mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-03 21:27:25 +02:00
Code Issues Releases Wiki Activity

Tidy up a few lurking bugs

Browse Source
This commit is contained in:
e107steved
2008-12-17 20:26:57 +00:00
parent 60bd309051
commit 5e6fde13c2
4 changed files with 160 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
e107_files/shortcode/user_extended.sc
View File

@@ -93,8 +93,7 @@ if ($parms[1] == 'value')
$uVal = str_replace(chr(1), "", $udata['user_'.$parms[0]]); $uVal = str_replace(chr(1), "", $udata['user_'.$parms[0]]);
switch ($ueStruct["user_".$parms[0]]['user_extended_struct_type']) switch ($ueStruct["user_".$parms[0]]['user_extended_struct_type'])
{ {
// check for db_lookup type case EUF_DB_FIELD : // check for db_lookup type
case EUF_DB_FIELD :
$tmp = explode(",",$ueStruct["user_".$parms[0]]['user_extended_struct_values']); $tmp = explode(",",$ueStruct["user_".$parms[0]]['user_extended_struct_values']);
$sql_ue = new db; // Use our own DB object to avoid conflicts $sql_ue = new db; // Use our own DB object to avoid conflicts
if($sql_ue->db_Select($tmp[0],"{$tmp[1]}, {$tmp[2]}","{$tmp[1]} = '{$uVal}'")) if($sql_ue->db_Select($tmp[0],"{$tmp[1]}, {$tmp[2]}","{$tmp[1]} = '{$uVal}'"))
@@ -114,6 +113,8 @@ if ($parms[1] == 'value')
case EUF_PREDEFINED : // Predefined field - have to look up display string in relevant file case EUF_PREDEFINED : // Predefined field - have to look up display string in relevant file
$ret_data = e107_user_extended::user_extended_display_text($ueStruct["user_".$parms[0]]['user_extended_struct_values'],$uVal); $ret_data = e107_user_extended::user_extended_display_text($ueStruct["user_".$parms[0]]['user_extended_struct_values'],$uVal);
break; break;
default :
$ret_data = $uVal;
} }
if($ret_data != "") if($ret_data != "")
{ {

38
e107_plugins/links_page/e_userprofile.php
View File

@@ -1,10 +1,13 @@
<?php <?php
if(!function_exists('e_userprofile_links_page')){ if(!function_exists('e_userprofile_links_page'))
function e_userprofile_links_page(){ {
function e_userprofile_links_page()
{
global $qs, $sql, $tp; global $qs, $sql, $tp;
$id=intval($qs[1]); $id=intval($qs[1]);
include_lan(e_PLUGIN."links_page/languages/".e_LANGUAGE.".php"); // Need the LAN file in some places even if no links found
$qry = " $qry = "
SELECT l.*, lc.* SELECT l.*, lc.*
@@ -18,23 +21,32 @@ if(!function_exists('e_userprofile_links_page')){
$text = ''; $text = '';
$total = $sql -> db_Select_gen($qry); $total = $sql -> db_Select_gen($qry);
if($sql -> db_Select_gen($qry1)){ if ($sql -> db_Select_gen($qry1))
include_lan(e_PLUGIN."links_page/languages/".e_LANGUAGE.".php"); {
while($row = $sql -> db_Fetch()){ while ($row = $sql -> db_Fetch())
{
$LINK_APPEND = "<a class='linkspage_url' href='".$row['link_url']."' onclick=\"open_window('".e_PLUGIN."links_page/links.php?view.".$row['link_id']."','full');return false;\" >"; $LINK_APPEND = "<a class='linkspage_url' href='".$row['link_url']."' onclick=\"open_window('".e_PLUGIN."links_page/links.php?view.".$row['link_id']."','full');return false;\" >";
$icon = $LINK_APPEND."<img class='linkspage_button' style='width:50px; height:50px;' src='".e_PLUGIN."links_page/images/blank.gif' alt='' /></a>"; $icon = $LINK_APPEND."<img class='linkspage_button' style='width:50px; height:50px;' src='".e_PLUGIN."links_page/images/blank.gif' alt='' /></a>";
if ($row['link_button']) { if ($row['link_button'])
if (strpos($row['link_button'], "http://") !== FALSE) { {
if (strpos($row['link_button'], "http://") !== FALSE)
{
$icon = $LINK_APPEND."<img class='linkspage_button' src='".$row['link_button']."' alt='' /></a>"; $icon = $LINK_APPEND."<img class='linkspage_button' src='".$row['link_button']."' alt='' /></a>";
} else { }
if(strstr($row['link_button'], "/")){ else
if(is_readable(e_BASE.$row['link_button'])){ {
if(strstr($row['link_button'], "/"))
{
if(is_readable(e_BASE.$row['link_button']))
{
$icon = $LINK_APPEND."<img class='linkspage_button' style='width:50px; height:50px;' src='".e_BASE.$row['link_button']."' alt='' /></a>"; $icon = $LINK_APPEND."<img class='linkspage_button' style='width:50px; height:50px;' src='".e_BASE.$row['link_button']."' alt='' /></a>";
} }
}else{ }
if(is_readable(e_PLUGIN."links_page/link_images/".$row['link_button'])){ else
{
if(is_readable(e_PLUGIN."links_page/link_images/".$row['link_button']))
{
$icon = $LINK_APPEND."<img class='linkspage_button' style='width:50px; height:50px;' src='".e_PLUGIN."links_page/link_images/".$row['link_button']."' alt='' /></a>"; $icon = $LINK_APPEND."<img class='linkspage_button' style='width:50px; height:50px;' src='".e_PLUGIN."links_page/link_images/".$row['link_button']."' alt='' /></a>";
} }
} }

3
e107_plugins/links_page/plugin.xml
View File

@@ -1,12 +1,13 @@
<?xml version="1.0" encoding="iso-8859-1"?> <?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Id: plugin.xml,v 1.1 2008-12-13 16:06:11 e107steved Exp $ --> <!-- $Id: plugin.xml,v 1.2 2008-12-17 20:26:57 e107steved Exp $ -->
<e107Plugin name="LCLAN_PLUGIN_LAN_1" version="1.12" compatibility="0.8" installRequired="true"> <e107Plugin name="LCLAN_PLUGIN_LAN_1" version="1.12" compatibility="0.8" installRequired="true">
<author name="e107devs" url="http://e107.org" /> <author name="e107devs" url="http://e107.org" />
<description>Links Page For Displaying External Web Links</description> <description>Links Page For Displaying External Web Links</description>
<folder>links_page</folder> <folder>links_page</folder>
<copyright>Copyright e107 Inc e107.org, Licensed under GPL (http://www.gnu.org/licenses/gpl.txt)</copyright> <copyright>Copyright e107 Inc e107.org, Licensed under GPL (http://www.gnu.org/licenses/gpl.txt)</copyright>
<logLanguageFile filename="languages/--LAN--_admin_links_page.php" />
<administration> <administration>
<configFile>admin_linkspage_config.php</configFile> <configFile>admin_linkspage_config.php</configFile>
<icon>images/linkspage_32.png</icon> <icon>images/linkspage_32.png</icon>

65
signup.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/signup.php,v $ | $Source: /cvs_backup/e107_0.8/signup.php,v $
| $Revision: 1.25 $ | $Revision: 1.26 $
| $Date: 2008-12-10 18:06:33 $ | $Date: 2008-12-17 20:26:51 $
| $Author: e107steved $ | $Author: e107steved $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
@@ -647,18 +647,23 @@ global $db_debug;
// Extended Field validation // Extended Field validation
$extList = $usere->user_extended_get_fieldList(); $extList = $usere->user_extended_get_fieldList();
$eufVals = array();
foreach($extList as $ext) foreach($extList as $ext)
{ {
if(isset($_POST['ue']['user_'.$ext['user_extended_struct_name']])) $eufName = 'user_'.$ext['user_extended_struct_name'];
if(isset($_POST['ue'][$eufName]))
{ {
$newval = trim($_POST['ue']['user_'.$ext['user_extended_struct_name']]); $newval = trim($_POST['ue'][$eufName]);
// echo "Vetting field ".'user_'.$ext['user_extended_struct_name'].": {$newval} = ".trim($_POST['ue']['user_'.$ext['user_extended_struct_name']])."<br />";
if($ext['user_extended_struct_required'] == 1 && (($newval == "") || (($ext['user_extended_struct_type'] == 7) && ($newval == '0000-00-00')) )) if($ext['user_extended_struct_required'] == 1 && (($newval == "") || (($ext['user_extended_struct_type'] == 7) && ($newval == '0000-00-00')) ))
{ { // Required field not present
$_ftext = (defined($ext['user_extended_struct_text']) ? constant($ext['user_extended_struct_text']) : $ext['user_extended_struct_text']); $_ftext = (defined($ext['user_extended_struct_text']) ? constant($ext['user_extended_struct_text']) : $ext['user_extended_struct_text']);
$error_message .= LAN_SIGNUP_6.$_ftext.LAN_SIGNUP_7."\\n"; $error_message .= LAN_SIGNUP_6.$_ftext.LAN_SIGNUP_7."\\n";
$error = TRUE; $error = TRUE;
} }
else
{
$parms = explode("^,^", $ext['user_extended_struct_parms']); $parms = explode("^,^", $ext['user_extended_struct_parms']);
$regex = (isset($parms[1]) ? $tp->toText($parms[1]) : ""); $regex = (isset($parms[1]) ? $tp->toText($parms[1]) : "");
$regexfail = (isset($parms[2]) ? trim($tp->toText($parms[2])) : ""); $regexfail = (isset($parms[2]) ? trim($tp->toText($parms[2])) : "");
@@ -670,13 +675,15 @@ global $db_debug;
if(defined($regexfail)) {$regexfail = constant($regexfail);} if(defined($regexfail)) {$regexfail = constant($regexfail);}
if($regex != "" && $newval != "") if($regex != "" && $newval != "" && !preg_match($regex, $newval))
{
if(!preg_match($regex, $newval))
{ {
$error_message .= $regexfail."\\n"; $error_message .= $regexfail."\\n";
$error = TRUE; $error = TRUE;
} }
else
{
$eufVals[$eufName] = $newval;
}
} }
} }
} }
@@ -711,10 +718,10 @@ global $db_debug;
$ip = $e107->getip(); $ip = $e107->getip();
$ue_fields = ""; $ue_fields = "";
foreach($_POST['ue'] as $key => $val) if (count($eufVals))
{
foreach($eufVals as $key => $val) // We've already ensured only valid keys here
{ {
if (isset($extList[$key]))
{ // Only allow valid keys
$key = $tp->toDB($key); $key = $tp->toDB($key);
$val = $tp->toDB($val); $val = $tp->toDB($val);
$ue_fields .= ($ue_fields) ? ", " : ""; $ue_fields .= ($ue_fields) ? ", " : "";
@@ -779,8 +786,22 @@ global $db_debug;
// Set initial classes, and any which the user can opt to join // Set initial classes, and any which the user can opt to join
$init_classes = array(); $init_classes = array();
if ($pref['init_class_stage'] == '1') $init_classes = explode(',',varset($pref['initial_user_classes'],'')); if ($pref['init_class_stage'] == '1') { $init_classes = explode(',',varset($pref['initial_user_classes'],'')); }
if (isset($_POST['class'])) $init_classes = array_unique(array_merge($init_classes, $_POST['class'])); if (isset($_POST['class']))
{
foreach ($_POST['class'] as $cl)
{
if (intval($cl))
{
$init_classes[] = $cl;
}
}
}
if (varsettrue($pref['user_new_period']))
{
$init_classes[] = e_UC_NEWUSER;
}
$init_classes = array_unique($init_classes);
if (count($init_classes)) if (count($init_classes))
{ {
$sql->db_Update("user", "user_class='".$tp -> toDB(implode(',',$init_classes))."' WHERE user_id='".$nid."' "); $sql->db_Update("user", "user_class='".$tp -> toDB(implode(',',$init_classes))."' WHERE user_id='".$nid."' ");
@@ -851,10 +872,24 @@ global $db_debug;
// Set initial classes, and any which the user can opt to join // Set initial classes, and any which the user can opt to join
$init_classes = explode(',',varset($pref['initial_user_classes'],'')); $init_classes = explode(',',varset($pref['initial_user_classes'],''));
if (isset($_POST['class'])) $init_classes = array_unique(array_merge($init_classes, $_POST['class'])); if (isset($_POST['class']))
{
foreach ($_POST['class'] as $cl)
{
if (intval($cl))
{
$init_classes[] = $cl;
}
}
}
if (varsettrue($pref['user_new_period']))
{
$init_classes[] = e_UC_NEWUSER;
}
$init_classes = array_unique($init_classes);
// Set member as registered, update classes // Set member as registered, update classes
$sql->db_Update("user", "user_ban = '".USER_VALIDATED."', user_class='".$tp -> toDB(implode(',',$init_classes))."' WHERE user_id = '{$nid}'"); $sql->db_Update("user", "user_ban = '".USER_VALIDATED."', user_class='".implode(',',$init_classes)."' WHERE user_id = '{$nid}'");
// ======== save extended fields to DB table. // ======== save extended fields to DB table.