@ -146,15 +146,49 @@ function modLog($action, $_board=null) {
_syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action);
}
// Validate session
function create_pm_header() {
global $mod, $config;
if ($config['cache']['enabled'] & & ($header = cache::get('pm_unread_' . $mod['id'])) != false) {
if ($header === true)
return false;
return $header;
}
$query = prepare("SELECT `id` FROM ``pms`` WHERE `to` = :id AND `unread` = 1");
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if ($pm = $query->fetch(PDO::FETCH_ASSOC))
$header = array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1);
else
$header = true;
if ($config['cache']['enabled'])
cache::set('pm_unread_' . $mod['id'], $header);
if ($header === true)
return false;
return $header;
}
function make_secure_link_token($uri) {
global $mod, $config;
return substr(sha1($config['cookies']['salt'] . '-' . $uri . '-' . $mod['id']), 0, 8);
}
function check_login($prompt = false) {
global $config, $mod;
// Validate session
if (isset($_COOKIE[$config['cookies']['mod']])) {
// Should be username:hash:salt
$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]);
if (count($cookie) != 3) {
// Malformed cookies
destroyCookies();
mod_login();
if ($prompt) mod_login();
exit;
}
@ -167,7 +201,7 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) {
// Malformed cookies
destroyCookies();
mod_login();
if ($prompt) mod_login();
exit;
}
@ -179,37 +213,16 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
);
}
function create_pm_header() {
global $mod, $config;
if ($config['cache']['enabled'] & & ($header = cache::get('pm_unread_' . $mod['id'])) != false) {
if ($header === true)
return false;
if ($config['debug'])
$parse_start_time = microtime(true);
return $header;
// Fix for magic quotes
if (get_magic_quotes_gpc()) {
function strip_array($var) {
return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
}
$query = prepare("SELECT `id` FROM ``pms`` WHERE `to` = :id AND `unread` = 1");
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if ($pm = $query->fetch(PDO::FETCH_ASSOC))
$header = array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1);
else
$header = true;
if ($config['cache']['enabled'])
cache::set('pm_unread_' . $mod['id'], $header);
if ($header === true)
return false;
return $header;
$_GET = strip_array($_GET);
$_POST = strip_array($_POST);
}
function make_secure_link_token($uri) {
global $mod, $config;
return substr(sha1($config['cookies']['salt'] . '-' . $uri . '-' . $mod['id']), 0, 8);
}