diff --git a/phpBB/config.php b/phpBB/config.php
index b4278d1182..a7b442d483 100644
--- a/phpBB/config.php
+++ b/phpBB/config.php
@@ -1,6 +1,6 @@
diff --git a/phpBB/db.php b/phpBB/db.php
index b4278d1182..d305ae3824 100644
--- a/phpBB/db.php
+++ b/phpBB/db.php
@@ -1,6 +1,6 @@
db_connect_id)
+{
+ error_die($db, SQL_CONNECT);
+}
+
+// Check if user is banned
+if(!auth("ip ban", $db, "", "", "", "", "", $REMOTE_ADDR, "", "", ""))
+{
+ error_die($db, BANNED);
+}
+
+// Initalize these variables to keep them safe.
+$user_logged_in = 0;
+$logged_in = 0;
+$userdata = Array();
+
+// Setup forum wide options.
+$sql = "SELECT * FROM config WHERE selected = 1";
+if(!$result = $db->sql_query($sql))
+{
+ error_die($db, QUERY_ERROR);
+}
+else
+{
+ $config = $db->sql_fetchrowset($result);
+ $sitename = stripslashes($config[0]["sitename"]);
+ $allow_html = $config[0]["allow_html"];
+ $allow_bbcode = $config[0]["allow_bbcode"];
+ $allow_sig = $config[0]["allow_sig"];
+ $allow_namechange = $config[0]["allow_namechange"];
+ $posts_per_page = $config[0]["posts_per_page"];
+ $hot_threshold = $config[0]["hot_threshold"];
+ $topics_per_page = $config[0]["topics_per_page"];
+ $override_user_themes = $config[0]["override_themes"];
+ $email_sig = stripslashes($config[0]["email_sig"]);
+ $email_from = $config[0]["email_from"];
+ $default_lang = $config[0]["default_lang"];
+ $sys_lang = $default_lang;
+}
+
+if(isset($HTTP_COOKIE_VARS[$session_cookie]))
+{
+ $sessid = $HTTP_COOKIE_VARS[$session_cookie];
+ $userid = get_userid_from_session($sessid, $session_cookie_time, $REMOTE_ADDR, $db);
+
+ if ($userid)
+ {
+ $user_logged_in = 1;
+ update_session_time($sessid, $db);
+
+ if(!auth("username ban", $db, $userid, "", "", "", "", "", "", "", ""))
+ {
+ error_die($db, BANNED);
+ }
+ $userdata = get_userdata_from_id($userid, $db);
+ }
+}
+
+// If the user isn't logged in check if they have a user ID cookie.
+if (!$user_logged_in)
+{
+ if(isset($HTTP_COOKIE_VARS[$cookie_name]))
+ {
+ $userdata = get_userdata_from_id($HTTP_COOKIE_VARS["$cookie_name"], $db);
+ if(!auth("username ban", $db, $userdata["user_id"], "", "", "", "", "", "", "", ""))
+ {
+ error_die($db, BANNED);
+ }
+ }
+}
+
+// Setup what template to use. Currently just use default
+$template = new Template("./templates/Default", "keep");
?>
diff --git a/phpBB/functions/auth.php b/phpBB/functions/auth.php
index b4278d1182..beacb39262 100644
--- a/phpBB/functions/auth.php
+++ b/phpBB/functions/auth.php
@@ -1,6 +1,6 @@
0)";
+ $db->sql_query($sql);
+ $sql = "SELECT ban_ip FROM banlist";
+ if($result = $db->sql_query($sql))
+ {
+ if($totalrows = $db->sql_numrows())
+ {
+ $iprow = $db->sql_fetchrowset($result);
+ for($x = 0; $x < $totalrows; $x++)
+ {
+ $ip = $iprow[$x]["ban_ip"];
+ if($ip[strlen($ip) - 1] == ".")
+ {
+ $db_ip = explode(".", $ip);
+ $this_ip = explode(".", $user_ip);
+
+ for($x = 0; $x < count($db_ip) - 1; $x++)
+ {
+ $my_ip .= $this_ip[$x] . ".";
+ }
+
+ if($my_ip == $ip)
+ {
+ return(FALSE);
+ }
+ }
+ else
+ {
+ if($ipuser == $ip)
+ {
+ return(FALSE);
+ }
+ }
+ }
+ return(TRUE);
+ }
+ else
+ {
+ return(TRUE);
+ }
+ }
+ return(TRUE);
+ break;
+ case 'username ban':
+ $sql = "DELETE FROM banlist
+ WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).")
+ AND (ban_end > 0)";
+ $db->sql_query($sql);
+ $sql = "SELECT ban_userid FROM banlist WHERE ban_userid = '$user_id'";
+ if($result = $db->sql_query($sql))
+ {
+ if($db->sql_numrows())
+ {
+ return(FALSE);
+ }
+ else
+ {
+ return(TRUE);
+ }
+ }
+ else
+ {
+ return(TRUE);
+ }
+ break;
+ }
+}
+/*
+ * The following functions are used for getting user information. They are not related directly to auth()
+ */
+
+function get_userdata_from_id($userid, $db)
+{
+
+ $sql = "SELECT * FROM users WHERE user_id = $userid";
+ if(!$result = $db->sql_query($sql))
+ {
+ $userdata = array("error" => "1");
+ return ($userdata);
+ }
+ if($db->sql_numrows())
+ {
+ $myrow = $db->sql_fetchrowset($result);
+ return($myrow[0]);
+ }
+ else
+ {
+ $userdata = array("error" => "1");
+ return ($userdata);
+ }
+}
+
?>
diff --git a/phpBB/functions/sessions.php b/phpBB/functions/sessions.php
index b4278d1182..60f2ae7015 100644
--- a/phpBB/functions/sessions.php
+++ b/phpBB/functions/sessions.php
@@ -1,6 +1,6 @@
sql_query($deleteSQL);
+
+ if (!$delresult)
+ {
+ error_die($db, SESSION_CREATE);
+ }
+
+ $sql = "INSERT INTO sessions (sess_id, user_id, start_time, remote_ip) VALUES ($sessid, $userid, $currtime, '$remote_ip')";
+
+ $result = $db->sql_query($sql);
+
+ if ($result)
+ {
+ return $sessid;
+ }
+ else
+ {
+ error_die($db, SESSION_CREATE);
+ } // if/else
+
+} // new_session()
+
+/*
+ * Sets the sessID cookie for the given session ID. the $cookietime parameter
+ * is no longer used, but just hasn't been removed yet. It'll break all the modules
+ * (just login) that call this code when it gets removed.
+ * Sets a cookie with no specified expiry time. This makes the cookie last until the
+ * user's browser is closed. (at last that's the case in IE5 and NS4.7.. Haven't tried
+ * it with anything else.)
+ */
+function set_session_cookie($sessid, $cookietime, $cookiename, $cookiepath, $cookiedomain, $cookiesecure)
+{
+ // This sets a cookie that will persist until the user closes their browser window.
+ // since session expiry is handled on the server-side, cookie expiry time isn't a big deal.
+ setcookie($cookiename, $sessid, '', $cookiepath, $cookiedomain, $cookiesecure);
+
+} // set_session_cookie()
+
+/*
+ * Returns the userID associated with the given session, based on
+ * the given session lifespan $cookietime and the given remote IP
+ * address. If no match found, returns 0.
+ */
+function get_userid_from_session($sessid, $cookietime, $remote_ip, $db)
+{
+ $mintime = time() - $cookietime;
+ $sql = "SELECT user_id
+ FROM sessions
+ WHERE (sess_id = $sessid)
+ AND (start_time > $mintime)
+ AND (remote_ip = '$remote_ip')";
+ $result = $db->sql_query($sql);
+ if (!$result)
+ {
+ error_die($db, "Error doing DB query in get_userid_from_session()");
+ }
+ $rowset = $db->sql_fetchrowset();
+ $num_rows = $db->sql_numrows();
+ if ($num_rows == 0)
+ {
+ return 0;
+ }
+ else
+ {
+ return $rowset[0]["user_id"];
+ }
+
+} // get_userid_from_session()
+
+
+function update_session_time($sessid, $db)
+{
+
+ $newtime = (string) time();
+ $sql = "UPDATE sessions SET start_time=$newtime WHERE (sess_id = $sessid)";
+ $result = $db->sql_query($sql);
+ if (!$result)
+ {
+ $db_error = $db->sql_error();
+ error_die($db, "Error doing DB update in update_session_time(). Reason: " . $db_error["message"]);
+ }
+ return 1;
+
+} // update_session_time()
+
+function end_user_session($userid, $db)
+{
+ $sql = "DELETE FROM sessions WHERE (user_id = $userid)";
+ $result = $db->sql_query($sql, $db);
+ if (!$result)
+ {
+ $db_error = $db->sql_error();
+ error_die($db, "Delete failed in end_user_session(). Reason: " . $db_error["message"]);
+ }
+ return 1;
+
+} // end_session()
?>
diff --git a/phpBB/index.php b/phpBB/index.php
index b4278d1182..7ed32e597e 100644
--- a/phpBB/index.php
+++ b/phpBB/index.php
@@ -1,6 +1,6 @@
set_block("body", "catrow", "cats");
+$template->set_block("catrow", "forumrow", "forums");
+
+$sql = "SELECT * FROM catagories ORDER BY cat_order";
+if(!$result = $db->sql_query($sql))
+{
+ error_die($db, QUERY_ERROR);
+}
+$total_rows = $db->sql_numrows();
+if($total_rows)
+{
+ $rows = $db->sql_fetchrowset($result);
+ for($x = 0; $x < $total_rows; $x++)
+ {
+
+ $template->set_var(array("CAT_ID" => $rows[$x]["cat_id"],
+ "PHP_SELF" => $PHP_SELF,
+ "CAT_DESC" => stripslashes($rows[$x]["cat_title"])));
+
+ $sub_sql = "SELECT f.* FROM forums f WHERE f.cat_id = '".$rows[$x]["cat_id"]."' ORDER BY forum_id";
+ if(!$sub_result = $db->sql_query($sub_sql))
+ {
+ error_die($db, QUERY_ERROR);
+ }
+ $total_forums = $db->sql_numrows($sub_result);
+ $forum_rows = $db->sql_fetchrowset($sub_result);
+
+ if($total_forums)
+ {
+ $template->parse("cats", "catrow", true);
+ for($y = 0; $y < $total_forums; $y++)
+ {
+ $folder_image = "![](\"images/folder.gif\")
";
+ $posts = 150;
+ $topics = 35;
+ $last_post = "05-10-2000 12:34:33pm
by theFinn";
+ $moderators = "theFinn";
+ if($row_color == "#DDDDDD")
+ {
+ $row_color = "#CCCCCC";
+ }
+ else
+ {
+ $row_color = "#DDDDDD";
+ }
+ $template->set_var(array("FOLDER" => $folder_image,
+ "FORUM_NAME" => stripslashes($forum_rows[$y]["forum_name"]),
+ "FORUM_ID" => $forum_rows[$y]["forum_id"],
+ "FORUM_DESC" => stripslashes($forum_rows[$y]["forum_desc"]),
+ "ROW_COLOR" => $row_color,
+ "PHPEX" => $phpEx,
+ "POSTS" => $posts,
+ "TOPICS" => $topics,
+ "LAST_POST" => $last_post,
+ "MODERATORS" => $moderators));
+ $template->parse("forums", "forumrow", true);
+ }
+ $template->parse("cats", "forums", true);
+ $template->set_var("forums", "");
+ }
+ }
+}
+$template->pparse("output", "body");
-
+include('page_tail.'.$phpEx);
?>
diff --git a/phpBB/page_header.php b/phpBB/page_header.php
index acb48a7f11..a4c4b3d425 100644
--- a/phpBB/page_header.php
+++ b/phpBB/page_header.php
@@ -23,5 +23,28 @@
***************************************************************************/
-
+switch($pagetype)
+{
+ case 'index':
+ $page_title = "Forum Index";
+ $template->set_file(array("overall_header" => "overall_header.tpl",
+ "header" => "index_header.tpl",
+ "body" => "index_body.tpl",
+ "footer" => "index_footer.tpl",
+ "overall_footer" => "overall_footer.tpl"));
+ $template->set_var(array("SITENAME" => $sitename,
+ "PAGE_TITLE" => $page_title,
+ "META_INFO" => $meta_tags,
+ "TOTAL_POSTS" => $total_posts,
+ "TOTAL_USERS" => $total_users,
+ "NEWEST_USER" => $newest_user,
+ "NEWEST_UID" => $newest_uid,
+ "USERS_BROWSING" => $users_browsing));
+
+ $template->pparse("output", "overall_header");
+ $template->pparse("output", "header");
+
+ break;
+}
+
?>