$user_id = ($this->read_cookie_data("userid")) ? intval($this->read_cookie_data("userid")) : GUEST;
<?php/************************************************************************** * * * 4images - A Web Based Image Gallery Management System * * ---------------------------------------------------------------- * * * * File: sessions.php * * Copyright: (C) 2002 Jan Sorgalla * * Email: jan@4homepages.de * * Web: http://www.4homepages.de * * Scriptversion: 1.7 * * * * Never released without support from: Nicky (http://www.nicky.net) * * * ************************************************************************** * * * Main part is adapted from of phpBB, (C) 2001 The phpBB Group * * phpBB is released under the GNU General Public License * * * *************************************************************************/if (!defined('ROOT_PATH')) { die("Security violation");}//-----------------------------------------------------//--- Start Configuration -----------------------------//-----------------------------------------------------// Define here the name of the session. Default of phpBB is "sid".define('SESSION_NAME', 'sid');// Define here the name of the banlist and config database tables.// Maybe you only need to change the table prefix if you another// than the phpBB default "phpbb_".define('PHPBB_BANLIST_TABLE', 'phpbb_banlist');define('PHPBB_CONFIG_TABLE', 'phpbb_config');// Set her the corresponding database fields of the user table.// If there is no corresponding field in the new user table,// leave the value blank. Normally no need to change.$user_table_fields = array( "user_id" => "user_id", "user_level" => "user_level", "user_name" => "username", "user_password" => "user_password", "user_email" => "user_email", "user_showemail" => "user_viewemail", "user_allowemails" => "", "user_invisible" => "user_allow_viewonline", "user_joindate" => "user_regdate", "user_activationkey" => "user_actkey", "user_lastaction" => "user_session_time", "user_location" => "user_session_page", "user_lastvisit" => "user_lastvisit", "user_comments" => "", "user_homepage" => "user_website", "user_icq" => "user_icq");// Set here the URL to your phpBB forum. WITH trailing slash!$url_app = "http://www.myforum.de";// Set here different URL's to your phpBB forum.// Normally no need to change.$url_register = $url_app."profile.php?mode=register";$url_lost_password = $url_app."profile.php?mode=sendpassword";$url_control_panel = $url_app."profile.php?mode=editprofile";$url_mailform = $url_app."profile.php?mode=email&u={user_id}";$url_show_profile = $url_app."profile.php?mode=viewprofile&u={user_id}";$url_login = $url_app."login.php";$url_logout = $url_app."login.php?logout=true";//-----------------------------------------------------//--- End Configuration -------------------------------//-----------------------------------------------------define('USER_INTEGRATION', 'PHPBB');function get_user_table_field($add, $user_field) { global $user_table_fields; return (!empty($user_table_fields[$user_field])) ? $add.$user_table_fields[$user_field] : "";}class Session { var $session_id; var $user_ip; var $user_location; var $current_time; var $session_timeout; var $mode = "get"; var $session_info = array(); var $user_info = array(); function Session() { global $config, $board_config; $this->session_timeout = $board_config['session_length']; $this->user_ip = $this->get_user_ip(); $this->user_location = 1; $this->current_time = time(); $this->session_pagestart($this->user_ip, 0); } function session_pagestart($user_ip, $thispage_id) { global $site_db, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ) { $this->session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array(); if (!is_array($sessiondata)) { $sessiondata = array(); } $this->mode = "cookie"; } else { $sessiondata = array(); if (isset($HTTP_GET_VARS[SESSION_NAME])) { $this->session_id = $HTTP_GET_VARS[SESSION_NAME]; } elseif (isset($HTTP_POST_VARS[SESSION_NAME])) { $this->session_id = $HTTP_POST_VARS[SESSION_NAME]; } else { $this->session_id = false; } } // // Does a session exist? // if ( !empty($this->session_id) ) { $valid_session = 1; if (!$this->load_session_info()) { $this->session_info['session_user_id'] = GUEST; $valid_session = 0; } $this->user_info = $this->load_user_info($this->session_info['session_user_id']); if ( $valid_session ) { $SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' . $this->session_id : ''; if ( $this->current_time - $this->session_info['session_time'] > 60 ) { $sql = "UPDATE " . SESSIONS_TABLE . " SET session_time = $this->current_time, session_page = $thispage_id WHERE session_id = '$this->session_id' AND session_ip = '$user_ip'"; $site_db->query($sql); if ( $this->user_info['user_id'] != GUEST ) { $sql = "UPDATE " . USERS_TABLE . " SET user_session_time = $this->current_time, user_session_page = $thispage_id WHERE user_id = " . $this->user_info['user_id']; $site_db->query($sql); } $this->delete_old_sessions(); setcookie($cookiename . '_data', serialize($sessiondata), $this->current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $this->session_id, 0, $cookiepath, $cookiedomain, $cookiesecure); } return $this->user_info; } } $user_id = ( isset($sessiondata['userid']) ) ? $sessiondata['userid'] : GUEST; $this->user_info = $this->session_begin($user_id, $user_ip, $thispage_id, TRUE); return $this->user_info; } function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0) { global $site_db, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ) { $this->session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array(); $this->mode = "cookie"; } else { $sessiondata = array(); if (isset($HTTP_GET_VARS[SESSION_NAME])) { $this->session_id = $HTTP_GET_VARS[SESSION_NAME]; } elseif (isset($HTTP_POST_VARS[SESSION_NAME])) { $this->session_id = $HTTP_POST_VARS[SESSION_NAME]; } else { $this->session_id = false; } } $last_visit = 0; $expiry_time = $this->current_time - $board_config['session_length']; $this->user_info = $this->load_user_info($user_id); $user_id = $this->user_info['user_id']; if ( $user_id != GUEST ) { $auto_login_key = $this->user_info['user_password']; if ( $auto_create ) { if ( isset($sessiondata['autologinid']) && $this->user_info['user_active'] ) { // We have to login automagically if( $sessiondata['autologinid'] == $auto_login_key ) { // autologinid matches password $login = 1; $enable_autologin = 1; } else { // No match; don't login, set as anonymous user $login = 0; $enable_autologin = 0; $user_id = GUEST; } } else { // Autologin is not set. Don't login, set as anonymous user $login = 0; $enable_autologin = 0; $user_id = GUEST; } } else { $login = 1; } } else { $login = 0; $enable_autologin = 0; $user_id = GUEST; } // // Initial ban check against user id, IP and email address // preg_match('/(..)(..)(..)(..)/', $user_ip, $user_ip_parts); $sql = "SELECT ban_ip, ban_userid, ban_email FROM " . PHPBB_BANLIST_TABLE . " WHERE ban_ip IN ('" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" . $user_ip_parts[1] . "ffffff') OR ban_userid = $user_id"; if ( $user_id != GUEST ) { $sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $this->user_info['user_email']) . "' OR ban_email LIKE '" . substr(str_replace("\'", "''", $this->user_info['user_email']), strpos(str_replace("\'", "''", $this->user_info['user_email']), "@")) . "'"; } $result = $site_db->query($sql); if ( $ban_info = $site_db->fetch_array($result) ) { if ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] ) { header("Location: $url_login"); exit; } } // // Create or update the session // $sql = "UPDATE " . SESSIONS_TABLE . " SET session_user_id = $user_id, session_start = $this->current_time, session_time = $this->current_time, session_page = $page_id, session_logged_in = $login WHERE session_id = '" . $this->session_id . "' AND session_ip = '$user_ip'"; if ( !$site_db->query($sql) || !$site_db->affected_rows() ) { $this->session_id = md5(uniqid($user_ip)); $sql = "INSERT INTO " . SESSIONS_TABLE . " (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in) VALUES ('$this->session_id', $user_id, $this->current_time, $this->current_time, '$user_ip', $page_id, $login)"; $site_db->query($sql); } if ( $user_id != GUEST ) { $last_visit = ( $this->user_info['user_session_time'] > 0 ) ? $this->user_info['user_session_time'] : $this->current_time; $sql = "UPDATE " . USERS_TABLE . " SET user_session_time = $this->current_time, user_session_page = $page_id, user_lastvisit = $last_visit WHERE user_id = $user_id"; $site_db->query($sql); $this->user_info['user_lastvisit'] = $last_visit; $sessiondata['autologinid'] = ( $enable_autologin && $this->mode == "cookie" ) ? $auto_login_key : ''; $sessiondata['userid'] = $user_id; } $this->user_info['user_id'] = $user_id; $this->session_info['session_id'] = $this->session_id; $this->session_info['session_ip'] = $user_ip; $this->session_info['session_user_id'] = $user_id; $this->session_info['session_logged_in'] = $login; $this->session_info['session_page'] = $page_id; $this->session_info['session_start'] = $this->current_time; $this->session_info['session_time'] = $this->current_time; setcookie($cookiename . '_data', serialize($sessiondata), $this->current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $this->session_id, 0, $cookiepath, $cookiedomain, $cookiesecure); $SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' . $this->session_id : ''; return $this->user_info; } function login($user_name = "", $user_password = "", $auto_login = 0, $set_auto_login = 1) { global $url_login; header("Location: $url_login"); } function logout($user_id = GUEST) { global $url_logout; header("Location: $url_logout"); } function delete_old_sessions() { global $site_db, $board_config; $expiry_time = $this->current_time - $board_config['session_length']; $sql = "DELETE FROM ".SESSIONS_TABLE." WHERE session_time < $expiry_time"; $site_db->query($sql); $sql = "SELECT session_id FROM ".SESSIONS_TABLE; $result = $site_db->query($sql); if ($result) { $session_ids_sql = ""; while ($row = $site_db->fetch_array($result)) { $session_ids_sql .= (($session_ids_sql != "") ? ", " : "") . "'".$row['session_id']."'"; } } if (!empty($session_ids_sql)) { $sql = "DELETE FROM ".SESSIONVARS_TABLE." WHERE session_id NOT IN ($session_ids_sql)"; $site_db->query($sql); } return true; } function return_session_info() { return $this->session_info; } function return_user_info() { return $this->user_info; } function freeze() { return; } function load_session_info() { global $site_db; if (empty($this->session_id)) { return false; } $ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" : ""; $this->session_info = array(); $sql = "SELECT * FROM ".SESSIONS_TABLE." WHERE session_id = '$this->session_id' $ip_sql"; $this->session_info = $site_db->query_firstrow($sql); if (empty($this->session_info['session_user_id'])) { return false; } else { $sql = "SELECT sessionvars_name, sessionvars_value FROM ".SESSIONVARS_TABLE." WHERE session_id = '$this->session_id'"; $result = $site_db->query($sql); while ($row = $site_db->fetch_array($result)) { $this->session_info[$row['sessionvars_name']] = $row['sessionvars_value']; } return $this->session_info; } } function load_user_info($user_id = GUEST) { global $site_db, $user_table_fields; if ($user_id != GUEST) { $sql = "SELECT u.*, l.* FROM ".USERS_TABLE." u, ".LIGHTBOXES_TABLE." l WHERE ".get_user_table_field("u.", "user_id")." = $user_id AND l.user_id = ".get_user_table_field("u.", "user_id"); $user_info = $site_db->query_firstrow($sql); if (!$user_info) { $sql = "SELECT * FROM ".USERS_TABLE." WHERE ".get_user_table_field("", "user_id")." = $user_id"; $user_info = $site_db->query_firstrow($sql); if ($user_info) { $lightbox_id = get_random_key(LIGHTBOXES_TABLE, "lightbox_id"); $sql = "INSERT INTO ".LIGHTBOXES_TABLE." (lightbox_id, user_id, lightbox_lastaction, lightbox_image_ids) VALUES ('$lightbox_id', ".$user_info[$user_table_fields['user_id']].", $this->current_time, '')"; $site_db->query($sql); $user_info['lightbox_lastaction'] = $this->current_time; $user_info['lightbox_image_ids'] = ""; } } } if (empty($user_info[$user_table_fields['user_id']])) { $user_info = array(); $user_info['user_id'] = GUEST; $user_info['user_level'] = GUEST; $user_info['user_lastaction'] = $this->current_time; } foreach ($user_table_fields as $key => $val) { if (isset($user_info[$val])) { if ($val == "user_allow_viewonline") { $user_info[$key] = ($user_info[$val] == 1) ? 0 : 1; } else { $user_info[$key] = $user_info[$val]; } } elseif (!isset($user_info[$key])) { $user_info[$key] = ""; } } if (isset($user_info['user_active']) && $user_info['user_active'] == 0) { $user_info['user_level'] = USER_AWAITING; } return $user_info; } function set_session_var($var_name, $value) { global $site_db; $sql = "SELECT session_id FROM ".SESSIONVARS_TABLE." WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'"; if ($site_db->is_empty($sql)) { $sql = "INSERT INTO ".SESSIONVARS_TABLE." (session_id, sessionvars_name, sessionvars_value) VALUES ('$this->session_id', '$var_name', '$value')"; $site_db->query($sql); } else { $sql = "UPDATE ".SESSIONVARS_TABLE." SET sessionvars_value = '$value' WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'"; $site_db->query($sql); } $this->session_info[$var_name] = $value; return true; } function get_session_var($var_name) { global $site_db; if (isset($this->session_info[$var_name])) { return $this->session_info[$var_name]; } else { $sql = "SELECT sessionvars_value FROM ".SESSIONVARS_TABLE." WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'"; $value = $site_db->query_firstrow($sql); if ($value) { $this->session_info[$var_name] = $value['sessionvars_value']; return $value['sessionvars_value']; } else { return ""; } } } function drop_session_var($var_name) { global $site_db; $sql = "DELETE FROM ".SESSIONVARS_TABLE." WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'"; return ($site_db->query($sql)) ? 1 : 0; } function get_user_ip() { global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $REMOTE_ADDR; if( getenv('HTTP_X_FORWARDED_FOR') != '' ) { $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR ); if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) ) { $private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/'); $client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]); } } else { $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR ); } $ip_sep = explode('.', $client_ip); return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]); } function get_user_location() { global $self_url; return (defined("IN_CP")) ? "Control Panel" : preg_replace(array("/([?|&])action=[^?|&]*/", "/([?|&])mode=[^?|&]*/", "/([?|&])phpinfo=[^?|&]*/", "/([?|&])printstats=[^?|&]*/", "/[?|&]".URL_ID."=[^?|&]*/", "/[?|&]l=[^?|&]*/", "/[&?]+$/"), array("", "", "", "", "", "", ""), addslashes($self_url)); } /* ORIGINAL CODE function url($url, $amp = "&") { global $l; $dummy_array = explode("#", $url); $url = $dummy_array[0]; if ($this->mode == "get" && !preg_match("/".SESSION_NAME."=/i", $url)) { $url .= preg_match("/\?/", $url) ? "$amp" : "?"; $url .= SESSION_NAME."=".$this->session_id; } if (!empty($l)) { $url .= preg_match("/\?/", $url) ? "$amp" : "?"; $url .= "l=".$l; } $url .= (isset($dummy_array[1])) ? "#".$dummy_array[1] : ""; return $url; }*/ function url($url, $amp = "&") { global $l, $user_info; $dummy_array = explode("#", $url); $url = $dummy_array[0]; $url = str_replace('&', '&', $url); if (!defined('IN_CP')) { if (strstr($url, 'index.php')) { $url = str_replace('index.php', '', $url); } elseif (strstr($url, 'search.php')) { if (strstr($url, 'page=')) { preg_match('#page=([0-9]+)&?#', $url, $matches); if (isset($matches[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('search.php', 'search.'.$matches[1].'.htm', $url); $query = str_replace('page='.$matches[1].'&', '', $query); $query = str_replace('&page='.$matches[1], '', $query); $query = str_replace('page='.$matches[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } else { $url = str_replace('search.php', 'search.htm', $url); } } elseif (strstr($url, 'lightbox.php')) { if (strstr($url, 'page=')) { preg_match('#page=([0-9]+)&?#', $url, $matches); if (isset($matches[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('lightbox.php', 'lightbox.'.$matches[1].'.htm', $url); $query = str_replace('page='.$matches[1].'&', '', $query); $query = str_replace('&page='.$matches[1], '', $query); $query = str_replace('page='.$matches[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } else { $url = str_replace('lightbox.php', 'lightbox.htm', $url); } } elseif (strstr($url, 'categories.php')) { if (strstr($url, 'cat_id=') && strstr($url, 'page=')) { preg_match('#cat_id=([0-9]+)&?#', $url, $matches1); preg_match('#page=([0-9]+)&?#', $url, $matches2); if (isset($matches1[1]) && isset($matches2[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('categories.php', 'cat'.$matches1[1].'.'.$matches2[1].'.htm', $url); $query = str_replace('cat_id='.$matches1[1].'&', '', $query); $query = str_replace('&cat_id='.$matches1[1], '', $query); $query = str_replace('cat_id='.$matches1[1], '', $query); $query = str_replace('page='.$matches2[1].'&', '', $query); $query = str_replace('&page='.$matches2[1], '', $query); $query = str_replace('page='.$matches2[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } elseif (strstr($url, 'cat_id=')) { preg_match('#cat_id=([0-9]+)&?#', $url, $matches); if (isset($matches[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('categories.php', 'cat'.$matches[1].'.htm', $url); $query = str_replace('cat_id='.$matches[1].'&', '', $query); $query = str_replace('&cat_id='.$matches[1], '', $query); $query = str_replace('cat_id='.$matches[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } else { $url = str_replace('categories.php', 'cat.htm', $url); } } elseif (strstr($url, 'details.php?image_id=')) { if (strstr($url, 'image_id=') && strstr($url, 'mode=')) { preg_match('#image_id=([0-9]+)&?#', $url, $matches1); preg_match('#mode=([a-zA-Z0-9]+)&?#', $url, $matches2); if (isset($matches1[1]) && isset($matches2[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('details.php', 'img'.$matches1[1].'.'.$matches2[1].'.htm', $url); $query = str_replace('image_id='.$matches1[1].'&', '', $query); $query = str_replace('&image_id='.$matches1[1], '', $query); $query = str_replace('image_id='.$matches1[1], '', $query); $query = str_replace('mode='.$matches2[1].'&', '', $query); $query = str_replace('&mode='.$matches2[1], '', $query); $query = str_replace('mode='.$matches2[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } else { preg_match('#image_id=([0-9]+)&?#', $url, $matches); if (isset($matches[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('details.php', 'img'.$matches[1].'.htm', $url); $query = str_replace('image_id='.$matches[1].'&', '', $query); $query = str_replace('&image_id='.$matches[1], '', $query); $query = str_replace('image_id='.$matches[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } } elseif (strstr($url, 'postcards.php?image_id=')) { preg_match('#image_id=([0-9]+)&?#', $url, $matches); if (isset($matches[1])) { $split = explode('?', $url); $url = $split[0]; $query = @$split[1]; $url = str_replace('postcards.php', 'postcard.img'.$matches[1].'.htm', $url); $query = str_replace('image_id='.$matches[1].'&', '', $query); $query = str_replace('&image_id='.$matches[1], '', $query); $query = str_replace('image_id='.$matches[1], '', $query); if (!empty($query)) { $url .= '?' . $query; } } } } if ($this->mode == "get" && strstr($url, $this->session_id)) { $url .= strpos($url, '?') !== false ? '&' : '?'; $url .= SESSION_NAME."=".$this->session_id; } if (!empty($l)) { $url .= strpos($url, '?') ? '&' : '?'; $url .= "l=".$l; } $url = str_replace('&', $amp, $url); $url .= isset($dummy_array[1]) ? "#".$dummy_array[1] : ""; return $url; }} //end of class//-----------------------------------------------------//--- Start Session -----------------------------------//-----------------------------------------------------$board_config = array();$sql = "SELECT * FROM " . PHPBB_CONFIG_TABLE;$result = $site_db->query($sql);while($row = $site_db->fetch_array($result)) { $board_config[$row['config_name']] = $row['config_value'];}//Start Session$site_sess = new Session();// Get Userinfo$session_info = $site_sess->return_session_info();$user_info = $site_sess->return_user_info();//-----------------------------------------------------//--- Get User Caches ---------------------------------//-----------------------------------------------------$num_total_online = 0;$num_visible_online = 0;$num_invisible_online = 0;$num_registered_online = 0;$num_guests_online = 0;$user_online_list = "";$prev_user_ids = array();$prev_session_ips = array();if (defined("GET_USER_ONLINE") && ($config['display_whosonline'] == 1 || $user_info['user_level'] == ADMIN)) { $time_out = time() - 300; $sql = "SELECT ".get_user_table_field("u.", "user_id").get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_invisible").", s.session_user_id, s.session_time, s.session_ip FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s WHERE ".get_user_table_field("u.", "user_id")." = s.session_user_id AND (s.session_time >= $time_out OR ".get_user_table_field("u.", "user_lastaction")." >= $time_out) ORDER BY ".get_user_table_field("u.", "user_id")." ASC, s.session_ip ASC"; $result = $site_db->query($sql); while ($row = $site_db->fetch_array($result)) { if ($row['session_user_id'] != GUEST) { if (!isset($prev_user_ids[$row['session_user_id']])) { $is_invisible = (isset($row[$user_table_fields['user_invisible']]) && $row[$user_table_fields['user_invisible']] == 0) ? 1 : 0; $invisibleuser = ($is_invisible) ? "*" : ""; $username = (isset($row[$user_table_fields['user_level']]) && $row[$user_table_fields['user_level']] == ADMIN && $config['highlight_admin'] == 1) ? sprintf("<b>%s</b>", $row[$user_table_fields['user_name']]) : $row[$user_table_fields['user_name']]; if (!$is_invisible || $user_info['user_level'] == ADMIN) { $user_online_list .= ($user_online_list != "") ? ", " : ""; $user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/", $row['session_user_id'], $url_show_profile) : ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$row['session_user_id']; $user_online_list .= "<a href=\"".$site_sess->url($user_profile_link)."\">".$username."</a>".$invisibleuser; } (!$is_invisible) ? $num_visible_online++ : $num_invisible_online++; $num_registered_online++; } $prev_user_ids[$row['session_user_id']] = 1; } else { if (!isset($prev_session_ips[$row['session_ip']])) { $num_guests_online++; } } $prev_session_ips[$row['session_ip']] = 1; } $num_total_online = $num_registered_online + $num_guests_online; $site_template->register_vars(array( "num_total_online" => $num_total_online, "num_invisible_online" => $num_invisible_online, "num_registered_online" => $num_registered_online, "num_guests_online" => $num_guests_online, "user_online_list" => $user_online_list, "lang_user_online" => str_replace('{num_total_online}', $num_total_online, $lang['user_online']), "lang_user_online_detail" => str_replace(array('{num_registered_online}','{num_invisible_online}','{num_guests_online}'), array($num_registered_online,$num_invisible_online,$num_guests_online), $lang['user_online_detail']), )); $whos_online = $site_template->parse_template("whos_online"); $site_template->register_vars("whos_online", $whos_online); unset($whos_online); unset($prev_user_ids); unset($prev_session_ips);}?>