root/trunk/redirectors/showip.php

<?php

/**
 * Package: Spam Board 5
 * File: redirectors/showip.php
 * Description: Show the IP of a user (can be called from every single post)
 *
 * Copyright (C) 2007, 2009 Hannes Schueller
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, version 3 of the
 * License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program (see LICENCE). If not,
 * see <http://www.gnu.org/licenses/>.
 **/

// called independently from index
require_once('../includes/config/settings.php');

// load classes on demand
function __autoload($class) {
    global $SETTINGS;
    if (is_file($SETTINGS['fspath'] . 'classes/pages/' . $class . '.php')) {
        require_once($SETTINGS['fspath'] . 'classes/pages/' . $class . '.php');
    } elseif (is_file($SETTINGS['fspath'] . 'classes/misc/' . $class . '.php')) {
        require_once($SETTINGS['fspath'] . 'classes/misc/' . $class . '.php');
    } else { die('Class ' . $class . ' not found.'); }
}

// initialize global warnings array
$WARNINGS = Array();

// import version number
require_once($SETTINGS['fspath'] . 'includes/config/version.php');
// bots definition
require_once($SETTINGS['fspath'] . 'includes/config/bots.php');
// formatting object
$F = new Format();
require($SETTINGS['fspath'] . 'includes/lang/' . $SETTINGS['language'] . '.php');
// open database connection
$C = new Connection();
Member::session();
if (isset($_SESSION['lang']) && $_SESSION['lang'] != '') {
    include($SETTINGS['fspath'] . 'includes/lang/' . $_SESSION['lang'] . '.php');
}
// translate passed variables to local identifiers
require($SETTINGS['fspath'] . 'includes/input.php');

// page start
$_pref = '../';
$html = Page::start();

// check if user has permission; required: read; dependent on id
if (Member::checkRights('Showip', 'r', $INPUT['id'])) {
    // permission granted
    // get IP form database
    $q = $C->prepare('SELECT ip FROM '.$SETTINGS['dbtableprefix'].'posts WHERE postid=:id');
    $q->bindParam(':id', $INPUT['id'], PDO::PARAM_INT, 12);
    $q->execute();
    $_ip = $q->fetchColumn();
    $q = NULL;
    // output
    $html->body->addChild('h2', $LANG['IP']);
    $div = $html->body->addChild('div', $_ip);
    $div->addAttribute('class', 'message');
    $div = $html->body->addChild('div');
    $div->addAttribute('align', 'center');
    $a = $div->addChild('a', $LANG['Close_Window']);
    $a->addAttribute('href', 'javascript:self.close()');
} else {
    $div = $html->body->addChild('div', $LANG['error_permission_denied']);
    $div->addAttribute('class', 'message');
}

/* figure out which MIME type to send the document with (depending on browser capabilities)
 * set text/html as default (for deprecated legacy browsers) */
$mime = 'text/html';
if(stristr($_SERVER['HTTP_ACCEPT'], 'application/xhtml+xml')) {
    if(preg_match('/application\/xhtml\+xml;q=([01]|0\.\d{1,3}|1\.0)/i', $_SERVER['HTTP_ACCEPT'], $matches)) {
        // priority of XHTML
        $xhtml_q = $matches[1];
        if(preg_match('/text\/html;q=q=([01]|0\.\d{1,3}|1\.0)/i', $_SERVER['HTTP_ACCEPT'], $matches)) {
            // priority of HTML
            $html_q = $matches[1];
            if((float)$xhtml_q >= (float)$html_q) {
                // browser prefers XHTML over HTML, so send the document as such; this guarantees faster and more reliable rendering
                $mime = 'application/xhtml+xml';
            }
        }
    } else {
        // browser accepts XHTML, but script can't figure out which one it prefers; send as XHTML
        $mime = 'application/xhtml+xml';
    }
}

// page output
Page::send($html);

?>