MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Revised BSD License for more details.
- Copyright 2004-2014 iDB Support - http://idb.berlios.de/
- Copyright 2004-2014 Game Maker 2k - http://gamemaker2k.org/
+ Copyright 2004-2019 iDB Support - https://idb.osdn.jp/support/category.php?act=view&id=1
+ Copyright 2004-2019 Game Maker 2k - https://idb.osdn.jp/support/category.php?act=view&id=2
- $FileInfo: sql.php - Last Update: 07/10/2014 SVN 788 - Author: cooldude2k $
+ $FileInfo: sql.php - Last Update: 6/16/2021 SVN 934 - Author: cooldude2k $
*/
/* Some ini setting changes uncomment if you need them.
Display PHP Errors */
@error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
/* Get rid of session id in urls */
if(!in_array("ini_set", $disfunc)) {
-@ini_set("date.timezone","UTC");
@ini_set("default_mimetype","text/html");
@ini_set("zlib.output_compression", false);
@ini_set("zlib.output_compression_level", -1);
if(!isset($Settings['idburl'])) { $Settings['idburl'] = null; }
if(isset($Settings['BoardUUID'])) { $Settings['BoardUUID'] = base64_decode($Settings['BoardUUID']);
header("Board-Unique-ID: ".$Settings['BoardUUID']); }
+function unparse_url($parsed_url) {
+ $scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : '';
+ $host = isset($parsed_url['host']) ? $parsed_url['host'] : '';
+ $port = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : '';
+ $user = isset($parsed_url['user']) ? $parsed_url['user'] : '';
+ $pass = isset($parsed_url['pass']) ? ':' . $parsed_url['pass'] : '';
+ $pass = ($user || $pass) ? "$pass@" : '';
+ $path = isset($parsed_url['path']) ? $parsed_url['path'] : '';
+ $query = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : '';
+ $fragment = isset($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : '';
+ return $scheme.$user.$pass.$host.$port.$path.$query.$fragment;
+}
+$OrgBoardURL = $Settings['idburl'];
+$PreBestURL = parse_url($Settings['idburl']);
+$PreServURL = parse_url((isset($_SERVER['HTTPS']) ? "https" : "http") . "://".$_SERVER['HTTP_HOST'].substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1));
+if($PreBestURL['host']=="localhost.url"&&str_replace("/", "", $PreBestURL['path'])=="localpath") {
+ $PreBestURL['host'] = "localhost";
+ $PreBestURL['path'] = $PreServURL['path'];
+ $Settings['idburl'] = unparse_url($PreBestURL); }
+if($PreBestURL['host']=="localhost.url"&&str_replace("/", "", $PreBestURL['path'])!="localpath") {
+ $PreBestURL['host'] = $PreServURL['host'];
+ $Settings['idburl'] = unparse_url($PreBestURL); }
+if($PreBestURL['host']!="localhost.url"&&str_replace("/", "", $PreBestURL['path'])=="localpath") {
+ $PreBestURL['path'] = $PreServURL['path'];
+ $Settings['idburl'] = unparse_url($PreBestURL); }
+$OrgWebSiteURL = $Settings['weburl'];
+$PreWestURL = parse_url($Settings['weburl']);
+if($PreWestURL['host']=="localhost.url"&&str_replace("/", "", $PreWestURL['path'])=="localpath") {
+ $PreWestURL['host'] = $PreServURL['host'];
+ $PreWestURL['path'] = $PreServURL['path'];
+ $Settings['weburl'] = unparse_url($PreWestURL); }
+if($PreWestURL['host']=="localhost.url"&&str_replace("/", "", $PreWestURL['path'])!="localpath") {
+ $PreWestURL['host'] = $PreServURL['host'];
+ $Settings['weburl'] = unparse_url($PreWestURL); }
+if($PreWestURL['host']!="localhost.url"&&str_replace("/", "", $PreWestURL['path'])=="localpath") {
+ $PreWestURL['path'] = $PreServURL['path'];
+ $Settings['weburl'] = unparse_url($PreWestURL); }
if(!isset($Settings['fixbasedir'])) { $Settings['fixbasedir'] = null; }
if(!isset($Settings['fixpathinfo'])) { $Settings['fixpathinfo'] = null; }
if(!isset($Settings['fixcookiedir'])) { $Settings['fixcookiedir'] = null; }
$Settings['showverinfo'] = "on"; }
if(!isset($Settings['sqldb'])) {
header("Content-Type: text/plain; charset=UTF-8");
-header('Location: install.php'); }
+header('Location: install.php?act=Part1'); }
if(!isset($Settings['fixpathinfo'])) {
$Settings['fixpathinfo'] = "off"; }
if($Settings['fixpathinfo']=="off") {
@ini_set('default_charset', $Settings['charset']); }
//session_save_path($SettDir['inc']."temp/");
if(!isset($Settings['sqldb'])) {
-if(file_exists("install.php")) { header('Location: install.php'); die(); }
+if(file_exists("install.php")) { header('Location: install.php?act=Part1'); die(); }
if(!file_exists("install.php")) { header("Content-Type: text/plain; charset=UTF-8");
echo "403 Error: Sorry could not find install.php\nTry uploading files again and if that dose not work try download iDB again."; die(); } }
if(isset($Settings['sqldb'])) {
$Settings['use_hashtype'] = "sha1"; }
if(!function_exists('hash')||!function_exists('hash_algos')) {
if($Settings['use_hashtype']!="md5"&&
- $Settings['use_hashtype']!="sha1") {
+ $Settings['use_hashtype']!="sha1"&&
+ $Settings['use_hashtype']!="bcrypt") {
$Settings['use_hashtype'] = "sha1"; } }
-if(function_exists('hash')&&function_exists('hash_algos')) {
-if(!in_array($Settings['use_hashtype'],hash_algos())) {
+if((function_exists('hash')&&function_exists('hash_algos'))||function_exists('password_hash')) {
+if(!in_array($Settings['use_hashtype'],hash_algos())&&$Settings['use_hashtype']!="bcrypt") {
$Settings['use_hashtype'] = "sha1"; }
if($Settings['use_hashtype']!="md2"&&
$Settings['use_hashtype']!="md4"&&
$Settings['use_hashtype']!="sha256"&&
$Settings['use_hashtype']!="sha384"&&
$Settings['use_hashtype']!="sha512"&&
+ $Settings['use_hashtype']!="sha3-224"&&
+ $Settings['use_hashtype']!="sha3-256"&&
+ $Settings['use_hashtype']!="sha3-384"&&
+ $Settings['use_hashtype']!="sha3-512"&&
$Settings['use_hashtype']!="ripemd128"&&
$Settings['use_hashtype']!="ripemd160"&&
$Settings['use_hashtype']!="ripemd256"&&
$Settings['use_hashtype']!="ripemd320"&&
- $Settings['use_hashtype']!="salsa10"&&
- $Settings['use_hashtype']!="salsa20"&&
- $Settings['use_hashtype']!="snefru"&&
- $Settings['use_hashtype']!="snefru256"&&
- $Settings['use_hashtype']!="gost"&&
- $Settings['use_hashtype']!="joaat") {
+ $Settings['use_hashtype']!="bcrypt") {
$Settings['use_hashtype'] = "sha1"; } }
// Check to see if variables are set
require_once($SettDir['misc'].'setcheck.php');
if($_GET['act']=="MkCaptcha"||$_GET['act']=="Captcha") {
$Settings['use_gzip'] = 'off'; }
if($Settings['use_gzip']=="on") {
-if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "gzip")) {
- $GZipEncode['Type'] = "gzip"; } else {
- if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "deflate")) {
- $GZipEncode['Type'] = "deflate"; } else {
- $Settings['use_gzip'] = "off"; $GZipEncode['Type'] = "none"; } } }
+if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "br")&&function_exists('brotli_compress')) {
+ $GZipEncode['Type'] = "brotli"; } else {
+ if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "gzip")) {
+ $GZipEncode['Type'] = "gzip"; } else {
+ if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "deflate")) {
+ $GZipEncode['Type'] = "deflate"; } else {
+ $Settings['use_gzip'] = "off"; $GZipEncode['Type'] = "none"; } } } }
+if($Settings['use_gzip']=="brotli"&&function_exists('brotli_compress')) {
+if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "br")) { $Settings['use_brotli'] = "on";
+ $GZipEncode['Type'] = "brotli"; } else { $Settings['use_gzip'] = "off"; } }
+if($Settings['use_gzip']=="brotli"&&!function_exists('brotli_compress')) { $GZipEncode['Type'] = "gzip"; }
if($Settings['use_gzip']=="gzip") {
if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], "gzip")) { $Settings['use_gzip'] = "on";
$GZipEncode['Type'] = "gzip"; } else { $Settings['use_gzip'] = "off"; } }
if(isset($_COOKIE['SessPass'])&&isset($_COOKIE['MemberName'])) {
session_set_save_handler("sql_session_open", "sql_session_close", "sql_session_read", "sql_session_write", "sql_session_destroy", "sql_session_gc");
session_name($Settings['sqltable']."sess");
-session_start();
+if (version_compare(phpversion(), '7.0', '<')) { session_start(); } else {
+session_start([
+ 'use_trans_sid' => false,
+ 'use_cookies' => true,
+ 'use_only_cookies' => true,
+ 'gc_probability' => 1,
+ 'gc_divisor' => 100,
+ 'gc_maxlifetime' => 1440,
+ 'hash_function' => 1,
+ 'hash_bits_per_character' => 6,
+ 'name' => $Settings['sqltable']."sess",
+]); }
if(!isset($_SESSION['UserFormID'])) { $_SESSION['UserFormID'] = null; }
$iDBSessCloseDB = false;
$_SESSION['ShowActHidden'] = "no";
session_write_close(); } }
session_set_save_handler("sql_session_open", "sql_session_close", "sql_session_read", "sql_session_write", "sql_session_destroy", "sql_session_gc");
session_name($Settings['sqltable']."sess");
-session_start();
+if (version_compare(phpversion(), '7.0', '<')) { session_start(); } else {
+session_start([
+ 'use_trans_sid' => false,
+ 'use_cookies' => true,
+ 'use_only_cookies' => true,
+ 'gc_probability' => 1,
+ 'gc_divisor' => 100,
+ 'gc_maxlifetime' => 1440,
+ 'hash_function' => 1,
+ 'hash_bits_per_character' => 6,
+ 'name' => $Settings['sqltable']."sess",
+]); }
if(!isset($_SESSION['UserFormID'])) { $_SESSION['UserFormID'] = null; }
$iDBSessCloseDB = true;
output_reset_rewrite_vars();
"From: ".$isiteurl."\r\n".
"Via: ".$_SERVER['REMOTE_ADDR']."\r\n".
"Forwarded: ".$_SERVER['REMOTE_ADDR']."\r\n".
+ "X-Real-IP: ".$_SERVER['REMOTE_ADDR']."\r\n".
"X-Forwarded-For: ".$_SERVER['REMOTE_ADDR']."\r\n".
+ "X-Forwarded-Host: ".$URLsTest['host']."\r\n".
+ "X-Forwarded-Proto: ".$URLsTest['scheme']."\r\n".
+ "Board-Unique-ID: ".$Settings['BoardUUID']."\r\n".
"Client-IP: ".$_SERVER['REMOTE_ADDR']."\r\n"
)
);
if($_GET['act']=="MkCaptcha"||$_GET['act']=="Captcha") {
if($Settings['captcha_clean']=="on") { ob_clean(); }
require($SettDir['inc']."captcha.php");
- $aFonts = array('inc/fonts/VeraBd.ttf', 'inc/fonts/VeraBI.ttf', 'inc/fonts/VeraIt.ttf', 'inc/fonts/Vera.ttf');
+ $aFontDir = dirname(__FILE__)."/inc/fonts/";
+ $aFonts = array($aFontDir.'VeraBd.ttf', $aFontDir.'VeraBI.ttf', $aFontDir.'VeraIt.ttf', $aFontDir.'Vera.ttf');
$oPhpCaptcha = new PhpCaptcha($aFonts, 200, 60);
$RNumSize = rand(7,17); $i=0; $RandNum = null;
while ($i <= $RNumSize) {