1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Include Custom PHP on Every Page

Discussion in 'XenForo Development Discussions' started by jwright, Jan 8, 2011.

  1. jwright

    jwright Active Member


    I just need to know how I can include my functions.php file in every page of my template.

    I have my website integrated, and login box and everything, and I need to be able to use my functions if the users is logged in or not to display the right information.

    Digital Doctor likes this.
  2. Rigel Kentaurus

    Rigel Kentaurus Well-Known Member

    Let me get this right. You need a file to be included in all and every page ?
    Say, in the forum home, and the threads list, and the thread detail, and the search page ... etc ?

    I guess for that scenario you could just include that in the index.php FrontController
    Having whatever variables you provide accessible in the templates would be a whole another thing, of course
  3. jwright

    jwright Active Member

    Hmm yes that's exactly what I need to do...and I will need to get some variables into it...

    Any ideas?
  4. jwright

    jwright Active Member

    Any ideas guys? I have done some poking around and can't seem to get anything working. Just end up with lots of errors.

    All this is, is the PHP code to run the login bar that goes along with my site that the XF board is integrated into. If the user is logged in, it will show the bar with some of their info, and if they're not logged in it will show login boxes. Simple if statement....I just can't find how to include the files correctly and then call my variables in the template.
  5. Shadab

    Shadab Well-Known Member

    Umit and jwright like this.
  6. jwright

    jwright Active Member

    Ok I have gotten to this point, however, when the code is reached in my functions file that requires an sql_query, I am popped back an error about call to a member function on a non-object blah blah.

    Do you know of any ways around this?
  7. ragtek

    ragtek Guest


    It seems that you're using a variable as a object without initialicing it....
    What's the code you're using?
  8. jwright

    jwright Active Member

    Do you want my functions file that I'm calling, or the XF code for my "addon" that calls the functions file?
  9. Shamil

    Shamil Well-Known Member

    That would be in your code
  10. jwright

    jwright Active Member

    Ok here's my functions.php file that I'm trying to call in.

    I know the code is a mess...I haven't got a chance to clean it up yet lol.

    Line 144 is where it says it's having the problem...with the sql_query statement.

    This works fine in my script, just not when being called inside of XF.

    //skip the functions file if somebody call it directly from the browser.
    //if (ereg("functions.php", $_SERVER['SCRIPT_NAME'])) {
    //    Header("Location: index.php"); die();
    // Initate Sessions!
    // Report all errors and ignor notices
    error_reporting(E_ALL ^ E_NOTICE);
    // Disable magic_quotes_runtime
    // deprecated in php >= 5.3
    if (!ini_get("register_globals")) {
    $phpver = phpversion();
    if ($phpver < '4.1.0') {
    	$_GET = $HTTP_GET_VARS;
    $phpver = explode(".", $phpver);
    $phpver = "$phpver[0]$phpver[1]";
    if ($phpver >= 41) {
    $admin = base64_decode($admin);
    $admin = addslashes($admin);
    $admin = base64_encode($admin);
    $user = base64_decode($user);
    $user = addslashes($user);
    $user = base64_encode($user);
    foreach ($_GET as $sec_key => $secvalue) {
    	if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
    	(eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
    	(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
    	(eregi("\"", $secvalue))) {
    		die ("not allowed");
    foreach ($_POST as $secvalue) {
    	if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
            (eregi("<[^>]script*\"?[^>]*>", $secvalue)) ||
            (eregi("<[^>]meta*\"?[^>]*>", $secvalue)) ||
            (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
    		die ("not allowed");
    //set root path
    $ROOT_DIR = realpath(dirname(__FILE__));
    $ROOT_DIR = str_replace('\\', '/', $ROOT_DIR);
    include ("$ROOT_DIR/config.php");
    $db = new sql_db($db_host, $db_username, $db_password, $databse_name, false);
    if(!$db->db_connect_id) {
          //if connection to database/login faild, print error.
          echo "<br><font color=\"red\"><h5><br><center>Error:</b><br><hr><br>
                <b>Connection to database has faild!<br>
                check mysql server/database name/username/password </center>
                  echo mysql_error();
    //load the site options and info from db.
    $options_sql = $db->sql_query("SELECT * FROM ".$prefix."_options");
    $options = $db->sql_fetchrow($options_sql);
    $site_name = stripslashes($options['site_name']);
    $site_email= stripslashes($options['site_email']);
    $site_url = stripslashes($options['site_url']);
    $site_info = stripslashes($options['site_info']);
    $language = stripslashes($options['language']);
    $validate = intval($options['validate']);
    //load the language
    include ("$ROOT_DIR/lang/$language.php");
    // SMARTY !!!! :)
    $smarty = new Smarty();
    $smarty->assign("user_logged_in", is_logged_in($_COOKIE['user']));
    $user_information = @mysql_fetch_assoc($db->sql_query("SELECT * FROM `{$prefix}_users` WHERE username='" . get_username() . "';"));
    $country_code = @country_to_code($user_information['country']);
    $smarty->assign("user_country_code", $country_code);
    $login_date = date_create($user_information['lastlogin']);
    $smarty->assign("lastlogin", date_format($login_date, 'F j, Y'));
    function find_userid($username){
    	global $db, $prefix;
    	$find_userid = mysql_fetch_assoc($db->sql_query("SELECT * FROM `{$prefix}_users` WHERE username='$username';"));
    	$found_userid = $find_userid['userid'];
    //global function for checkig whethar user is logged in or not.
    function is_logged_in($user) {
        global $db,$prefix;
        $read_cookie = explode("|", base64_decode($user));
        $userid = addslashes($read_cookie[0]);
        $passwd = $read_cookie[2];
        $userid = intval($userid);
        if ($userid != "" AND $passwd != "") {
            $result = $db->sql_query("SELECT password FROM ".$prefix."_users WHERE userid='$userid'");
    	$row = $db->sql_fetchrow($result);
            $pass = $row['password'];
    	if($pass == $passwd && $pass != "") {
               return 1;
        return 0;
    function get_username() {
        	$read_cookie = explode("|", base64_decode($_COOKIE['user']));
        	$user = addslashes($read_cookie[1]);
    function get_userid() {
        	$read_cookie = explode("|", base64_decode($_COOKIE['user']));
        	$userid = $read_cookie[0];
    function count_rows($userid){
    		global $prefix;
    		$result = mysql_query("SELECT userid FROM ".$prefix."_feedback WHERE userid=$userid");
    		$total_feedback = mysql_num_rows($result);
    function is_logged_in_admin($admin) {
        global $db,$prefix;
        $read_cookie = explode("|", base64_decode($admin));
        $adminid = addslashes($read_cookie[0]);
        $passwd = $read_cookie[2];
        $adminid = intval($adminid);
        if ($adminid != "" AND $passwd != "") {
            $result = $db->sql_query("SELECT password FROM ".$prefix."_admin WHERE adminid='$adminid'");
    		$row = $db->sql_fetchrow($result);
            $pass = $row['password'];
    		if($pass == $passwd && $pass != "") {
        	       return 1;
        return 0;
    function msg_redirect($msg,$url,$seconds){
             global $site_name, $site_url;
             echo "<html dir=\""._LTR_RTL."\">\n"
                  ."<meta http-equiv=\"Refresh\" content=\"$seconds; URL=$url\">\n"
                  ."<meta http-equiv=\"Content-Type\" content=\"text/html; charset="._CHARSET."\">\n"
                  ."<link rel=\"stylesheet\" href=\"style.css\" type=\"text/css\">\n"
                  ."<br />\n"
                  ."<br />\n"
                  ."<br />\n"
                  ."<br />\n\n\n"
                  ."<div align=\"center\">\n"
                  ."<table cellpadding=\"6\" cellspacing=\"1\" border=\"0\" width=\"70%\" bgcolor=\"#E1E1E1\">"
    	      ."<td bordercolor=\"#808080\">"._REDIRECTING."</td>"
                  ."</tr> "
                  ."<tr> "
    	      ."<td align=\"center\" bgcolor=\"#FFFFFF\">"
    	      ."<blockquote> "
                  ."<p><a href=\"$url\"> "
    	      .""._CLICK_HERE_BROWSER_REDIRECT."</a></p><br />"
    function user_exists($user) {
        global $db,$prefix;
        $user_check = mysql_fetch_assoc($db->sql_query("SELECT username FROM ".$prefix."_users WHERE username='$user'"));
    	if(trim($user_check['username']) == "") {
    		return false;
    	} else {
    		return true;
  11. Shadab

    Shadab Well-Known Member

    That error "call to a member function on a non-object"... sounds familiar. It's mostly down to bad application design/architecture. Are you relying on global variables for storing your objects? vBulletin was similar in this respect, and I could never get it to initialize from inside a function.
    Umit likes this.
  12. jwright

    jwright Active Member

    Well it wouldn't surprise me if my design is bad...I'm still fairly new to PHP and trying to make "good" code.

    To be perfectly honest I'm not sure what your asking, but I don't think so?
  13. Shamil

    Shamil Well-Known Member

    Are you using a different database as to what's already being used? i.e. XF's db?

    Code looks ok, Zend Studio doesn't notice any facetime code faults.

    This is the code we're looking at now:

    function is_logged_in($user) {

    $read_cookie explode("|"base64_decode($user));
    $userid addslashes($read_cookie[0]);
    $passwd $read_cookie[2];
    $userid intval($userid);
        if (
    $userid != "" AND $passwd != "") {
    $result $db->sql_query("SELECT password FROM ".$prefix."_users WHERE userid='$userid'");
    $row $db->sql_fetchrow($result);
    $pass $row['password'];
    $pass == $passwd && $pass != "") {

    $row $db->sql_fetchrow($result);
    How is the function sql_fetchrow() defined? Is it a simple fetch_array or ..?
  14. Digital Doctor

    Digital Doctor Well-Known Member

    Sounds poweful.
    I'd love to hear more what you are trying to accomplish.
    Is this for pages outside the Forums ?
  15. Shadab

    Shadab Well-Known Member

    Guess I was right. Reliance on global variables by your functions and your script in general.
    And using register_globals! [​IMG]

    Please, please don't spend any more time trying to integrate this script in your XenForo forum.
    Umit likes this.
  16. jwright

    jwright Active Member


    Yes I'm currently using two databases. I have my scripts database, and then the XF database. They are kept in sync by userid's. I have disabled many features in my forum such as change email address, password, etc, and all of this is manage through my script which runs dual sql queries for most everything. The Login/Logout functions are integrated as well so it starts dual sessions. Pretty much I keep everything in separate databases without the user ever knowing.

    function sql_fetchrow($query_id = 0)
    			$query_id = $this->query_result;
    			$this->row[$query_id] = @mysql_fetch_array($query_id);
    			return $this->row[$query_id];
    			return false;
    @Digital Doctor,

    I have integrated my forums into my site, which if you read above will know that it is also "integrated" function-wise.
    In my layout, I have a main login bar in my header, which if the user is not logged in, will display login boxes, and if they are logged in, it will display a few buttons and a logout button, and say welcome *username* etc.

    I am simply trying to get this working within the forums, but I'm just having problems calling the PHP to run it.
  17. Shamil

    Shamil Well-Known Member

    Can you try replacing line 144 with this

    $row mysql_fetch_assoc($result);
    You might get the same error as before, if you do, then that's fine. Tell me what you get. If memory serve me correct, you don't want to use array, unless you reference it as $row[0], so use assoc

    register_globals/GPC is very dangerous - I don't recommend you have/use it.
  18. jwright

    jwright Active Member

    Still the same error. That is supposed to be on line 145, the error is on 144 which is

    $result = $db->sql_query("SELECT password FROM ".$prefix."_users WHERE userid='$userid'");
    It does not like the face that sql_query is there.

    I did replace mysql_fetchrow with the mysql_fetch_array like you posted, on line 145.
  19. jwright

    jwright Active Member

    Shadab I am still quite new to the concepts of proper PHP. Can you please post exactly what is wrong with the code, and perhaps post a section of mine, and then correct it and show me what it would look like so I can research it more?

  20. Shamil

    Shamil Well-Known Member

    Have a read of this: http://www.php.net/manual/en/security.globals.php
    jwright likes this.

Share This Page