| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 class MyBB { 13 /** 14 * The friendly version number of MyBB we're running. 15 * 16 * @var string 17 */ 18 public $version = "1.6.11"; 19 20 /** 21 * The version code of MyBB we're running. 22 * 23 * @var integer 24 */ 25 public $version_code = 1611; 26 27 /** 28 * The current working directory. 29 * 30 * @var string 31 */ 32 public $cwd = "."; 33 34 /** 35 * Input variables received from the outer world. 36 * 37 * @var array 38 */ 39 public $input = array(); 40 41 /** 42 * Cookie variables received from the outer world. 43 * 44 * @var array 45 */ 46 public $cookies = array(); 47 48 /** 49 * Information about the current user. 50 * 51 * @var array 52 */ 53 public $user = array(); 54 55 /** 56 * Information about the current usergroup. 57 * 58 * @var array 59 */ 60 public $usergroup = array(); 61 62 /** 63 * MyBB settings. 64 * 65 * @var array 66 */ 67 public $settings = array(); 68 69 /** 70 * Whether or not magic quotes are enabled. 71 * 72 * @var unknown_type 73 */ 74 public $magicquotes = 0; 75 76 /** 77 * MyBB configuration. 78 * 79 * @var array 80 */ 81 public $config = array(); 82 83 /** 84 * The request method that called this page. 85 * 86 * @var string. 87 */ 88 public $request_method = ""; 89 90 /** 91 * Variables that need to be clean. 92 * 93 * @var array 94 */ 95 public $clean_variables = array( 96 "int" => array( 97 "tid", "pid", "uid", 98 "eid", "pmid", "fid", 99 "aid", "rid", "sid", 100 "vid", "cid", "bid", 101 "pid", "gid", "mid", 102 "wid", "lid", "iid", 103 "sid" 104 ), 105 "pos" => array( 106 "page", "perpage" 107 ), 108 "a-z" => array( 109 "sortby", "order" 110 ) 111 ); 112 113 /** 114 * Variables that are to be ignored from cleansing process 115 * 116 * @var array 117 */ 118 public $ignore_clean_variables = array(); 119 120 /** 121 * Using built in shutdown functionality provided by register_shutdown_function for < PHP 5? 122 */ 123 public $use_shutdown = true; 124 125 /** 126 * Debug mode? 127 */ 128 public $debug_mode = false; 129 130 /** 131 * Constructor of class. 132 * 133 * @return MyBB 134 */ 135 function __construct() 136 { 137 // Set up MyBB 138 $protected = array("_GET", "_POST", "_SERVER", "_COOKIE", "_FILES", "_ENV", "GLOBALS"); 139 foreach($protected as $var) 140 { 141 if(isset($_REQUEST[$var]) || isset($_FILES[$var])) 142 { 143 die("Hacking attempt"); 144 } 145 } 146 147 if(defined("IGNORE_CLEAN_VARS")) 148 { 149 if(!is_array(IGNORE_CLEAN_VARS)) 150 { 151 $this->ignore_clean_variables = array(IGNORE_CLEAN_VARS); 152 } 153 else 154 { 155 $this->ignore_clean_variables = IGNORE_CLEAN_VARS; 156 } 157 } 158 159 // Determine Magic Quotes Status (< PHP 6.0) 160 if(version_compare(PHP_VERSION, '6.0', '<')) 161 { 162 if(@get_magic_quotes_gpc()) 163 { 164 $this->magicquotes = 1; 165 $this->strip_slashes_array($_POST); 166 $this->strip_slashes_array($_GET); 167 $this->strip_slashes_array($_COOKIE); 168 } 169 @set_magic_quotes_runtime(0); 170 @ini_set("magic_quotes_gpc", 0); 171 @ini_set("magic_quotes_runtime", 0); 172 } 173 174 // Determine input 175 $this->parse_incoming($_GET); 176 $this->parse_incoming($_POST); 177 178 if($_SERVER['REQUEST_METHOD'] == "POST") 179 { 180 $this->request_method = "post"; 181 } 182 else if($_SERVER['REQUEST_METHOD'] == "GET") 183 { 184 $this->request_method = "get"; 185 } 186 187 // If we've got register globals on, then kill them too 188 if(@ini_get("register_globals") == 1) 189 { 190 $this->unset_globals($_POST); 191 $this->unset_globals($_GET); 192 $this->unset_globals($_FILES); 193 $this->unset_globals($_COOKIE); 194 } 195 $this->clean_input(); 196 197 if(@ini_get("safe_mode") == 1) 198 { 199 $this->safemode = true; 200 } 201 202 // Are we running in debug mode? 203 if(isset($this->input['debug']) && $this->input['debug'] == 1) 204 { 205 $this->debug_mode = true; 206 } 207 208 if(isset($this->input['action']) && $this->input['action'] == "mybb_logo") 209 { 210 require_once dirname(__FILE__)."/mybb_group.php"; 211 output_logo(); 212 } 213 214 if(isset($this->input['intcheck']) && $this->input['intcheck'] == 1) 215 { 216 die("MYBB"); 217 } 218 } 219 220 /** 221 * Parses the incoming variables. 222 * 223 * @param array The array of incoming variables. 224 */ 225 function parse_incoming($array) 226 { 227 if(!is_array($array)) 228 { 229 return; 230 } 231 232 foreach($array as $key => $val) 233 { 234 $this->input[$key] = $val; 235 } 236 } 237 238 /** 239 * Parses the incoming cookies 240 * 241 */ 242 function parse_cookies() 243 { 244 if(!is_array($_COOKIE)) 245 { 246 return; 247 } 248 249 $prefix_length = strlen($this->settings['cookieprefix']); 250 251 foreach($_COOKIE as $key => $val) 252 { 253 if($prefix_length && substr($key, 0, $prefix_length) == $this->settings['cookieprefix']) 254 { 255 $key = substr($key, $prefix_length); 256 257 // Fixes conflicts with one board having a prefix and another that doesn't on the same domain 258 // Gives priority to our cookies over others (overwrites them) 259 if($this->cookies[$key]) 260 { 261 unset($this->cookies[$key]); 262 } 263 } 264 265 if(empty($this->cookies[$key])) 266 { 267 $this->cookies[$key] = $val; 268 } 269 } 270 } 271 272 /** 273 * Strips slashes out of a given array. 274 * 275 * @param array The array to strip. 276 */ 277 function strip_slashes_array(&$array) 278 { 279 foreach($array as $key => $val) 280 { 281 if(is_array($array[$key])) 282 { 283 $this->strip_slashes_array($array[$key]); 284 } 285 else 286 { 287 $array[$key] = stripslashes($array[$key]); 288 } 289 } 290 } 291 292 /** 293 * Unsets globals from a specific array. 294 * 295 * @param array The array to unset from. 296 */ 297 function unset_globals($array) 298 { 299 if(!is_array($array)) 300 { 301 return; 302 } 303 304 foreach(array_keys($array) as $key) 305 { 306 unset($GLOBALS[$key]); 307 unset($GLOBALS[$key]); // Double unset to circumvent the zend_hash_del_key_or_index hole in PHP <4.4.3 and <5.1.4 308 } 309 } 310 311 /** 312 * Cleans predefined input variables. 313 * 314 */ 315 function clean_input() 316 { 317 foreach($this->clean_variables as $type => $variables) 318 { 319 foreach($variables as $var) 320 { 321 // If this variable is in the ignored array, skip and move to next. 322 if(in_array($var, $this->ignore_clean_variables)) 323 { 324 continue; 325 } 326 327 if(isset($this->input[$var])) 328 { 329 switch($type) 330 { 331 case "int": 332 $this->input[$var] = intval($this->input[$var]); 333 break; 334 case "a-z": 335 $this->input[$var] = preg_replace("#[^a-z\.\-_]#i", "", $this->input[$var]); 336 break; 337 case "pos": 338 if (($this->input[$var] < 0 && $var != "page") || ($var == "page" && $this->input[$var] != "last" && $this->input[$var] < 0)) 339 $this->input[$var] = 0; 340 break; 341 } 342 } 343 } 344 } 345 } 346 347 /** 348 * Triggers a generic error. 349 * 350 * @param string The error code. 351 */ 352 function trigger_generic_error($code) 353 { 354 global $error_handler; 355 356 switch($code) 357 { 358 case "cache_no_write": 359 $message = "The data cache directory (cache/) needs to exist and be writable by the web server. Change its permissions so that it is writable (777 on Unix based servers)."; 360 $error_code = MYBB_CACHE_NO_WRITE; 361 break; 362 case "install_directory": 363 $message = "The install directory (install/) still exists on your server and is not locked. To access MyBB please either remove this directory or create an empty file in it called 'lock'."; 364 $error_code = MYBB_INSTALL_DIR_EXISTS; 365 break; 366 case "board_not_installed": 367 $message = "Your board has not yet been installed and configured. Please do so before attempting to browse it."; 368 $error_code = MYBB_NOT_INSTALLED; 369 break; 370 case "board_not_upgraded": 371 $message = "Your board has not yet been upgraded. Please do so before attempting to browse it."; 372 $error_code = MYBB_NOT_UPGRADED; 373 break; 374 case "sql_load_error": 375 $message = "MyBB was unable to load the SQL extension. Please contact the MyBB Group for support. <a href=\"http://mybb.com\">MyBB Website</a>"; 376 $error_code = MYBB_SQL_LOAD_ERROR; 377 break; 378 case "eaccelerator_load_error": 379 $message = "eAccelerator needs to be configured with PHP to use the eAccelerator cache support."; 380 $error_code = MYBB_CACHEHANDLER_LOAD_ERROR; 381 break; 382 case "memcache_load_error": 383 $message = "Your server does not have memcache support enabled."; 384 $error_code = MYBB_CACHEHANDLER_LOAD_ERROR; 385 break; 386 case "xcache_load_error": 387 $message = "Xcache needs to be configured with PHP to use the Xcache cache support."; 388 $error_code = MYBB_CACHEHANDLER_LOAD_ERROR; 389 break; 390 default: 391 $message = "MyBB has experienced an internal error. Please contact the MyBB Group for support. <a href=\"http://mybb.com\">MyBB Website</a>"; 392 $error_code = MYBB_GENERAL; 393 } 394 $error_handler->trigger($message, $error_code); 395 } 396 397 function __destruct() 398 { 399 // Run shutdown function 400 if(function_exists("run_shutdown")) 401 { 402 run_shutdown(); 403 } 404 } 405 } 406 407 /** 408 * Do this here because the core is used on every MyBB page 409 */ 410 411 $grouppermignore = array("gid", "type", "title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 412 $groupzerogreater = array("pmquota", "maxpmrecipients", "maxreputationsday", "attachquota", "maxemails", "maxwarningsday"); 413 $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 414 415 // These are fields in the usergroups table that are also forum permission specific. 416 $fpermfields = array( 417 'canview', 418 'canviewthreads', 419 'candlattachments', 420 'canpostthreads', 421 'canpostreplys', 422 'canpostattachments', 423 'canratethreads', 424 'caneditposts', 425 'candeleteposts', 426 'candeletethreads', 427 'caneditattachments', 428 'canpostpolls', 429 'canvotepolls', 430 'cansearch' 431 ); 432 433 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |