1#!/usr/local/bin/perl --
2# $Id: YaBB Main$
3# $HeadURL: YaBB $
4# $Revision: 1611 $
5# $Source: /YaBB.pl $
6###############################################################################
7# YaBB.pl                                                                     #
8# $Date: 12.02.14 $                                                           #
9###############################################################################
10# YaBB: Yet another Bulletin Board                                            #
11# Open-Source Community Software for Webmasters                               #
12# Version:        YaBB 2.6.11                                                 #
13# Packaged:       December 2, 2014                                            #
14# Distributed by: http://www.yabbforum.com                                    #
15# =========================================================================== #
16# Copyright (c) 2000-2014 YaBB (www.yabbforum.com) - All Rights Reserved.     #
17# Software by:  The YaBB Development Team                                     #
18#               with assistance from the YaBB community.                      #
19###############################################################################
20#use strict;
21no warnings qw(uninitialized once redefine);
22use CGI::Carp qw(fatalsToBrowser);
23use English qw(-no_match_vars);
24our $VERSION = '2.6.11';
25
26### Version Info ###
27$YaBBversion = 'YaBB 2.6.11';
28$yabbplver   = 'YaBB 2.6.11 $Revision: 1611 $';
29
30if ( $action eq 'detailedversion' ) { return 1; }
31
32BEGIN {
33
34    # Make sure the module path is present
35    push @INC, './Modules';
36
37    if ( $ENV{'SERVER_SOFTWARE'} =~ /IIS/sm ) {
38        $yyIIS = 1;
39        if ( $PROGRAM_NAME =~ m{(.*)(\\|/)}xsm ) {
40            $yypath = $1;
41        }
42        $yypath =~ s/\\/\//gxsm;
43        chdir $yypath;
44        push @INC, $yypath;
45    }
46
47    $yyexec      = 'YaBB';
48    $script_root = $ENV{'SCRIPT_FILENAME'};
49    if ( !$script_root ) {
50        $script_root = $ENV{'PATH_TRANSLATED'};
51    }
52    $script_root =~ s/\/$yyexec\.(pl|cgi)//igxsm;
53
54    require Paths;
55    require Variables::Settings;
56
57    # Check for Time::HiRes if debugmodus is on
58    if ($debug) {
59        eval { require Time::HiRes; import Time::HiRes qw(time); };
60    }
61    $START_TIME = time;
62
63    require './Sources/Subs.pm';
64    require Sources::System;
65    require Sources::DateTime;
66    require Sources::Load;
67
68    require Sources::Guardian;
69    get_forum_master();
70}    # END of BEGIN block
71
72# If enabled: check if hard drive has enough space to safely operate the board
73if ($checkspace) {
74    require Sources::Freespace;
75    $hostchecked = freespace();
76}
77
78# Auto Maintenance Hook
79if ( !$maintenance && -e "$vardir/maintenance.lock" ) { $maintenance = 2; }
80
81LoadCookie();          # Load the user's cookie (or set to guest)
82LoadUserSettings();    # Load user settings
83WhatTemplate();        # Figure out which template to be using.
84WhatLanguage();        # Figure out which language file we should be using! :D
85
86# Do this now that language is available
87$yyfreespace =
88    $hostchecked < 0
89  ? $error_txt{'module_missing'}
90  : (
91    (
92        $yyfreespace && ( ( $debug == 1 && !$iamguest )
93            || ( $debug == 2 && $iamgmod )
94            || $iamadmin )
95    )
96    ? q~<div>~
97      . (
98        $hostchecked > 0 ? $maintxt{'freeuserspace'} : $maintxt{'freediskspace'}
99      )
100      . qq~ $yyfreespace</div>~
101    : q{}
102  );
103
104if ( -e "$vardir/gmodsettings.txt" && $iamgmod ) {
105    require "$vardir/gmodsettings.txt";
106}
107if ( !$masterkey ) {
108    if (
109        $iamadmin
110        || (   $iamgmod
111            && $allow_gmod_admin eq 'on'
112            && $gmod_access{'newsettings;page=security'} eq 'on' )
113      )
114    {
115        $yyadmin_alert = $reg_txt{'no_masterkey'};
116    }
117    $masterkey = $mbname;
118}
119
120$formsession = cloak("$mbname$username");
121
122# check for valid form sessionid in any POST request
123if ( $ENV{REQUEST_METHOD} =~ /post/ism ) {
124    if ( $CGI_query && $CGI_query->cgi_error() ) {
125        fatal_error( 'denial_of_service', $CGI_query->cgi_error() );
126    }
127    if ( decloak( $FORM{'formsession'} ) ne "$mbname$username" ) {
128        if ( $action eq 'login2' && $username ne 'Guest' ) {
129            fatal_error( 'logged_in_already', $username );
130        }
131        fatal_error( 'form_spoofing', $user_ip );
132    }
133}
134
135if ( $is_perm && $accept_permalink ) {
136    if ( $permtopicfound == 0 ) {
137        fatal_error( 'no_topic_found',
138            "$permtitle|C:$permachecktime|T:$threadpermatime" );
139    }
140    if ( $permboardfound == 0 ) {
141        fatal_error( 'no_board_found',
142            "$permboard|C:$permachecktime|T:$threadpermatime" );
143    }
144}
145
146guard();
147
148# Check if the action is allowed from an external domain
149if ($referersecurity) { referer_check(); }
150
151if ( $regtype == 1 || $regtype == 2 ) {
152    $inactive = -s "$memberdir/memberlist.inactive";
153    $approve = -s "$memberdir/memberlist.approve";
154    if ( $inactive > 2 ) {
155        RegApprovalCheck();
156        activation_check();
157    }
158    elsif ( $approve > 2 ) {
159        RegApprovalCheck();
160    }
161}
162
163require Sources::Security;
164
165banning();     # Check for banned people
166LoadIMs();     # Load IM's
167WriteLog();    # write into the logfile
168SearchAccess();
169
170local $SIG{__WARN__} = sub { fatal_error( 'error_occurred', "@_" ); };
171eval { yymain(); };
172if ($@) { fatal_error( 'untrapped', ":<br />$@" ); }
173
174sub yymain {
175
176    # Choose what to do based on the form action
177    if ($maintenance) {
178
179        #admin login issues with sessions and maintenance mode fix.
180        if ( $staff && $sessionvalid == 0 ) {
181            UpdateCookie('delete');
182            require Sources::LogInOut;
183            InMaintenance();
184        }
185        if ( $action eq 'login2' ) {
186            require Sources::LogInOut;
187            Login2();
188        }
189        if ( !$iamadmin ) { require Sources::LogInOut; InMaintenance(); }
190    }
191
192    # Guest can do the very few following actions
193    if (   $iamguest
194        && !$guestaccess
195        && $action !~
196/^(login|register|reminder|validate|activate|resetpass|guestpm|checkavail|$randaction)2?$/xsm
197      )
198    {
199        KickGuest();
200    }
201
202    if ( $action ne q{} ) {
203        if ( $action eq $randaction ) {
204            require Sources::Decoder;
205            convert();
206        }
207        else {
208            require Sources::SubList;
209            if ( $director{$action} ) {
210                my @act = split /&/xsm, $director{$action};
211                require "$sourcedir/$act[0]";
212                &{ $act[1] };
213            }
214            else {
215                require Sources::BoardIndex;
216                BoardIndex();
217            }
218        }
219    }
220    elsif ( $INFO{'num'} ne q{} ) {
221        require Sources::Display;
222        Display();
223    }
224    elsif ( $currentboard eq q{} ) {
225        require Sources::BoardIndex;
226        BoardIndex();
227    }
228    else {
229        require Sources::MessageIndex;
230        MessageIndex();
231    }
232    return;
233}
234
2351;
236