1:
|
<?php require("./acp/lib/ct_funktion.inc.php"); include("./ct_blocker.php"); $countername = "./ct_blocker.txt"; $count_value1 = @file_get_contents($countername); $count_value1 = str_replace(",", ".",number_format($count_value1)); $counternamespy = "./ct_spy.txt"; $count_valuespy = @file_get_contents($counternamespy); $count_valuespy = str_replace(",", ".",number_format($count_valuespy)); $counternametrap = "./ct_bb/cttrappcount.txt"; $count_valuetrap = @file_get_contents($counternametrap); $count_valuetrap = str_replace(",", ".",number_format($count_valuetrap)); if ($badbot_options_link == 1) { $ct_badbot_url = "<center><a href=\"./ct_bb/ct_bb.php\"><img src=\"images/pixel.gif\" border=\"0\" alt=\"\"></img></a></center>"; }else{ $ct_badbot_url =""; } $counternameflood = "./ct_flood.txt"; $count_valueflood = @file_get_contents($counternameflood); $count_valueflood = str_replace(",", ".",number_format($count_valueflood)); // ************************************************************************************// // * WoltLab Burning Board 2 // ************************************************************************************// // * Copyright (c) 2001-2004 WoltLab GmbH // * Web http://www.woltlab.de/ // * License http://www.woltlab.de/products/burning_board/license_en.php // * http://www.woltlab.de/products/burning_board/license.php // ************************************************************************************// // * WoltLab Burning Board 2 is NOT free software. // * You may not redistribute this package or any of it's files. // ************************************************************************************// // * $Date: 2006-06-26 15:41:24 +0200 (Mo, 26 Jun 2006) $ // * $Author: Burntime $ // * $Rev: 1707 $ // ************************************************************************************// srand( (double)microtime() * 1000000 ); $tt_num1 = rand( 1, 9 ); $tt_num2 = rand( 1, 9 ); @error_reporting(7); $phpversion = phpversion(); /** get function libary **/ require('./acp/lib/functions.php'); if (version_compare($phpversion, '4.1.0') == -1) { $_REQUEST = array_merge($HTTP_COOKIE_VARS, $HTTP_POST_VARS, $HTTP_GET_VARS); $_COOKIE =& $HTTP_COOKIE_VARS; $_SERVER =& $HTTP_SERVER_VARS; $_FILES =& $HTTP_POST_FILES; $_GET =& $HTTP_GET_VARS; $_POST =& $HTTP_POST_VARS; } // remove slashes in get post cookie data... if (get_magic_quotes_gpc()) { if (count($_REQUEST)) $_REQUEST = stripslashes_array($_REQUEST); if (count($_POST)) $_POST = stripslashes_array($_POST); if (count($_GET)) $_GET = stripslashes_array($_GET); if (count($_COOKIE)) $_COOKIE = stripslashes_array($_COOKIE); if (count($_SERVER)) $_SERVER = stripslashes_array($_SERVER); } @set_magic_quotes_runtime(0); @ini_set('magic_quotes_sybase', '0'); /** * check uploaded files.. * search in Superglobal $_FILES * LM: 09.05.2006 00:13 Zagon Hornik */ if (!empty ($_FILES) && is_Array ($_FILES)) { foreach ($_FILES as $key=>$val) { if (!checkFile ($_FILES[$key]['tmp_name'])) { @unlink ($_FILES[$key]['tmp_name']); unset ($_FILES[$key]); } } } /** connect db **/ require('./acp/lib/config.inc.php'); require('./acp/lib/class_db_mysql.php'); $db = &new db($sqlhost, $sqluser, $sqlpassword, $sqldb, $phpversion); /** get configuration **/ require('./acp/lib/options.inc.php'); /** load smtp_socket function **/ require('./acp/lib/class_smtp.php'); /** Laufschrift **/ $laufen = $db->query_first("SELECT * FROM bb".$n."_laufschrift"); /** request ids **/ if (isset($_REQUEST['postid'])) $postid = $_REQUEST['postid']; if (isset($_REQUEST['threadid'])) $threadid = $_REQUEST['threadid']; if (isset($_REQUEST['pollid'])) $pollid = $_REQUEST['pollid']; if (isset($_REQUEST['attachmentid'])) $attachmentid = $_REQUEST['attachmentid']; if (isset($_REQUEST['boardid'])) $boardid = $_REQUEST['boardid']; /** verify ids **/ if (isset($postid)) { $postid = intval($postid); $post = $db->query_first("SELECT * FROM bb".$n."_posts WHERE postid = '$postid'"); if (!$post['postid']) unset($postid); else $threadid = $post['threadid']; } /** start session **/ require('./acp/lib/session.php'); /** verify ids **/ if (isset($threadid)) { $threadid = intval($threadid); $select = ''; $join = ''; if ($filename == "thread.php") { $select .= ", v.id AS isvoted"; $join .= " LEFT JOIN bb".$n."_votes v ON (v.id=t.threadid AND v.votemode=2 AND ".(($wbbuserdata['userid']) ? ("v.userid='".$wbbuserdata['userid']."'") : ("v.ipaddress='".addslashes($REMOTE_ADDR)."'")).")"; if ($wbbuserdata['userid']) { $select .= ", tv.lastvisit, s.emailnotify, s.countemails"; $join .= " LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."') LEFT JOIN bb".$n."_subscribethreads s ON (s.userid='".$wbbuserdata['userid']."' AND s.threadid=t.threadid)"; } } $thread = $db->query_first("SELECT t.*".$select." FROM bb".$n."_threads t".$join." WHERE t.threadid = '$threadid'"); $select = ''; $join = ''; if (!$thread['threadid']) unset($threadid); else $boardid = $thread['boardid']; } if (isset($pollid)) { $pollid = intval($pollid); $poll = $db->query_first("SELECT bb".$n."_threads.*, bb".$n."_polls.* FROM bb".$n."_polls LEFT JOIN bb".$n."_threads USING (threadid) WHERE bb".$n."_polls.pollid = '$pollid'"); if (!$poll['pollid']) unset($pollid); else { if ($poll['boardid']) { $boardid = $poll['boardid']; unset($threadid); unset($thread); } } } if (isset($attachmentid)) { $attachmentid = intval($attachmentid); $attachment = $db->query_first("SELECT at.*, ". "t.boardid, p.threadid, p.visible, p.userid, ". "pm.privatemessageid, pm.inoutbox, pm.senderid, pmr.recipientid, pmr.deletepm ". "FROM bb".$n."_attachments at ". "LEFT JOIN bb".$n."_posts p ON (p.postid=at.postid) ". "LEFT JOIN bb".$n."_threads t ON (t.threadid=p.threadid) ". "LEFT JOIN bb".$n."_privatemessage pm ON (pm.privatemessageid=at.privatemessageid) ". "LEFT JOIN bb".$n."_privatemessagereceipts pmr ON (pmr.privatemessageid=pm.privatemessageid AND pmr.recipientid='$wbbuserdata[userid]') ". "WHERE at.attachmentid = '$attachmentid'"); if (!$attachment['attachmentid']) { unset($attachmentid); unset($attachment); } if ($attachment['postid'] && !$attachment['privatemessageid']) { // post attachment if ($attachment['boardid']) { $boardid = $attachment['boardid']; $threadid = $attachment['threadid']; unset($thread); } } elseif (!$attachment['postid'] && $attachment['privatemessageid']) { // private message attachment unset($boardid); unset($threadid); unset($thread); } } if (isset($boardid)) { $boardid = intval($boardid); $board = getBoardAccessData($boardid); if (!$board['boardid']) unset($boardid); } /** update session **/ $db->unbuffered_query("UPDATE bb".$n."_sessions SET lastactivity = '".$session['lastactivity']."', request_uri = '".addslashes($REQUEST_URI)."', boardid='" . ((isset($boardid)) ? ($boardid) : (0)) . "', threadid='".((isset($threadid)) ? ($threadid) : (0))."'" . ((isset($styleid)) ? (", styleid = '$styleid'") : ("")).((isset($langid)) ? (", langid='$langid'") : ("")).((isset($authentificationcode)) ? (", authentificationcode='".addslashes($authentificationcode)."'") : (""))." WHERE sessionhash = '$sid'", 1); // JGS-XA JGS-Chat Start if($filename=="jgs_chat.php"){$jgs_xa_chat_code_in_global_eingebaut="1";require("./jgs_chat_global.php");} // JGS-XA JGS-Chat Ende /** get style **/ // JGS-Portal Start if($filename=="jgs_portal.php"){require("./jgs_portal_global.php");} // JGS-Portal Ende $style = array(); if (isset($board) && ($board['enforcestyle'] == 1 || ($board['styleid'] != 0 && $wbbuserdata['styleid'] == 0))) { $style = $db->query_first("SELECT s.styleid, s.templatepackid, s.designpackid, tp.templatestructure FROM bb".$n."_styles s LEFT JOIN bb".$n."_templatepacks tp ON(tp.templatepackid=s.templatepackid) WHERE s.styleid = '".$board['styleid']."'"); $wbbuserdata['designpackid'] = $style['designpackid']; $wbbuserdata['templatepackid'] = $style['templatepackid']; $wbbuserdata['styleid'] = $style['styleid']; $wbbuserdata['templatestructure'] = $style['templatestructure']; } $result = $db->unbuffered_query("SELECT * FROM bb".$n."_designelements WHERE designpackid = '$wbbuserdata[designpackid]'"); while ($row = $db->fetch_array($result)) $style[$row['element']] = $row['value']; /** template class **/ require('./acp/lib/class_headers.php'); require('./acp/lib/class_tpl_file.php'); $tpl = &new tpl(intval($wbbuserdata['templatepackid'])); /** language packs **/ require('./acp/lib/class_language.php'); $lang = &new language($wbbuserdata['languagepackid']); $lang->load('GLOBAL,OWN'); // global, own langcat define('ENCODING', $lang->get('LANG_GLOBAL_ENCODING')); $supportedCharsets = array('UCS-4', 'UCS-4BE', 'UCS-4LE', 'UCS-2', 'UCS-2BE', 'UCS-2LE', 'UTF-32', 'UTF-32BE', 'UTF-32LE', 'UCS-2LE', 'UTF-16', 'UTF-16BE', 'UTF-16LE', 'UTF-8', 'UTF-7', 'ASCII', 'EUC-JP', 'SJIS', 'EUCJP-WIN', 'SJIS-WIN', 'ISO-2022-JP', 'JIS', 'ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'BYTE2BE', 'BYTE2LE', 'BYTE4BE', 'BYTE4LE', 'BASE64', '7bit', '8bit', 'UTF7-IMAP'); if (in_array(wbb_strtoupper(ENCODING), $supportedCharsets) && extension_loaded('mbstring') && version_compare($phpversion, '4.3.0') >= 0) { define('USE_MBSTRING', true); } else { define('USE_MBSTRING', false); } /** imagefolder prefix **/ $style['imagefolder'] = $lang->get("LANG_GLOBAL_IMAGEFOLDER_PREFIX").$style['imagefolder']; /** OWN langvars **/ $o_master_board_name = $master_board_name; $master_board_name = getlangvar($master_board_name, $lang); /** templates & style **/ $phpinclude = wbb_trim($tpl->get("phpinclude")); if ($phpinclude != '') { $phpinclude = str_replace('\\"', '"', $phpinclude); $phpinclude = str_replace('\\\\', '\\', $phpinclude); eval($phpinclude); } /* ############## Laufschrifttext by Beziehungs-Kiste.net ##############*/ if ($laufschrift_onoff == 1) { $result = $db->query ("SELECT laufschriftid, username, laufschrifttext FROM bb".$n."_laufschrift ORDER BY laufschriftid DESC LIMIT 0,$laufschrift_limit"); while ($row = $db->fetch_array($result)) { $count++; eval ("\$lauftext .= \"".$tpl->get("laufschrift_show")."\";"); } } /* ############## Laufschrifttext by Beziehungs-Kiste.net ##############*/ /** default templates **/ $header_pms = ''; $header_acp = ''; eval("\$css = \"".$tpl->get("css")."\";"); // JGS-Portal Start require("./jgs_portal_global_sponsor.php"); // JGS-Portal Ende eval("\$headinclude = \"".$tpl->get("headinclude")."\";"); $lang->items['LANG_GLOBAL_COPYRIGHT'] = $lang->get("LANG_GLOBAL_COPYRIGHT", array('$boardversion' => $boardversion)); eval("\$ct_footeranzeigen = \"".$tpl->get("ct_footeranzeigen")."\";"); eval("\$footer = \"".$tpl->get("footer")."\";"); if ($wbbuserdata['userid']) $usercbar_username = htmlconverter($wbbuserdata['username']); else $usercbar_username = ''; eval("\$usercbar = \"".$tpl->get("usercbar")."\";"); eval("\$header = \"".$tpl->get("header")."\";"); // JGS-Portal Start require("./jgs_portal_log.php"); require("./jgs_portal_boardinclude.php"); // JGS-Portal Ende if ($wbbuserdata['can_view_board'] == 0 && $filename != "login.php" && $filename != "logout.php" && $filename != "register.php" && $filename != "forgotpw.php") access_error(); verify_ip($REMOTE_ADDR); if ($offline == 1 && $wbbuserdata['can_view_off_board'] == 0 && $filename != "login.php" && $filename != "logout.php" && $filename != "forgotpw.php" && $filename != "register.php") { $offlinemessage = nl2br(htmlconverter($offlinemessage)); eval("\$tpl->output(\"".$tpl->get("offline")."\");"); exit(); } if ($wbbuserdata['pmpopup'] == 2) { if ($filename != "pms.php" && (!isset($_POST) || count($_POST) == 0) && $filename != "attachment.php" && $filename != "attachmentedit.php" && $filename != "logout.php" && $filename != "markread.php" && $filename != "misc.php" && $filename != "modcp.php" && $filename != "polledit.php" && $filename != "register.php" && $filename != "search.php" && ($filename != "thread.php" || !isset($_REQUEST['goto'])) && $filename != "threadrating.php" && $filename != "usercp.php") { eval("\$headinclude .= \"".$tpl->get("pmpopup_open")."\";"); } } if (isset($boardid)) { /** OWN langvars **/ $board['o_title'] = $board['title']; $board['title'] = getlangvar($board['title'], $lang); if (!checkpermissions("can_enter_board")) access_error(); if ($board['password'] && ($filename != "usercp.php" || $_REQUEST['action'] != 'removesubscription')) { $lang->load('BOARD'); if (isset($_COOKIE[$cookieprefix.'boardpasswords'])) $boardpasswords = decode_cookie($_COOKIE[$cookieprefix.'boardpasswords']); else $boardpasswords = array(); if (isset($_POST['boardpassword'])) { if ($_POST['boardpassword'] == $board['password']) { $boardpasswords[$boardid] = md5($board['password']); if ($wbbuserdata['usecookies'] == 1) encode_cookie('boardpasswords', time() + 3600 * 24 * 365, false); else encode_cookie('boardpasswords', 0, false); redirect($lang->items['LANG_BOARD_PASSWORD_REDIRECT'], "board.php?boardid=$boardid".$SID_ARG_2ND); } else { eval("error(\"".$lang->get("LANG_BOARD_ERROR_FALSEPASSWORD")."\");"); } } elseif (!isset($boardpasswords[$boardid]) || $boardpasswords[$boardid] != md5($board['password'])) { eval("\$tpl->output(\"".$tpl->get("board_password")."\");"); exit(); } } } if (isset($threadid) && isset($thread['visible']) && $thread['visible'] == 0 && !checkmodpermissions()) { error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); } if (isset($postid) && isset($post['visible']) && $post['visible'] == 0 && !checkmodpermissions()) { error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); } if (isset($_POST['change_editor']) && $_POST['change_editor']) { $wbbuserdata['usewysiwyg'] = $_POST['change_editor']; } else if (isset($_POST['usewysiwyg']) && $_POST['usewysiwyg']) { $wbbuserdata['usewysiwyg'] = $_POST['usewysiwyg']; } $guthaben = $db->query_first("SELECT * FROM bb".$n."_guthaben WHERE gutid='1'"); if($guthaben['lottoonoff']) require("./acp/lib/lottoziehung.php"); /* ######## Guthaben Werben ########## */ $coo_var = $cookieprefix . 'werberid'; if (isset($_REQUEST['werberid'])){ $werberid = intval($_REQUEST['werberid']); bbcookie("werberid","$werberid",time()+3600*24*45); } elseif (isset($HTTP_COOKIE_VARS["$coo_var"])) $werberid = $HTTP_COOKIE_VARS["$coo_var"]; else $werberid = ''; if ($werberid != ''){ $werberchk = $db->query_first("SELECT username FROM bb".$n."_users where userid='".intval($werberid)."'"); if ($werberchk['username'] == '') unset($werberid); else $werbername = $werberchk['username']; } /* ################################### */ ?> |