При попытке зайти в админку wbb2 (/wbb2/acp/index.php) выскакивает дополнительная защита (как-будто присутствует файл .htpasswd). Причем, проверено, данного файла нет. Вопрос: где находится хэш/пароль/сслыка на него для входа в админку? Заранее спасибо.
Смотри в сорце index.php с чем сравниваются переменные $_SERVER['PHP_AUTH_USER'] и $_SERVER['PHP_AUTH_PW']
Вроде не видно, вот код /acp/index.php PHP: <?php // ************************************************************************************// // * WoltLab Burning Board 2 // ************************************************************************************// // * Copyright (c) 2001-2004 WoltLab GmbH // * Web http://www.woltlab.de/ // * License http://www.woltlab.de/products/burning_board/license_en.php // * http://www.woltlab.de/products/burning_board/license.php // ************************************************************************************// // * WoltLab Burning Board 2 is NOT free software. // * You may not redistribute this package or any of it's files. // ************************************************************************************// // * $Date: 2004-10-20 13:24:57 +0200 (Wed, 20 Oct 2004) $ // * $Author: Burntime $ // * $Rev: 1453 $ // ************************************************************************************// define('WBB_ACP_LOGIN', true); require('./global.php'); if (isset($_REQUEST['url'])) $url = htmlconverter($_REQUEST['url']); else $url = ''; if (!$wbbuserdata['a_can_use_acp']) { if (isset($_COOKIE[$cookieprefix.'userid'])) { list($l_username) = $db->query_first("SELECT username FROM bb".$n."_users WHERE userid='".intval($_COOKIE[$cookieprefix.'userid'])."'"); $l_username = htmlconverter($l_username); } else $l_username = ''; if ($allowloginencryption == 1) { $authentificationcode = makeAuthentificationcode(0); $adminsession = new adminsession(); $adminsession->create($result['userid'], $REMOTE_ADDR, $HTTP_USER_AGENT, $authentificationcode); $session['hash'] = $adminsession->hash; } eval("\$tpl->output(\"".$tpl->get("login", 1)."\",1);"); exit(); } eval("\$tpl->output(\"".$tpl->get("frameset", 1)."\",1);"); ?> вот родной /index.php PHP: <?php require('./global.php'); require('./acp/lib/class_templateparser.php'); $tplparser = new TemplateParser(); $filename = "$id"; if (isset($_REQUEST['site'])) $site = explode(".",$_REQUEST['site']); else header("Location: forum.php"); $sia = intval($site['0']); $sib = intval($site['1']); if($sib==0) {$swh = "id=$sia";} else {$swh = "parentid=$sia AND linkorder=$sib";} $result = $db->query_first("SELECT * FROM bb".$n."_menulink WHERE $swh"); $id = $result['id']; $name = htmlconverter($result['name']); $code2 = $result['content']; if($code2=="") $code2 = "Kein Inhalt hinterlegt"; $sparentid = $result['parentid']; $cont = $tplparser->parse(dos2unix($code2)); eval ("\$content = \"".$cont."\";"); eval("\$tpl->output(\"".$tpl->get("cms")."\");"); ?> это таблицы с базы, прописанной в /acp/lib/config.inc.php Code: bb1_access bb1_acpmenuitemgroups bb1_acpmenuitemgroupscount bb1_acpmenuitems bb1_acpmenuitemscount bb1_adminsessions bb1_announcements bb1_applications bb1_attachments bb1_avatars bb1_banner bb1_bbcodes bb1_bc_bann bb1_bc_config bb1_bc_gag bb1_bc_gag_raum bb1_bc_raum bb1_bc_raum_ban bb1_bc_text bb1_bc_useronline bb1_boards bb1_boardvisit bb1_counter bb1_designelements bb1_designpacks bb1_events bb1_folders bb1_groupcombinations bb1_groupleaders bb1_groups bb1_groupvalues bb1_groupvariablegroups bb1_groupvariables bb1_hits bb1_icons bb1_jgs_betriebssystem bb1_jgs_bildschirm bb1_jgs_browser bb1_jgs_hits bb1_jgs_land bb1_jgs_portal_itratos bb1_jgs_portal_rdf bb1_jgs_ref bb1_jgs_sprache bb1_languagecats bb1_languagepacks bb1_languages bb1_mailqueue bb1_mails bb1_menulink bb1_moderators bb1_optiongroups bb1_options bb1_permissions bb1_polloptions bb1_polls bb1_postcache bb1_posts bb1_privatemessage bb1_privatemessagereceipts bb1_profilefields bb1_ranks bb1_register_keys bb1_searchs bb1_sessions bb1_smilies bb1_sponsoren bb1_sponsoren_links_k bb1_sponsoren_links_l bb1_sponsoren_offuser bb1_sponsoren_seiten bb1_sponsoren_seitezubox bb1_sponsoren_sessions_clicks bb1_sponsoren_sessions_views bb1_sponsoren_statistik bb1_stats bb1_styles bb1_subscribeboards bb1_subscribethreads bb1_templatepacks bb1_templates bb1_threads bb1_threadvisit bb1_user2groups bb1_userfields bb1_users bb1_votes bb1_wordlist bb1_wordmatch Наличие других баз маловероятно, т.к. смотрелись форумы с разных хостеров, причем с просмотром всех баз на хостинге. Помогите чайнику плиз. P.S. Христос Воскрес!
Если пригодится, то вот globals.php Code: // ************************************************************************************// // * WoltLab Burning Board 2 // ************************************************************************************// // * Copyright (c) 2001-2004 WoltLab GmbH // * Web http://www.woltlab.de/ // * License http://www.woltlab.de/products/burning_board/license_en.php // * http://www.woltlab.de/products/burning_board/license.php // ************************************************************************************// // * WoltLab Burning Board 2 is NOT free software. // * You may not redistribute this package or any of it's files. // ************************************************************************************// // * $Date: 2005-11-22 17:42:28 +0100 (Tue, 22 Nov 2005) $ // * $Author: Burntime $ // * $Rev: 1657 $ // ************************************************************************************// @error_reporting(7); $phpversion = phpversion(); require('./secure.php'); /** get function libary **/ require('./acp/lib/functions.php'); if (version_compare($phpversion, '4.1.0') == -1) { $_REQUEST = array_merge($HTTP_COOKIE_VARS, $HTTP_POST_VARS, $HTTP_GET_VARS); $_COOKIE =& $HTTP_COOKIE_VARS; $_SERVER =& $HTTP_SERVER_VARS; $_FILES =& $HTTP_POST_FILES; $_GET =& $HTTP_GET_VARS; $_POST =& $HTTP_POST_VARS; } // remove slashes in get post cookie data... if (get_magic_quotes_gpc()) { if (count($_REQUEST)) $_REQUEST = stripslashes_array($_REQUEST); if (count($_POST)) $_POST = stripslashes_array($_POST); if (count($_GET)) $_GET = stripslashes_array($_GET); if (count($_COOKIE)) $_COOKIE = stripslashes_array($_COOKIE); if (count($_SERVER)) $_SERVER = stripslashes_array($_SERVER); } @set_magic_quotes_runtime(0); @ini_set('magic_quotes_sybase', '0'); /** connect db **/ require('./acp/lib/config.inc.php'); require('./acp/lib/class_db_mysql.php'); $db = &new db($sqlhost, $sqluser, $sqlpassword, $sqldb, $phpversion); ################# Hits loggen Start ################################# $view_log_time_s=date("H"); $view_log_date=date("j-m-Y"); $view_log_date_wt=date("w"); // checken ob Tag schon da $row1=$db->query_first("SELECT * FROM bb".$n."_hits WHERE date='".$view_log_date."'"); if($row1['date']>"0"){ $db->query("UPDATE bb".$n."_hits SET s".$view_log_time_s."=s".$view_log_time_s."+1 WHERE date='".$view_log_date."'"); }else{ // neueintrag der Url $db->query("INSERT INTO bb".$n."_hits (date, s".$view_log_time_s.",wt) VALUES ('".$view_log_date."', '1','".$view_log_date_wt."')"); } ################## Hits loggen Ende ################################ /** get configuration **/ require('./acp/lib/options.inc.php'); /** load smtp_socket function **/ require('./acp/lib/class_smtp.php'); /** request ids **/ if (isset($_REQUEST['postid'])) $postid = $_REQUEST['postid']; if (isset($_REQUEST['threadid'])) $threadid = $_REQUEST['threadid']; if (isset($_REQUEST['pollid'])) $pollid = $_REQUEST['pollid']; if (isset($_REQUEST['attachmentid'])) $attachmentid = $_REQUEST['attachmentid']; if (isset($_REQUEST['boardid'])) $boardid = $_REQUEST['boardid']; /** verify ids **/ if (isset($postid)) { $postid = intval($postid); $post = $db->query_first("SELECT * FROM bb".$n."_posts WHERE postid = '$postid'"); if (!$post['postid']) unset($postid); else $threadid = $post['threadid']; } /** start session **/ require('./acp/lib/session.php'); /** verify ids **/ if (isset($threadid)) { $threadid = intval($threadid); $select = ''; $join = ''; if ($filename == "thread.php") { $select .= ", v.id AS isvoted"; $join .= " LEFT JOIN bb".$n."_votes v ON (v.id=t.threadid AND v.votemode=2 AND ".(($wbbuserdata['userid']) ? ("v.userid='".$wbbuserdata['userid']."'") : ("v.ipaddress='".addslashes($REMOTE_ADDR)."'")).")"; if ($wbbuserdata['userid']) { $select .= ", tv.lastvisit, s.emailnotify, s.countemails"; $join .= " LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."') LEFT JOIN bb".$n."_subscribethreads s ON (s.userid='".$wbbuserdata['userid']."' AND s.threadid=t.threadid)"; } } $thread = $db->query_first("SELECT t.*".$select." FROM bb".$n."_threads t".$join." WHERE t.threadid = '$threadid'"); $select = ''; $join = ''; if (!$thread['threadid']) unset($threadid); else $boardid = $thread['boardid']; } if (isset($pollid)) { $pollid = intval($pollid); $poll = $db->query_first("SELECT bb".$n."_threads.*, bb".$n."_polls.* FROM bb".$n."_polls LEFT JOIN bb".$n."_threads USING (threadid) WHERE bb".$n."_polls.pollid = '$pollid'"); if (!$poll['pollid']) unset($pollid); else { if ($poll['boardid']) { $boardid = $poll['boardid']; unset($threadid); unset($thread); } } } if (isset($attachmentid)) { $attachmentid = intval($attachmentid); $attachment = $db->query_first("SELECT at.*, ". "t.boardid, p.threadid, p.visible, p.userid, ". "pm.privatemessageid, pm.inoutbox, pm.senderid, pmr.recipientid, pmr.deletepm ". "FROM bb".$n."_attachments at ". "LEFT JOIN bb".$n."_posts p ON (p.postid=at.postid) ". "LEFT JOIN bb".$n."_threads t ON (t.threadid=p.threadid) ". "LEFT JOIN bb".$n."_privatemessage pm ON (pm.privatemessageid=at.privatemessageid) ". "LEFT JOIN bb".$n."_privatemessagereceipts pmr ON (pmr.privatemessageid=pm.privatemessageid AND pmr.recipientid='$wbbuserdata[userid]') ". "WHERE at.attachmentid = '$attachmentid'"); if (!$attachment['attachmentid']) { unset($attachmentid); unset($attachment); } if ($attachment['postid'] && !$attachment['privatemessageid']) { // post attachment if ($attachment['boardid']) { $boardid = $attachment['boardid']; $threadid = $attachment['threadid']; unset($thread); } } elseif (!$attachment['postid'] && $attachment['privatemessageid']) { // private message attachment unset($boardid); unset($threadid); unset($thread); } } if (isset($boardid)) { $boardid = intval($boardid); $board = getBoardAccessData($boardid); if (!$board['boardid']) unset($boardid); } /** update session **/ $db->unbuffered_query("UPDATE bb".$n."_sessions SET lastactivity = '".$session['lastactivity']."', request_uri = '".addslashes($REQUEST_URI)."', boardid='" . ((isset($boardid)) ? ($boardid) : (0)) . "', threadid='".((isset($threadid)) ? ($threadid) : (0))."'" . ((isset($styleid)) ? (", styleid = '$styleid'") : ("")).((isset($langid)) ? (", langid='$langid'") : ("")).((isset($authentificationcode)) ? (", authentificationcode='".addslashes($authentificationcode)."'") : (""))." WHERE sessionhash = '$sid'", 1); /** get style **/ // JGS-Portal Start if($filename=="jgs_portal.php"){require("./jgs_portal_global.php");} // JGS-Portal Ende $style = array(); if (isset($board) && ($board['enforcestyle'] == 1 || ($board['styleid'] != 0 && $wbbuserdata['styleid'] == 0))) { $style = $db->query_first("SELECT s.styleid, s.templatepackid, s.designpackid, tp.templatestructure FROM bb".$n."_styles s LEFT JOIN bb".$n."_templatepacks tp ON(tp.templatepackid=s.templatepackid) WHERE s.styleid = '".$board['styleid']."'"); $wbbuserdata['designpackid'] = $style['designpackid']; $wbbuserdata['templatepackid'] = $style['templatepackid']; $wbbuserdata['styleid'] = $style['styleid']; $wbbuserdata['templatestructure'] = $style['templatestructure']; } $result = $db->unbuffered_query("SELECT * FROM bb".$n."_designelements WHERE designpackid = '$wbbuserdata[designpackid]'"); while ($row = $db->fetch_array($result)) $style[$row['element']] = $row['value']; /** template class **/ require('./acp/lib/class_headers.php'); require('./acp/lib/class_tpl_file.php'); $tpl = &new tpl(intval($wbbuserdata['templatepackid'])); /** language packs **/ require('./acp/lib/class_language.php'); $lang = &new language($wbbuserdata['languagepackid']); $lang->load('GLOBAL,OWN'); // global, own langcat define('ENCODING', $lang->get('LANG_GLOBAL_ENCODING')); $supportedCharsets = array('UCS-4', 'UCS-4BE', 'UCS-4LE', 'UCS-2', 'UCS-2BE', 'UCS-2LE', 'UTF-32', 'UTF-32BE', 'UTF-32LE', 'UCS-2LE', 'UTF-16', 'UTF-16BE', 'UTF-16LE', 'UTF-8', 'UTF-7', 'ASCII', 'EUC-JP', 'SJIS', 'EUCJP-WIN', 'SJIS-WIN', 'ISO-2022-JP', 'JIS', 'ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'BYTE2BE', 'BYTE2LE', 'BYTE4BE', 'BYTE4LE', 'BASE64', '7bit', '8bit', 'UTF7-IMAP'); if (in_array(wbb_strtoupper(ENCODING), $supportedCharsets) && extension_loaded('mbstring') && version_compare($phpversion, '4.3.0') >= 0) { define('USE_MBSTRING', true); } else { define('USE_MBSTRING', false); } /** imagefolder prefix **/ $style['imagefolder'] = $lang->get("LANG_GLOBAL_IMAGEFOLDER_PREFIX").$style['imagefolder']; /** OWN langvars **/ $o_master_board_name = $master_board_name; $master_board_name = getlangvar($master_board_name, $lang); /** templates & style **/ $phpinclude = wbb_trim($tpl->get("phpinclude")); if ($phpinclude != '') { $phpinclude = str_replace('\\"', '"', $phpinclude); $phpinclude = str_replace('\\\\', '\\', $phpinclude); eval($phpinclude); } $wtag = date("w",time()); switch ($wtag) { case 0: $wtag = 'Sonntag'; break; case 1: $wtag = 'Montag'; break; case 2: $wtag = 'Dienstag'; break; case 3: $wtag = 'Mittwoch'; break; case 4: $wtag = 'Donnerstag'; break; case 5: $wtag = 'Freitag'; break; case 6: $wtag = 'Samstag'; break; } $tag = date("d.m.Y",time()); $datum = $wtag.", ".$tag; /** menu **/ if (isset($_REQUEST['site'])) $site = explode(".",$_REQUEST['site']); else $site = explode(".","1.0"); $sia = $site['0']; $sib = $site['1']; eval("\$cms_head = \"".$tpl->get("cms_head")."\";"); $result = $db->query("SELECT * FROM bb".$n."_menulink WHERE id <> '$id' AND parentid=0 ORDER by linkorder ASC"); while($menu = $db->fetch_array($result)){ $id = $menu['id']; $name = $menu['name']; $link = $menu['link']; $parentid = $menu['parentid']; $orderid = $menu['linkorder']; $id2 = $menu['id']; eval("\$menubit .= \"".$tpl->get("menubit")."\";"); if($sia == $id){ $result2 = $db->query("SELECT * FROM bb".$n."_menulink WHERE parentid='$id' ORDER by linkorder ASC"); while($parent = $db->fetch_array($result2)){ $id = $parent['id']; $name = $parent['name']; $link = $parent['link']; $parentid = $parent['parentid']; $pid = $parent['parentid']; $orderid = $parent['linkorder']; eval("\$menubit .= \"".$tpl->get("menubit")."\";"); } } } /** Banner **/ $result = $db->query("SELECT id, name, link, ext FROM bb".$n."_banner ORDER by linkorder ASC"); while($row = $db->fetch_array($result)){ $id = $row['id']; $bname = $row['name']; $link = $row['link']; $ext = $row['ext']; eval("\$banner .= \"".$tpl->get("banner")."\";"); } /** default templates **/ $header_pms = ''; $header_acp = ''; eval("\$css = \"".$tpl->get("css")."\";"); $lang->items['LANG_GLOBAL_COPYRIGHT'] = $lang->get("LANG_GLOBAL_COPYRIGHT", array('$boardversion' => $boardversion)); ############## Hit Ausgabe ########################### $time_hits_heute = date("j-m-Y"); $oldjahr = "2005"; $newjahr = "2008"; $athh = $db->query_first("SELECT * FROM bb".$n."_hits WHERE date = '".$time_hits_heute."' "); $auslesen_time_hits_heute_ausgabe=$athh['s00'] + $athh['s01'] + $athh['s02'] + $athh['s03'] + $athh['s04'] + $athh['s05'] + $athh['s06'] + $athh['s07'] + $athh['s08'] + $athh['s09'] + $athh['s10'] + $athh['s11'] + $athh['s12'] + $athh['s13'] + $athh['s14'] + $athh['s15'] + $athh['s16'] + $athh['s17'] + $athh['s18'] + $athh['s19'] + $athh['s20'] + $athh['s21'] + $athh['s22'] + $athh['s23']; $hits_heute = number_format($auslesen_time_hits_heute_ausgabe, 0,".","."); $time_gestern = time()-86400; $time_hits_gestern = date("j-m-Y",$time_gestern); $athg = $db->query_first("SELECT * FROM bb".$n."_hits WHERE date = '".$time_hits_gestern."' "); $auslesen_time_hits_gestern_ausgabe=$athg['s00'] + $athg['s01'] + $athg['s02'] + $athg['s03'] + $athg['s04'] + $athg['s05'] + $athg['s06'] + $athg['s07'] + $athg['s08'] + $athg['s09'] + $athg['s10'] + $athg['s11'] + $athg['s12'] + $athg['s13'] + $athg['s14'] + $athg['s15'] + $athg['s16'] + $athg['s17'] + $athg['s18'] + $athg['s19'] + $athg['s20'] + $athg['s21'] + $athg['s22'] + $athg['s23']; $hits_gestern = number_format($auslesen_time_hits_gestern_ausgabe, 0,".","."); #$atha = $db->query_first("SELECT sum(s00) AS s00, sum(s01) AS s01,sum(s02) AS s02,sum(s03) AS s03,sum(s04) AS s04,sum(s05) AS s05,sum(s06) AS s06,sum(s07) AS s07,sum(s08) AS s08,sum(s09) AS s09,sum(s10) AS s10,sum(s11) AS s11,sum(s12) AS s12,sum(s13) AS s13,sum(s14) AS s14,sum(s15) AS s15,sum(s16) AS s16,sum(s17) AS s17,sum(s18) AS s18,sum(s19) AS s19,sum(s20) AS s20,sum(s21) AS s21,sum(s22) AS s22,sum(s23) AS s23 FROM bb".$n."_hits WHERE SUBSTRING(date,6,4)='$oldjahr' OR SUBSTRING(date,7,4)='$oldjahr'"); #$auslesen_time_hits_alle_ausgabe=$atha['s00'] + $atha['s01'] + $atha['s02'] + $atha['s03'] + $atha['s04'] + $atha['s05'] + $atha['s06'] + $atha['s07'] + $atha['s08'] + $atha['s09'] + $atha['s10'] + $atha['s11'] + $atha['s12'] + $atha['s13'] + $atha['s14'] + $atha['s15'] + $atha['s16'] + $atha['s17'] + $atha['s18'] + $atha['s19'] + $atha['s20'] + $atha['s21'] + $atha['s22'] + $atha['s23']; #$auslesen_time_hits_alle_ausgabe = $auslesen_time_hits_alle_ausgabe + 79163; #$hits_alle = number_format($auslesen_time_hits_alle_ausgabe, 0,".","."); $jahrneu = $db->query_first("SELECT sum(s00) AS s00, sum(s01) AS s01,sum(s02) AS s02,sum(s03) AS s03,sum(s04) AS s04,sum(s05) AS s05,sum(s06) AS s06,sum(s07) AS s07,sum(s08) AS s08,sum(s09) AS s09,sum(s10) AS s10,sum(s11) AS s11,sum(s12) AS s12,sum(s13) AS s13,sum(s14) AS s14,sum(s15) AS s15,sum(s16) AS s16,sum(s17) AS s17,sum(s18) AS s18,sum(s19) AS s19,sum(s20) AS s20,sum(s21) AS s21,sum(s22) AS s22,sum(s23) AS s23 FROM bb".$n."_hits WHERE SUBSTRING(date,6,4)='$newjahr' OR SUBSTRING(date,7,4)='$newjahr'"); $jahr_all=$jahrneu['s00'] + $jahrneu['s01'] + $jahrneu['s02'] + $jahrneu['s03'] + $jahrneu['s04'] + $jahrneu['s05'] + $jahrneu['s06'] + $jahrneu['s07'] + $jahrneu['s08'] + $jahrneu['s09'] + $jahrneu['s10'] + $jahrneu['s11'] + $jahrneu['s12'] + $jahrneu['s13'] + $jahrneu['s14'] + $jahrneu['s15'] + $jahrneu['s16'] + $jahrneu['s17'] + $jahrneu['s18'] + $jahrneu['s19'] + $jahrneu['s20'] + $jahrneu['s21'] + $jahrneu['s22'] + $jahrneu['s23']; $jahr_neu = number_format($jahr_all, 0, '.', '.'); ############## Hit Ausgabe Ende ########################### /** default templates **/ $header_pms = ''; $header_acp = ''; eval("\$css = \"".$tpl->get("css")."\";"); // JGS-Portal Start require("./jgs_portal_global_sponsor.php"); // JGS-Portal Ende eval("\$headinclude = \"".$tpl->get("headinclude")."\";"); $lang->items['LANG_GLOBAL_COPYRIGHT'] = $lang->get("LANG_GLOBAL_COPYRIGHT", array('$boardversion' => $boardversion)); eval("\$footer = \"".$tpl->get("footer")."\";"); if ($wbbuserdata['userid']) $usercbar_username = htmlconverter($wbbuserdata['username']); else $usercbar_username = ''; eval("\$usercbar = \"".$tpl->get("usercbar")."\";"); eval("\$menu2 = \"".$tpl->get("menu2")."\";"); eval("\$header = \"".$tpl->get("header")."\";"); // JGS-Portal Start require("./jgs_portal_log.php"); require("./jgs_portal_boardinclude.php"); // JGS-Portal Ende if ($wbbuserdata['can_view_board'] == 0 && $filename != "login.php" && $filename != "logout.php" && $filename != "register.php" && $filename != "forgotpw.php") access_error(); verify_ip($REMOTE_ADDR); if ($offline == 1 && $wbbuserdata['can_view_off_board'] == 0 && $filename != "login.php" && $filename != "logout.php" && $filename != "forgotpw.php" && $filename != "register.php") { $offlinemessage = nl2br(htmlconverter($offlinemessage)); eval("\$tpl->output(\"".$tpl->get("offline")."\");"); exit(); } if ($wbbuserdata['pmpopup'] == 2) { if ($filename != "pms.php" && (!isset($_POST) || count($_POST) == 0) && $filename != "attachment.php" && $filename != "attachmentedit.php" && $filename != "logout.php" && $filename != "markread.php" && $filename != "misc.php" && $filename != "modcp.php" && $filename != "polledit.php" && $filename != "register.php" && $filename != "search.php" && ($filename != "thread.php" || !isset($_REQUEST['goto'])) && $filename != "threadrating.php" && $filename != "usercp.php") { eval("\$headinclude .= \"".$tpl->get("pmpopup_open")."\";"); } } if (isset($boardid)) { /** OWN langvars **/ $board['o_title'] = $board['title']; $board['title'] = getlangvar($board['title'], $lang); if (!checkpermissions("can_enter_board")) access_error(); if ($board['password']) { $lang->load('BOARD'); if (isset($_COOKIE[$cookieprefix.'boardpasswords'])) $boardpasswords = decode_cookie($_COOKIE[$cookieprefix.'boardpasswords']); else $boardpasswords = array(); if (isset($_POST['boardpassword'])) { if ($_POST['boardpassword'] == $board['password']) { $boardpasswords[$boardid] = md5($board['password']); if ($wbbuserdata['usecookies'] == 1) encode_cookie('boardpasswords', time() + 3600 * 24 * 365, false); else encode_cookie('boardpasswords', 0, false); redirect($lang->items['LANG_BOARD_PASSWORD_REDIRECT'], "board.php?boardid=$boardid".$SID_ARG_2ND); } else { eval("error(\"".$lang->get("LANG_BOARD_ERROR_FALSEPASSWORD")."\");"); } } elseif (!isset($boardpasswords[$boardid]) || $boardpasswords[$boardid] != md5($board['password'])) { eval("\$tpl->output(\"".$tpl->get("board_password")."\");"); exit(); } } } if (isset($threadid) && isset($thread['visible']) && $thread['visible'] == 0 && !checkmodpermissions()) { error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); } if (isset($postid) && isset($post['visible']) && $post['visible'] == 0 && !checkmodpermissions()) { error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); } if (isset($_POST['change_editor']) && $_POST['change_editor']) { $wbbuserdata['usewysiwyg'] = $_POST['change_editor']; } else if (isset($_POST['usewysiwyg']) && $_POST['usewysiwyg']) { $wbbuserdata['usewysiwyg'] = $_POST['usewysiwyg']; } ?>