-
Notifications
You must be signed in to change notification settings - Fork 3
/
require.php
81 lines (68 loc) · 3 KB
/
require.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
<?php
// INSTALL LOCATION
$path = dirname(__FILE__);
//is API call?
if (isset($_GET['api'])) {
$api = true;
} else {
$api = false;
}
// CONFIGURATIONS
require $path . '/includes/default.php'; //sets defaults
// DATABASE
require $path . '/database/boards.php'; //boardlist
//if text board defaults:
if (isset($_GET["board"]) && $_GET["board"] != '') {
if ($config['boards'][htmlspecialchars($_GET["board"])]['type'] == 'txt') {
$allow_files = false;
$default_theme = $default_text_theme;
}
}
if (isset($_POST["board"]) && $_POST["board"] != '') {
if ($config['boards'][htmlspecialchars($_POST["board"])]['type'] == 'txt') {
$allow_files = false;
$default_theme = $default_text_theme;
}
}
require $path . '/includes/custom.php'; // only change this, it will replace the default initialized settings.
require $path . '/includes/inits.php'; //defines possibly unused variables
require $path . '/includes/functions.php'; //defines functions
//per board config main.php
if (isset($_GET["board"]) && $_GET["board"] != '') {
if (file_exists($path . '/' . $database_folder . '/boards/' . htmlspecialchars($_GET["board"]) . '/config.php')) {
@include $path . '/' . $database_folder . '/boards/' . htmlspecialchars($_GET["board"]) . '/config.php';
}
}
//per board config post.php
if (isset($_POST["board"]) && $_POST["board"] != '') {
if (file_exists($path . '/' . $database_folder . '/boards/' . htmlspecialchars($_POST["board"]) . '/config.php')) {
@include $path . '/' . $database_folder . '/boards/' . htmlspecialchars($_POST["board"]) . '/config.php';
}
}
//is moderator?
if (isset($_COOKIE['mod_user']) && isset($_COOKIE['mod_session'])) {
if ($_COOKIE['mod_user'] == "") {
error('No username given.');
}
if ($_COOKIE['mod_user'] == "counter" || ctype_alnum($_COOKIE['mod_user']) != true) {
error('Invalid Username.');
}
if (!file_exists($path . '/' . $database_folder . '/users/' . $_COOKIE['mod_user'] . '.php')) {
error('User doesn\'t exist.');
}
include $path . '/' . $database_folder . '/users/' . $_COOKIE['mod_user'] . '.php';
if (isset($_COOKIE["mod_session"]) && !empty($_COOKIE["mod_session"]) && $_COOKIE['mod_session'] !== $user_session) {
setcookie("mod_user", "", time() - 3600, $cookie_location, $domain, isset($_SERVER["HTTPS"]));
setcookie("mod_session", "", time() - 3600, $cookie_location, $domain, isset($_SERVER["HTTPS"]));
error('Invalid or expired cookie session');
} else {
$logged_in = true;
$mod_level = $user_mod_level;
$logged_in_user = $username;
}
if (($user_remember + 86400) < time()) { //1day if not remember me, otherwise using the +30days from remember time for 31days total
setcookie("mod_user", "", time() - 3600, $cookie_location, $domain, isset($_SERVER["HTTPS"]));
setcookie("mod_session", "", time() - 3600, $cookie_location, $domain, isset($_SERVER["HTTPS"]));
$logged_in = false;
}
}