csv AS torhelp"; $SQL['SELECT'][] = "th.topic_id_csv AS torhelp";
$SQL['LEFT JOIN'][] = BB_BT_TORHELP ." th ON(u.user_id = th.user_id)"; $SQL['LEFT JOIN'][] = BB_BT_TORHELP . " th ON(u.user_id = th.user_id)";
} }
$userdata_cache_id = $session_id; $userdata_cache_id = $session_id;
} }
else else
{ {
$SQL['WHERE'][] = "s.session_ip = '". USER_IP ."'"; $SQL['WHERE'][] = "s.session_ip = '" . USER_IP . "'";
$SQL['WHERE'][] = "s.session_user_id = ". GUEST_UID; $SQL['WHERE'][] = "s.session_user_id = " . GUEST_UID;
$userdata_cache_id = USER_IP; $userdata_cache_id = USER_IP;
} }
@ -119,7 +131,7 @@ class user_common
if ($this->data && (TIMENOW - $this->data['session_time']) > $bb_cfg['session_update_intrv']) if ($this->data && (TIMENOW - $this->data['session_time']) > $bb_cfg['session_update_intrv'])
{ {
$this->data['session_time'] = TIMENOW; $this->data['session_time'] = TIMENOW;
$update_sessions_table = true; $update_sessions_table = true;
} }
cache_set_userdata($this->data); cache_set_userdata($this->data);
@ -147,8 +159,8 @@ class user_common
if ($update_sessions_table) if ($update_sessions_table)
{ {
DB()->query(" DB()->query("
UPDATE ". BB_SESSIONS ." SET UPDATE " . BB_SESSIONS . " SET
session_time = ". TIMENOW ." session_time = " . TIMENOW . "
WHERE session_id = '$session_id' WHERE session_id = '$session_id'
LIMIT 1 LIMIT 1
"); ");
@ -157,14 +169,14 @@ class user_common
} }
else else
{ {
$this->data = array(); $this->data = [];
} }
} }
// If we reach here then no (valid) session exists. So we'll create a new one, // If we reach here then no (valid) session exists. So we'll create a new one,
// using the cookie user_id if available to pull basic user prefs. // using the cookie user_id if available to pull basic user prefs.
if (!$this->data) if (!$this->data)
{ {
$login = false; $login = false;
$user_id = ($bb_cfg['allow_autologin'] && $this->sessiondata['uk'] && $this->sessiondata['uid']) ? $this->sessiondata['uid'] : GUEST_UID; $user_id = ($bb_cfg['allow_autologin'] && $this->sessiondata['uk'] && $this->sessiondata['uid']) ? $this->sessiondata['uid'] : GUEST_UID;
if ($userdata = get_userdata(intval($user_id), false, true)) if ($userdata = get_userdata(intval($user_id), false, true))
@ -185,13 +197,13 @@ class user_common
$this->session_create($userdata, true); $this->session_create($userdata, true);
} }
define('IS_GUEST', (!$this->data['session_logged_in'])); define('IS_GUEST', (!$this->data['session_logged_in']));
define('IS_ADMIN', (!IS_GUEST && $this->data['user_level'] == ADMIN)); define('IS_ADMIN', (!IS_GUEST && $this->data['user_level'] == ADMIN));
define('IS_MOD', (!IS_GUEST && $this->data['user_level'] == MOD)); define('IS_MOD', (!IS_GUEST && $this->data['user_level'] == MOD));
define('IS_GROUP_MEMBER', (!IS_GUEST && $this->data['user_level'] == GROUP_MEMBER)); define('IS_GROUP_MEMBER', (!IS_GUEST && $this->data['user_level'] == GROUP_MEMBER));
define('IS_USER', (!IS_GUEST && $this->data['user_level'] == USER)); define('IS_USER', (!IS_GUEST && $this->data['user_level'] == USER));
define('IS_SUPER_ADMIN', (IS_ADMIN && isset($bb_cfg['super_admins'][$this->data['user_id']]))); define('IS_SUPER_ADMIN', (IS_ADMIN && isset($bb_cfg['super_admins'][$this->data['user_id']])));
define('IS_AM', (IS_ADMIN || IS_MOD)); define('IS_AM', (IS_ADMIN || IS_MOD));
$this->set_shortcuts(); $this->set_shortcuts();
@ -207,18 +219,21 @@ class user_common
} }
/** /**
* Create new session for the given user * @param $userdata
*/ * @param bool $auto_created
function session_create ($userdata, $auto_created = false) *
* @return array
*/
public function session_create ($userdata, $auto_created = false)
{ {
global $bb_cfg; global $bb_cfg;
$this->data = $userdata; $this->data = $userdata;
$session_id = $this->sessiondata['sid']; $session_id = $this->sessiondata['sid'];
$login = (int) ($this->data['user_id'] != GUEST_UID); $login = (int) ($this->data['user_id'] != GUEST_UID);
$is_user = ($this->data['user_level'] != ADMIN); $is_user = ($this->data['user_level'] != ADMIN);
$user_id = (int) $this->data['user_id']; $user_id = (int) $this->data['user_id'];
$mod_admin_session = ($this->data['user_level'] == ADMIN || $this->data['user_level'] == MOD); $mod_admin_session = ($this->data['user_level'] == ADMIN || $this->data['user_level'] == MOD);
// Initial ban check against user_id or IP address // Initial ban check against user_id or IP address
@ -226,10 +241,10 @@ class user_common
{ {
preg_match('#(..)(..)(..)(..)#', USER_IP, $ip); preg_match('#(..)(..)(..)(..)#', USER_IP, $ip);
$where_sql = "ban_ip IN('". USER_IP ."', '$ip[1]$ip[2]$ip[3]ff', '$ip[1]$ip[2]ffff', '$ip[1]ffffff')"; $where_sql = "ban_ip IN('" . USER_IP . "', '$ip[1]$ip[2]$ip[3]ff', '$ip[1]$ip[2]ffff', '$ip[1]ffffff')";
$where_sql .= ($login) ? " OR ban_userid = $user_id" : ''; $where_sql .= ($login) ? " OR ban_userid = $user_id" : '';
$sql = "SELECT ban_id FROM ". BB_BANLIST ." WHERE $where_sql LIMIT 1"; $sql = "SELECT ban_id FROM " . BB_BANLIST . " WHERE $where_sql LIMIT 1";
if (DB()->fetch_row($sql)) if (DB()->fetch_row($sql))
{ {
@ -238,11 +253,11 @@ class user_common
} }
// Create new session // Create new session
for ($i=0, $max_try=5; $i <= $max_try; $i++) for ($i = 0, $max_try = 5; $i <= $max_try; $i++)
{ {
$session_id = make_rand_str(SID_LENGTH); $session_id = make_rand_str(SID_LENGTH);
$args = DB()->build_array('INSERT', array( $args = DB()->build_array('INSERT', [
'session_id' => (string) $session_id, 'session_id' => (string) $session_id,
'session_user_id' => (int) $user_id, 'session_user_id' => (int) $user_id,
'session_start' => (int) TIMENOW, 'session_start' => (int) TIMENOW,
@ -250,8 +265,8 @@ class user_common
'session_ip' => (string) USER_IP, 'session_ip' => (string) USER_IP,
'session_logged_in' => (int) $login, 'session_logged_in' => (int) $login,
'session_admin' => (int) $mod_admin_session, 'session_admin' => (int) $mod_admin_session,
)); ]);
$sql = "INSERT INTO ". BB_SESSIONS . $args; $sql = "INSERT INTO " . BB_SESSIONS . $args;
if (@DB()->query($sql)) if (@DB()->query($sql))
{ {
@ -274,17 +289,17 @@ class user_common
} }
else if ($session_time < (TIMENOW - $bb_cfg['last_visit_update_intrv'])) else if ($session_time < (TIMENOW - $bb_cfg['last_visit_update_intrv']))
{ {
$last_visit = max($session_time, (TIMENOW - 86400*$bb_cfg['max_last_visit_days'])); $last_visit = max($session_time, (TIMENOW - 86400 * $bb_cfg['max_last_visit_days']));
} }
if ($last_visit != $this->data['user_lastvisit']) if ($last_visit != $this->data['user_lastvisit'])
{ {
DB()->query(" DB()->query("
UPDATE ". BB_USERS ." SET UPDATE " . BB_USERS . " SET
user_session_time = ". TIMENOW .", user_session_time = " . TIMENOW . ",
user_lastvisit = $last_visit, user_lastvisit = $last_visit,
user_last_ip = '". USER_IP ."', user_last_ip = '" . USER_IP . "',
user_reg_ip = IF(user_reg_ip = '', '". USER_IP ."', user_reg_ip) user_reg_ip = IF(user_reg_ip = '', '" . USER_IP . "', user_reg_ip)
WHERE user_id = $user_id WHERE user_id = $user_id
LIMIT 1 LIMIT 1
"); ");
@ -305,13 +320,13 @@ class user_common
$this->sessiondata['uid'] = $user_id; $this->sessiondata['uid'] = $user_id;
$this->sessiondata['sid'] = $session_id; $this->sessiondata['sid'] = $session_id;
} }
$this->data['session_id'] = $session_id; $this->data['session_id'] = $session_id;
$this->data['session_ip'] = USER_IP; $this->data['session_ip'] = USER_IP;
$this->data['session_user_id'] = $user_id; $this->data['session_user_id'] = $user_id;
$this->data['session_logged_in'] = $login; $this->data['session_logged_in'] = $login;
$this->data['session_start'] = TIMENOW; $this->data['session_start'] = TIMENOW;
$this->data['session_time'] = TIMENOW; $this->data['session_time'] = TIMENOW;
$this->data['session_admin'] = $mod_admin_session; $this->data['session_admin'] = $mod_admin_session;
$this->set_session_cookies($user_id); $this->set_session_cookies($user_id);
@ -326,12 +341,13 @@ class user_common
} }
/** /**
* Initialize sessiondata stored in cookies * @param bool $update_lastvisit
*/ * @param bool $set_cookie
function session_end ($update_lastvisit = false, $set_cookie = true) */
public function session_end ($update_lastvisit = false, $set_cookie = true)
{ {
DB()->query(" DB()->query("
DELETE FROM ". BB_SESSIONS ." DELETE FROM " . BB_SESSIONS . "
WHERE session_id = '{$this->data['session_id']}' WHERE session_id = '{$this->data['session_id']}'
"); ");
@ -340,11 +356,11 @@ class user_common
if ($update_lastvisit) if ($update_lastvisit)
{ {
DB()->query(" DB()->query("
UPDATE ". BB_USERS ." SET UPDATE " . BB_USERS . " SET
user_session_time = ". TIMENOW .", user_session_time = " . TIMENOW . ",
user_lastvisit = ". TIMENOW .", user_lastvisit = " . TIMENOW . ",
user_last_ip = '". USER_IP ."', user_last_ip = '" . USER_IP . "',
user_reg_ip = IF(user_reg_ip = '', '". USER_IP ."', user_reg_ip) user_reg_ip = IF(user_reg_ip = '', '" . USER_IP . "', user_reg_ip)
WHERE user_id = {$this->data['user_id']} WHERE user_id = {$this->data['user_id']}
LIMIT 1 LIMIT 1
"); ");
@ -355,7 +371,7 @@ class user_common
$this->create_autologin_id($this->data, false); $this->create_autologin_id($this->data, false);
DB()->query(" DB()->query("
DELETE FROM ". BB_SESSIONS ." DELETE FROM " . BB_SESSIONS . "
WHERE session_user_id = '{$this->data['user_id']}' WHERE session_user_id = '{$this->data['user_id']}'
"); ");
} }
@ -368,9 +384,12 @@ class user_common
} }
/** /**
* Login * @param $args
*/ * @param bool $mod_admin_login
function login ($args, $mod_admin_login = false) *
* @return array
*/
public function login ($args, $mod_admin_login = false)
{ {
$username = !empty($args['login_username']) ? clean_username($args['login_username']) : ''; $username = !empty($args['login_username']) ? clean_username($args['login_username']) : '';
$password = !empty($args['login_password']) ? $args['login_password'] : ''; $password = !empty($args['login_password']) ? $args['login_password'] : '';
@ -382,11 +401,11 @@ class user_common
$sql = " $sql = "
SELECT * SELECT *
FROM ". BB_USERS ." FROM " . BB_USERS . "
WHERE username = '$username_sql' WHERE username = '$username_sql'
AND user_password = '$password_sql' AND user_password = '$password_sql'
AND user_active = 1 AND user_active = 1
AND user_id != ". GUEST_UID ." AND user_id != " . GUEST_UID . "
LIMIT 1 LIMIT 1
"; ";
@ -401,10 +420,10 @@ class user_common
if ($mod_admin_login) if ($mod_admin_login)
{ {
DB()->query(" DB()->query("
UPDATE ". BB_SESSIONS ." SET UPDATE " . BB_SESSIONS . " SET
session_admin = ". $this->data['user_level'] ." session_admin = " . $this->data['user_level'] . "
WHERE session_user_id = ". $this->data['user_id'] ." WHERE session_user_id = " . $this->data['user_id'] . "
AND session_id = '". $this->data['session_id'] ."' AND session_id = '" . $this->data['session_id'] . "'
"); ");
$this->data['session_admin'] = $this->data['user_level']; $this->data['session_admin'] = $this->data['user_level'];
cache_update_userdata($this->data); cache_update_userdata($this->data);
@ -415,9 +434,9 @@ class user_common
{ {
// Removing guest sessions from this IP // Removing guest sessions from this IP
DB()->query(" DB()->query("
DELETE FROM ". BB_SESSIONS ." DELETE FROM " . BB_SESSIONS . "
WHERE session_ip = '". USER_IP ."' WHERE session_ip = '" . USER_IP . "'
AND session_user_id = ". GUEST_UID ." AND session_user_id = " . GUEST_UID . "
"); ");
return $new_session_userdata; return $new_session_userdata;
@ -429,15 +448,12 @@ class user_common
} }
} }
return array(); return [];
} }
/** public function get_sessiondata ()
* Initialize sessiondata stored in cookies
*/
function get_sessiondata ()
{ {
$sd_resv = !empty($_COOKIE[COOKIE_DATA]) ? @unserialize($_COOKIE[COOKIE_DATA]) : array(); $sd_resv = !empty($_COOKIE[COOKIE_DATA]) ? @unserialize($_COOKIE[COOKIE_DATA]) : [];
// autologin_id // autologin_id
if (!empty($sd_resv['uk']) && verify_id($sd_resv['uk'], LOGIN_KEY_LENGTH)) if (!empty($sd_resv['uk']) && verify_id($sd_resv['uk'], LOGIN_KEY_LENGTH))
@ -457,22 +473,22 @@ class user_common
} }
/** /**
* Store sessiondata in cookies * @param $user_id
*/ */
function set_session_cookies ($user_id) public function set_session_cookies ($user_id)
{ {
global $bb_cfg; global $bb_cfg;
if ($user_id == GUEST_UID) if ($user_id == GUEST_UID)
{ {
$delete_cookies = array( $delete_cookies = [
COOKIE_DATA, COOKIE_DATA,
COOKIE_DBG, COOKIE_DBG,
'torhelp', 'torhelp',
'explain', 'explain',
'sql_log', 'sql_log',
'sql_log_full', 'sql_log_full',
); ];
foreach ($delete_cookies as $cookie) foreach ($delete_cookies as $cookie)
{ {
@ -499,9 +515,13 @@ class user_common
} }
/** /**
* Verify autologin_id * @param $userdata
*/ * @param bool $expire_check
function verify_autologin_id ($userdata, $expire_check = false, $create_new = true) * @param bool $create_new
*
* @return bool|string
*/
public function verify_autologin_id ($userdata, $expire_check = false, $create_new = true)
{ {
global $bb_cfg; global $bb_cfg;
@ -515,7 +535,7 @@ class user_common
} }
else if ($autologin_id && $userdata['user_session_time'] && $bb_cfg['max_autologin_time']) else if ($autologin_id && $userdata['user_session_time'] && $bb_cfg['max_autologin_time'])
{ {
if (TIMENOW - $userdata['user_session_time'] > $bb_cfg['max_autologin_time']*86400) if (TIMENOW - $userdata['user_session_time'] > $bb_cfg['max_autologin_time'] * 86400)
{ {
return $this->create_autologin_id($userdata, $create_new); return $this->create_autologin_id($userdata, $create_new);
} }
@ -526,56 +546,58 @@ class user_common
} }
/** /**
* Create autologin_id * @param $userdata
*/ * @param bool $create_new
function create_autologin_id ($userdata, $create_new = true) *
* @return string
*/
public function create_autologin_id ($userdata, $create_new = true)
{ {
$autologin_id = ($create_new) ? make_rand_str(LOGIN_KEY_LENGTH) : ''; $autologin_id = ($create_new) ? make_rand_str(LOGIN_KEY_LENGTH) : '';
DB()->query(" DB()->query("
UPDATE ". BB_USERS ." SET UPDATE " . BB_USERS . " SET
autologin_id = '$autologin_id' autologin_id = '$autologin_id'
WHERE user_id = ". (int) $userdata['user_id'] ." WHERE user_id = " . (int) $userdata['user_id'] . "
LIMIT 1 LIMIT 1
"); ");
return $autologin_id; return $autologin_id;
} }
/**
* Set shortcuts
*/
function set_shortcuts ()
{
$this->id =& $this->data['user_id'];
$this->active =& $this->data['user_active'];
$this->name =& $this->data['username'];
$this->lastvisit =& $this->data['user_lastvisit'];
$this->regdate =& $this->data['user_regdate'];
$this->level =& $this->data['user_level'];
$this->opt =& $this->data['user_opt'];
$this->ip = CLIENT_IP; public function set_shortcuts ()
{
$this->id =& $this->data['user_id'];
$this->active =& $this->data['user_active'];
$this->name =& $this->data['username'];
$this->lastvisit =& $this->data['user_lastvisit'];
$this->regdate =& $this->data['user_regdate'];
$this->level =& $this->data['user_level'];
$this->opt =& $this->data['user_opt'];
$this->ip = CLIENT_IP;
} }
/**
* Initialise user settings public function init_userprefs ()
*/
function init_userprefs ()
{ {
global $bb_cfg, $theme, $lang, $DeltaTime; global $bb_cfg, $theme, $lang, $DeltaTime;
if (defined('LANG_DIR')) return; // prevent multiple calling if (defined('LANG_DIR'))
{
return;
} // prevent multiple calling
define('DEFAULT_LANG_DIR', LANG_ROOT_DIR . $bb_cfg['default_lang'] .'/'); define('DEFAULT_LANG_DIR', LANG_ROOT_DIR . $bb_cfg['default_lang'] . '/');
define('ENGLISH_LANG_DIR', LANG_ROOT_DIR .'en/'); define('ENGLISH_LANG_DIR', LANG_ROOT_DIR . 'en/');
if ($this->data['user_id'] != GUEST_UID) if ($this->data['user_id'] != GUEST_UID)
{ {
if ($this->data['user_lang'] && $this->data['user_lang'] != $bb_cfg['default_lang']) if ($this->data['user_lang'] && $this->data['user_lang'] != $bb_cfg['default_lang'])
{ {
$bb_cfg['default_lang'] = basename($this->data['user_lang']); $bb_cfg['default_lang'] = basename($this->data['user_lang']);
define('LANG_DIR', LANG_ROOT_DIR . $bb_cfg['default_lang'] .'/'); define('LANG_DIR', LANG_ROOT_DIR . $bb_cfg['default_lang'] . '/');
} }
if (isset($this->data['user_timezone'])) if (isset($this->data['user_timezone']))
@ -584,15 +606,18 @@ class user_common
} }
} }
$this->data['user_lang'] = $bb_cfg['default_lang']; $this->data['user_lang'] = $bb_cfg['default_lang'];
$this->data['user_timezone'] = $bb_cfg['board_timezone']; $this->data['user_timezone'] = $bb_cfg['board_timezone'];
if (!defined('LANG_DIR')) define('LANG_DIR', DEFAULT_LANG_DIR); if (!defined('LANG_DIR'))
{
define('LANG_DIR', DEFAULT_LANG_DIR);
}
require(LANG_DIR .'main.php'); require(LANG_DIR . 'main.php');
setlocale(LC_ALL, $bb_cfg['lang'][$this->data['user_lang']]['locale']); setlocale(LC_ALL, $bb_cfg['lang'][$this->data['user_lang']]['locale']);
$theme = setup_style(); $theme = setup_style();
$DeltaTime = new Date_Delta(); $DeltaTime = new Date_Delta();
// Handle marking posts read // Handle marking posts read
@ -605,16 +630,16 @@ class user_common
} }
/** /**
* Mark read * @param $type
*/ */
function mark_read ($type) public function mark_read ($type)
{ {
if ($type === 'all_forums') if ($type === 'all_forums')
{ {
// Update session time // Update session time
DB()->query(" DB()->query("
UPDATE ". BB_SESSIONS ." SET UPDATE " . BB_SESSIONS . " SET
session_time = ". TIMENOW ." session_time = " . TIMENOW . "
WHERE session_id = '{$this->data['session_id']}' WHERE session_id = '{$this->data['session_id']}'
LIMIT 1 LIMIT 1
"); ");
@ -624,22 +649,19 @@ class user_common
$this->data['user_lastvisit'] = TIMENOW; $this->data['user_lastvisit'] = TIMENOW;
// Update lastvisit // Update lastvisit
db_update_userdata($this->data, array( db_update_userdata($this->data, [
'user_session_time' => $this->data['session_time'], 'user_session_time' => $this->data['session_time'],
'user_lastvisit' => $this->data['user_lastvisit'], 'user_lastvisit' => $this->data['user_lastvisit'],
)); ]);
// Delete cookies // Delete cookies
bb_setcookie(COOKIE_TOPIC, ''); bb_setcookie(COOKIE_TOPIC, '');
bb_setcookie(COOKIE_FORUM, ''); bb_setcookie(COOKIE_FORUM, '');
bb_setcookie(COOKIE_MARK, ''); bb_setcookie(COOKIE_MARK, '');
} }
} }
/** public function load_opt_js ()
* Load misc options
*/
function load_opt_js ()
{ {
if (IS_GUEST) if (IS_GUEST)
{ {
@ -657,13 +679,18 @@ class user_common
} }
/** /**
* Get not auth forums * @param $auth_type
*/ *
function get_not_auth_forums ($auth_type) * @return string
*/
public function get_not_auth_forums ($auth_type)
{ {
global $datastore; global $datastore;
if (IS_ADMIN) return ''; if (IS_ADMIN)
{
return '';
}
if (!$forums = $datastore->get('cat_forums')) if (!$forums = $datastore->get('cat_forums'))
{ {
@ -686,7 +713,7 @@ class user_common
} }
} }
$auth_field_match = array( $auth_field_match = [
AUTH_VIEW => 'auth_view', AUTH_VIEW => 'auth_view',
AUTH_READ => 'auth_read', AUTH_READ => 'auth_read',
AUTH_POST => 'auth_post', AUTH_POST => 'auth_post',
@ -699,11 +726,11 @@ class user_common
AUTH_POLLCREATE => 'auth_pollcreate', AUTH_POLLCREATE => 'auth_pollcreate',
AUTH_ATTACH => 'auth_attachments', AUTH_ATTACH => 'auth_attachments',
AUTH_DOWNLOAD => 'auth_download', AUTH_DOWNLOAD => 'auth_download',
); ];
$not_auth_forums = array(); $not_auth_forums = [];
$auth_field = $auth_field_match[$auth_type]; $auth_field = $auth_field_match[$auth_type];
$is_auth_ary = auth($auth_type, AUTH_LIST_ALL, $this->data); $is_auth_ary = auth($auth_type, AUTH_LIST_ALL, $this->data);
foreach ($is_auth_ary as $forum_id => $is_auth) foreach ($is_auth_ary as $forum_id => $is_auth)
{ {
@ -717,11 +744,14 @@ class user_common
} }
/** /**
* Get excluded forums * @param $auth_type
*/ * @param string $return_as
function get_excluded_forums ($auth_type, $return_as = 'csv') *
* @return array|string
*/
public function get_excluded_forums ($auth_type, $return_as = 'csv')
{ {
$excluded = array(); $excluded = [];
if ($not_auth = $this->get_not_auth_forums($auth_type)) if ($not_auth = $this->get_not_auth_forums($auth_type))
{ {
@ -742,91 +772,22 @@ class user_common
{ {
foreach ($forums['forum'] as $key => $row) foreach ($forums['forum'] as $key => $row)
{ {
if ($row['allow_porno_topic']) $excluded[] = $row['forum_id']; if ($row['allow_porno_topic'])
{
$excluded[] = $row['forum_id'];
}
} }
} }
} }
switch ($return_as) switch ($return_as)
{ {
case 'csv': return join(',', $excluded); case 'csv':
case 'array': return $excluded; return join(',', $excluded);
case 'flip': return array_flip(explode(',', $excluded)); case 'array':
return $excluded;
case 'flip':
return array_flip(explode(',', $excluded));
} }
} }
} }
//
// userdata cache
//
function ignore_cached_userdata ()
{
return (defined('IN_PM')) ? true : false;
}
function cache_get_userdata ($id)
{
if (ignore_cached_userdata()) return false;
return CACHE('session_cache')->get($id);
}
function cache_set_userdata ($userdata, $force = false)
{
global $bb_cfg;
if (!$userdata || (ignore_cached_userdata() && !$force)) return false;
$id = ($userdata['user_id'] == GUEST_UID) ? $userdata['session_ip'] : $userdata['session_id'];
return CACHE('session_cache')->set($id, $userdata, $bb_cfg['session_update_intrv']);
}
function cache_rm_userdata ($userdata)
{
if (!$userdata) return false;
$id = ($userdata['user_id'] == GUEST_UID) ? $userdata['session_ip'] : $userdata['session_id'];
return CACHE('session_cache')->rm($id);
}
// $user_id - array(id1,id2,..) or (string) id
function cache_rm_user_sessions ($user_id)
{
$user_id = get_id_csv($user_id);
$rowset = DB()->fetch_rowset("
SELECT session_id FROM ". BB_SESSIONS ." WHERE session_user_id IN($user_id)
");
foreach ($rowset as $row)
{
CACHE('session_cache')->rm($row['session_id']);
}
}
function cache_update_userdata ($userdata)
{
return cache_set_userdata($userdata, true);
}
function db_update_userdata ($userdata, $sql_ary, $data_already_escaped = true)
{
if (!$userdata) return false;
$sql_args = DB()->build_array('UPDATE', $sql_ary, $data_already_escaped);
DB()->query("UPDATE ". BB_USERS ." SET $sql_args WHERE user_id = {$userdata['user_id']}");
if (DB()->affected_rows())
{
cache_rm_userdata($userdata);
}
}
// $user_id - array(id1,id2,..) or (string) id
function delete_user_sessions ($user_id)
{
cache_rm_user_sessions($user_id);
$user_id = get_id_csv($user_id);
DB()->query("DELETE FROM ". BB_SESSIONS ." WHERE session_user_id IN($user_id)");
}

25
library/includes/template.php → library/TorrentPier/template.php
View file

@ -1,28 +1,5 @@
<?php <?php
/**
* Reserved prefixes:
*
* "L_" - lang var, {L_VAR} is eq to $lang['VAR']
* "$" - php var, {$VAR} is eq to $VAR (in $this->execute() scope!)
* "#" - constant, {#CON} is eq to CON
*
*/
if (!defined('BB_ROOT')) die(basename(__FILE__));
// Template system constants
define('XS_TPL_PREFIX', 'tpl_');
define('XS_USE_ISSET', '1');
define('XS_TAG_NONE', 0);
define('XS_TAG_BEGIN', 2);
define('XS_TAG_END', 3);
define('XS_TAG_INCLUDE', 4);
define('XS_TAG_IF', 5);
define('XS_TAG_ELSE', 6);
define('XS_TAG_ELSEIF', 7);
define('XS_TAG_ENDIF', 8);
define('XS_TAG_BEGINELSE', 11);
class Template class Template
{ {
@ -89,7 +66,7 @@ class Template
/** /**
* Constructor. Installs XS mod on first run or updates it and sets the root dir. * Constructor. Installs XS mod on first run or updates it and sets the root dir.
*/ */
function Template($root = '.') function __construct ($root = '.')
{ {
global $bb_cfg, $lang; global $bb_cfg, $lang;

75
library/includes/functions.php
View file

@ -2610,4 +2610,77 @@ function bb_captcha ($mode, $callback = '')
bb_simple_die(__FUNCTION__ . ": invalid mode '$mode'"); bb_simple_die(__FUNCTION__ . ": invalid mode '$mode'");
} }
return false; return false;
} }
## Sessions ##
function ignore_cached_userdata ()
{
return (defined('IN_PM')) ? true : false;
}
function cache_get_userdata ($id)
{
if (ignore_cached_userdata()) return false;
return CACHE('session_cache')->get($id);
}
function cache_set_userdata ($userdata, $force = false)
{
global $bb_cfg;
if (!$userdata || (ignore_cached_userdata() && !$force)) return false;
$id = ($userdata['user_id'] == GUEST_UID) ? $userdata['session_ip'] : $userdata['session_id'];
return CACHE('session_cache')->set($id, $userdata, $bb_cfg['session_update_intrv']);
}
function cache_rm_userdata ($userdata)
{
if (!$userdata) return false;
$id = ($userdata['user_id'] == GUEST_UID) ? $userdata['session_ip'] : $userdata['session_id'];
return CACHE('session_cache')->rm($id);
}
// $user_id - array(id1,id2,..) or (string) id
function cache_rm_user_sessions ($user_id)
{
$user_id = get_id_csv($user_id);
$rowset = DB()->fetch_rowset("
SELECT session_id FROM ". BB_SESSIONS ." WHERE session_user_id IN($user_id)
");
foreach ($rowset as $row)
{
CACHE('session_cache')->rm($row['session_id']);
}
}
function cache_update_userdata ($userdata)
{
return cache_set_userdata($userdata, true);
}
function db_update_userdata ($userdata, $sql_ary, $data_already_escaped = true)
{
if (!$userdata) return false;
$sql_args = DB()->build_array('UPDATE', $sql_ary, $data_already_escaped);
DB()->query("UPDATE ". BB_USERS ." SET $sql_args WHERE user_id = {$userdata['user_id']}");
if (DB()->affected_rows())
{
cache_rm_userdata($userdata);
}
}
// $user_id - array(id1,id2,..) or (string) id
function delete_user_sessions ($user_id)
{
cache_rm_user_sessions($user_id);
$user_id = get_id_csv($user_id);
DB()->query("DELETE FROM ". BB_SESSIONS ." WHERE session_user_id IN($user_id)");
}

21
library/includes/init_bb.php
View file

@ -335,6 +335,23 @@ define('REQUEST', 4);
define('CHBOX', 5); define('CHBOX', 5);
define('SELECT', 6); define('SELECT', 6);
define('ONLY_NEW_POSTS', 1);
define('ONLY_NEW_TOPICS', 2);
// Template system constants
define('XS_TPL_PREFIX', 'tpl_');
define('XS_USE_ISSET', '1');
define('XS_TAG_NONE', 0);
define('XS_TAG_BEGIN', 2);
define('XS_TAG_END', 3);
define('XS_TAG_INCLUDE', 4);
define('XS_TAG_IF', 5);
define('XS_TAG_ELSE', 6);
define('XS_TAG_ELSEIF', 7);
define('XS_TAG_ENDIF', 8);
define('XS_TAG_BEGINELSE', 11);
if (!empty($banned_user_agents)) if (!empty($banned_user_agents))
{ {
foreach ($banned_user_agents as $agent) foreach ($banned_user_agents as $agent)
@ -410,13 +427,11 @@ function make_url ($path = '')
} }
require(INC_DIR .'functions.php'); require(INC_DIR .'functions.php');
require(INC_DIR .'sessions.php');
require(INC_DIR .'template.php');
require(CORE_DIR .'mysql.php'); require(CORE_DIR .'mysql.php');
$bb_cfg = array_merge(bb_get_config(BB_CONFIG), $bb_cfg); $bb_cfg = array_merge(bb_get_config(BB_CONFIG), $bb_cfg);
$user = new user_common(); $user = new Sessions();
$userdata =& $user->data; $userdata =& $user->data;
if (DBG_USER) require(INC_DIR .'functions_dev.php'); if (DBG_USER) require(INC_DIR .'functions_dev.php');

3
library/includes/ucp/register.php
View file

@ -411,8 +411,7 @@ foreach ($profile_fields as $field => $can_edit)
} }
else if (!empty($_FILES['avatar']['name']) && $bb_cfg['avatars']['up_allowed']) else if (!empty($_FILES['avatar']['name']) && $bb_cfg['avatars']['up_allowed'])
{ {
require(INC_DIR .'functions_upload.php'); $upload = new Upload();
$upload = new upload_common();
if ($upload->init($bb_cfg['avatars'], $_FILES['avatar']) AND $upload->store('avatar', $pr_data)) if ($upload->init($bb_cfg['avatars'], $_FILES['avatar']) AND $upload->store('avatar', $pr_data))
{ {