Hallo Andi,
danke dir für deine Erläuterung... ich konnte hier leider nix auffälliges finden...
hier meine sessions.php - kannst du mal bitte drauf schauen!
<?php
/**************************************************************************
* *
* 4images - A Web Based Image Gallery Management System *
* ---------------------------------------------------------------- *
* *
* File: sessions.php *
* Copyright: (C) 2002 Jan Sorgalla *
* Email: jan@4homepages.de *
* Web: http://www.4homepages.de *
* Scriptversion: 1.7 *
* *
* Never released without support from: Nicky (http://www.nicky.net) *
* *
**************************************************************************
* *
* Main part is adapted from of phpBB, (C) 2001 The phpBB Group *
* phpBB is released under the GNU General Public License *
* *
*************************************************************************/
if (!defined('ROOT_PATH')) {
die("Security violation");
}
//-----------------------------------------------------
//--- Start Configuration -----------------------------
//-----------------------------------------------------
// Define here the name of the session. Default of phpBB is "sid".
define('SESSION_NAME', 'sid');
// Define here the name of the banlist and config database tables.
// Maybe you only need to change the table prefix if you another
// than the phpBB default "phpbb_".
define('PHPBB_BANLIST_TABLE', 'phpbb_banlist');
define('PHPBB_CONFIG_TABLE', 'phpbb_config');
// Set her the corresponding database fields of the user table.
// If there is no corresponding field in the new user table,
// leave the value blank. Normally no need to change.
$user_table_fields = array(
"user_id" => "user_id",
"user_level" => "user_level",
"user_name" => "username",
"user_password" => "user_password",
"user_email" => "user_email",
"user_showemail" => "user_viewemail",
"user_invisible" => "user_allow_viewonline",
"user_joindate" => "user_regdate",
"user_activationkey" => "user_actkey",
"user_lastaction" => "user_session_time",
"user_location" => "user_session_page",
"user_lastvisit" => "user_lastvisit",
//-----------------------------------
"user_homepage" => "user_website",
"user_icq" => "user_icq",
"user_allowemails" => "user_allowemails",
"user_comments" => "user_comments"
);
// Set here the URL to your phpBB forum. WITH trailing slash!
$url_app = "./forum/";
//-----------------------------------------------------
//--- End Configuration -------------------------------
//-----------------------------------------------------
define('USER_INTEGRATION', 'PHPBB');
function get_user_table_field($add, $user_field) {
global $user_table_fields;
return (!empty($user_table_fields[$user_field])) ? $add.$user_table_fields[$user_field] : "";
}
class Session {
var $session_id;
var $user_ip;
var $user_location;
var $current_time;
var $session_timeout;
var $mode = "get";
var $session_info = array();
var $user_info = array();
function Session() {
global $config, $board_config;
$this->session_timeout = $board_config['session_length'];
$this->user_ip = $this->get_user_ip();
$this->user_location = 1;
$this->current_time = time();
$this->session_pagestart($this->user_ip, 0);
}
function session_pagestart($user_ip, $thispage_id) {
global $site_db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $SID;
$cookiename = $board_config['cookie_name'];
$cookiepath = $board_config['cookie_path'];
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
$this->session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
if (!is_array($sessiondata)) {
$sessiondata = array();
}
$this->mode = "cookie";
}
else
{
$sessiondata = array();
if (isset($HTTP_GET_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_GET_VARS[SESSION_NAME];
}
elseif (isset($HTTP_POST_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_POST_VARS[SESSION_NAME];
}
else {
$this->session_id = false;
}
}
//
// Does a session exist?
//
if ( !empty($this->session_id) )
{
$valid_session = 1;
if (!$this->load_session_info()) {
$this->session_info['session_user_id'] = GUEST;
$valid_session = 0;
}
$this->user_info = $this->load_user_info($this->session_info['session_user_id']);
if ( $valid_session )
{
$SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' . $this->session_id : '';
if ( $this->current_time - $this->session_info['session_time'] > 60 )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_time = $this->current_time, session_page = $thispage_id
WHERE session_id = '$this->session_id'
AND session_ip = '$user_ip'";
$site_db->query($sql);
if ( $this->user_info['user_id'] != GUEST )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_session_time = $this->current_time, user_session_page = $thispage_id
WHERE user_id = " . $this->user_info['user_id'];
$site_db->query($sql);
}
$this->delete_old_sessions();
setcookie($cookiename . '_data', serialize($sessiondata), $this->current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $this->session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
}
return $this->user_info;
}
}
$user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : GUEST;
$this->user_info = $this->session_begin($user_id, $user_ip, $thispage_id, TRUE);
return $this->user_info;
}
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0) {
global $site_db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $SID;
$cookiename = $board_config['cookie_name'];
$cookiepath = $board_config['cookie_path'];
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
$this->session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
$this->mode = "cookie";
}
else
{
$sessiondata = array();
if (isset($HTTP_GET_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_GET_VARS[SESSION_NAME];
}
elseif (isset($HTTP_POST_VARS[SESSION_NAME])) {
$this->session_id = $HTTP_POST_VARS[SESSION_NAME];
}
else {
$this->session_id = false;
}
}
$last_visit = 0;
$expiry_time = $this->current_time - $board_config['session_length'];
$this->user_info = $this->load_user_info($user_id);
$user_id = $this->user_info['user_id'];
if ( $user_id != GUEST )
{
$auto_login_key = $this->user_info['user_password'];
if ( $auto_create )
{
if ( isset($sessiondata['autologinid']) && $this->user_info['user_active'] )
{
// We have to login automagically
if( $sessiondata['autologinid'] === $auto_login_key )
{
// autologinid matches password
$login = 1;
$enable_autologin = 1;
}
else
{
// No match; don't login, set as anonymous user
$login = 0;
$enable_autologin = 0;
$user_id = GUEST;
}
}
else
{
// Autologin is not set. Don't login, set as anonymous user
$login = 0;
$enable_autologin = 0;
$user_id = GUEST;
}
}
else
{
$login = 1;
}
}
else
{
$login = 0;
$enable_autologin = 0;
$user_id = GUEST;
}
//
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_user_id = $user_id, session_start = $this->current_time, session_time = $this->current_time, session_page = $page_id, session_logged_in = $login
WHERE session_id = '" . $this->session_id . "'
AND session_ip = '$user_ip'";
if ( !$site_db->query($sql) || !$site_db->affected_rows() )
{
$this->session_id = md5(uniqid($user_ip));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
VALUES ('$this->session_id', $user_id, $this->current_time, $this->current_time, '$user_ip', $page_id, $login)";
$site_db->query($sql);
}
if ( $user_id != GUEST )
{
$last_visit = ( $this->user_info['user_session_time'] > 0 ) ? $this->user_info['user_session_time'] : $this->current_time;
$sql = "UPDATE " . USERS_TABLE . "
SET user_session_time = $this->current_time, user_session_page = $page_id, user_lastvisit = $last_visit
WHERE user_id = $user_id";
$site_db->query($sql);
$this->user_info['user_lastvisit'] = $last_visit;
$sessiondata['autologinid'] = ( $enable_autologin && $this->mode == "cookie" ) ? $auto_login_key : '';
$sessiondata['userid'] = $user_id;
}
$this->user_info['user_id'] = $user_id;
$this->session_info['session_id'] = $this->session_id;
$this->session_info['session_ip'] = $user_ip;
$this->session_info['session_user_id'] = $user_id;
$this->session_info['session_logged_in'] = $login;
$this->session_info['session_page'] = $page_id;
$this->session_info['session_start'] = $this->current_time;
$this->session_info['session_time'] = $this->current_time;
setcookie($cookiename . '_data', serialize($sessiondata), $this->current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $this->session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
$SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' . $this->session_id : '';
return $this->user_info;
}
function login($user_name = "", $user_password = "", $auto_login = 0, $set_auto_login = 1) {
global $url_login;
header("Location: $url_login");
}
function logout($user_id = GUEST) {
global $url_logout;
header("Location: $url_logout");
}
function delete_old_sessions() {
global $site_db, $board_config;
$expiry_time = $this->current_time - $board_config['session_length'];
$sql = "DELETE FROM ".SESSIONS_TABLE."
WHERE session_time < $expiry_time";
$site_db->query($sql);
$sql = "SELECT session_id
FROM ".SESSIONS_TABLE;
$result = $site_db->query($sql);
if ($result) {
$session_ids_sql = "";
while ($row = $site_db->fetch_array($result)) {
$session_ids_sql .= (($session_ids_sql != "") ? ", " : "") . "'".$row['session_id']."'";
}
}
if (!empty($session_ids_sql)) {
$sql = "DELETE FROM ".SESSIONVARS_TABLE."
WHERE session_id NOT IN ($session_ids_sql)";
$site_db->query($sql);
}
return true;
}
function return_session_info() {
return $this->session_info;
}
function return_user_info() {
return $this->user_info;
}
function freeze() {
return;
}
function load_session_info() {
global $site_db;
if (empty($this->session_id)) {
return false;
}
$ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" : "";
$this->session_info = array();
$sql = "SELECT *
FROM ".SESSIONS_TABLE."
WHERE session_id = '$this->session_id'
$ip_sql";
$this->session_info = $site_db->query_firstrow($sql);
if (empty($this->session_info['session_user_id'])) {
return false;
}
else {
$sql = "SELECT sessionvars_name, sessionvars_value
FROM ".SESSIONVARS_TABLE."
WHERE session_id = '$this->session_id'";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
$this->session_info[$row['sessionvars_name']] = $row['sessionvars_value'];
}
return $this->session_info;
}
}
function load_user_info($user_id = GUEST) {
global $site_db, $user_table_fields;
if ($user_id != GUEST) {
$sql = "SELECT u.*, l.*
FROM ".USERS_TABLE." u, ".LIGHTBOXES_TABLE." l
WHERE ".get_user_table_field("u.", "user_id")." = $user_id AND l.user_id = ".get_user_table_field("u.", "user_id");
$user_info = $site_db->query_firstrow($sql);
if (!$user_info) {
$sql = "SELECT *
FROM ".USERS_TABLE."
WHERE ".get_user_table_field("", "user_id")." = $user_id";
$user_info = $site_db->query_firstrow($sql);
if ($user_info) {
$lightbox_id = get_random_key(LIGHTBOXES_TABLE, "lightbox_id");
$sql = "INSERT INTO ".LIGHTBOXES_TABLE."
(lightbox_id, user_id, lightbox_lastaction, lightbox_image_ids)
VALUES
('$lightbox_id', ".$user_info[$user_table_fields['user_id']].", $this->current_time, '')";
$site_db->query($sql);
$user_info['lightbox_lastaction'] = $this->current_time;
$user_info['lightbox_image_ids'] = "";
}
}
}
if (empty($user_info[$user_table_fields['user_id']])) {
$user_info = array();
$user_info['user_id'] = GUEST;
$user_info['user_level'] = GUEST;
$user_info['user_lastaction'] = $this->current_time;
}
foreach ($user_table_fields as $key => $val) {
if (isset($user_info[$val])) {
if ($val == "user_allow_viewonline") {
$user_info[$key] = ($user_info[$val] == 1) ? 0 : 1;
}
else {
$user_info[$key] = $user_info[$val];
}
}
elseif (!isset($user_info[$key])) {
$user_info[$key] = "";
}
}
if (isset($user_info['user_active']) && $user_info['user_active'] == 0) {
$user_info['user_level'] = USER_AWAITING;
}
return $user_info;
}
function set_session_var($var_name, $value) {
global $site_db;
$sql = "SELECT session_id
FROM ".SESSIONVARS_TABLE."
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
if ($site_db->is_empty($sql)) {
$sql = "INSERT INTO ".SESSIONVARS_TABLE."
(session_id, sessionvars_name, sessionvars_value)
VALUES
('$this->session_id', '$var_name', '$value')";
$site_db->query($sql);
}
else {
$sql = "UPDATE ".SESSIONVARS_TABLE."
SET sessionvars_value = '$value'
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
$site_db->query($sql);
}
$this->session_info[$var_name] = $value;
return true;
}
function get_session_var($var_name) {
global $site_db;
if (isset($this->session_info[$var_name])) {
return $this->session_info[$var_name];
}
else {
$sql = "SELECT sessionvars_value
FROM ".SESSIONVARS_TABLE."
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
$value = $site_db->query_firstrow($sql);
if ($value) {
$this->session_info[$var_name] = $value['sessionvars_value'];
return $value['sessionvars_value'];
}
else {
return "";
}
}
}
function drop_session_var($var_name) {
global $site_db;
$sql = "DELETE FROM ".SESSIONVARS_TABLE."
WHERE sessionvars_name = '$var_name' AND session_id = '$this->session_id'";
return ($site_db->query($sql)) ? 1 : 0;
}
function get_user_ip() {
global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $REMOTE_ADDR;
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
{
$private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
$client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
else
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
}
$ip_sep = explode('.', $client_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}
function get_user_location() {
global $self_url;
return (defined("IN_CP")) ? "Control Panel" : preg_replace(array("/([?|&])action=[^?|&]*/", "/([?|&])mode=[^?|&]*/", "/([?|&])phpinfo=[^?|&]*/", "/([?|&])printstats=[^?|&]*/", "/[?|&]".URL_ID."=[^?|&]*/", "/[?|&]l=[^?|&]*/", "/[&?]+$/"), array("", "", "", "", "", "", ""), addslashes($self_url));
}
/* ORIGINAL CODE
function url($url, $amp = "&") {
global $l;
$dummy_array = explode("#", $url);
$url = $dummy_array[0];
if ($this->mode == "get" && !preg_match("/".SESSION_NAME."=/i", $url)) {
$url .= preg_match("/\?/", $url) ? "$amp" : "?";
$url .= SESSION_NAME."=".$this->session_id;
}
if (!empty($l)) {
$url .= preg_match("/\?/", $url) ? "$amp" : "?";
$url .= "l=".$l;
}
$url .= (isset($dummy_array[1])) ? "#".$dummy_array[1] : "";
return $url;
}
*/
function url($url, $amp = "&") {
global $l, $user_info;
$dummy_array = explode("#", $url);
$url = $dummy_array[0];
$url = str_replace('&', '&', $url);
if (!defined('IN_CP')) {
if (strstr($url, 'index.php')) {
if (strstr($url, 'template=')) {
preg_match('#template=([a-zA-Z0-9\-\_]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('index.php', $matches[1].'.htm', $url);
$query = str_replace('template='.$matches[1].'&', '', $query);
$query = str_replace('&template='.$matches[1], '', $query);
$query = str_replace('template='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('index.php', '', $url);
}
}
elseif (strstr($url, 'search.php')) {
if (strstr($url, 'page=')) {
preg_match('#page=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('search.php', 'search.'.$matches[1].'.htm', $url);
$query = str_replace('page='.$matches[1].'&', '', $query);
$query = str_replace('&page='.$matches[1], '', $query);
$query = str_replace('page='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('search.php', 'search.htm', $url);
}
}
elseif (strstr($url, 'lightbox.php')) {
if (strstr($url, 'page=')) {
preg_match('#page=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('lightbox.php', 'lightbox.'.$matches[1].'.htm', $url);
$query = str_replace('page='.$matches[1].'&', '', $query);
$query = str_replace('&page='.$matches[1], '', $query);
$query = str_replace('page='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('lightbox.php', 'lightbox.htm', $url);
}
}
elseif (strstr($url, 'categories.php')) {
if (strstr($url, 'cat_id=') && strstr($url, 'page=')) {
preg_match('#cat_id=([0-9]+)&?#', $url, $matches1);
preg_match('#page=([0-9]+)&?#', $url, $matches2);
if (isset($matches1[1]) && isset($matches2[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('categories.php', 'cat'.$matches1[1].'.'.$matches2[1].'.htm', $url);
$query = str_replace('cat_id='.$matches1[1].'&', '', $query);
$query = str_replace('&cat_id='.$matches1[1], '', $query);
$query = str_replace('cat_id='.$matches1[1], '', $query);
$query = str_replace('page='.$matches2[1].'&', '', $query);
$query = str_replace('&page='.$matches2[1], '', $query);
$query = str_replace('page='.$matches2[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
elseif (strstr($url, 'cat_id=')) {
preg_match('#cat_id=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$cat_url = get_category_url($matches[1]);
$url = str_replace('categories.php', 'cat'.$cat_url.'.htm', $url);
$query = str_replace('cat_id='.$matches[1].'&', '', $query);
$query = str_replace('&cat_id='.$matches[1], '', $query);
$query = str_replace('cat_id='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
$url = str_replace('categories.php', 'cat.htm', $url);
}
}
elseif (strstr($url, 'details.php?image_id=')) {
if (strstr($url, 'image_id=') && strstr($url, 'mode=')) {
preg_match('#image_id=([0-9]+)&?#', $url, $matches1);
preg_match('#mode=([a-zA-Z0-9]+)&?#', $url, $matches2);
if (isset($matches1[1]) && isset($matches2[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('details.php', 'img'.$matches1[1].'.'.$matches2[1].'.htm', $url);
$query = str_replace('image_id='.$matches1[1].'&', '', $query);
$query = str_replace('&image_id='.$matches1[1], '', $query);
$query = str_replace('image_id='.$matches1[1], '', $query);
$query = str_replace('mode='.$matches2[1].'&', '', $query);
$query = str_replace('&mode='.$matches2[1], '', $query);
$query = str_replace('mode='.$matches2[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
else {
preg_match('#image_id=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('details.php', 'img'.get_image_url($matches[1]).'.htm', $url);
$query = str_replace('image_id='.$matches[1].'&', '', $query);
$query = str_replace('&image_id='.$matches[1], '', $query);
$query = str_replace('image_id='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
}
elseif (strstr($url, 'postcards.php?image_id=')) {
preg_match('#image_id=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('postcards.php', 'postcard.img'.$matches[1].'.htm', $url);
$query = str_replace('image_id='.$matches[1].'&', '', $query);
$query = str_replace('&image_id='.$matches[1], '', $query);
$query = str_replace('image_id='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
elseif (strstr($url, 'member.php?action=uploadform'))
{
preg_match('#cat_id=([0-9]+)&?#', $url, $matches);
$url_cat_id = "";
if (isset($matches[1]))
{
$url_cat_id = $matches[1];
}
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('member.php', 'upload'.$url_cat_id, $url);
$query = str_replace('cat_id='.$url_cat_id.'&', '', $query);
$query = str_replace('&cat_id='.$url_cat_id, '', $query);
$query = str_replace('cat_id='.$url_cat_id, '', $query);
$query = str_replace('action=uploadform&', '', $query);
$query = str_replace('&action=uploadform', '', $query);
$query = str_replace('action=uploadform', '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
elseif (strstr($url, 'viewtopic.php?t=')) {
preg_match('#t=([0-9]+)&?#', $url, $matches);
if (isset($matches[1])) {
$split = explode('?', $url);
$url = $split[0];
$query = @$split[1];
$url = str_replace('viewtopic.php', get_forum_topic_url($matches[1]).'.html', $url);
$query = str_replace('t='.$matches[1].'&', '', $query);
$query = str_replace('&t='.$matches[1], '', $query);
$query = str_replace('t='.$matches[1], '', $query);
if (!empty($query)) {
$url .= '?' . $query;
}
}
}
}
if ($this->mode == "get" && strstr($url, $this->session_id)) {
$url .= strpos($url, '?') !== false ? '&' : '?';
$url .= SESSION_NAME."=".$this->session_id;
}
if (!empty($l)) {
$url .= strpos($url, '?') ? '&' : '?';
$url .= "l=".$l;
}
$url = str_replace('&', $amp, $url);
$url .= isset($dummy_array[1]) ? "#".$dummy_array[1] : "";
return $url;
}
} //end of class
//-----------------------------------------------------
//--- Start Session -----------------------------------
//-----------------------------------------------------
$board_config = array();
$sql = "SELECT * FROM " . PHPBB_CONFIG_TABLE;
$result = $site_db->query($sql);
while($row = $site_db->fetch_array($result)) {
$board_config[$row['config_name']] = $row['config_value'];
}
//Start Session
$site_sess = new Session();
// Get Userinfo
$session_info = $site_sess->return_session_info();
$user_info = $site_sess->return_user_info();
// Set here different URL's to your phpBB forum.
// Normally no need to change.
$url_register = $url_app."profile.php?mode=register";
$url_lost_password = $url_app."profile.php?mode=sendpassword";
$url_control_panel = $url_app."profile.php?mode=editprofile";
$url_mailform = $url_app."profile.php?mode=email&u={user_id}";
$url_show_profile = $url_app."profile.php?mode=viewprofile&u={user_id}";
$url_login = $url_app.'login.php';
//$url_logout = $url_app."login.php?logout=true";
$url_logout = $url_app.'login.php?logout=true&sid='.$session_info['session_id'];
//-----------------------------------------------------
//--- Get User Caches ---------------------------------
//-----------------------------------------------------
$num_total_online = 0;
$num_visible_online = 0;
$num_invisible_online = 0;
$num_registered_online = 0;
$num_guests_online = mt_rand(800, 1400);
$user_online_list = "";
$prev_user_ids = array();
$prev_session_ips = array();
if (defined("GET_USER_ONLINE") && ($config['display_whosonline'] == 1 || $user_info['user_level'] == ADMIN)) {
$time_out = time() - 300;
$sql = "SELECT ".get_user_table_field("u.", "user_id").get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_invisible").", s.session_user_id, s.session_time, s.session_ip
FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
WHERE ".get_user_table_field("u.", "user_id")." = s.session_user_id AND (s.session_time >= $time_out OR ".get_user_table_field("u.", "user_lastaction")." >= $time_out)
ORDER BY ".get_user_table_field("u.", "user_id")." ASC, s.session_ip ASC";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
if ($row['session_user_id'] != GUEST) {
if (!isset($prev_user_ids[$row['session_user_id']])) {
$is_invisible = (isset($row[$user_table_fields['user_invisible']]) && $row[$user_table_fields['user_invisible']] == 0) ? 1 : 0;
$invisibleuser = ($is_invisible) ? "*" : "";
$username = (isset($row[$user_table_fields['user_level']]) && $row[$user_table_fields['user_level']] == ADMIN && $config['highlight_admin'] == 1) ? sprintf("<b>%s</b>", $row[$user_table_fields['user_name']]) : $row[$user_table_fields['user_name']];
if (!$is_invisible || $user_info['user_level'] == ADMIN) {
$user_online_list .= ($user_online_list != "") ? ", " : "";
$user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/", $row['session_user_id'], $url_show_profile) : ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$row['session_user_id'];
$user_online_list .= "<a href=\"".$site_sess->url($user_profile_link)."\">".$username."</a>".$invisibleuser;
}
(!$is_invisible) ? $num_visible_online++ : $num_invisible_online++;
$num_registered_online++;
}
$prev_user_ids[$row['session_user_id']] = 1;
}
else {
if (!isset($prev_session_ips[$row['session_ip']])) {
$num_guests_online++;
}
}
$prev_session_ips[$row['session_ip']] = 1;
}
$num_total_online = $num_registered_online + $num_guests_online;
$site_template->register_vars(array(
"num_total_online" => $num_total_online,
"num_invisible_online" => $num_invisible_online,
"num_registered_online" => $num_registered_online,
"num_guests_online" => $num_guests_online,
"user_online_list" => $user_online_list,
"lang_user_online" => str_replace('{num_total_online}', $num_total_online, $lang['user_online']),
"lang_user_online_detail" => str_replace(array('{num_registered_online}','{num_invisible_online}','{num_guests_online}'), array($num_registered_online,$num_invisible_online,$num_guests_online), $lang['user_online_detail']),
));
$whos_online = $site_template->parse_template("whos_online");
$site_template->register_vars("whos_online", $whos_online);
unset($whos_online);
unset($prev_user_ids);
unset($prev_session_ips);
}
//Mod_bmollet
/**
* Get the category url
* @param int $cat_id The id of the category
* @param string $cat_url The current status of the URL
*/
function get_category_url($cat_id,$cat_url = '')
{
global $site_db;
$sql = "SELECT cat_name,cat_parent_id FROM ".CATEGORIES_TABLE." WHERE cat_id = '".$cat_id."'";
$result = $site_db->query($sql);
$row = $site_db->fetch_array($result);
$row['cat_name'] = strtr($row['cat_name'], "éèêàëâúóíáABCDEFGHIJKLMNOPQRSTUVWXYZ","eeeaeauoiaabcdefghijklmnopqrstuvwxyz");
$row['cat_name'] = preg_replace("`\[.*\]`U","",$row['cat_name']);
$row['cat_name'] = preg_replace('`&(amp;)?#?[a-z0-9]+;`i','-',$row['cat_name']);
$row['cat_name'] = htmlentities($row['cat_name'], ENT_COMPAT, 'iso-8859-1');
$row['cat_name'] = preg_replace( "`&([a-z])(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);`i","\\1", $row['cat_name'] );
$row['cat_name'] = preg_replace( array("`[^a-z0-9]`i","`[-]+`") , "-", $row['cat_name']);
$row['cat_name'] = ( $row['cat_name'] == "" ) ? $type : strtolower(trim($row['cat_name'], '-'));
$cat_url = '-'.str_replace('+','-',urlencode($row['cat_name'])).'-'.$cat_id.$cat_url;
// if you want full path of category in url, put next line in comment
return $cat_url;
if( $row['cat_parent_id'] != 0)
{
return get_category_url($row['cat_parent_id'],$cat_url);
}
else
{
return $cat_url;
}
}
//Mod_bmollet
/**
* Get the image url
* @param int $image_id The id of the image
*/
function get_forum_topic_url($topic_id)
{
global $site_db;
$sql = "SELECT topic_title FROM phpbb_topics WHERE topic_id = '".$topic_id."'";
$result = $site_db->query($sql);
$row = $site_db->fetch_array($result);
$row['forum_topic'] = strtr($row['topic_title'], "éèêàëâúóíáABCDEFGHIJKLMNOPQRSTUVWXYZ","eeeaeauoiaabcdefghijklmnopqrstuvwxyz");
$row['topic_title'] = preg_replace("`\[.*\]`U","",$row['topic_title']);
$row['topic_title'] = preg_replace('`&(amp;)?#?[a-z0-9]+;`i','-',$row['topic_title']);
$row['topic_title'] = htmlentities($row['topic_title'], ENT_COMPAT, 'iso-8859-1');
$row['topic_title'] = preg_replace( "`&([a-z])(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);`i","\\1", $row['topic_title'] );
$row['topic_title'] = preg_replace( array("`[^a-z0-9]`i","`[-]+`") , "-", $row['topic_title']);
$row['topic_title'] = ( $row['topic_title'] == "" ) ? $type : strtolower(trim($row['topic_title'], '-'));
return str_replace('+','-',urlencode($row['topic_title'])).'-t'.$topic_id;
}
function get_image_url($image_id)
{
global $site_db;
$sql = "SELECT cat_id,image_name FROM ".IMAGES_TABLE." WHERE image_id = '".$image_id."'";
$result = $site_db->query($sql);
$row = $site_db->fetch_array($result);
$row['image_name'] = strtr($row['image_name'], "éèêàëâúóíáABCDEFGHIJKLMNOPQRSTUVWXYZ","eeeaeauoiaabcdefghijklmnopqrstuvwxyz");
$row['image_name'] = preg_replace("`\[.*\]`U","",$row['image_name']);
$row['image_name'] = preg_replace('`&(amp;)?#?[a-z0-9]+;`i','-',$row['image_name']);
$row['image_name'] = htmlentities($row['image_name'], ENT_COMPAT, 'iso-8859-1');
$row['image_name'] = preg_replace( "`&([a-z])(acute|uml|circ|grave|ring|cedil|slash|tilde|caron|lig);`i","\\1", $row['image_name'] );
$row['image_name'] = preg_replace( array("`[^a-z0-9]`i","`[-]+`") , "-", $row['image_name']);
$row['image_name'] = ( $row['image_name'] == "" ) ? $type : strtolower(trim($row['image_name'], '-'));
// if you want comlpete path to image in url, remove comment from following line
//return get_category_url($row['cat_id']).'-'.str_replace('+','-',urlencode($row['image_name'])).'-'.$image_id;
return '-'.str_replace('+','-',urlencode($row['image_name'])).'-'.$image_id;
}
?>
danke dir!