SMF SSI.php Functions

Current Version: 2.0

This file is used to demonstrate the capabilities of SSI.php using PHP include functions. The examples show the include tag, then the results of it.

Include Code

To use SSI.php in your page add at the very top of your page before the <html> tag on line 1 of your php file:

Code: [Select]
<?php require("SSI.php"); ?>

Some notes on usage

All the functions have an output method parameter. This can either be "echo" (the default) or "array"

If it is "echo", the function will act normally - otherwise, it will return an array containing information about the requested task. For example, it might return a list of topics for ssi_recentTopics.

This functionality can be used to allow you to present the information in any way you wish.

Additional Guides & FAQ

Need more information on using SSI.php? Check out Using SSI.php article or the SSI FAQ.

Recent Topics Function

Code (simple mode)

Code: [Select]
<?php ssi_recentTopics(); ?>

Code (advanced mode)

Code: [Select]
<?php ssi_recentTopics($num_recent = 8, $exclude_boards = null, $include_boards = null, $output_method = 'echo'); ?>

Result

Recent Posts Function

Code

Code: [Select]
<?php ssi_recentPosts(); ?>

Result

Recent Poll Function

Code

Code: [Select]
<?php ssi_recentPoll(); ?>

Result

Top Boards Function

Shows top boards by the number of posts.

Code

Code: [Select]
<?php ssi_topBoards(); ?>

Result

Board Topics Posts
SMF Online Manual 0 4,540,779
Bugtracker (Github) 0 1,668,753
Srpski (Serbian) 0 1,589,902
Hrvatski (Croatian) 0 1,531,351
Bosanski (Bosnian) 0 1,520,828
SMF 1.1.x Support New 82,652 518,334
Modifications and Packages New 2,553 318,631
SMF 2.0.x Support New 42,794 309,330
Arşiv New 31,574 228,742
Español (Spanish) New 29,151 171,123

Top Topics

Shows top topics by the number of replies or views.

Code (show by number of views)

Code: [Select]
<?php ssi_topTopicsViews(); ?>

Result

Code (show by number of replies)

Code: [Select]
<?php ssi_topTopicsReplies(); ?>

Result

Top Poll Function

Shows the most-voted-in poll.

Code

Code: [Select]
<?php ssi_topPoll(); ?>

Result

Top Poster Function

Shows the top poster's name and profile link.

Code

Code: [Select]
<?php ssi_topPoster(); ?>

Result

Latest Member Function

Shows the latest member's name and profile link.

Code

Code: [Select]
<?php ssi_latestMember(); ?>

Result

Please welcome joerobin47, our newest member.

Member of the Day

Shows one random member of the day. This changes once a day.

Code

Code: [Select]
<?php ssi_randomMember('day'); ?>

Result

Who's Online Function

This function shows who are online inside the forum.

Code

Code: [Select]
<?php ssi_whosOnline(); ?>

Result

Log Online Presence

This function logs the SSI page's visitor, then shows the Who's Online list. In other words, this function shows who are online inside and outside the forum.

Code

Code: [Select]
<?php ssi_logOnline(); ?>

Result

Login Function

Shows a login box only when user is not logged in.

Code

Code: [Select]
<?php ssi_login(); ?>

Result

 
 

Logout Function

Shows a logout link only when user is logged in.

Code

Code: [Select]
<?php ssi_logout(); ?>

Result

Welcome Function

Greets users or guests, also shows user's messages if logged in.

Code

Code: [Select]
<?php ssi_welcome(); ?>

Result

Welcome, Guest. Please login or register.
Did you miss your activation email?

Today's Calendar Function

Code

Code: [Select]
<?php ssi_todaysCalendar(); ?>

Result

Today's Birthdays Function

Code

Code: [Select]
<?php ssi_todaysBirthdays(); ?>

Result

Today's Holidays Function

Code

Code: [Select]
<?php ssi_todaysHolidays(); ?>

Result

Today's Events Function

Code

Code: [Select]
<?php ssi_todaysEvents(); ?>

Result

Recent Calendar Events Function

Code

Code: [Select]
<?php ssi_recentEvents(); ?>

Result

Forum Stats

Shows some basic forum stats: total members, posts, topics, boards, etc.

Code

Code: [Select]
<?php ssi_boardStats(); ?>

Result

Total Members: 365,773
Total Posts: 3,661,474
Total Topics: 441,593
Total Categories: 13
Total Boards: 222

News Function

Shows random forum news.

Code

Code: [Select]
<?php ssi_news(); ?>

Result

SMF 2.1 Beta 2 has been released! Please do not run in production. Help us test! :) Read more.

Board News Function

Shows the latest posts from read only boards, or a specific board.

Code

Code: [Select]
<?php ssi_boardNews(); ?>

Result

exclamation The SMF project welcomes Suki as the new PM!

February 17, 2016, 07:58:25 AM by Kindred
The SMF project recently had its annual elections for the PM position.

After many years in the position (albeit with a short break) I have stepped down as Project Manager of the Simple Machines Forum project. I will continue to be involved with the project, providing support and what-have-you, but I don't feel that I have the time to commit to the PM role.

Suki - a long-time team member who has "worked" on the support team, the customization team and has been one of the key developers in the support of the 2.0.x branch and the ongoing development of the upcoming 2.1 branch - was elected as the Project Manager of SMF.

Suki is well respected by the team and the community in general. She has some great ideas and excellent goals - and, actually, will be the first active developer who has taken on the role of PM.

I look forward to seeing her lead the project into the next release and beyond.

Please join me in welcoming and congratulating the new Project Manager.

--Kindred
53 comments | Write Comment

xx SMF 2.0.11 released

September 18, 2015, 10:56:19 PM by Oldiesmann
Please do not use this topic for support requests.
You will receive a much quicker and better response by posting in the 2.0.x Support Board or the Install and Upgrades Help board



Dear Members,

Simple Machines Forum has released a new patch to the 2.0.x line, bringing our latest release version to 2.0.11

This patch is a security release, which focuses on fixing a minor security vulnerability reported in the software, therefore, it is important that you install this patch in a timely manner.

If you are running version 2.0.10, you can upgrade your forum to the latest version by using the package manager. As usual, you should see the upgrade notification in the admin panel notifications and in the package manager, which will allow you to download and install the patch seamlessly.  If you don't see the notification about the upgrade patch, please run the scheduled task "Fetch Simple Machines files" from the Scheduled Tasks page (Admin > Maintenance > Scheduled Tasks > Fetch Simple Machines Files (check the "Run Now" checkbox and click the "Run Now" button)).

If you use older versions of SMF, you can upgrade directly to 2.0.11 from whatever version you are currently using by using the "full upgrade" archive from the downloads page. Be aware that using this upgrade method will require you to reinstall any customizations that you have added to your forum - so, if you are running a version in the 2.0.x series, it is recommended that you apply the successive patches instead of using the full upgrade.

You can view the change log for the latest release, as usual, on the downloads page.

If you are having problems downloading the patch from the admin panel, you can download the patch package from the upgrade patches page and install it in the package manager, as you would any other mod package

Please refer to the Online Manual for more details about:

Thank you for using SMF!

Regards,
Simple Machines Forum
58 comments | Write Comment

xx SMF 2.1 Beta 2 Released

July 16, 2015, 05:45:30 PM by Oldiesmann
Dear Users,

Simple Machines is proud to announce the release of the 2nd beta of SMF 2.1. This version contains many improvements over Beta 1 and also fixes many bugs that were discovered following its release. Among the notable improvements:

  • There is now an interface in the admin center for configuring default notification/alert preferences.
  • For new installs, MySQL's InnoDB storage engine is used by default if available. This will provide better performance.
  • Support for fulltext search with InnoDB tables on MySQL 5.6.4 or higher.
  • Optional two-factor authentication support for added security.
For full details of what has changed, please see our GitHub archive.

Please remember that the minimum requirements of SMF have been increased to PHP 5.3.8+ and MySQL 5.0.3+ or PostgresSQL 8.0+. Servers running a lower version of either will not be able to run SMF 2.1 and we do not intend to support them. If you have a server running an older version, you can either upgrade your server software or stay at an older version of SMF. SMF 2.1 has also dropped support for IE6 and IE7 but will continue to work with IE9+ (although IE10+ is really recommended) and browsers having similar/fuller standards compliance (any modern version of Chrome, Safari, Firefox, Opera etc will be fine).

The general installation and upgrading procedure remains the same, however, once you upgrade from an older version to 2.1 you cannot go back, so please take careful consideration before upgrading any live site.. Have a look at Installing and Upgrading SMF in the Online Manual to find out more. You cannot upgrade to 2.1 Beta 2 via the package manager; instead you will need to carry out the "Large Upgrade" process. SMF 2.1 can be obtained from the Download section.

Please note: Because this is a beta release, translations and language strings other than English have not been finalized and may not be complete yet.

Finally, as always, this topic is not for support; discussion and support for 2.1 can be found in the new 2.1 support board.
170 comments | Write Comment

xx "Responsive Curve" mod package released

April 20, 2015, 06:38:08 AM by Kindred
Hello all.

Over the last few weeks a big "buzz" has been spreading in SMF's forum and throughout the internet about a new "mobility-friendliness" check that Google has put in place. Based on the preliminary reports that Google has sent to some webmasters, many SMF forum owners were notified that their site is not "mobile-friendly".

Google has specified April 21, 2015 as the date when a new search algorithm will be put in place, although, as usual, the specific details regarding the algorithm have not been distributed.

Although we do not necessarily agree with this new policy, we recognize our users' desire and need to be "compliant", so we have worked out something which may help. While, Curve2 (the new default theme for the upcoming SMF 2.1) is already responsive and, as such, is "mobile-friendly", for SMF 2.0 that was not the case. The default theme for 2.0.x (Curve) is already four years old and, as such, it is not responsive, and would take a great deal of effort to make it into something fully responsive (and, in the process, would likely break many mods.)

So, in order to tackle this problem in the most efficient manner, giving admins the ability to meet some of Google's requirement while maintaining a compatibility with legacy templates and mods, we have released a MODification package which will bring some "responsiveness" to Curve. This will allow your 2.0.x forum not only to be accepted by Google's "friendliness test", but also to have a better display in mobile devices. This mod can be applied, as with any other mod, through the Package Manager in your forum's Admin section.

However, if you plan on using this, you should be aware of some potential issues and limitations:

  • This MOD adds basic responsiveness to Curve. The theme does not become "fully responsive".
  • Existing MODs which perform significant template changes might display poorly.
  • Existing Themes (especially Curve's variations) might be affected by these changes.
  • This MAY not affect MANY custom themes that use their own templates which use different coding from the Curve designs. Such themes will need to have the changes parsed, tweaked and/or manually applied within their framework(s).

For these reasons, the changes performed in this mod will NOT be merged in the official 2.0.x series releases, but will be released, and supported, as an official mod.

Please use the mod's support topic if you have any questions regarding the mod or any issues installing or using the mod.

The SMF Team
56 comments | Write Comment

xx Avast Forum Hack - Results of Analysis

June 05, 2014, 07:43:06 PM by Kindred
As everyone has no doubt heard by now, over the weekend of May 24/25, the Avast forum site was hacked.

There was much supposition, a fair amount of guessing and several accusations that the forum software which Avast was running (Simple Machines Forum) was the vector of the attack.
We took a look at what was publicly available and came to our own conclusions, which did not match with what some representatives from Avast were claiming or what had been passed on to the media. In response to this, we made a post on 28-May, which indicated our position on the matter. Yes, that post was not the most politely phrased response, but we were responding to attacks on the integrity of our coding, our security and our documentation of changes.

In return, Avast DID contact us and provided us the code from the hacked site as well as the server logs for the time around that weekend in May. They seemed interested in working with us and we had some of our best experts put some serious effort and time into analyzing the code and the server data. We had planned to work WITH the folks at Avast to work on a statement.
Unfortunately, this was also the last we heard from the Avast representatives. Since our findings were presented to them, they have refused to respond to any of our attempts to contact them again. Given this refusal to communicate and given the fact that some people are still trying to lay the blame on SMF, I feel that we must make the analysis public and thus address any concerns over the security of Simple Machines Forum.

Summary - We can find no evidence that the hacker exploited any (alleged) vulnerability in the Simple Machines Forum software.

More specifically and in greater detail:
1- From the server logs, there is no evidence of any security vulnerability in the SMF code
2- From our analysis, it is our conclusion that the "hack" was the result of a compromised admin account (although, to be clear, without any specific evidence, this conclusion is still supposition, even if it is the best guess). Specifically, similar to the attack here at simplemachines.org late last year, an admin reused account information across multiple sites, one other of which was compromised. Once the hacker had the admin account information, he would be able to promote his other dummy account to Admin or even just act as the logged in account.
3- From the dates on the file edits, it would appear that the system was actually compromised several months ago, but was not noticed until the hacker did something obvious, here in May.
Of course, the server logs from that time are not available from Avast, so we can not confirm this by any method other than the date-stamp on the infected file.
4- Avast told us that they did not "lock down" the permissions of their files. This is important, because even a compromised admin account would still need FTP passwords (if FTP is even available) to make file changes if the file permissions were locked.

Now - Lest people think we are trying to throw all the blame somewhere else - We will acknowledge that, once the hacker had admin access, the features of SMF essentially gave him full access to the system.  Two Admin features which make Simple Machines Forum so simple for people to use are the Package Manager and the Theme Editor. These features allow an admin to upload a pre-packaged set of code-instructions which modifies the system. When correctly used, this allows for quick and simple customization of a forum site, adding new features and enhancing others. These powerful features, however, could also allow anyone with admin access to upload and run a mod package with malicious intention if the file permissions allow the upload. We recognize this and work our best to prevent any unauthorized access to the admin area and the package manager or theme editor. However, when the hack comes in through a human/social hack, as seems to be the case here, there is very little that we can do.

The take-away from this is: do not re-use your admin password elsewhere and maintain secure file permissions - because if file and folder permissions are properly maintained, the admin features can do no real damage because they can't write to any files without the file permissions being changed by someone with FTP, Control Panel or other server access.

Additionally, SMF v1.1.x and 2.0.x use a hashed SHA1 encryption for the password. That means that, once the hacker has the database, there is a possibility that he can discover the passwords. Although SHA1 is still considered secure, it is breakable through brute force, especially given the power of machines these days; it would take some time, but can be done. (Once again, this requires that a hacker has already gained access to your database.)  For the upcoming 2.1 release, we have changed the password storage, encryption and handling -- but note that this change was already underway well before Avast.

Two things that YOU can do to protect yourselves:
a) Never use the same username/password combination on sites.
b) If you run a forum, lock your file permissions down. Do not leave them at chmod 666/777 (which is what some hosts require in order to install mods) If you must use those settings to install a mod or a theme, then change the permissions back to a more restrictive set (644/755 at the very least, but even that is not actually secure). This takes a little more work (granting and removing permissions every time you want to install a mod), but makes your site more secure.
68 comments

Menubar Function

Displays a menu bar, like one displayed at the top of the forum.

Code

Code: [Select]
<?php ssi_menubar(); ?>

Result

Quick Search Function

Code

Code: [Select]
<?php ssi_quickSearch(); ?>

Result

Recent Attachments Function

Code

Code: [Select]
<?php ssi_recentAttachments(); ?>

Result

File Posted by Downloads Filesize
smfCurve.png Antes 657 47.94kB
Feiertage_2.0b3.1p.zip noex 1503 3.5kB
feiertage_smf2.0b3.txt noex 1193 44.01kB
feiertag.sql.txt MrPM 1173 26.22kB
SeperateStickyTopics.zip dieter4 1183 3.25kB
im_status.jpg mediman 1991 36.04kB
Feiertage.zip ディン1031 2375 3.47kB
index.gif noex 1403 9.88kB
50784.gif noex 1893 16.14kB
pdf.gif noex 1150 1.04kB

Show Single Poll

Shows a poll in the specified topic.

Code

Code: [Select]
<?php ssi_showPoll($topicID); ?>

Result

Not shown because it needs specific topic ID that contains a poll.

Show Single Post

Fetches a post with a particular IDs. By default will only show if you have permission to the see the board in question. This can be overriden by passing the 2nd parameter as true.

Code

Code: [Select]
<?php ssi_fetchPosts($postIDs, $isOverride); ?>

Result

Not shown because it needs a specific post ID.

Show Single Member

Shows the specified member's name and profile link.

Code

Code: [Select]
<?php ssi_fetchMember($memberIDs); ?>

Result

Not shown because it needs a specific member ID.

Show Group Members

Shows all members in a specified group.

Code

Code: [Select]
<?php ssi_fetchGroupMembers($groupIDs); ?>

Result

Not shown because it needs specific membergroup IDs.

Home Page Sample

This sample uses the following features: ssi_recentTopics(), ssi_logOnline(), ssi_welcome(), and ssi_boardNews(). ssi_recentTopics() is fetched using the array method, to allow further customizations on the output.

Code

Code: [Select]
<?php require("SSI.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>SSI.php example for home page</title> <style type="text/css"> body { font-family: Arial, Tahoma, sans-serif; font-size: 80%; background: #DFDFDF; color: #FFFFFF; margin: 0 } ul,ol { padding-left: 19px; margin: 0; } li { font-size: 11px; } h1,h2,h3 { margin: 0; padding: 0; } h3 { font-size: 15px; } a:link,a:visited { color: #FF9000; text-decoration: none; } a:hover { text-decoration: underline; } #container { background: #52514E; width: 100%; border: 1px solid midnightblue; line-height: 150%; margin: 0; } #header,#footer { color: lightgray; background-color: #2A2825; clear: both; padding: .5em; } #leftbar { background: #DF7E00; float: left; width: 160px; margin: 0; padding: 1em; } #leftbar a { color: #000000; text-decoration: underline; } #content { margin-left: 190px; padding: 1em; } #navigation { float: right; } #navigation a:link,#navigation a:visited { color: #FF9000; } </style> </head> <body> <div id="container"> <div id="header"> <div id="navigation"> <a href="#">Link</a> | <a href="#">Link</a> | <a href="#">Link</a> | <a href="#">Link</a> | <a href="#">Link</a> </div> <h1 class="header">YourWebsite.com</h1> </div> <div id="leftbar"> <h3>Recent Forum Topics</h3> <ul> <?php // Using array method to show shorter display style. $topics = ssi_recentTopics(8, null, null, 'array'); foreach ($topics as $topic) { // Uncomment the following code to get a listing of array elements that SMF provides for this function. // echo '<pre>', print_r($topic), '</pre>'; echo ' <li><a href=\"', $topic['href'], '\">', $topic['subject'], '</a> ', $txt['by'], ' ', $topics[$i]['poster']['link'], '</li>'; } unset($topics); ?> </ul><br /> <h3>Online Users</h3> <?php ssi_logOnline(); ?> </div> <div id="content"> <?php ssi_welcome(); ?><br /><br /> <h2>News</h2> <?php ssi_boardNews(); ?> </div> <div id="footer"> <a target="_blank" rel="license" href="http://creativecommons.org/licenses/publicdomain/"><img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/publicdomain/88x31.png" /></a> This sample website layout is dedicated to the <a target="_blank" rel="license" href="http://creativecommons.org/licenses/publicdomain/">Public Domain</a>. </div> </div> </body> </html>

Result