General / Allgemeines > Chit Chat
IP Adressen
bergblume:
hallo experten,
ich hätte hier mal ne triviale frage an euch:
bei 4images wird mir als admin z.B. bei den kommentaren die IP.adresse der user ja angezeigt - in einer für mich unbekannten form z.B 508b7a5x (ich kenne die IPs nur in dieser Form z.B. 217.229.99.88)
ich habe nun einige Spammer die ich über die htaccess gerne sperren würde...
geht das auch so?
order allow,deny
allow from all
deny from 508b7a5x
oder muss das in der Form deny from 217.229.99.88 sein?
danke für eure kurze aufklärung diesbzgl.
Rembrandt:
Hi!
--- Quote from: bergblume on November 28, 2012, 11:34:52 AM ---.. in einer für mich unbekannten form z.B 508b7a5x (ich kenne die IPs nur in dieser Form z.B. 217.229.99.88)...
--- End quote ---
Das ist nicht nur für dich unbekannt. :)
Hast vielleicht einen Fehler in deinen Script?
mfg Andi
bergblume:
--- Quote from: Rembrandt on November 28, 2012, 05:38:57 PM ---Hi!
--- Quote from: bergblume on November 28, 2012, 11:34:52 AM ---.. in einer für mich unbekannten form z.B 508b7a5x (ich kenne die IPs nur in dieser Form z.B. 217.229.99.88)...
--- End quote ---
Das ist nicht nur für dich unbekannt. :)
Hast vielleicht einen Fehler in deinen Script?
mfg Andi
--- End quote ---
wo kann ich das nachschauen? welche datei und welche zeile ist denn für die IP Darstellung verantwortlich?
Rembrandt:
Die IP die dargestellt wird, kommt direkt aus der DB "SESSION_TABLE" und dem Feld "session_ip".
Die "SESSION_TABLE" selber, wir von der includes/session.php beschrieben.
bergblume:
Hallo Andi,
danke dir für deine Erläuterung... ich konnte hier leider nix auffälliges finden...
hier meine sessions.php - kannst du mal bitte drauf schauen!
--- Code: ---<?php
/**************************************************************************
* *
* 4images - A Web Based Image Gallery Management System *
* ---------------------------------------------------------------- *
* *
* File: sessions.php *
* Copyright: (C) 2002 Jan Sorgalla *
* Email: jan@4homepages.de *
* Web: http://www.4homepages.de *
* Scriptversion: 1.7 *
* *
* Never released without support from: Nicky (http://www.nicky.net) *
* *
**************************************************************************
* *
* Main part is adapted from of phpBB, (C) 2001 The phpBB Group *
* phpBB is released under the GNU General Public License *
* *
*************************************************************************/
if (!defined('ROOT_PATH')) {
die("Security violation");
}
//-----------------------------------------------------
//--- Start Configuration -----------------------------
//-----------------------------------------------------
// Define here the name of the session. Default of phpBB is "sid".
define('SESSION_NAME', 'sid');
// Define here the name of the banlist and config database tables.
// Maybe you only need to change the table prefix if you another
// than the phpBB default "phpbb_".
define('PHPBB_BANLIST_TABLE', 'phpbb_banlist');
define('PHPBB_CONFIG_TABLE', 'phpbb_config');
// Set her the corresponding database fields of the user table.
// If there is no corresponding field in the new user table,
// leave the value blank. Normally no need to change.
$user_table_fields = array(
"user_id" => "user_id",
"user_level" => "user_level",
"user_name" => "username",
"user_password" => "user_password",
"user_email" => "user_email",
"user_showemail" => "user_viewemail",
"user_invisible" => "user_allow_viewonline",
"user_joindate" => "user_regdate",
"user_activationkey" => "user_actkey",
"user_lastaction" => "user_session_time",
"user_location" => "user_session_page",
"user_lastvisit" => "user_lastvisit",
//-----------------------------------
"user_homepage" => "user_website",
"user_icq" => "user_icq",
"user_allowemails" => "user_allowemails",
"user_comments" => "user_comments"
);
// Set here the URL to your phpBB forum. WITH trailing slash!
$url_app = "./forum/";
//-----------------------------------------------------
//--- End Configuration -------------------------------
//-----------------------------------------------------
define('USER_INTEGRATION', 'PHPBB');
function get_user_table_field($add, $user_field) {
global $user_table_fields;
return (!empty($user_table_fields[$user_field])) ? $add.$user_table_fields[$user_field] : "";
}
class Session {
var $session_id;
var $user_ip;
var $user_location;
var $current_time;
var $session_timeout;
var $mode = "get";
var $session_info = array();
var $user_info = array();
function Session() {
global $config, $board_config;
$this->session_timeout = $board_config['session_length'];
$this->user_ip = $this->get_user_ip();
$this->user_location = 1;
$this->current_time = time();
$this->session_pagestart($this->user_ip, 0);
}
function session_pagestart($user_ip, $thispage_id) {
global $site_db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $SID;
$cookiename = $board_config['cookie_name'];
$cookiepath = $board_config['cookie_path'];
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
$this->session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
if (!is_array($sessiondata)) {
$sessiondata = array();
}
$this->mode = "cookie";
}
else
{
$sessiondata = array();
if (isset($HTTP_GET_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_GET_VARS[SESSION_NAME];
}
elseif (isset($HTTP_POST_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_POST_VARS[SESSION_NAME];
}
else {
$this->session_id = false;
}
}
//
// Does a session exist?
//
if ( !empty($this->session_id) )
{
$valid_session = 1;
if (!$this->load_session_info()) {
$this->session_info['session_user_id'] = GUEST;
$valid_session = 0;
}
$this->user_info = $this->load_user_info($this->session_info['session_user_id']);
if ( $valid_session )
{
$SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' . $this->session_id : '';
if ( $this->current_time - $this->session_info['session_time'] > 60 )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_time = $this->current_time, session_page = $thispage_id
WHERE session_id = '$this->session_id'
AND session_ip = '$user_ip'";
$site_db->query($sql);
if ( $this->user_info['user_id'] != GUEST )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_session_time = $this->current_time, user_session_page = $thispage_id
WHERE user_id = " . $this->user_info['user_id'];
$site_db->query($sql);
}
$this->delete_old_sessions();
setcookie($cookiename . '_data', serialize($sessiondata), $this->current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $this->session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
}
return $this->user_info;
}
}
$user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : GUEST;
$this->user_info = $this->session_begin($user_id, $user_ip, $thispage_id, TRUE);
return $this->user_info;
}
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0) {
global $site_db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $SID;
$cookiename = $board_config['cookie_name'];
$cookiepath = $board_config['cookie_path'];
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
$this->session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
$this->mode = "cookie";
}
else
{
$sessiondata = array();
if (isset($HTTP_GET_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_GET_VARS[SESSION_NAME];
}
elseif (isset($HTTP_POST_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_POST_VARS[SESSION_NAME];
}
else {
$this->session_id = false;
}
}
$last_visit = 0;
$expiry_time = $this->current_time - $board_config['session_length'];
$this->user_info = $this->load_user_info($user_id);
$user_id = $this->user_info['user_id'];
if ( $user_id != GUEST )
{
$auto_login_key = $this->user_info['user_password'];
if ( $auto_create )
{
if ( isset($sessiondata['autologinid']) && $this->user_info['user_active'] )
{
// We have to login automagically
if( $sessiondata['autologinid'] === $auto_login_key )
{
// autologinid matches password
$login = 1;
$enable_autologin = 1;
}
else
{
// No match; don't login, set as anonymous user
$login = 0;
$enable_autologin = 0;
$user_id = GUEST;
}
}
else
{
// Autologin is not set. Don't login, set as anonymous user
$login = 0;
$enable_autologin = 0;
$user_id = GUEST;
}
}
else
{
$login = 1;
}
}
else
{
$login = 0;
$enable_autologin = 0;
$user_id = GUEST;
}
//
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_user_id = $user_id, session_start = $this->current_time, session_time = $this->current_time, session_page = $page_id, session_logged_in = $login
WHERE session_id = '" . $this->session_id . "'
AND session_ip = '$user_ip'";
if ( !$site_db->query($sql) || !$site_db->affected_rows() )
{
$this->session_id = md5(uniqid($user_ip));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
VALUES ('$this->session_id', $user_id, $this->current_time, $this->current_time, '$user_ip', $page_id, $login)";
$site_db->query($sql);
}
if ( $user_id != GUEST )
{
$last_visit = ( $this->user_info['user_session_time'] > 0 ) ? $this->user_info['user_session_time'] : $this->current_time;
$sql = "UPDATE " . USERS_TABLE . "
SET user_session_time = $this->current_time, user_session_page = $page_id, user_lastvisit = $last_visit
WHERE user_id = $user_id";
$site_db->query($sql);
$this->user_info['user_lastvisit'] = $last_visit;
$sessiondata['autologinid'] = ( $enable_autologin && $this->mode == "cookie" ) ? $auto_login_key : '';
$sessiondata['userid'] = $user_id;
}
$this->user_info['user_id'] = $user_id;
$this->session_info['session_id'] = $this->session_id;
$this->session_info['session_ip'] = $user_ip;
$this->session_info['session_user_id'] = $user_id;
$this->session_info['session_logged_in'] = $login;
$this->session_info['session_page'] = $page_id;
$this->session_info['session_start'] = $this->current_time;
$this->session_info['session_time'] = $this->current_time;
setcookie($cookiename . '_data', serialize($sessiondata), $this->current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $this->session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
$SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' . $this->session_id : '';
return $this->user_info;
}
function login($user_name = "", $user_password = "", $auto_login = 0, $set_auto_login = 1) {
global $url_login;
header("Location: $url_login");
}
function logout($user_id = GUEST) {
global $url_logout;
header("Location: $url_logout");
}
function delete_old_sessions() {
global $site_db, $board_config;
$expiry_time = $this->current_time - $board_config['session_length'];
$sql = "DELETE FROM ".SESSIONS_TABLE."
WHERE session_time < $expiry_time";
$site_db->query($sql);
$sql = "SELECT session_id
FROM ".SESSIONS_TABLE;
$result = $site_db->query($sql);
if ($result) {
$session_ids_sql = "";
while ($row = $site_db->fetch_array($result)) {
$session_ids_sql .= (($session_ids_sql != "") ? ", " : "") . "'".$row['session_id']."'";
}
}
if (!empty($session_ids_sql)) {
$sql = "DELETE FROM ".SESSIONVARS_TABLE."
WHERE session_id NOT IN ($session_ids_sql)";
$site_db->query($sql);
}
return true;
}
function return_session_info() {
return $this->session_info;
}
function return_user_info() {
return $this->user_info;
}
function freeze() {
return;
}
function load_session_info() {
global $site_db;
if (empty($this->session_id)) {
return false;
}
$ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" : "";
$this->session_info = array();
$sql = "SELECT *
FROM ".SESSIONS_TABLE."
WHERE session_id = '$this->session_id'
$ip_sql";
$this->session_info = $site_db->query_firstrow($sql);
if (empty($this->session_info['session_user_id'])) {
return false;
}
else {
$sql = "SELECT sessionvars_name, sessionvars_value
FROM ".SESSIONVARS_TABLE."
WHERE session_id = '$this->session_id'";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
$this->session_info[$row['sessionvars_name']] = $row['sessionvars_value'];
}
return $this->session_info;
}
}
function load_user_info($user_id = GUEST) {
global $site_db, $user_table_fields;
if ($user_id != GUEST) {
$sql = "SELECT u.*, l.*
FROM ".USERS_TABLE." u, ".LIGHTBOXES_TABLE." l
WHERE ".get_user_table_field("u.", "user_id")." = $user_id AND l.user_id = ".get_user_table_field("u.", "user_id");
$user_info = $site_db->query_firstrow($sql);
if (!$user_info) {
$sql = "SELECT *
FROM ".USERS_TABLE."
WHERE ".get_user_table_field("", "user_id")." = $user_id";
$user_info = $site_db->query_firstrow($sql);
if ($user_info) {
$lightbox_id = get_random_key(LIGHTBOXES_TABLE, "lightbox_id");
$sql = "INSERT INTO ".LIGHTBOXES_TABLE."
(lightbox_id, user_id, lightbox_lastaction, lightbox_image_ids)
VALUES
('$lightbox_id', ".$user_info[$user_table_fields['user_id']].", $this->current_time, '')";
$site_db->query($sql);
$user_info['lightbox_lastaction'] = $this->current_time;
$user_info['lightbox_image_ids'] = "";
}
}
}
if (empty($user_info[$user_table_fields['user_id']])) {
$user_info = array();
$user_info['user_id'] = GUEST;
$user_info['user_level'] = GUEST;
$user_info['user_lastaction'] = $this->current_time;
}
foreach ($user_table_fields as $key => $val) {
if (isset($user_info[$val])) {
if ($val == "user_allow_viewonline") {
$user_info[$key] = ($user_info[$val] == 1) ? 0 : 1;
}
else {
$user_info[$key] = $user_info[$val];
}
}
elseif (!isset($user_info[$key])) {
$user_info[$key] = "";
}
}
if (isset($user_info['user_active']) && $user_info['user_active'] == 0) {
$user_info['user_level'] = USER_AWAITING;
}
return $user_info;
}
function set_session_var($var_name, $value) {
global $site_db;
$sql = "SELECT session_id
FROM ".SESSIONVARS_TABLE."
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
if ($site_db->is_empty($sql)) {
$sql = "INSERT INTO ".SESSIONVARS_TABLE."
(session_id, sessionvars_name, sessionvars_value)
VALUES
('$this->session_id', '$var_name', '$value')";
$site_db->query($sql);
}
else {
$sql = "UPDATE ".SESSIONVARS_TABLE."
SET sessionvars_value = '$value'
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
$site_db->query($sql);
}
$this->session_info[$var_name] = $value;
return true;
}
function get_session_var($var_name) {
global $site_db;
if (isset($this->session_info[$var_name])) {
return $this->session_info[$var_name];
}
else {
$sql = "SELECT sessionvars_value
FROM ".SESSIONVARS_TABLE."
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
$value = $site_db->query_firstrow($sql);
if ($value) {
$this->session_info[$var_name] = $value['sessionvars_value'];
return $value['sessionvars_value'];
}
else {
return "";
}
}
}
function drop_session_var($var_name) {
global $site_db;
$sql = "DELETE FROM ".SESSIONVARS_TABLE."
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
return ($site_db->query($sql)) ? 1 : 0;
}
function get_user_ip() {
global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $REMOTE_ADDR;
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
{
$private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
$client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
else
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
}
$ip_sep = explode('.', $client_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}
function get_user_location() {
global $self_url;
return (defined("IN_CP")) ? "Control Panel" : preg_replace(array("/([?|&])action=[^?|&]*/", "/([?|&])mode=[^?|&]*/", "/([?|&])phpinfo=[^?|&]*/", "/([?|&])printstats=[^?|&]*/", "/[?|&]".URL_ID."=[^?|&]*/", "/[?|&]l=[^?|&]*/", "/[&?]+$/"), array("", "", "", "", "", "", ""), addslashes($self_url));
}
/* ORIGINAL CODE
function url($url, $amp = "&") {
global $l;
$dummy_array = explode("#", $url);
$url = $dummy_array[0];
if ($this->mode == "get" && !preg_match("/".SESSION_NAME."=/i", $url)) {
$url .= preg_match("/\?/", $url) ? "$amp" : "?";
$url .= SESSION_NAME."=".$this->session_id;
}
if (!empty($l)) {
$url .= preg_match("/\?/", $url) ? "$amp" : "?";
$url .= "l=".$l;
}
$url .= (isset($dummy_array[1])) ? "#".$dummy_array[1] : "";
return $url;
}
*/
function url($url, $amp = "&") {
global $l, $user_info;
$dummy_array = explode("#", $url);
$url = $dummy_array[0];
$url = str_replace('&', '&', $url);
if (!defined('IN_CP')) {
if (strstr($url, 'index.php')) {
if (strstr($url, 'template=')) {
preg_match('#template=([a-zA-Z0-9\-\_]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('index.php', $matches[1].'.htm', $url);
$query = str_replace('template='.$matches[1].'&', '', $query);
$query = str_replace('&template='.$matches[1], '', $query);
$query = str_replace('template='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('index.php', '', $url);
}
}
elseif (strstr($url, 'search.php')) {
if (strstr($url, 'page=')) {
preg_match('#page=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('search.php', 'search.'.$matches[1].'.htm', $url);
$query = str_replace('page='.$matches[1].'&', '', $query);
$query = str_replace('&page='.$matches[1], '', $query);
$query = str_replace('page='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('search.php', 'search.htm', $url);
}
}
elseif (strstr($url, 'lightbox.php')) {
if (strstr($url, 'page=')) {
preg_match('#page=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('lightbox.php', 'lightbox.'.$matches[1].'.htm', $url);
$query = str_replace('page='.$matches[1].'&', '', $query);
$query = str_replace('&page='.$matches[1], '', $query);
$query = str_replace('page='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('lightbox.php', 'lightbox.htm', $url);
}
}
elseif (strstr($url, 'categories.php')) {
if (strstr($url, 'cat_id=') && strstr($url, 'page=')) {
preg_match('#cat_id=([0-9]+)&?#', $url, $matches1);
preg_match('#page=([0-9]+)&?#', $url, $matches2);
if (isset($matches1[1]) && isset($matches2[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('categories.php', 'cat'.$matches1[1].'.'.$matches2[1].'.htm', $url);
$query = str_replace('cat_id='.$matches1[1].'&', '', $query);
$query = str_replace('&cat_id='.$matches1[1], '', $query);
$query = str_replace('cat_id='.$matches1[1], '', $query);
$query = str_replace('page='.$matches2[1].'&', '', $query);
$query = str_replace('&page='.$matches2[1], '', $query);
$query = str_replace('page='.$matches2[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
elseif (strstr($url, 'cat_id=')) {
preg_match('#cat_id=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$cat_url = get_category_url($matches[1]);
$url = str_replace('categories.php', 'cat'.$cat_url.'.htm', $url);
$query = str_replace('cat_id='.$matches[1].'&', '', $query);
$query = str_replace('&cat_id='.$matches[1], '', $query);
$query = str_replace('cat_id='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('categories.php', 'cat.htm', $url);
}
}
elseif (strstr($url, 'details.php?image_id=')) {
if (strstr($url, 'image_id=') && strstr($url, 'mode=')) {
preg_match('#image_id=([0-9]+)&?#', $url, $matches1);
preg_match('#mode=([a-zA-Z0-9]+)&?#', $url, $matches2);
if (isset($matches1[1]) && isset($matches2[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('details.php', 'img'.$matches1[1].'.'.$matches2[1].'.htm', $url);
$query = str_replace('image_id='.$matches1[1].'&', '', $query);
$query = str_replace('&image_id='.$matches1[1], '', $query);
$query = str_replace('image_id='.$matches1[1], '', $query);
$query = str_replace('mode='.$matches2[1].'&', '', $query);
$query = str_replace('&mode='.$matches2[1], '', $query);
$query = str_replace('mode='.$matches2[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
preg_match('#image_id=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('details.php', 'img'.get_image_url($matches[1]).'.htm', $url);
$query = str_replace('image_id='.$matches[1].'&', '', $query);
$query = str_replace('&image_id='.$matches[1], '', $query);
$query = str_replace('image_id='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
}
elseif (strstr($url, 'postcards.php?image_id=')) {
preg_match('#image_id=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('postcards.php', 'postcard.img'.$matches[1].'.htm', $url);
$query = str_replace('image_id='.$matches[1].'&', '', $query);
$query = str_replace('&image_id='.$matches[1], '', $query);
$query = str_replace('image_id='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
elseif (strstr($url, 'member.php?action=uploadform'))
{
preg_match('#cat_id=([0-9]+)&?#', $url, $matches);
$url_cat_id = "";
if (isset($matches[1]))
{
$url_cat_id = $matches[1];
}
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('member.php', 'upload'.$url_cat_id, $url);
$query = str_replace('cat_id='.$url_cat_id.'&', '', $query);
$query = str_replace('&cat_id='.$url_cat_id, '', $query);
$query = str_replace('cat_id='.$url_cat_id, '', $query);
$query = str_replace('action=uploadform&', '', $query);
$query = str_replace('&action=uploadform', '', $query);
$query = str_replace('action=uploadform', '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
elseif (strstr($url, 'viewtopic.php?t=')) {
preg_match('#t=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('viewtopic.php', get_forum_topic_url($matches[1]).'.html', $url);
$query = str_replace('t='.$matches[1].'&', '', $query);
$query = str_replace('&t='.$matches[1], '', $query);
$query = str_replace('t='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
}
if ($this->mode == "get" && strstr($url, $this->session_id)) {
$url .= strpos($url, '?') !== false ? '&' : '?';
$url .= SESSION_NAME."=".$this->session_id;
}
if (!empty($l)) {
$url .= strpos($url, '?') ? '&' : '?';
$url .= "l=".$l;
}
$url = str_replace('&', $amp, $url);
$url .= isset($dummy_array[1]) ? "#".$dummy_array[1] : "";
return $url;
}
} //end of class
//-----------------------------------------------------
//--- Start Session -----------------------------------
//-----------------------------------------------------
$board_config = array();
$sql = "SELECT * FROM " . PHPBB_CONFIG_TABLE;
$result = $site_db->query($sql);
while($row = $site_db->fetch_array($result)) {
$board_config[$row['config_name']] = $row['config_value'];
}
//Start Session
$site_sess = new Session();
// Get Userinfo
$session_info = $site_sess->return_session_info();
$user_info = $site_sess->return_user_info();
// Set here different URL's to your phpBB forum.
// Normally no need to change.
$url_register = $url_app."profile.php?mode=register";
$url_lost_password = $url_app."profile.php?mode=sendpassword";
$url_control_panel = $url_app."profile.php?mode=editprofile";
$url_mailform = $url_app."profile.php?mode=email&u={user_id}";
$url_show_profile = $url_app."profile.php?mode=viewprofile&u={user_id}";
$url_login = $url_app.'login.php';
//$url_logout = $url_app."login.php?logout=true";
$url_logout = $url_app.'login.php?logout=true&sid='.$session_info['session_id'];
//-----------------------------------------------------
//--- Get User Caches ---------------------------------
//-----------------------------------------------------
$num_total_online = 0;
$num_visible_online = 0;
$num_invisible_online = 0;
$num_registered_online = 0;
$num_guests_online = mt_rand(800, 1400);
$user_online_list = "";
$prev_user_ids = array();
$prev_session_ips = array();
if (defined("GET_USER_ONLINE") && ($config['display_whosonline'] == 1 || $user_info['user_level'] == ADMIN)) {
$time_out = time() - 300;
$sql = "SELECT ".get_user_table_field("u.", "user_id").get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_invisible").", s.session_user_id, s.session_time, s.session_ip
FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
WHERE ".get_user_table_field("u.", "user_id")." = s.session_user_id AND (s.session_time >= $time_out OR ".get_user_table_field("u.", "user_lastaction")." >= $time_out)
ORDER BY ".get_user_table_field("u.", "user_id")." ASC, s.session_ip ASC";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
if ($row['session_user_id'] != GUEST) {
if (!isset($prev_user_ids[$row['session_user_id']])) {
$is_invisible = (isset($row[$user_table_fields['user_invisible']]) && $row[$user_table_fields['user_invisible']] == 0) ? 1 : 0;
$invisibleuser = ($is_invisible) ? "*" : "";
$username = (isset($row[$user_table_fields['user_level']]) && $row[$user_table_fields['user_level']] == ADMIN && $config['highlight_admin'] == 1) ? sprintf("<b>%s</b>", $row[$user_table_fields['user_name']]) : $row[$user_table_fields['user_name']];
if (!$is_invisible || $user_info['user_level'] == ADMIN) {
$user_online_list .= ($user_online_list != "") ? ", " : "";
$user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/", $row['session_user_id'], $url_show_profile) : ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$row['session_user_id'];
$user_online_list .= "<a href=\"".$site_sess->url($user_profile_link)."\">".$username."</a>".$invisibleuser;
}
(!$is_invisible) ? $num_visible_online++ : $num_invisible_online++;
$num_registered_online++;
}
$prev_user_ids[$row['session_user_id']] = 1;
}
else {
if (!isset($prev_session_ips[$row['session_ip']])) {
$num_guests_online++;
}
}
$prev_session_ips[$row['session_ip']] = 1;
}
$num_total_online = $num_registered_online + $num_guests_online;
$site_template->register_vars(array(
"num_total_online" => $num_total_online,
"num_invisible_online" => $num_invisible_online,
"num_registered_online" => $num_registered_online,
"num_guests_online" => $num_guests_online,
"user_online_list" => $user_online_list,
"lang_user_online" => str_replace('{num_total_online}', $num_total_online, $lang['user_online']),
"lang_user_online_detail" => str_replace(array('{num_registered_online}','{num_invisible_online}','{num_guests_online}'), array($num_registered_online,$num_invisible_online,$num_guests_online), $lang['user_online_detail']),
));
$whos_online = $site_template->parse_template("whos_online");
$site_template->register_vars("whos_online", $whos_online);
unset($whos_online);
unset($prev_user_ids);
unset($prev_session_ips);
}
//Mod_bmollet
/**
* Get the category url
* @param int $cat_id The id of the category
* @param string $cat_url The current status of the URL
*/
function get_category_url($cat_id,$cat_url = '')
{
global $site_db;
$sql = "SELECT cat_name,cat_parent_id FROM ".CATEGORIES_TABLE." WHERE cat_id = '".$cat_id."'";
$result = $site_db->query($sql);
$row = $site_db->fetch_array($result);
$row['cat_name'] = strtr($row['cat_name'], "éèêàëâúóíáABCDEFGHIJKLMNOPQRSTUVWXYZ","eeeaeauoiaabcdefghijklmnopqrstuvwxyz");
$row['cat_name'] = preg_replace("`\[.*\]`U","",$row['cat_name']);
$row['cat_name'] = preg_replace('`&(amp;)?#?[a-z0-9]+;`i','-',$row['cat_name']);
$row['cat_name'] = htmlentities($row['cat_name'], ENT_COMPAT, 'iso-8859-1');
$row['cat_name'] = preg_replace( "`&([a-z])(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);`i","\\1", $row['cat_name'] );
$row['cat_name'] = preg_replace( array("`[^a-z0-9]`i","`[-]+`") , "-", $row['cat_name']);
$row['cat_name'] = ( $row['cat_name'] == "" ) ? $type : strtolower(trim($row['cat_name'], '-'));
$cat_url = '-'.str_replace('+','-',urlencode($row['cat_name'])).'-'.$cat_id.$cat_url;
// if you want full path of category in url, put next line in comment
return $cat_url;
if( $row['cat_parent_id'] != 0)
{
return get_category_url($row['cat_parent_id'],$cat_url);
}
else
{
return $cat_url;
}
}
//Mod_bmollet
/**
* Get the image url
* @param int $image_id The id of the image
*/
function get_forum_topic_url($topic_id)
{
global $site_db;
$sql = "SELECT topic_title FROM phpbb_topics WHERE topic_id = '".$topic_id."'";
$result = $site_db->query($sql);
$row = $site_db->fetch_array($result);
$row['forum_topic'] = strtr($row['topic_title'], "éèêàëâúóíáABCDEFGHIJKLMNOPQRSTUVWXYZ","eeeaeauoiaabcdefghijklmnopqrstuvwxyz");
$row['topic_title'] = preg_replace("`\[.*\]`U","",$row['topic_title']);
$row['topic_title'] = preg_replace('`&(amp;)?#?[a-z0-9]+;`i','-',$row['topic_title']);
$row['topic_title'] = htmlentities($row['topic_title'], ENT_COMPAT, 'iso-8859-1');
$row['topic_title'] = preg_replace( "`&([a-z])(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);`i","\\1", $row['topic_title'] );
$row['topic_title'] = preg_replace( array("`[^a-z0-9]`i","`[-]+`") , "-", $row['topic_title']);
$row['topic_title'] = ( $row['topic_title'] == "" ) ? $type : strtolower(trim($row['topic_title'], '-'));
return str_replace('+','-',urlencode($row['topic_title'])).'-t'.$topic_id;
}
function get_image_url($image_id)
{
global $site_db;
$sql = "SELECT cat_id,image_name FROM ".IMAGES_TABLE." WHERE image_id = '".$image_id."'";
$result = $site_db->query($sql);
$row = $site_db->fetch_array($result);
$row['image_name'] = strtr($row['image_name'], "éèêàëâúóíáABCDEFGHIJKLMNOPQRSTUVWXYZ","eeeaeauoiaabcdefghijklmnopqrstuvwxyz");
$row['image_name'] = preg_replace("`\[.*\]`U","",$row['image_name']);
$row['image_name'] = preg_replace('`&(amp;)?#?[a-z0-9]+;`i','-',$row['image_name']);
$row['image_name'] = htmlentities($row['image_name'], ENT_COMPAT, 'iso-8859-1');
$row['image_name'] = preg_replace( "`&([a-z])(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);`i","\\1", $row['image_name'] );
$row['image_name'] = preg_replace( array("`[^a-z0-9]`i","`[-]+`") , "-", $row['image_name']);
$row['image_name'] = ( $row['image_name'] == "" ) ? $type : strtolower(trim($row['image_name'], '-'));
// if you want comlpete path to image in url, remove comment from following line
//return get_category_url($row['cat_id']).'-'.str_replace('+','-',urlencode($row['image_name'])).'-'.$image_id;
return '-'.str_replace('+','-',urlencode($row['image_name'])).'-'.$image_id;
}
?>
--- End code ---
danke dir!
Navigation
[0] Message Index
[#] Next page
Go to full version