summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
Diffstat (limited to 'includes')
-rw-r--r--includes/footer.php18
-rw-r--r--includes/funktion_activeUser.php34
-rw-r--r--includes/funktion_faq.php10
-rw-r--r--includes/funktion_flag.php9
-rw-r--r--includes/header_start.php40
-rw-r--r--includes/login_eingabefeld.php17
-rw-r--r--includes/pages/guest_faq.php9
-rw-r--r--includes/secure.php25
-rw-r--r--includes/sys_auth.php8
9 files changed, 17 insertions, 153 deletions
diff --git a/includes/footer.php b/includes/footer.php
deleted file mode 100644
index fdf00581..00000000
--- a/includes/footer.php
+++ /dev/null
@@ -1,18 +0,0 @@
-</article>
-</div>
-</div>
-
-<footer>
- <p>
- &copy; copyleft | <a href="mailto:erzengel@lists.ccc.de">Contact</a> | <a href="<?php echo $ENGEL_ROOT; ?>credits.php">Credits</a><br />
- This is hell. Temporarily.
- </p>
-</footer>
-
-<?php
-include ("funktion_counter.php");
-mysql_close($con);
-?>
-
-</body>
-</html>
diff --git a/includes/funktion_activeUser.php b/includes/funktion_activeUser.php
deleted file mode 100644
index 631ec2d1..00000000
--- a/includes/funktion_activeUser.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-
-// Funktionen gibt es nicht auf allen Rechnern
-echo "<h4>Engel online</h4>";
-
-$SQL = "SELECT UID, Nick, lastLogIn " .
-"FROM User " .
-"WHERE (`lastLogIn` > '" . (time() - 60 * 60) . "' AND NOT (UID=" . $_SESSION['UID'] . ")) " .
-"ORDER BY lastLogIn DESC;";
-
-$Erg = mysql_query($SQL, $con);
-
-echo "<ul class=\"content\">";
-
-for ($i = 0; $i < mysql_num_rows($Erg); $i++) {
- echo "<li>";
-
- if ($_SESSION['UID'] > 0)
- echo DisplayAvatar(mysql_result($Erg, $i, "UID"));
-
- // Show Admin Page
- echo funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=" . mysql_result($Erg, $i, "UID") . "&Type=Normal", mysql_result($Erg, $i, "Nick"));
-
- $timestamp = mktime($hour, $minute, $second, $month, $day, $year);
-
- $Tlog = time() - mysql_result($Erg, $i, "lastLogIn");
-
- echo " " . date("i:s", $Tlog);
- echo "</li>\n";
-}
-
-echo "</ul>";
-?>
diff --git a/includes/funktion_faq.php b/includes/funktion_faq.php
deleted file mode 100644
index e9f09e7c..00000000
--- a/includes/funktion_faq.php
+++ /dev/null
@@ -1,10 +0,0 @@
-<?php
- function noAnswer() {
- global $con;
-
- $SQL = "SELECT UID FROM Questions WHERE `AID`='0'";
- $Res = mysql_query($SQL, $con);
-
- return mysql_num_rows($Res);
- }
-?>
diff --git a/includes/funktion_flag.php b/includes/funktion_flag.php
deleted file mode 100644
index 6b4e2f06..00000000
--- a/includes/funktion_flag.php
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-if (strpos($_SERVER["REQUEST_URI"], "?") > 0)
- $URL = $_SERVER["REQUEST_URI"] . "&SetLanguage=";
-else
- $URL = $_SERVER["REQUEST_URI"] . "?SetLanguage=";
-
-echo '<p class="content"><a class="sprache" href="' . $URL . 'DE"><img src="' . $ENGEL_ROOT . 'pic/flag/de.png" alt="DE" title="Deutsch"></a>';
-echo '<a class="sprache" href="' . $URL . 'EN"><img src="' . $ENGEL_ROOT . 'pic/flag/en.png" alt="EN" title="English"></a></p>';
-?>
diff --git a/includes/header_start.php b/includes/header_start.php
deleted file mode 100644
index 4795cee3..00000000
--- a/includes/header_start.php
+++ /dev/null
@@ -1,40 +0,0 @@
-<?php
-ini_set("session.gc_maxlifetime", "65535");
-
-include "config/config.php";
-include "error_handler.php";
-include "config/config_db.php";
-include "funktion_lang.php";
-include "funktion_faq.php"; // fuer noAnswer() im menu
-include "funktion_menu.php";
-include "funktion_user.php";
-
-if (isset ($SystemDisableMessage) && (strlen($SystemDisableMessage) > 0)) {
- echo "<html><head><title>" . $SystemDisableMessage . "</title></head>";
- echo "<body>" . $SystemDisableMessage . "</body></html>\n";
- die();
-}
-
-if (!isset ($_SESSION))
- session_start();
-
-include "secure.php";
-
-if (!isset ($_SESSION['IP']))
- $_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
-
-if (isset ($_SESSION['UID']) && ($_SESSION['IP'] <> $_SERVER['REMOTE_ADDR'])) {
- session_destroy();
- header("Location: " . $url . $ENGEL_ROOT);
-}
-
-include "UserCVS.php";
-
-// update LASTlogin
-if (isset ($_SESSION['UID'])) {
- $SQLlastLogIn = "UPDATE `User` SET " .
- "`lastLogIn` = '" . time() . "'" .
- " WHERE `UID` = '" . $_SESSION['UID'] . "' LIMIT 1;";
- mysql_query($SQLlastLogIn, $con);
-}
-?>
diff --git a/includes/login_eingabefeld.php b/includes/login_eingabefeld.php
deleted file mode 100644
index 9e10271d..00000000
--- a/includes/login_eingabefeld.php
+++ /dev/null
@@ -1,17 +0,0 @@
-<?php
- include "config/config.php";
-?>
-
-<form action="<?php echo $url . $ENGEL_ROOT; ?>nonpublic/index.php" method="post">
-<table>
- <tr>
- <td align="right"><?php echo Get_Text("index_lang_nick"); ?></td>
- <td><input type="text" name="user" size="23" /></td>
- </tr>
- <tr>
- <td align="right"><?php echo Get_Text("index_lang_pass"); ?></td>
- <td><input type="password" name="password" size="23"></td>
- </tr>
- </table>
- <br /><input type="submit" value="<?php echo Get_Text("index_lang_send"); ?>">
-</form>
diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php
index 6b5eeeeb..48e75d16 100644
--- a/includes/pages/guest_faq.php
+++ b/includes/pages/guest_faq.php
@@ -18,4 +18,13 @@ function guest_faq() {
}
return $html;
}
+
+function noAnswer() {
+ global $con;
+
+ $SQL = "SELECT UID FROM Questions WHERE `AID`='0'";
+ $Res = mysql_query($SQL, $con);
+
+ return mysql_num_rows($Res);
+}
?>
diff --git a/includes/secure.php b/includes/secure.php
deleted file mode 100644
index 1d1a9e46..00000000
--- a/includes/secure.php
+++ /dev/null
@@ -1,25 +0,0 @@
-<?php
- if($debug)
- echo "secure.php START<br />\n";
-
- foreach ($_GET as $k => $v) {
- $v = htmlentities($v, ENT_QUOTES);
- preg_replace('/([\'"`\'])/', '', $v);
- $_GET[$k] = $v;
-
- if($debug)
- echo "GET $k=\"$v\"<br />";
- }
-
- foreach ($_POST as $k => $v) {
- $v = htmlentities($v, ENT_QUOTES);
- preg_replace('/([\'"`\'])/', '', $v);
- $_POST[$k] = $v;
-
- if($debug)
- echo "POST $k=\"$v\"<br />";
- }
-
- if($debug)
- echo "secure.php END<br />\n";
-?>
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
index 1c15122e..68e336b0 100644
--- a/includes/sys_auth.php
+++ b/includes/sys_auth.php
@@ -5,6 +5,14 @@
function load_auth() {
global $user;
+ if (!isset ($_SESSION['IP']))
+ $_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
+
+ if ($_SESSION['IP'] != $_SERVER['REMOTE_ADDR']) {
+ session_destroy();
+ header("Location: " . link_to_page($start));
+ }
+
$user = null;
if (isset ($_SESSION['uid'])) {
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");