1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-03-13 20:28:44 +01:00

This is a mass commit ... expect trouble! Changes made here are primarily to how login is handled, schema changes necessary!

git-svn-id: file:///svn/phpbb/trunk@4970 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2004-09-01 15:47:46 +00:00
parent 3c8e36b458
commit 070cbefa46
27 changed files with 1785 additions and 2654 deletions

View File

@ -11,27 +11,40 @@
//
// -------------------------------------------------------------
if (!defined('IN_PHPBB') || !isset($phpbb_root_path))
if (!defined('IN_PHPBB'))
{
die('Hacking attempt');
exit;
}
define('NEED_SID', true);
define('IN_ADMIN', true);
require($phpbb_root_path . 'common.'.$phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
// Start session management
$user->start();
$auth->acl($user->data);
$user->setup('admin');
// End session management
// Did user forget to login? Give 'em a chance to here ...
if ($user->data['user_id'] == ANONYMOUS)
{
login_box("./adm/index.$phpEx$SID", '', $user->lang['LOGIN_ADMIN']);
login_box('', $user->lang['LOGIN_ADMIN'], $user->lang['LOGIN_ADMIN_SUCCESS'], true);
}
$auth->acl($user->data);
$user->setup('admin');
// End session management
// Have they authenticated (again) as an admin for this session?
if (!$user->data['session_admin'])
{
login_box('', $user->lang['LOGIN_ADMIN_CONFIRM'], $user->lang['LOGIN_ADMIN_SUCCESS'], true, false);
}
// Is user any type of admin? No, then stop here, each script needs to
// check specific permissions but this is a catchall
if (!$auth->acl_get('a_'))
{
trigger_error($user->lang['NO_ADMIN']);
}
// Some oft used variables
$safe_mode = (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on') ? true : false;
@ -257,6 +270,68 @@ function adm_page_confirm($title, $message)
}
function build_cfg_template($tpl_type, $config_key, $options = '')
{
global $new, $user;
$tpl = '';
$name = 'config[' . $config_key . ']';
switch ($tpl_type[0])
{
case 'text':
case 'password':
$size = (int) $tpl_type[1];
$maxlength = (int) $tpl_type[2];
$tpl = '<input class="post" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new[$config_key] . '" />';
break;
case 'dimension':
$size = (int) $tpl_type[1];
$maxlength = (int) $tpl_type[2];
$tpl = '<input class="post" type="text"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="config[' . $config_key . '_height]" value="' . $new[$config_key . '_height'] . '" /> x <input class="post" type="text"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="config[' . $config_key . '_width]" value="' . $new[$config_key . '_width'] . '" />';
break;
case 'textarea':
$rows = (int) $tpl_type[1];
$cols = (int) $tpl_type[2];
$tpl = '<textarea name="' . $name . '" rows="' . $rows . '" cols="' . $cols . '">' . $new[$config_key] . '</textarea>';
break;
case 'radio':
$key_yes = ($new[$config_key]) ? ' checked="checked"' : '';
$key_no = (!$new[$config_key]) ? ' checked="checked"' : '';
$tpl_type_cond = explode('_', $tpl_type[1]);
$type_no = ($tpl_type_cond[0] == 'disabled' || $tpl_type_cond[0] == 'enabled') ? false : true;
$tpl_no = '<input type="radio" name="' . $name . '" value="0"' . $key_no . ' />' . (($type_no) ? $user->lang['NO'] : $user->lang['DISABLED']);
$tpl_yes = '<input type="radio" name="' . $name . '" value="1"' . $key_yes . ' />' . (($type_no) ? $user->lang['YES'] : $user->lang['ENABLED']);
$tpl = ($tpl_type_cond[0] == 'yes' || $tpl_type_cond[0] == 'enabled') ? $tpl_yes . '&nbsp;&nbsp;' . $tpl_no : $tpl_no . '&nbsp;&nbsp;' . $tpl_yes;
break;
case 'select':
eval('$s_options = ' . str_replace('{VALUE}', $new[$config_key], $options) . ';');
$tpl = '<select name="' . $name . '">' . $s_options . '</select>';
break;
case 'custom':
eval('$tpl = ' . str_replace('{VALUE}', $new[$config_key], $options) . ';');
break;
default:
break;
}
return $tpl;
}
// General ACP module class
class module
{

View File

@ -13,7 +13,7 @@
if (!defined('IN_PHPBB'))
{
die('Hacking attempt');
exit;
}
$starttime = explode(' ', microtime());

File diff suppressed because it is too large Load Diff

View File

@ -7,8 +7,8 @@
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : © 2001,2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
@ -91,8 +91,8 @@ function gen_rand_string($num_chars)
{
$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
list($usec, $sec) = explode(' ', microtime());
mt_srand($sec * $usec);
list($usec, $sec) = explode(' ', microtime());
mt_srand($sec * $usec);
$max_chars = count($chars) - 1;
$rand_str = '';
@ -147,7 +147,7 @@ function parse_text_display($text, $text_rules)
$bbcode->bbcode_second_pass($text, $bbcode_uid, $bbcode_bitfield);
}
// If we allow users to disable display of emoticons we'll need an appropriate
// If we allow users to disable display of emoticons we'll need an appropriate
// check and preg_replace here
if ($allow_smilies)
{
@ -160,7 +160,7 @@ function parse_text_display($text, $text_rules)
return $text;
}
// Create forum rules for given forum
// Create forum rules for given forum
function generate_forum_rules($forum_data)
{
if (!$forum_data['forum_rules'] && !$forum_data['forum_rules_link'])
@ -270,7 +270,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
global $config, $template, $db, $phpEx, $SID;
// Have we disabled the display of moderators? If so, then return
// from whence we came ...
// from whence we came ...
if (empty($config['load_moderators']))
{
return;
@ -293,7 +293,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
while ($row = $db->sql_fetchrow($result))
{
$forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u=' . $row['user_id'] . '">' . $row['username'] . '</a>' : '<a href="groupcp.' . $phpEx . $SID . '&amp;g=' . $row['group_id'] . '">' . $row['groupname'] . '</a>';
$forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u=' . $row['user_id'] . '">' . $row['username'] . '</a>' : '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=group&amp;g=' . $row['group_id'] . '">' . $row['groupname'] . '</a>';
}
$db->sql_freeresult($result);
@ -405,7 +405,7 @@ function make_jumpbox($action, $forum_id = false, $select_all = false, $acl_list
$iteration++;
$display_jumpbox = true;
}
if ($row['left_id'] < $right)
{
$padding++;
@ -455,7 +455,7 @@ function language_select($default = '')
{
global $db;
$sql = 'SELECT lang_iso, lang_local_name
$sql = 'SELECT lang_iso, lang_local_name
FROM ' . LANG_TABLE . '
ORDER BY lang_english_name';
$result = $db->sql_query($sql);
@ -478,7 +478,7 @@ function style_select($default = '', $all = false)
$sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
$sql = 'SELECT style_id, style_name
FROM ' . STYLES_TABLE . "
FROM ' . STYLES_TABLE . "
$sql_where
ORDER BY style_name";
$result = $db->sql_query($sql);
@ -601,7 +601,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
{
if ($_GET['unwatch'] == $mode)
{
login_box($user->cur_page);
login_box();
}
}
else
@ -624,7 +624,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
{
global $config, $db, $user;
if ($user->data['user_id'] == ANONYMOUS)
{
return;
@ -645,12 +645,12 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
case 'mark':
if ($config['load_db_lastread'])
{
$sql = 'SELECT forum_id
FROM ' . FORUMS_TRACK_TABLE . '
$sql = 'SELECT forum_id
FROM ' . FORUMS_TRACK_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . '
AND forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')';
$result = $db->sql_query($sql);
$sql_update = array();
while ($row = $db->sql_fetchrow($result))
{
@ -661,7 +661,7 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
if (sizeof($sql_update))
{
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . "
SET mark_time = $current_time
SET mark_time = $current_time
WHERE user_id = " . $user->data['user_id'] . '
AND forum_id IN (' . implode(', ', $sql_update) . ')';
$db->sql_query($sql);
@ -723,14 +723,14 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
case 'topic':
$forum_id = (int) $forum_id[0];
// Mark a topic as read
if ($config['load_db_lastread'] || ($config['load_db_track'] && $type == TRACK_POSTED))
{
$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . "
SET mark_type = $type, mark_time = $current_time
WHERE topic_id = $topic_id
AND user_id = " . $user->data['user_id'] . "
AND user_id = " . $user->data['user_id'] . "
AND mark_time < $current_time";
if (!$db->sql_query($sql) || !$db->sql_affectedrows())
{
@ -905,7 +905,7 @@ function obtain_icons(&$icons)
{
// Topic icons
$sql = 'SELECT *
FROM ' . ICONS_TABLE . '
FROM ' . ICONS_TABLE . '
ORDER BY icons_order';
$result = $db->sql_query($sql);
@ -993,14 +993,14 @@ function obtain_attach_extensions(&$extensions)
$extensions[$extension]['download_mode'] = (int) $row['download_mode'];
$extensions[$extension]['upload_icon'] = trim($row['upload_icon']);
$extensions[$extension]['max_filesize'] = (int) $row['max_filesize'];
$allowed_forums = ($row['allowed_forums']) ? unserialize(trim($row['allowed_forums'])) : array();
if ($row['allow_in_pm'])
{
$allowed_forums = array_merge($allowed_forums, array(0));
}
// Store allowed extensions forum wise
$extensions['_allowed_'][$extension] = (!sizeof($allowed_forums)) ? 0 : $allowed_forums;
}
@ -1074,7 +1074,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
{
return false;
}
$confirm = false;
if (isset($_POST['confirm']))
{
@ -1095,14 +1095,14 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
{
return false;
}
return true;
}
else if ($check)
{
return false;
}
$s_hidden_fields = '<input type="hidden" name="user_id" value="' . $user->data['user_id'] . '" /><input type="hidden" name="sess" value="' . $user->session_id . '" /><input type="hidden" name="sid" value="' . $SID . '" />';
// generate activation key
@ -1130,7 +1130,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
'S_CONFIRM_ACTION' => $user->cur_page . ((strpos($user->cur_page, '?') !== false) ? '&' : '?') . 'confirm_key=' . $confirm_key,
'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields)
);
$sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '" . $db->sql_escape($confirm_key) . "'
WHERE user_id = " . $user->data['user_id'];
$db->sql_query($sql);
@ -1139,25 +1139,28 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
}
// Generate login box or verify password
function login_box($s_action, $s_hidden_fields = '', $login_explain = '', $ucp_login = false)
function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true)
{
global $SID, $db, $user, $template, $auth, $phpEx, $phpbb_root_path;
$err = '';
if (isset($_POST['login']))
{
$username = request_var('username', '');
$password = request_var('password', '');
$autologin = (!empty($_POST['autologin'])) ? TRUE : FALSE;
$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
$admin = ($admin) ? 1 : 0;
if (($result = $auth->login($username, $password, $autologin, $viewonline)) === true)
// If authentication is successful we redirect user to previous page
if (($result = $auth->login($username, $password, $autologin, $viewonline, $admin)) === true)
{
// TODO
// Force change password ... plugin for EVENT_LOGIN in future
// but for now we'll do it here
$redirect = request_var('redirect', "index.$phpEx$SID");
meta_refresh(3, $redirect);
return true;
$message = (($l_success) ? $l_success : $user->lang['LOGIN_REDIRECT']) . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a> ');
trigger_error($message);
}
// If we get a non-numeric (e.g. string) value we output an error
@ -1170,19 +1173,35 @@ function login_box($s_action, $s_hidden_fields = '', $login_explain = '', $ucp_l
$err = ($result === 0) ? $user->lang['ACTIVE_ERROR'] : $user->lang['LOGIN_ERROR'];
}
$s_hidden_fields .= ($ucp_login && !empty($_SERVER['HTTP_REFERER'])) ? '<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['HTTP_REFERER']) . '" />' : '<input type="hidden" name="redirect" value="' . $s_action . '" />';
if (!$redirect)
{
$split_page = array();
preg_match_all('#^.*?([a-z]+?)\.' . $phpEx . '\?(.*?)$#i', $user->page, $split_page, PREG_SET_ORDER);
// No script name set? Assume index
if (empty($split_page[0][1]))
{
$split_page[0][1] = 'index';
}
// Current page correctly formatted for (login) redirects
$redirect = htmlspecialchars($split_page[0][1] . '.' . $phpEx . $SID . ((!empty($split_page[0][2])) ? '&' . $split_page[0][2] : ''));
}
$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $redirect . '" />';
$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $SID . '" />';
$template->assign_vars(array(
'LOGIN_ERROR' => $err,
'LOGIN_EXPLAIN' => $login_explain,
'LOGIN_ERROR' => $err,
'LOGIN_EXPLAIN' => $l_explain,
'U_SEND_PASSWORD' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=sendpassword",
'U_TERMS_USE' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=terms",
'U_PRIVACY' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=privacy",
'U_TERMS_USE' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=terms",
'U_PRIVACY' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=privacy",
'S_LOGIN_ACTION' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=login",
'S_HIDDEN_FIELDS' => $s_hidden_fields)
'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false,
'S_LOGIN_ACTION' => $redirect_page,
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
page_header($user->lang['LOGIN']);
@ -1203,7 +1222,7 @@ function login_forum_box(&$forum_data)
$password = request_var('password', '');
$sql = 'SELECT forum_id
FROM ' . FORUMS_ACCESS_TABLE . '
FROM ' . FORUMS_ACCESS_TABLE . '
WHERE forum_id = ' . $forum_data['forum_id'] . '
AND user_id = ' . $user->data['user_id'] . "
AND session_id = '$user->session_id'";
@ -1219,7 +1238,7 @@ function login_forum_box(&$forum_data)
if ($password)
{
// Remove expired authorised sessions
$sql = 'SELECT session_id
$sql = 'SELECT session_id
FROM ' . SESSIONS_TABLE;
$result = $db->sql_query($sql);
@ -1344,7 +1363,7 @@ function extension_allowed($forum_id, $extension)
{
return true;
}
return (!in_array($forum_id, $check)) ? false : true;
}
else
@ -1410,7 +1429,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
if (!defined('HEADER_INC'))
{
if (defined('IN_ADMIN'))
if (defined('IN_ADMIN') && !empty($user->data['session_admin']))
{
adm_page_header('', '', false);
}
@ -1425,7 +1444,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
$display_header = (!isset($display_header)) ? false : (bool) $display_header;
$show_prev_info = (!isset($show_prev_info)) ? true : (bool) $show_prev_info;
if (defined('IN_ADMIN'))
if (defined('IN_ADMIN') && !empty($user->data['session_admin']))
{
adm_page_message($msg_title, $msg_text, $display_header, $show_prev_info);
adm_page_footer();
@ -1445,6 +1464,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
}
exit;
break;
default:
if (defined('DEBUG_EXTRA'))
{
@ -1503,7 +1523,7 @@ function page_header($page_title = '')
$reading_sql = "AND s.session_page LIKE '%f=$f%'";
}
$sql = 'SELECT u.username, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_ip, s.session_allow_viewonline
$sql = 'SELECT u.username, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_ip, s.session_viewonline
FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . ' s
WHERE s.session_time >= ' . (time() - (intval($config['load_online_time']) * 60)) . "
$reading_sql
@ -1666,8 +1686,9 @@ function page_header($page_title = '')
'SITENAME' => $config['sitename'],
'SITE_DESCRIPTION' => $config['site_desc'],
'PAGE_TITLE' => $page_title,
'SCRIPT_NAME' => substr($user->page, 0, strpos($user->page, '.')),
'LAST_VISIT_DATE' => sprintf($user->lang['YOU_LAST_VISIT'], $s_last_visit),
'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time())),
'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time(), false, true)),
'TOTAL_USERS_ONLINE' => $l_online_users,
'LOGGED_IN_USER_LIST' => $online_userlist,
'RECORD_USERS' => $l_online_record,
@ -1676,8 +1697,8 @@ function page_header($page_title = '')
'SID' => $SID,
'L_LOGIN_LOGOUT' => $l_login_logout,
'L_INDEX' => $user->lang['FORUM_INDEX'],
'L_ONLINE_EXPLAIN' => $l_online_time,
'L_INDEX' => $user->lang['FORUM_INDEX'],
'L_ONLINE_EXPLAIN' => $l_online_time,
'U_PRIVATEMSGS' => "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&mode=" . (($user->data['user_new_privmsg'] || $l_privmsgs_text_unread) ? 'unread' : 'view_messages'),
'U_RETURN_INBOX' => "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&folder=inbox",
@ -1685,7 +1706,6 @@ function page_header($page_title = '')
'U_MEMBERLIST' => "{$phpbb_root_path}memberlist.$phpEx$SID",
'U_VIEWONLINE' => "{$phpbb_root_path}viewonline.$phpEx$SID",
'U_MEMBERSLIST' => "{$phpbb_root_path}memberlist.$phpEx$SID",
'U_GROUP_CP' => "{$phpbb_root_path}groupcp.$phpEx$SID",
'U_LOGIN_LOGOUT' => $u_login_logout,
'U_INDEX' => "{$phpbb_root_path}index.$phpEx$SID",
'U_SEARCH' => "{$phpbb_root_path}search.$phpEx$SID",
@ -1700,24 +1720,24 @@ function page_header($page_title = '')
'S_USER_LOGGED_IN' => ($user->data['user_id'] != ANONYMOUS) ? true : false,
'S_USER_PM_POPUP' => $user->optionget('popuppm'),
'S_USER_LANG' => $user->data['user_lang'],
'S_USER_LANG' => $user->data['user_lang'],
'S_USER_BROWSER' => (isset($user->data['session_browser'])) ? $user->data['session_browser'] : $user->lang['UNKNOWN_BROWSER'],
'S_CONTENT_DIRECTION' => $user->lang['DIRECTION'],
'S_CONTENT_ENCODING' => $user->lang['ENCODING'],
'S_CONTENT_DIR_LEFT' => $user->lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $user->lang['RIGHT'],
'S_TIMEZONE' => ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], ''),
'S_DISPLAY_ONLINE_LIST' => (!empty($config['load_online'])) ? 1 : 0,
'S_DISPLAY_SEARCH' => (!empty($config['load_search'])) ? 1 : 0,
'S_DISPLAY_PM' => (!empty($config['allow_privmsg'])) ? 1 : 0,
'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0,
'S_TIMEZONE' => ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], ''),
'S_DISPLAY_ONLINE_LIST' => (!empty($config['load_online'])) ? 1 : 0,
'S_DISPLAY_SEARCH' => (!empty($config['load_search'])) ? 1 : 0,
'S_DISPLAY_PM' => (!empty($config['allow_privmsg'])) ? 1 : 0,
'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0,
'S_NEW_PM' => ($s_privmsg_new) ? 1 : 0,
'T_THEME_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['theme_path'] . '/theme',
'T_TEMPLATE_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['template_path'] . '/template',
'T_IMAGESET_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['imageset_path'] . '/imageset',
'T_THEME_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['theme_path'] . '/theme',
'T_TEMPLATE_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['template_path'] . '/template',
'T_IMAGESET_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['imageset_path'] . '/imageset',
'T_STYLESHEET_LINK' => (!$user->theme['primary']['theme_storedb']) ? "{$phpbb_root_path}styles/" . $user->theme['primary']['theme_path'] . '/theme/stylesheet.css' : "{$phpbb_root_path}style.$phpEx?sid=$user->session_id&amp;id=" . $user->theme['primary']['theme_id'],
'T_STYLESHEET_NAME' => $user->theme['primary']['theme_name'],
'T_STYLESHEET_NAME' => $user->theme['primary']['theme_name'],
'T_THEME_DATA' => (!$user->theme['primary']['theme_storedb']) ? '' : $user->theme['primary']['theme_data'])
);
@ -1757,7 +1777,7 @@ function page_footer()
$template->assign_vars(array(
'PHPBB_VERSION' => $config['version'],
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'U_ACP' => ($auth->acl_get('a_') && $user->data['user_id'] != ANONYMOUS) ? "adm/index.$phpEx?sid=" . $user->data['session_id'] : '')
);

View File

@ -30,28 +30,9 @@ class session
$current_time = time();
$this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT'];
$this->page = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : $_ENV['REQUEST_URI'];
$split_page = array();
preg_match_all('#^.*?([a-z]+?)\.' . $phpEx . '\?sid=[a-z0-9]*?(&.*)?$#i', $this->page, $split_page, PREG_SET_ORDER);
// Take care of SID
if (!isset($split_page[0][1]))
{
$split_page[0][1] = substr(strrchr($this->page, '/'), 1);
}
// Page for session_page value
$this->page = $split_page[0][1] . ((isset($split_page[0][2])) ? $split_page[0][2] : '');
$this->page = preg_replace('#^.*?\/?(\/adm\/)?([a-z]+?\.' . $phpEx . '\?)sid=[a-z0-9]*&?(.*?)$#i', '\1\2\3', $this->page);
$this->page .= (isset($_POST['f'])) ? 'f=' . intval($_POST['f']) : '';
// Current page correctly formatted for (login) redirects
$this->cur_page = str_replace('&amp;', '&', htmlspecialchars($split_page[0][1] . '.' . $phpEx . ((isset($split_page[0][2])) ? '?' . $split_page[0][2] : '')));
// Current page filename for use in template (index, viewtopic, viewforum...)
$this->current_page_filename = $split_page[0][1];
unset($split_page);
if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_data']))
{
$sessiondata = (!empty($_COOKIE[$config['cookie_name'] . '_data'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_data'])) : array();
@ -145,12 +126,13 @@ class session
}
// Create a new session
function create(&$user_id, &$autologin, $set_autologin = false, $viewonline = 1)
function create(&$user_id, &$autologin, $set_autologin = false, $viewonline = 1, $admin = 0)
{
global $SID, $db, $config;
$sessiondata = array();
$current_time = time();
$current_user = $this->data['user_id'];
$bot = false;
// Pull bot information from DB and loop through it
@ -290,38 +272,45 @@ class session
// Create or update the session
$db->sql_return_on_error(true);
$sql = 'UPDATE ' . SESSIONS_TABLE . "
SET session_user_id = $user_id, session_last_visit = " . $this->data['session_last_visit'] . ", session_start = $current_time, session_time = $current_time, session_browser = '" . $db->sql_escape($this->browser) . "', session_page = '" . $db->sql_escape($this->page) . "', session_allow_viewonline = $viewonline
$sql_ary = array(
'session_user_id' => (int) $user_id,
'session_start' => (int) $current_time,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $current_time,
'session_browser' => (string) $this->browser,
'session_page' => (string) $this->page,
'session_viewonline' => (int) $viewonline,
'session_admin' => (int) $admin,
);
$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
if ($this->session_id == '' || !$db->sql_query($sql) || !$db->sql_affectedrows())
{
$db->sql_return_on_error(false);
$this->session_id = md5(uniqid($this->ip));
$sql = 'INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'session_id' => (string) $this->session_id,
'session_user_id' => (int) $user_id,
'session_start' => (int) $current_time,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $current_time,
'session_ip' => (string) $this->ip,
'session_browser' => (string) $this->browser,
'session_page' => (string) $this->page,
'session_allow_viewonline' => (int) $viewonline
));
$db->sql_query($sql);
$sql_ary['session_id'] = (string) $this->session_id;
$db->sql_query('INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
}
$db->sql_return_on_error(false);
if (!$bot)
{
$this->data['session_id'] = $this->session_id;
$sessiondata['autologinid'] = ($autologin && $user_id != ANONYMOUS) ? $autologin : '';
$sessiondata['userid'] = $user_id;
// Don't set cookies if we're an admin re-authenticating
if (!$admin || ($admin && $current_user == ANONYMOUS))
{
$sessiondata['userid'] = $user_id;
$sessiondata['autologinid'] = ($autologin && $user_id != ANONYMOUS) ? $autologin : '';
$this->set_cookie('data', serialize($sessiondata), $current_time + 31536000);
$this->set_cookie('sid', $this->session_id, 0);
}
$this->set_cookie('data', serialize($sessiondata), $current_time + 31536000);
$this->set_cookie('sid', $this->session_id, 0);
$SID = '?sid=' . $this->session_id;
if ($this->data['user_id'] != ANONYMOUS)
@ -359,12 +348,12 @@ class session
AND session_user_id = " . $this->data['user_id'];
$db->sql_query($sql);
$this->session_id = '';
// Reset some basic data immediately
$this->session_id = $this->data['username'] = '';
$this->data['user_id'] = ANONYMOUS;
$this->data['session_admin'] = 0;
if ($this->data['user_id'] != ANONYMOUS)
{
// Trigger EVENT_END_SESSION
}
// Trigger EVENT_END_SESSION
return true;
}
@ -544,7 +533,7 @@ class user extends session
$this->add_lang($lang_set);
unset($lang_set);
if (!empty($_GET['style']) && $auth->acl_get('a_styles'))
{
global $SID;
@ -690,7 +679,7 @@ class user extends session
// $lang == $this->lang
// $help == $this->help
// - add appropiate variables here, name them as they are used within the language file...
if (!$use_db)
{
require($this->lang_path . (($use_help) ? 'help_' : '') . "$lang_file.$phpEx");
@ -1159,9 +1148,9 @@ class auth
}
// Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
function login($username, $password, $autologin = false, $viewonline = 1)
function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0)
{
global $config, $user, $phpbb_root_path, $phpEx;
global $config, $db, $user, $phpbb_root_path, $phpEx;
$method = trim($config['auth_method']);
@ -1182,8 +1171,7 @@ class auth
$autologin = (!empty($autologin)) ? md5($password) : '';
// Trigger EVENT_LOGIN
return $user->create($login['user_id'], $autologin, true, $viewonline);
return $user->create($login['user_id'], $autologin, true, $viewonline, $admin);
}
}

View File

@ -0,0 +1,126 @@
<?php
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : ucp_groups.php
// STARTED : Sun Jun 6, 2004
// COPYRIGHT : © 2001, 2004 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class ucp_groups extends module
{
function ucp_groups($id, $mode)
{
global $config, $db, $user, $auth, $SID, $template, $phpbb_root_path, $phpEx;
$user->add_lang('groups');
$submit = (!empty($_POST['submit'])) ? true : false;
$delete = (!empty($_POST['delete'])) ? true : false;
$error = $data = array();
switch ($mode)
{
case 'membership':
$sql = 'SELECT g.group_id, g.group_name, g.group_description, g.group_type, ug.group_leader, ug.user_pending
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
$group_id_ary = array();
$leader_count = $member_count = $pending_count = 0;
while ($row = $db->sql_fetchrow($result))
{
$block = ($row['group_leader']) ? 'leader' : (($row['user_pending']) ? 'pending' : 'member');
$template->assign_block_vars($block, array(
'GROUP_ID' => $row['group_id'],
'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? $row['group_description'] : $user->lang['GROUP_IS_SPECIAL'],
'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
'U_VIEW_GROUP' => "memberlist.$phpEx$SID&amp;mode=group&amp;g=" . $row['group_id'],
'S_GROUP_DEFAULT' => ($row['group_id'] == $user->data['group_id']) ? true : false,
'S_ROW_COUNT' => ${$block . '_count'}++,)
);
$group_id_ary[] = $row['group_id'];
}
$db->sql_freeresult($result);
// Hide hidden groups unless user is an admin with group privileges
$sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
$sql = 'SELECT group_id, group_name, group_description, group_type
FROM ' . GROUPS_TABLE . '
WHERE group_id NOT IN (' . implode(', ', $group_id_ary) . ")
AND group_type $sql_and
ORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$nonmember_count = 0;
while ($row = $db->sql_fetchrow($result))
{
$template->assign_block_vars('nonmember', array(
'GROUP_ID' => $row['group_id'],
'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
'GROUP_DESC' => $row['group_description'],
'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
'GROUP_CLOSED' => ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true,
'U_VIEW_GROUP' => "memberlist.$phpEx$SID&amp;mode=group&amp;g=" . $row['group_id'],
'S_ROW_COUNT' => $nonmember_count++,)
);
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'S_CHANGE_DEFAULT' => ($auth->acl_get('u_chggrp')) ? true : false,
'S_LEADER_COUNT' => $leader_count,
'S_MEMBER_COUNT' => $member_count,
'S_PENDING_COUNT' => $pending_count,
'S_NONMEMBER_COUNT' => $nonmember_count,)
);
break;
case 'manage':
break;
}
$this->display($user->lang['UCP_GROUPS'], 'ucp_groups_' . $mode . '.html');
}
}
/*
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template('group_request', $moderator['user_lang']);
$emailer->email_address($moderator['user_email']);
$emailer->set_subject();//$lang['Group_request']
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'GROUP_MODERATOR' => $moderator['username'],
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_GROUPCP' => $server_url . '?' . 'g' . "=$group_id&validate=true")
);
$emailer->send();
$emailer->reset();
*/
?>

View File

@ -7,11 +7,11 @@
// STARTED : Mon May 19, 2003
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class ucp_prefs extends module
class ucp_prefs extends module
{
function ucp_prefs($id, $mode)
{
@ -28,18 +28,18 @@ class ucp_prefs extends module
if ($submit)
{
$var_ary = array(
'dateformat' => (string) $config['default_dateformat'],
'lang' => (string) $config['default_lang'],
'dateformat' => (string) $config['default_dateformat'],
'lang' => (string) $config['default_lang'],
'tz' => (float) $config['board_timezone'],
'style' => (int) $config['default_style'],
'dst' => (bool) $config['board_dst'],
'viewemail' => false,
'massemail' => true,
'hideonline' => false,
'notifymethod' => 0,
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
'style' => (int) $config['default_style'],
'dst' => (bool) $config['board_dst'],
'viewemail' => false,
'massemail' => true,
'hideonline' => false,
'notifymethod' => 0,
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
);
foreach ($var_ary as $var => $default)
@ -48,7 +48,7 @@ class ucp_prefs extends module
}
$var_ary = array(
'dateformat' => array('string', false, 3, 15),
'dateformat' => array('string', false, 3, 15),
'lang' => array('match', false, '#^[a-z_]{2,}$#i'),
'tz' => array('num', false, -13, 13),
);
@ -63,13 +63,13 @@ class ucp_prefs extends module
if (!sizeof($error))
{
$sql_ary = array(
'user_allow_pm' => $allowpm,
'user_allow_viewemail' => $viewemail,
'user_allow_massemail' => $massemail,
'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$hideonline : $user->data['user_allow_viewonline'],
'user_notify_type' => $notifymethod,
'user_allow_pm' => $allowpm,
'user_allow_viewemail' => $viewemail,
'user_allow_massemail' => $massemail,
'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$hideonline : $user->data['user_allow_viewonline'],
'user_notify_type' => $notifymethod,
'user_notify_pm' => $notifypm,
'user_options' => $user->data['user_options'],
'user_options' => $user->data['user_options'],
'user_dst' => $dst,
'user_dateformat' => $dateformat,
@ -78,7 +78,7 @@ class ucp_prefs extends module
'user_style' => $style,
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -117,34 +117,34 @@ class ucp_prefs extends module
$style = (isset($style)) ? $style : $user->data['user_style'];
$tz = (isset($tz)) ? $tz : $user->data['user_timezone'];
$template->assign_vars(array(
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'VIEW_EMAIL_YES' => $view_email_yes,
'VIEW_EMAIL_NO' => $view_email_no,
'ADMIN_EMAIL_YES' => $mass_email_yes,
'ADMIN_EMAIL_NO' => $mass_email_no,
'HIDE_ONLINE_YES' => $hide_online_yes,
'HIDE_ONLINE_NO' => $hide_online_no,
'ALLOW_PM_YES' => $allow_pm_yes,
'ALLOW_PM_NO' => $allow_pm_no,
'NOTIFY_PM_YES' => $notify_pm_yes,
'NOTIFY_PM_NO' => $notify_pm_no,
'POPUP_PM_YES' => $popup_pm_yes,
'POPUP_PM_NO' => $popup_pm_no,
'DST_YES' => $dst_yes,
'DST_NO' => $dst_no,
'NOTIFY_EMAIL' => ($notifymethod == NOTIFY_EMAIL) ? 'checked="checked"' : '',
'NOTIFY_IM' => ($notifymethod == NOTIFY_IM) ? 'checked="checked"' : '',
'NOTIFY_BOTH' => ($notifymethod == NOTIFY_BOTH) ? 'checked="checked"' : '',
'VIEW_EMAIL_YES' => $view_email_yes,
'VIEW_EMAIL_NO' => $view_email_no,
'ADMIN_EMAIL_YES' => $mass_email_yes,
'ADMIN_EMAIL_NO' => $mass_email_no,
'HIDE_ONLINE_YES' => $hide_online_yes,
'HIDE_ONLINE_NO' => $hide_online_no,
'ALLOW_PM_YES' => $allow_pm_yes,
'ALLOW_PM_NO' => $allow_pm_no,
'NOTIFY_PM_YES' => $notify_pm_yes,
'NOTIFY_PM_NO' => $notify_pm_no,
'POPUP_PM_YES' => $popup_pm_yes,
'POPUP_PM_NO' => $popup_pm_no,
'DST_YES' => $dst_yes,
'DST_NO' => $dst_no,
'NOTIFY_EMAIL' => ($notifymethod == NOTIFY_EMAIL) ? 'checked="checked"' : '',
'NOTIFY_IM' => ($notifymethod == NOTIFY_IM) ? 'checked="checked"' : '',
'NOTIFY_BOTH' => ($notifymethod == NOTIFY_BOTH) ? 'checked="checked"' : '',
'DATE_FORMAT' => $dateformat,
'DATE_FORMAT' => $dateformat,
'S_LANG_OPTIONS' => language_select($lang),
'S_LANG_OPTIONS' => language_select($lang),
'S_STYLE_OPTIONS' => style_select($style),
'S_TZ_OPTIONS' => tz_select($tz),
'S_CAN_HIDE_ONLINE' => true,
'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false,
'S_CAN_HIDE_ONLINE' => true,
'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false,
)
);
break;
@ -154,16 +154,16 @@ class ucp_prefs extends module
if ($submit)
{
$var_ary = array(
'sk' => (string) 't',
'sd' => (string) 'd',
'sk' => (string) 't',
'sd' => (string) 'd',
'st' => 0,
'images' => true,
'flash' => false,
'smilies' => true,
'sigs' => true,
'avatars' => true,
'wordcensor'=> false,
'images' => true,
'flash' => false,
'smilies' => true,
'sigs' => true,
'avatars' => true,
'wordcensor'=> false,
);
foreach ($var_ary as $var => $default)
@ -172,8 +172,8 @@ class ucp_prefs extends module
}
$var_ary = array(
'sk' => array('string', false, 1, 1),
'sd' => array('string', false, 1, 1),
'sk' => array('string', false, 1, 1),
'sd' => array('string', false, 1, 1),
);
$error = validate_data($data, $var_ary);
@ -193,13 +193,13 @@ class ucp_prefs extends module
}
$sql_ary = array(
'user_options' => $user->data['user_options'],
'user_options' => $user->data['user_options'],
'user_sortby_type' => $sk,
'user_sortby_dir' => $sd,
'user_show_days' => $st,
'user_show_days' => $st,
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -242,25 +242,25 @@ class ucp_prefs extends module
$wordcensor_yes = ($wordcensor) ? ' checked="checked"' : '';
$wordcensor_no = (!$wordcensor) ? ' checked="checked"' : '';
$template->assign_vars(array(
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'VIEW_IMAGES_YES' => $images_yes,
'VIEW_IMAGES_NO' => $images_no,
'VIEW_FLASH_YES' => $flash_yes,
'VIEW_FLASH_NO' => $flash_no,
'VIEW_SMILIES_YES' => $smilies_yes,
'VIEW_SMILIES_NO' => $smilies_no,
'VIEW_SIGS_YES' => $sigs_yes,
'VIEW_SIGS_NO' => $sigs_no,
'VIEW_AVATARS_YES' => $avatars_yes,
'VIEW_IMAGES_YES' => $images_yes,
'VIEW_IMAGES_NO' => $images_no,
'VIEW_FLASH_YES' => $flash_yes,
'VIEW_FLASH_NO' => $flash_no,
'VIEW_SMILIES_YES' => $smilies_yes,
'VIEW_SMILIES_NO' => $smilies_no,
'VIEW_SIGS_YES' => $sigs_yes,
'VIEW_SIGS_NO' => $sigs_no,
'VIEW_AVATARS_YES' => $avatars_yes,
'VIEW_AVATARS_NO' => $avatars_no,
'DISABLE_CENSORS_YES' => $wordcensor_yes,
'DISABLE_CENSORS_YES' => $wordcensor_yes,
'DISABLE_CENSORS_NO' => $wordcensor_no,
'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false,
'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false,
'S_SELECT_SORT_DAYS' => $s_limit_days,
'S_SELECT_SORT_KEY' => $s_sort_key,
'S_SELECT_SORT_KEY' => $s_sort_key,
'S_SELECT_SORT_DIR' => $s_sort_dir)
);
@ -271,11 +271,11 @@ class ucp_prefs extends module
if ($submit)
{
$var_ary = array(
'bbcode' => true,
'html' => false,
'bbcode' => true,
'html' => false,
'smilies' => true,
'sig' => true,
'notify' => false,
'sig' => true,
'notify' => false,
);
foreach ($var_ary as $var => $default)
@ -295,7 +295,7 @@ class ucp_prefs extends module
'user_notify' => $notify,
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -305,7 +305,7 @@ class ucp_prefs extends module
trigger_error($message);
}
}
$bbcode = (isset($bbcode)) ? $bbcode : $user->optionget('bbcode');
$bbcode_yes = ($bbcode) ? ' checked="checked"' : '';
$bbcode_no = (!$bbcode) ? ' checked="checked"' : '';
@ -322,24 +322,24 @@ class ucp_prefs extends module
$notify_yes = ($notify) ? ' checked="checked"' : '';
$notify_no = (!$notify) ? ' checked="checked"' : '';
$template->assign_vars(array(
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'DEFAULT_BBCODE_YES' => $bbcode_yes,
'DEFAULT_BBCODE_NO' => $bbcode_no,
'DEFAULT_HTML_YES' => $html_yes,
'DEFAULT_HTML_NO' => $html_no,
'DEFAULT_SMILIES_YES' => $smilies_yes,
'DEFAULT_SMILIES_NO' => $smilies_no,
'DEFAULT_SIG_YES' => $sig_yes,
'DEFAULT_SIG_NO' => $sig_no,
'DEFAULT_NOTIFY_YES' => $notify_yes,
'DEFAULT_BBCODE_YES' => $bbcode_yes,
'DEFAULT_BBCODE_NO' => $bbcode_no,
'DEFAULT_HTML_YES' => $html_yes,
'DEFAULT_HTML_NO' => $html_no,
'DEFAULT_SMILIES_YES' => $smilies_yes,
'DEFAULT_SMILIES_NO' => $smilies_no,
'DEFAULT_SIG_YES' => $sig_yes,
'DEFAULT_SIG_NO' => $sig_no,
'DEFAULT_NOTIFY_YES' => $notify_yes,
'DEFAULT_NOTIFY_NO' => $notify_no,)
);
break;
}
$template->assign_vars(array(
$template->assign_vars(array(
'L_TITLE' => $user->lang['UCP_PREFS_' . strtoupper($mode)],
'S_HIDDEN_FIELDS' => $s_hidden_fields,

View File

@ -7,8 +7,8 @@
// STARTED : Mon May 19, 2003
// COPYRIGHT : © 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class ucp_profile extends module
@ -31,12 +31,12 @@ class ucp_profile extends module
if ($submit)
{
$var_ary = array(
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'email_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
);
foreach ($var_ary as $var => $default)
@ -46,15 +46,15 @@ class ucp_profile extends module
$var_ary = array(
'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', $username)),
'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'new_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'cur_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'new_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'cur_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'email' => array(
array('string', false, 6, 60),
array('email', $email)),
'email_confirm' => array('string', true, 6, 60),
array('string', false, 6, 60),
array('email', $email)),
'email_confirm' => array('string', true, 6, 60),
);
$error = validate_data($data, $var_ary);
@ -79,11 +79,11 @@ class ucp_profile extends module
if (!sizeof($error))
{
$sql_ary = array(
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
'user_passchg' => time(),
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
'user_passchg' => time(),
);
if ($config['email_enable'] && $email != $user->data['user_email'] && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
@ -128,7 +128,7 @@ class ucp_profile extends module
$admin_ary = $auth->acl_get_list(false, 'a_user', false);
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
FROM ' . USERS_TABLE . '
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $admin_ary[0]['a_user']) .')';
$result = $db->sql_query($sql);
@ -159,8 +159,8 @@ class ucp_profile extends module
);
}
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -181,17 +181,17 @@ class ucp_profile extends module
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => (isset($username)) ? $username : $user->data['username'],
'EMAIL' => (isset($email)) ? $email : $user->data['user_email'],
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'NEW_PASSWORD' => (isset($new_password)) ? $new_password : '',
'CUR_PASSWORD' => '',
'USERNAME' => (isset($username)) ? $username : $user->data['username'],
'EMAIL' => (isset($email)) ? $email : $user->data['user_email'],
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'NEW_PASSWORD' => (isset($new_password)) ? $new_password : '',
'CUR_PASSWORD' => '',
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang['CHANGE_PASSWORD_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_FORCE_PASSWORD' => ($config['chg_passforce'] && $this->data['user_passchg'] < time() - $config['chg_passforce']) ? true : false,
'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang['CHANGE_PASSWORD_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_FORCE_PASSWORD' => ($config['chg_passforce'] && $this->data['user_passchg'] < time() - $config['chg_passforce']) ? true : false,
'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
'S_CHANGE_EMAIL' => ($auth->acl_get('u_chgemail')) ? true : false,
'S_CHANGE_PASSWORD' => ($auth->acl_get('u_chgpasswd')) ? true : false)
);
@ -207,12 +207,12 @@ class ucp_profile extends module
if ($submit)
{
$var_ary = array(
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'location' => (string) '',
'occupation' => (string) '',
'interests' => (string) '',
@ -228,20 +228,20 @@ class ucp_profile extends module
$var_ary = array(
'icq' => array(
array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')),
'aim' => array('string', true, 5, 255),
'msn' => array('string', true, 5, 255),
array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')),
'aim' => array('string', true, 5, 255),
'msn' => array('string', true, 5, 255),
'jabber' => array(
array('string', true, 5, 255),
array('string', true, 5, 255),
array('match', true, '#^[a-z0-9\.\-_\+]+?@(.*?\.)*?[a-z0-9\-_]+?\.[a-z]{2,4}(/.*)?$#i')),
'yim' => array('string', true, 5, 255),
'yim' => array('string', true, 5, 255),
'website' => array(
array('string', true, 12, 255),
array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
'location' => array('string', true, 2, 255),
'occupation' => array('string', true, 2, 500),
'interests' => array('string', true, 2, 500),
array('string', true, 12, 255),
array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
'location' => array('string', true, 2, 255),
'occupation' => array('string', true, 2, 500),
'interests' => array('string', true, 2, 500),
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())),
@ -269,7 +269,7 @@ class ucp_profile extends module
'user_birthday' => sprintf('%2d-%2d-%4d', $bday_day, $bday_month, $bday_year),
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -277,7 +277,7 @@ class ucp_profile extends module
// Update Custom Fields
if (sizeof($cp_data))
{
$sql = 'UPDATE ' . PROFILE_DATA_TABLE . '
$sql = 'UPDATE ' . PROFILE_DATA_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $cp_data) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -333,21 +333,21 @@ class ucp_profile extends module
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ICQ' => (isset($icq)) ? $icq : $user->data['user_icq'],
'YIM' => (isset($yim)) ? $yim : $user->data['user_yim'],
'AIM' => (isset($aim)) ? $aim : $user->data['user_aim'],
'MSN' => (isset($msn)) ? $msn : $user->data['user_msnm'],
'JABBER' => (isset($jabber)) ? $jabber : $user->data['user_jabber'],
'WEBSITE' => (isset($website)) ? $website : $user->data['user_website'],
'LOCATION' => (isset($location)) ? $location : $user->data['user_from'],
'OCCUPATION'=> (isset($occupation)) ? $occupation : $user->data['user_occ'],
'INTERESTS' => (isset($interests)) ? $interests : $user->data['user_interests'],
'ICQ' => (isset($icq)) ? $icq : $user->data['user_icq'],
'YIM' => (isset($yim)) ? $yim : $user->data['user_yim'],
'AIM' => (isset($aim)) ? $aim : $user->data['user_aim'],
'MSN' => (isset($msn)) ? $msn : $user->data['user_msnm'],
'JABBER' => (isset($jabber)) ? $jabber : $user->data['user_jabber'],
'WEBSITE' => (isset($website)) ? $website : $user->data['user_website'],
'LOCATION' => (isset($location)) ? $location : $user->data['user_from'],
'OCCUPATION'=> (isset($occupation)) ? $occupation : $user->data['user_occ'],
'INTERESTS' => (isset($interests)) ? $interests : $user->data['user_interests'],
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,)
);
// Get additional profile fields and assign them to the template block var 'profile_fields'
$user->get_profile_fields($user->data['user_id']);
@ -360,11 +360,11 @@ class ucp_profile extends module
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
$var_ary = array(
'enable_html' => (bool) $config['allow_html'],
'enable_bbcode' => (bool) $config['allow_bbcode'],
'enable_html' => (bool) $config['allow_html'],
'enable_bbcode' => (bool) $config['allow_bbcode'],
'enable_smilies' => (bool) $config['allow_smilies'],
'enable_urls' => true,
'signature' => (string) $user->data['user_sig'],
'enable_urls' => true,
'signature' => (string) $user->data['user_sig'],
);
@ -388,13 +388,13 @@ class ucp_profile extends module
$message_parser->parse($enable_html, $enable_bbcode, $enable_urls, $enable_smilies);
$sql_ary = array(
'user_sig' => (string) $message_parser->message,
'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
'user_sig' => (string) $message_parser->message,
'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
'user_sig_bbcode_bitfield' => (int) $message_parser->bbcode_bitfield
);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -430,21 +430,20 @@ class ucp_profile extends module
$signature_preview = str_replace("\n", '<br />', censor_text($signature_preview));
}
$html_status = ($config['allow_html']) ? true : false;
$bbcode_status = ($config['allow_bbcode']) ? true : false;
$smilies_status = ($config['allow_smilies']) ? true : false;
$html_status = ($config['allow_html']) ? true : false;
$bbcode_status = ($config['allow_bbcode']) ? true : false;
$smilies_status = ($config['allow_smilies']) ? true : false;
// NOTE: allow_img and allow_flash do not exist in config table
$img_status = ($config['allow_img']) ? true : false;
$flash_status = ($config['allow_flash']) ? true : false;
$img_status = ($config['allow_img']) ? true : false;
$flash_status = ($config['allow_flash']) ? true : false;
decode_text($signature, $user->data['user_sig_bbcode_uid']);
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'SIGNATURE' => $signature,
'SIGNATURE_PREVIEW' => $signature_preview,
'SIGNATURE_PREVIEW' => $signature_preview,
'S_HTML_CHECKED' => (!$enable_html) ? 'checked="checked"' : '',
'S_BBCODE_CHECKED' => (!$enable_bbcode) ? 'checked="checked"' : '',
'S_SMILIES_CHECKED' => (!$enable_smilies) ? 'checked="checked"' : '',
@ -456,10 +455,10 @@ class ucp_profile extends module
'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
'S_HTML_ALLOWED' => $config['allow_html'],
'S_BBCODE_ALLOWED' => $config['allow_bbcode'],
'S_HTML_ALLOWED' => $config['allow_html'],
'S_BBCODE_ALLOWED' => $config['allow_bbcode'],
'S_SMILIES_ALLOWED' => $config['allow_smilies'],)
);
break;
@ -469,16 +468,16 @@ class ucp_profile extends module
$display_gallery = (isset($_POST['displaygallery'])) ? true : false;
$avatar_category = request_var('category', '');
// Can we upload?
// Can we upload?
$can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;
if ($submit)
{
$var_ary = array(
'uploadurl' => (string) '',
'remotelink' => (string) '',
'uploadurl' => (string) '',
'remotelink' => (string) '',
'width' => (string) '',
'height' => (string) '',
'height' => (string) '',
);
foreach ($var_ary as $var => $default)
@ -487,10 +486,10 @@ class ucp_profile extends module
}
$var_ary = array(
'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3),
'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3),
);
$error = validate_data($data, $var_ary);
@ -519,14 +518,14 @@ class ucp_profile extends module
if (sizeof($data))
{
$sql_ary = array(
'user_avatar' => $filename,
'user_avatar_type' => $type,
'user_avatar_width' => $width,
'user_avatar_height' => $height,
'user_avatar' => $filename,
'user_avatar_type' => $type,
'user_avatar_width' => $width,
'user_avatar_height' => $height,
);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@ -565,11 +564,11 @@ class ucp_profile extends module
}
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'S_FORM_ENCTYPE' => ($can_upload) ? ' enctype="multipart/form-data"' : '',
'S_FORM_ENCTYPE' => ($can_upload) ? ' enctype="multipart/form-data"' : '',
'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)),)
);
@ -611,16 +610,16 @@ class ucp_profile extends module
else
{
$template->assign_vars(array(
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'WIDTH' => (isset($width)) ? $width : $user->data['user_avatar_width'],
'HEIGHT' => (isset($height)) ? $height : $user->data['user_avatar_height'],
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'WIDTH' => (isset($width)) ? $width : $user->data['user_avatar_width'],
'HEIGHT' => (isset($height)) ? $height : $user->data['user_avatar_height'],
'S_UPLOAD_AVATAR_FILE' => $can_upload,
'S_UPLOAD_AVATAR_URL' => $can_upload,
'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false,
'S_UPLOAD_AVATAR_URL' => $can_upload,
'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false,
'S_GALLERY_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) ? true : false,
'S_AVATAR_CAT_OPTIONS' => $s_categories,
'S_AVATAR_CAT_OPTIONS' => $s_categories,
'S_AVATAR_PAGE_OPTIONS' => $s_pages,)
);
}

View File

@ -602,7 +602,8 @@ CREATE TABLE phpbb_sessions (
session_ip varchar(40) DEFAULT '0' NOT NULL,
session_browser varchar(100) DEFAULT '' NULL,
session_page varchar(100) DEFAULT '' NOT NULL,
session_allow_viewonline tinyint(1) DEFAULT '1' NOT NULL,
session_viewonline tinyint(1) DEFAULT '1' NOT NULL,
session_admin tinyint(1) DEFAULT '0' NOT NULL,
PRIMARY KEY (session_id),
KEY session_time (session_time),
KEY session_user_id (session_user_id)

File diff suppressed because it is too large Load Diff

View File

@ -32,7 +32,7 @@ $lang += array(
'DIRECTION' => 'ltr',
'LEFT' => 'left',
'RIGHT' => 'right',
'DATE_FORMAT' => 'd M Y',
'DATE_FORMAT' => '|d M Y|',
'1_DAY' => '1 Day',
@ -415,6 +415,9 @@ $lang += array(
'YOU_NO_NEW_PM' => 'No new private messages are waiting for you',
'datetime' => array(
'TODAY' => 'Today, ',
'YESTERDAY' => 'Yesterday, ',
'Sunday' => 'Sunday',
'Monday' => 'Monday',
'Tuesday' => 'Tuesday',

View File

@ -28,17 +28,23 @@ if (empty($lang) || !is_array($lang))
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine
$lang += array(
'GROUP_AVATAR' => 'Group avatar',
'GROUP_CLOSED' => 'Closed',
'GROUP_DESC' => 'Group description',
'GROUP_HIDDEN' => 'Hidden',
'GROUP_INFORMATION' => 'Usergroup Information',
'GROUP_MEMBERS' => 'Group members',
'GROUP_NAME' => 'Group name',
'GROUP_OPEN' => 'Open',
'GROUP_RANK' => 'Group rank',
'GROUP_TYPE' => 'Group type',
'GROUP_IS_CLOSED' => 'This is a closed group, new members cannot automatically join.',
'GROUP_IS_OPEN' => 'This is an open group, members can apply to join.',
'GROUP_IS_HIDDEN' => 'This is a hidden group, only members of this group can view its membership.',
'GROUP_IS_FREE' => 'This is a freely open group, all new members are welcome.',
'GROUP_IS_SPECIAL' => 'This is a special group, special groups are managed by the board administrators.',
'No_groups_exist' => 'No Groups Exist',
'REMOVE_SELECTED' => 'Remove selected'
'REMOVE_SELECTED' => 'Remove selected',
);
?>

View File

@ -362,8 +362,27 @@ $lang += array(
'REPORTED' => 'Reported',
'TO_GROUP' => 'Usergroup',
'TO_ME' => 'Me'
)
),
'UCP_GROUPS_MEMBERSHIP' => 'Memberships',
'UCP_GROUPS_MANAGE' => 'Manage groups',
'GROUPS_EXPLAIN' => 'Usergroups enable board admins to better administer users. By default you will be placed in a specific group, this is your default group. This group defines how you may appear to other users, for example your username colouration, avatar, rank, etc. Depending on whether the administrator allows it you may be allowed to change your default group. You may also be placed in or allowed to join other groups. Some groups may give you extra rights to view content or increase your capabilities in other areas.',
'GROUP_LEADER' => 'Leaderships',
'GROUP_MEMBER' => 'Memberships',
'GROUP_PENDING' => 'Pending memberships',
'GROUP_NONMEMBER' => 'Non-memberships',
'GROUP_DETAILS' => 'Group details',
'NO_LEADER' => 'No group leaderships',
'NO_MEMBER' => 'No group memberships',
'NO_PENDING' => 'No pending memberships',
'NO_NONMEMBER' => 'No non-member groups',
'QUIT_ALL' => 'Quit all',
'QUIT_MARKED' => 'Quit marked',
'JOIN_ALL' => 'Join all',
'JOIN_MARKED' => 'Join marked',
);
?>

View File

@ -3,12 +3,12 @@
//
// $Id$
//
// FILENAME : mcp.php
// FILENAME : mcp.php
// STARTED : Mon May 5, 2003
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
define('IN_PHPBB', true);
@ -103,7 +103,7 @@ class module
$module_lang = strtoupper($module_type) . '_' . $row['module_title'];
$template->assign_block_vars($module_type . '_section', array(
'L_TITLE' => (isset($user->lang[$module_lang])) ? $user->lang[$module_lang] : ucfirst(str_replace('_', ' ', strtolower($row['module_title']))),
'S_SELECTED' => $selected,
'S_SELECTED' => $selected,
'U_TITLE' => $module_url . '&amp;i=' . $row['module_id'])
);
@ -143,17 +143,17 @@ class module
}
// Only show those rows we are able to access
if (($submodule_title == 'post_details' && !$post_id) ||
if (($submodule_title == 'post_details' && !$post_id) ||
($submodule_title == 'topic_view' && !$topic_id) ||
($submodule_title == 'forum_view' && !$forum_id))
{
continue;
}
$suffix = ($post_id) ? "&amp;p=$post_id" : '';
$suffix .= ($topic_id) ? "&amp;t=$topic_id" : '';
$suffix .= ($forum_id) ? "&amp;f=$forum_id" : '';
$selected = ($submodule_title == $selected_submod || (!$selected_submod && !$j)) ? true : false;
// Get the localised lang string if available, or make up our own otherwise
@ -279,7 +279,7 @@ class module
case 'unapproved_posts':
$sql = 'SELECT COUNT(*) AS total
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t
WHERE p.forum_id IN (' . implode(', ', $forum_list) . ')
AND p.post_approved = 0
AND t.topic_id = p.topic_id
@ -356,7 +356,7 @@ if ($mode == 'approve' || $mode == 'disapprove')
// Only Moderators can go beyond this point
if ($user->data['user_id'] == ANONYMOUS)
{
login_box("{$phpbb_root_path}mcp.$phpEx$SID&amp;mode=$mode&amp;i=$module", '', $user->lang['LOGIN_EXPLAIN_MCP']);
login_box('', $user->lang['LOGIN_EXPLAIN_MCP']);
if ($user->data['user_id'] == ANONYMOUS)
{
@ -442,7 +442,7 @@ switch ($mode)
function get_array($var, $default_value)
{
$ids = request_var($var, $default_value);
if (!is_array($ids))
{
if (!$ids)
@ -502,7 +502,7 @@ function get_topic_data($topic_ids, $acl_list = false)
LEFT JOIN ' . FORUMS_TABLE . ' f ON t.forum_id = f.forum_id
WHERE t.topic_id IN (' . implode(', ', $topic_ids) . ')';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if ($acl_list && !$auth->acl_get($acl_list, $row['forum_id']))
@ -529,7 +529,7 @@ function get_post_data($post_ids, $acl_list = false)
AND u.user_id = p.poster_id
AND t.topic_id = p.topic_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if ($acl_list && !$auth->acl_get($acl_list, $row['forum_id']))
@ -558,7 +558,7 @@ function get_forum_data($forum_id, $acl_list = 'f_list')
FROM ' . FORUMS_TABLE . '
WHERE forum_id ' . ((is_array($forum_id)) ? 'IN (' . implode(', ', $forum_id) . ')' : "= $forum_id");
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if ($acl_list && !$auth->acl_get($acl_list, $row['forum_id']))
@ -669,7 +669,7 @@ function mcp_sorting($mode, &$sort_days, &$sort_key, &$sort_dir, &$sort_by_sql,
$sql = 'SELECT COUNT(log_id) AS total
FROM ' . LOG_TABLE . "
$where_sql forum_id IN (" . (($forum_id) ? $forum_id : implode(', ', get_forum_list('m_'))) . ')
AND log_time >= ' . $min_time . '
AND log_time >= ' . $min_time . '
AND log_type = ' . LOG_MOD;
break;
}

View File

@ -3,20 +3,17 @@
//
// $Id$
//
// FILENAME : memberlist.php
// FILENAME : memberlist.php
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
// TODO
// Add permission check for IM clients
// Combine Jabber and email contact capabilities?
// When registering a new jabber user the message doesn't get sent first time
define('IN_PHPBB', true);
$phpbb_root_path = './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.'.$phpEx);
@ -24,12 +21,13 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Start session management
$user->start();
$auth->acl($user->data);
$user->setup('memberlist');
$user->setup(array('memberlist', 'groups'));
// Grab data
$mode = request_var('mode', '');
$action = request_var('action', '');
$user_id = request_var('u', ANONYMOUS);
$group_id = request_var('g', 0);
$topic_id = request_var('t', 0);
switch ($mode)
@ -46,7 +44,7 @@ switch ($mode)
trigger_error($user->lang['NO_VIEW_USERS']);
}
login_box($user->cur_page, '', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
}
break;
}
@ -68,6 +66,7 @@ obtain_ranks($ranks);
switch ($mode)
{
case 'leaders':
// TODO
// Display a listing of board admins, moderators?
$user_ary = $auth->acl_get_list(false, array('a_', 'm_'), false);
@ -80,8 +79,8 @@ switch ($mode)
}
}
$sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . '
$sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $user_id_ary) . ')';
$result = $db->sql_query($sql);
@ -113,7 +112,7 @@ switch ($mode)
$s_select = 'S_SEND_AIM';
$s_action = '';
break;
case 'msnm':
$lang = 'MSNM';
$sql_field = 'user_msnm';
@ -134,8 +133,8 @@ switch ($mode)
}
// Grab relevant data
$sql = "SELECT user_id, username, user_email, user_lang, $sql_field
FROM " . USERS_TABLE . "
$sql = "SELECT user_id, username, user_email, user_lang, $sql_field
FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
$result = $db->sql_query($sql);
@ -186,18 +185,18 @@ switch ($mode)
// Send vars to the template
$template->assign_vars(array(
'IM_CONTACT' => $row[$sql_field],
'USERNAME' => addslashes($row['username']),
'EMAIL' => $row['user_email'],
'CONTACT_NAME' => $row[$sql_field],
'IM_CONTACT' => $row[$sql_field],
'USERNAME' => addslashes($row['username']),
'EMAIL' => $row['user_email'],
'CONTACT_NAME' => $row[$sql_field],
'SITENAME' => addslashes($config['sitename']),
'PRESENCE_IMG' => $presence_img,
'PRESENCE_IMG' => $presence_img,
'L_SEND_IM_EXPLAIN' => $user->lang['IM_' . $lang],
'L_IM_SENT_JABBER' => sprintf($user->lang['IM_SENT_JABBER'], $row['username']),
'L_SEND_IM_EXPLAIN' => $user->lang['IM_' . $lang],
'L_IM_SENT_JABBER' => sprintf($user->lang['IM_SENT_JABBER'], $row['username']),
$s_select => true,
$s_select => true,
'S_IM_ACTION' => $s_action)
);
@ -207,17 +206,17 @@ switch ($mode)
// Display a profile
$page_title = sprintf($user->lang['VIEWING_PROFILE'], $row['username']);
$template_html = 'memberlist_view.html';
if ($user_id == ANONYMOUS)
{
trigger_error($user->lang['NO_USER']);
}
// Do the SQL thang
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id" . (($auth->acl_get('a_groups'))? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id" . (($auth->acl_get('a_groups'))? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '
ORDER BY group_type, group_name';
$result = $db->sql_query($sql);
@ -228,8 +227,8 @@ switch ($mode)
}
// We left join on the session table to see if the user is currently online
$sql = 'SELECT username, user_id, user_colour, user_permissions, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_occ, user_interests, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_avatar, user_avatar_width, user_avatar_height, user_avatar_type, user_lastvisit
FROM ' . USERS_TABLE . "
$sql = 'SELECT username, user_id, user_colour, user_permissions, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_occ, user_interests, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_avatar, user_avatar_width, user_avatar_height, user_avatar_type, user_lastvisit
FROM ' . USERS_TABLE . "
WHERE user_id = $user_id";
$result = $db->sql_query($sql);
@ -239,7 +238,7 @@ switch ($mode)
}
$db->sql_freeresult($result);
$sql = 'SELECT MAX(session_time) AS session_time
$sql = 'SELECT MAX(session_time) AS session_time
FROM ' . SESSIONS_TABLE . "
WHERE session_user_id = $user_id";
$result = $db->sql_query($sql);
@ -254,7 +253,7 @@ switch ($mode)
$auth2 = new auth();
$auth2->acl($member);
$f_postcount_ary = $auth2->acl_getf('f_postcount');
$sql_forums = array();
foreach ($f_postcount_ary as $forum_id => $allow)
{
@ -268,10 +267,10 @@ switch ($mode)
unset($sql_forums, $f_postcount_ary, $auth2);
// Grab all the relevant data
$sql = 'SELECT COUNT(p.post_id) AS num_posts
$sql = 'SELECT COUNT(p.post_id) AS num_posts
FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
WHERE p.poster_id = $user_id
AND f.forum_id = p.forum_id
WHERE p.poster_id = $user_id
AND f.forum_id = p.forum_id
$post_count_sql";
$result = $db->sql_query($sql);
@ -292,28 +291,28 @@ switch ($mode)
$post_count_sql = (sizeof($sql_forums)) ? 'AND f.forum_id IN (' . implode(', ', $sql_forums) . ')' : '';
unset($sql_forums, $f_forum_ary);
if ($post_count_sql)
{
$sql = 'SELECT f.forum_id, f.forum_name, COUNT(post_id) AS num_posts
FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
WHERE p.poster_id = $user_id
AND f.forum_id = p.forum_id
$sql = 'SELECT f.forum_id, f.forum_name, COUNT(post_id) AS num_posts
FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
WHERE p.poster_id = $user_id
AND f.forum_id = p.forum_id
$post_count_sql
GROUP BY f.forum_id, f.forum_name
ORDER BY num_posts DESC";
GROUP BY f.forum_id, f.forum_name
ORDER BY num_posts DESC";
$result = $db->sql_query_limit($sql, 1);
$active_f_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sql = 'SELECT t.topic_id, t.topic_title, COUNT(p.post_id) AS num_posts
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE p.poster_id = $user_id
AND t.topic_id = p.topic_id
AND f.forum_id = t.forum_id
$sql = 'SELECT t.topic_id, t.topic_title, COUNT(p.post_id) AS num_posts
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE p.poster_id = $user_id
AND t.topic_id = p.topic_id
AND f.forum_id = t.forum_id
$post_count_sql
GROUP BY t.topic_id, t.topic_title
GROUP BY t.topic_id, t.topic_title
ORDER BY num_posts DESC";
$result = $db->sql_query_limit($sql, 1);
@ -325,7 +324,7 @@ switch ($mode)
$active_f_row = $active_t_row = array();
}
// Do the relevant calculations
// Do the relevant calculations
$memberdays = max(1, round((time() - $member['user_regdate']) / 86400));
$posts_per_day = $member['user_posts'] / $memberdays;
$percentage = ($config['num_posts']) ? min(100, ($num_real_posts / $config['num_posts']) * 100) : 0;
@ -384,16 +383,16 @@ switch ($mode)
$template->assign_vars(array(
'POSTS_DAY' => sprintf($user->lang['POST_DAY'], $posts_per_day),
'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage),
'ACTIVE_FORUM' => $active_f_name,
'ACTIVE_FORUM_POSTS'=> ($active_f_count == 1) ? sprintf($user->lang['USER_POST'], 1) : sprintf($user->lang['USER_POSTS'], $active_f_count),
'ACTIVE_FORUM_PCT' => sprintf($user->lang['POST_PCT'], $active_f_pct),
'ACTIVE_FORUM' => $active_f_name,
'ACTIVE_FORUM_POSTS'=> ($active_f_count == 1) ? sprintf($user->lang['USER_POST'], 1) : sprintf($user->lang['USER_POSTS'], $active_f_count),
'ACTIVE_FORUM_PCT' => sprintf($user->lang['POST_PCT'], $active_f_pct),
'ACTIVE_TOPIC' => $active_t_name,
'ACTIVE_TOPIC_POSTS'=> ($active_t_count == 1) ? sprintf($user->lang['USER_POST'], 1) : sprintf($user->lang['USER_POSTS'], $active_t_count),
'ACTIVE_TOPIC_PCT' => sprintf($user->lang['POST_PCT'], $active_t_pct),
'ACTIVE_TOPIC_POSTS'=> ($active_t_count == 1) ? sprintf($user->lang['USER_POST'], 1) : sprintf($user->lang['USER_POSTS'], $active_t_count),
'ACTIVE_TOPIC_PCT' => sprintf($user->lang['POST_PCT'], $active_t_pct),
'OCCUPATION' => (!empty($member['user_occ'])) ? $member['user_occ'] : '',
'INTERESTS' => (!empty($member['user_interests'])) ? $member['user_interests'] : '',
'SIGNATURE' => (!empty($member['user_sig'])) ? str_replace("\n", '<br />', $member['user_sig']) : '',
'SIGNATURE' => (!empty($member['user_sig'])) ? str_replace("\n", '<br />', $member['user_sig']) : '',
'AVATAR_IMG' => $poster_avatar,
'PM_IMG' => $user->img('btn_pm', $user->lang['MESSAGE']),
@ -403,13 +402,13 @@ switch ($mode)
'AIM_IMG' => $user->img('btn_aim', $user->lang['AIM']),
'MSN_IMG' => $user->img('btn_msnm', $user->lang['MSNM']),
'YIM_IMG' => $user->img('btn_yim', $user->lang['YIM']),
'JABBER_IMG' => $user->img('btn_jabber', $user->lang['JABBER']),
'SEARCH_IMG' => $user->img('btn_search', $user->lang['SEARCH']),
'JABBER_IMG' => $user->img('btn_jabber', $user->lang['JABBER']),
'SEARCH_IMG' => $user->img('btn_search', $user->lang['SEARCH']),
'S_PROFILE_ACTION' => "groupcp.$phpEx$SID",
'S_GROUP_OPTIONS' => $group_options,
'S_PROFILE_ACTION' => "memberlist.$phpEx$SID&amp;mode=group",
'S_GROUP_OPTIONS' => $group_options,
'U_ADD_FRIEND' => "ucp.$phpEx$SID&amp;i=zebra&amp;add=" . urlencode($member['username']),
'U_ADD_FRIEND' => "ucp.$phpEx$SID&amp;i=zebra&amp;add=" . urlencode($member['username']),
'U_ACTIVE_FORUM' => "viewforum.$phpEx$SID&amp;f=$active_f_id",
'U_ACTIVE_TOPIC' => "viewtopic.$phpEx$SID&amp;t=$active_t_id",)
);
@ -453,7 +452,7 @@ switch ($mode)
if (!$topic_id)
{
// Get the appropriate username, etc.
$sql = 'SELECT username, user_email, user_allow_viewemail, user_lang, user_jabber, user_notify_type
$sql = 'SELECT username, user_email, user_allow_viewemail, user_lang, user_jabber, user_notify_type
FROM ' . USERS_TABLE . "
WHERE user_id = $user_id
AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
@ -473,7 +472,7 @@ switch ($mode)
}
else
{
$sql = 'SELECT forum_id, topic_title
$sql = 'SELECT forum_id, topic_title
FROM ' . TOPICS_TABLE . "
WHERE topic_id = $topic_id";
$result = $db->sql_query($sql);
@ -501,24 +500,24 @@ switch ($mode)
{
if (!$topic_id)
{
if (!$subject)
if (!$subject)
{
$error[] = $user->lang['EMPTY_SUBJECT_EMAIL'];
}
if (!$message)
if (!$message)
{
$error[] = $user->lang['EMPTY_MESSAGE_EMAIL'];
}
}
else
{
if (!$email || !preg_match('#^.*?@(.*?\.)?[a-z0-9\-]+\.[a-z]{2,4}$#i', $email))
if (!$email || !preg_match('#^.*?@(.*?\.)?[a-z0-9\-]+\.[a-z]{2,4}$#i', $email))
{
$error[] = $user->lang['EMPTY_ADDRESS_EMAIL'];
}
if (!$name)
if (!$name)
{
$error[] = $user->lang['EMPTY_NAME_EMAIL'];
}
@ -565,9 +564,9 @@ switch ($mode)
'BOARD_EMAIL' => $config['board_contact'],
'FROM_USERNAME' => $user->data['username'],
'TO_USERNAME' => ($topic_id) ? $name : $row['username'],
'MESSAGE' => $message,
'TOPIC_NAME' => ($topic_id) ? strtr($row['topic_title'], array_flip(get_html_translation_table(HTML_ENTITIES))) : '',
'MESSAGE' => $message,
'TOPIC_NAME' => ($topic_id) ? strtr($row['topic_title'], array_flip(get_html_translation_table(HTML_ENTITIES))) : '',
'U_TOPIC' => ($topic_id) ? generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=$topic_id" : '')
);
@ -575,7 +574,7 @@ switch ($mode)
$messenger->queue->save();
meta_refresh(3, "index.$phpEx$SID");
$message = (!$topic_id) ? sprintf($user->lang['RETURN_INDEX'], '<a href="' . "index.$phpEx$SID" . '">', '</a>') : sprintf($user->lang['RETURN_TOPIC'], "<a href=\"viewtopic.$phpEx$SID&amp;f=$forum_id&amp;t=" . $row['topic_id'] . '">', '</a>');
$message = (!$topic_id) ? sprintf($user->lang['RETURN_INDEX'], '<a href="' . "index.$phpEx$SID" . '">', '</a>') : sprintf($user->lang['RETURN_TOPIC'], "<a href=\"viewtopic.$phpEx$SID&amp;f=$forum_id&amp;t=" . $row['topic_id'] . '">', '</a>');
trigger_error($user->lang['EMAIL_SENT'] . '<br /><br />' . $message);
}
}
@ -583,26 +582,27 @@ switch ($mode)
if ($topic_id)
{
$template->assign_vars(array(
'EMAIL' => htmlspecialchars($email),
'NAME' => htmlspecialchars($name),
'TOPIC_TITLE' => $row['topic_title'],
'EMAIL' => htmlspecialchars($email),
'NAME' => htmlspecialchars($name),
'TOPIC_TITLE' => $row['topic_title'],
'U_TOPIC' => "viewtopic.$phpEx$SID&amp;f=" . $row['forum_id'] . "&amp;t=topic_id",
'U_TOPIC' => "viewtopic.$phpEx$SID&amp;f=" . $row['forum_id'] . "&amp;t=topic_id",
'S_LANG_OPTIONS'=> ($topic_id) ? language_select($email_lang) : '')
);
}
$template->assign_vars(array(
'USERNAME' => (!$topic_id) ? addslashes($row['username']) : '',
'ERROR_MESSAGE' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => (!$topic_id) ? addslashes($row['username']) : '',
'ERROR_MESSAGE' => (sizeof($error)) ? implode('<br />', $error) : '',
'L_EMAIL_BODY_EXPLAIN' => (!$topic_id) ? $user->lang['EMAIL_BODY_EXPLAIN'] : $user->lang['EMAIL_TOPIC_EXPLAIN'],
'L_EMAIL_BODY_EXPLAIN' => (!$topic_id) ? $user->lang['EMAIL_BODY_EXPLAIN'] : $user->lang['EMAIL_TOPIC_EXPLAIN'],
'S_POST_ACTION' => (!$topic_id) ? "memberlist.$phpEx$SID&amp;mode=email&amp;u=$user_id" : "memberlist.$phpEx$SID&amp;mode=email&amp;f=$forum_id&amp;t=$topic_id",
'S_SEND_USER' => (!$topic_id) ? true : false)
);
break;
case 'group':
default:
// The basic memberlist
$page_title = $user->lang['MEMBERLIST'];
@ -610,7 +610,7 @@ switch ($mode)
// Sorting
$sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_LOCATION'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT'], 'e' => $user->lang['SORT_EMAIL'], 'f' => $user->lang['WEBSITE'], 'g' => $user->lang['ICQ'], 'h' => $user->lang['AIM'], 'i' => $user->lang['MSNM'], 'j' => $user->lang['YIM'], 'k' => $user->lang['SORT_LAST_ACTIVE'], 'l' => $user->lang['SORT_RANK']);
$sort_key_sql = array('a' => 'username', 'b' => 'user_from', 'c' => 'user_regdate', 'd' => 'user_posts', 'e' => 'user_email', 'f' => 'user_website', 'g' => 'user_icq', 'h' => 'user_aim', 'i' => 'user_msnm', 'j' => 'user_yim', 'k' => 'user_lastvisit', 'l' => 'user_rank DESC, user_posts');
$sort_key_sql = array('a' => 'u.username', 'b' => 'u.user_from', 'c' => 'u.user_regdate', 'd' => 'u.user_posts', 'e' => 'u.user_email', 'f' => 'u.user_website', 'g' => 'u.user_icq', 'h' => 'u.user_aim', 'i' => 'u.user_msnm', 'j' => 'u.user_yim', 'k' => 'u.user_lastvisit', 'l' => 'u.user_rank DESC, u.user_posts');
$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
@ -676,22 +676,22 @@ switch ($mode)
$s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$where_sql .= ($username) ? " AND username LIKE '" . str_replace('*', '%', $db->sql_escape($username)) ."'" : '';
$where_sql .= ($email) ? " AND user_email LIKE '" . str_replace('*', '%', $db->sql_escape($email)) ."' " : '';
$where_sql .= ($icq) ? " AND user_icq LIKE '" . str_replace('*', '%', $db->sql_escape($icq)) ."' " : '';
$where_sql .= ($aim) ? " AND user_aim LIKE '" . str_replace('*', '%', $db->sql_escape($aim)) ."' " : '';
$where_sql .= ($yahoo) ? " AND user_yim LIKE '" . str_replace('*', '%', $db->sql_escape($yahoo)) ."' " : '';
$where_sql .= ($msn) ? " AND user_msnm LIKE '" . str_replace('*', '%', $db->sql_escape($msn)) ."' " : '';
$where_sql .= ($count) ? " AND user_posts " . $find_key_match[$count_select] . " $count " : '';
$where_sql .= (sizeof($joined) > 1) ? " AND user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$where_sql .= (sizeof($active) > 1) ? " AND user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
$sql_where .= ($username) ? " AND u.username LIKE '" . str_replace('*', '%', $db->sql_escape($username)) ."'" : '';
$sql_where .= ($email) ? " AND u.user_email LIKE '" . str_replace('*', '%', $db->sql_escape($email)) ."' " : '';
$sql_where .= ($icq) ? " AND u.user_icq LIKE '" . str_replace('*', '%', $db->sql_escape($icq)) ."' " : '';
$sql_where .= ($aim) ? " AND u.user_aim LIKE '" . str_replace('*', '%', $db->sql_escape($aim)) ."' " : '';
$sql_where .= ($yahoo) ? " AND u.user_yim LIKE '" . str_replace('*', '%', $db->sql_escape($yahoo)) ."' " : '';
$sql_where .= ($msn) ? " AND u.user_msnm LIKE '" . str_replace('*', '%', $db->sql_escape($msn)) ."' " : '';
$sql_where .= ($count) ? " AND u.user_posts " . $find_key_match[$count_select] . " $count " : '';
$sql_where .= (sizeof($joined) > 1) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$sql_where .= (sizeof($active) > 1) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
if ($ipdomain)
{
$ips = (preg_match('#[a-z]#', $ipdomain)) ? implode(', ', preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "'\\1'", gethostbynamel($ipdomain))) : "'" . str_replace('*', '%', $ipdomain) . "'";
$sql = 'SELECT DISTINCT poster_id
FROM ' . POSTS_TABLE . '
$sql = 'SELECT DISTINCT poster_id
FROM ' . POSTS_TABLE . '
WHERE poster_ip ' . ((preg_match('#%#', $ips)) ? 'LIKE' : 'IN') . " ($ips)";
$result = $db->sql_query($sql);
@ -704,26 +704,102 @@ switch ($mode)
}
while ($row = $db->sql_fetchrow($result));
$where_sql .= ' AND user_id IN (' . implode(', ', $ip_sql) . ')';
$sql_where .= ' AND u.user_id IN (' . implode(', ', $ip_sql) . ')';
}
else
{
// A minor fudge but it does the job :D
$where_sql .= " AND user_id IN ('-1')";
$sql_where .= " AND u.user_id IN ('-1')";
}
}
}
// Are we looking at a usergroup? If so, fetch additional info
// and further restrict the user info query
$sql_from = '';
if ($mode == 'group')
{
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id";
$result = $db->sql_query($sql);
if (!extract($db->sql_fetchrow($result)))
{
trigger_error($user->lang['NO_GROUP']);
}
$db->sql_freeresult($result);
switch ($group_type)
{
case GROUP_OPEN:
$group_type = 'OPEN';
break;
case GROUP_CLOSED:
$group_type = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_type = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_type = 'SPECIAL';
break;
case GROUP_FREE:
$group_type = 'FREE';
break;
}
$avatar_img = '';
if ($group_avatar)
{
switch ($group_avatar_type)
{
case AVATAR_UPLOAD:
$avatar_img = $phpbb_root_path . $config['avatar_path'] . '/';
break;
case AVATAR_GALLERY:
$avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/';
break;
}
$avatar_img .= $group_avatar;
$avatar_img = '<img src="' . $avatar_img . '" width="' . $group_avatar_width . '" height="' . $group_avatar_height . '" border="0" alt="" />';
}
$rank_title = $rank_img = '';
if (!empty($group_rank))
{
$rank_title = $ranks['special'][$group_rank]['rank_title'];
$rank_img = (!empty($ranks['special'][$group_rank]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$group_rank]['rank_image'] . '" border="0" alt="' . $ranks['special'][$group_rank]['rank_title'] . '" title="' . $ranks['special'][$group_rank]['rank_title'] . '" /><br />' : '';
}
$template->assign_vars(array(
'GROUP_DESC' => $group_description,
'GROUP_NAME' => $group_name,
'GROUP_COLOR' => $group_colour,
'GROUP_TYPE' => $user->lang['GROUP_IS_' . $group_type],
'GROUP_RANK' => $rank_title,
'AVATAR_IMG' => $avatar_img,
'RANK_IMG' => $rank_img,
'U_PM' => ($auth->acl_get('u_sendpm')) ? "ucp.$phpEx$SID&amp;i=pm&amp;mode=compose&amp;address_list[g][$group_id]=to" : '',)
);
$sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
$sql_where .= " AND u.user_id = ug.user_id AND ug.group_id = $group_id";
}
// Sorting and order
$order_by = $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
// Count the users ...
if ($where_sql)
if ($sql_where)
{
$sql = 'SELECT COUNT(user_id) AS total_users
FROM ' . USERS_TABLE . '
WHERE user_type <> ' . USER_IGNORE . "
$where_sql";
$sql = 'SELECT COUNT(u.user_id) AS total_users
FROM ' . USERS_TABLE . " u$sql_from
WHERE u.user_type <> " . USER_IGNORE . "
$sql_where";
$result = $db->sql_query($sql);
$total_users = ($row = $db->sql_fetchrow($result)) ? $row['total_users'] : 0;
@ -733,6 +809,10 @@ switch ($mode)
$total_users = $config['num_users'];
}
// Pagination string
$pagination_url = "memberlist.$phpEx$SID&amp;mode=$mode";
@ -747,6 +827,9 @@ switch ($mode)
$pagination_url .= '&amp;' . $key . '=' . urlencode(htmlspecialchars($var));
}
// Some search user specific data
if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
{
@ -759,8 +842,8 @@ switch ($mode)
'MSNM' => $msn,
'JOINED' => implode('-', $joined),
'ACTIVE' => implode('-', $active),
'COUNT' => $count,
'IP' => $ipdomain,
'COUNT' => $count,
'IP' => $ipdomain,
'S_SEARCH_USER' => true,
'S_FORM_NAME' => $form,
@ -774,10 +857,8 @@ switch ($mode)
);
}
// TODO
// ?????????
$sql = 'SELECT session_user_id, MAX(session_time) AS session_time
FROM ' . SESSIONS_TABLE . '
$sql = 'SELECT session_user_id, MAX(session_time) AS session_time
FROM ' . SESSIONS_TABLE . '
WHERE session_time >= ' . (time() - 300) . '
AND session_user_id <> ' . ANONYMOUS . '
GROUP BY session_user_id';
@ -791,10 +872,10 @@ switch ($mode)
$db->sql_freeresult($result);
// Do the SQL thang
$sql = 'SELECT username, user_id, user_colour, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_avatar, user_avatar_type, user_lastvisit
FROM ' . USERS_TABLE . '
WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
$where_sql
$sql = 'SELECT u.username, u.user_id, u.user_colour, u.user_allow_viewemail, u.user_posts, u.user_regdate, u.user_rank, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, u.user_avatar, u.user_avatar_type, u.user_lastvisit
FROM ' . USERS_TABLE . " u$sql_from
WHERE u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ")
$sql_where
ORDER BY $order_by";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
@ -807,6 +888,7 @@ switch ($mode)
$template->assign_block_vars('memberrow', array_merge(show_profile($row), array(
'ROW_NUMBER' => $i + ($start + 1),
'U_VIEWPROFILE' => "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['user_id']))
);
@ -818,10 +900,10 @@ switch ($mode)
// Generate page
$template->assign_vars(array(
'PAGINATION' => generate_pagination($pagination_url, $total_users, $config['topics_per_page'], $start),
'PAGE_NUMBER' => on_page($total_users, $config['topics_per_page'], $start),
'TOTAL_USERS' => ($total_users == 1) ? $user->lang['LIST_USER'] : sprintf($user->lang['LIST_USERS'], $total_users),
'PAGE_NUMBER' => on_page($total_users, $config['topics_per_page'], $start),
'TOTAL_USERS' => ($total_users == 1) ? $user->lang['LIST_USER'] : sprintf($user->lang['LIST_USERS'], $total_users),
'PROFILE_IMG' => $user->img('btn_profile', $user->lang['PROFILE']),
'PROFILE_IMG' => $user->img('btn_profile', $user->lang['PROFILE']),
'PM_IMG' => $user->img('btn_pm', $user->lang['MESSAGE']),
'EMAIL_IMG' => $user->img('btn_email', $user->lang['EMAIL']),
'WWW_IMG' => $user->img('btn_www', $user->lang['WWW']),
@ -829,26 +911,27 @@ switch ($mode)
'AIM_IMG' => $user->img('btn_aim', $user->lang['AIM']),
'MSN_IMG' => $user->img('btn_msnm', $user->lang['MSNM']),
'YIM_IMG' => $user->img('btn_yim', $user->lang['YIM']),
'JABBER_IMG' => $user->img('btn_jabber', $user->lang['JABBER']),
'SEARCH_IMG' => $user->img('btn_search', $user->lang['SEARCH']),
'JABBER_IMG' => $user->img('btn_jabber', $user->lang['JABBER']),
'SEARCH_IMG' => $user->img('btn_search', $user->lang['SEARCH']),
'U_FIND_MEMBER' => (!empty($config['load_search']) || $auth->acl_get('a_')) ? "memberlist.$phpEx$SID&amp;mode=searchuser" : '',
'U_SORT_USERNAME' => "memberlist.$phpEx$SID&amp;sk=a&amp;sd=" . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_FROM' => "memberlist.$phpEx$SID&amp;sk=b&amp;sd=" . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_JOINED' => "memberlist.$phpEx$SID&amp;sk=c&amp;sd=" . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_POSTS' => "memberlist.$phpEx$SID&amp;sk=d&amp;sd=" . (($sort_key == 'd' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_EMAIL' => "memberlist.$phpEx$SID&amp;sk=e&amp;sd=" . (($sort_key == 'e' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_WEBSITE' => "memberlist.$phpEx$SID&amp;sk=f&amp;sd=" . (($sort_key == 'f' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_ICQ' => "memberlist.$phpEx$SID&amp;sk=g&amp;sd=" . (($sort_key == 'g' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_AIM' => "memberlist.$phpEx$SID&amp;sk=h&amp;sd=" . (($sort_key == 'h' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_MSN' => "memberlist.$phpEx$SID&amp;sk=i&amp;sd=" . (($sort_key == 'i' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_YIM' => "memberlist.$phpEx$SID&amp;sk=j&amp;sd=" . (($sort_key == 'j' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_ACTIVE' => "memberlist.$phpEx$SID&amp;sk=k&amp;sd=" . (($sort_key == 'k' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_RANK' => "memberlist.$phpEx$SID&amp;sk=l&amp;sd=" . (($sort_key == 'l' && $sort_dir == 'a') ? 'd' : 'a'),
'U_FIND_MEMBER' => (!empty($config['load_search']) || $auth->acl_get('a_')) ? "memberlist.$phpEx$SID&amp;mode=searchuser" : '',
'U_SORT_USERNAME' => "memberlist.$phpEx$SID&amp;sk=a&amp;sd=" . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_FROM' => "memberlist.$phpEx$SID&amp;sk=b&amp;sd=" . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_JOINED' => "memberlist.$phpEx$SID&amp;sk=c&amp;sd=" . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_POSTS' => "memberlist.$phpEx$SID&amp;sk=d&amp;sd=" . (($sort_key == 'd' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_EMAIL' => "memberlist.$phpEx$SID&amp;sk=e&amp;sd=" . (($sort_key == 'e' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_WEBSITE' => "memberlist.$phpEx$SID&amp;sk=f&amp;sd=" . (($sort_key == 'f' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_ICQ' => "memberlist.$phpEx$SID&amp;sk=g&amp;sd=" . (($sort_key == 'g' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_AIM' => "memberlist.$phpEx$SID&amp;sk=h&amp;sd=" . (($sort_key == 'h' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_MSN' => "memberlist.$phpEx$SID&amp;sk=i&amp;sd=" . (($sort_key == 'i' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_YIM' => "memberlist.$phpEx$SID&amp;sk=j&amp;sd=" . (($sort_key == 'j' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_ACTIVE' => "memberlist.$phpEx$SID&amp;sk=k&amp;sd=" . (($sort_key == 'k' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_RANK' => "memberlist.$phpEx$SID&amp;sk=l&amp;sd=" . (($sort_key == 'l' && $sort_dir == 'a') ? 'd' : 'a'),
'S_MODE_SELECT' => $s_sort_key,
'S_ORDER_SELECT'=> $s_sort_dir,
'S_MODE_ACTION' => "memberlist.$phpEx$SID&amp;mode=$mode&amp;form=$form")
'S_SHOW_GROUP' => ($mode == 'group') ? true : false,
'S_MODE_SELECT' => $s_sort_key,
'S_ORDER_SELECT' => $s_sort_dir,
'S_MODE_ACTION' => $pagination_url . "&amp;form=$form")
);
}
@ -865,7 +948,7 @@ page_footer();
// ---------
// FUNCTIONS
// FUNCTIONS
//
function show_profile($data)
{
@ -898,23 +981,23 @@ function show_profile($data)
$last_visit = (!empty($data['session_time'])) ? $data['session_time'] : $data['user_lastvisit'];
// Dump it out to the template
// TODO
// TODO
// Add permission check for IM clients
return array(
'USERNAME' => $username,
'USER_COLOR' => (!empty($data['user_colour'])) ? $data['user_colour'] : '',
'RANK_TITLE' => $rank_title,
'USERNAME' => $username,
'USER_COLOR' => (!empty($data['user_colour'])) ? $data['user_colour'] : '',
'RANK_TITLE' => $rank_title,
'JOINED' => $user->format_date($data['user_regdate'], $user->lang['DATE_FORMAT']),
'VISITED' => (empty($last_visit)) ? ' - ' : $user->format_date($last_visit, $user->lang['DATE_FORMAT']),
'POSTS' => ($data['user_posts']) ? $data['user_posts'] : 0,
'ONLINE_IMG' => (intval($data['session_time']) >= time() - ($config['load_online_time'] * 60)) ? $user->img('btn_online', $user->lang['USER_ONLINE']) : $user->img('btn_offline', $user->lang['USER_ONLINE']),
'ONLINE_IMG' => (intval($data['session_time']) >= time() - ($config['load_online_time'] * 60)) ? $user->img('btn_online', $user->lang['USER_ONLINE']) : $user->img('btn_offline', $user->lang['USER_ONLINE']),
'RANK_IMG' => $rank_img,
'ICQ_STATUS_IMG'=> (!empty($data['user_icq'])) ? '<img src="http://web.icq.com/whitepages/online?icq=' . $data['user_icq'] . '&img=5" width="18" height="18" border="0" />' : '',
'U_PROFILE' => "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id",
'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? "search.$phpEx$SID&amp;search_author=" . urlencode($username) . "&amp;show_results=posts" : '',
'U_PM' => ($auth->acl_get('u_sendpm')) ? "ucp.$phpEx$SID&amp;i=pm&amp;mode=compose&amp;u=$user_id" : '',
'U_PROFILE' => "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id",
'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? "search.$phpEx$SID&amp;search_author=" . urlencode($username) . "&amp;show_results=posts" : '',
'U_PM' => ($auth->acl_get('u_sendpm')) ? "ucp.$phpEx$SID&amp;mode=pm&amp;action=send&amp;u=$user_id" : '',
'U_EMAIL' => $email,
'U_WWW' => (!empty($data['user_website'])) ? $data['user_website'] : '',
'U_ICQ' => ($data['user_icq']) ? "memberlist.$phpEx$SID&amp;mode=contact&amp;action=icq&amp;u=$user_id" : '',
@ -927,7 +1010,7 @@ function show_profile($data)
);
}
//
// FUNCTIONS
// FUNCTIONS
// ---------
?>

View File

@ -7,8 +7,8 @@
// STARTED : Sat Feb 17, 2001
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
define('IN_PHPBB', true);
@ -80,10 +80,10 @@ switch ($mode)
$sql = 'SELECT f.*, t.*
FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
WHERE t.topic_id = $topic_id
AND (f.forum_id = t.forum_id
AND (f.forum_id = t.forum_id
OR f.forum_id = $forum_id)";
break;
case 'quote':
case 'edit':
case 'delete':
@ -92,12 +92,12 @@ switch ($mode)
trigger_error('NO_POST');
}
$sql = 'SELECT f.*, t.*, p.*, u.username, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
$sql = 'SELECT f.*, t.*, p.*, u.username, u.user_sig, u.user_sig_bbcode_uid, u.user_sig_bbcode_bitfield
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . ' f, ' . USERS_TABLE . " u
WHERE p.post_id = $post_id
AND t.topic_id = p.topic_id
AND u.user_id = p.poster_id
AND (f.forum_id = t.forum_id
AND (f.forum_id = t.forum_id
OR f.forum_id = $forum_id)";
break;
@ -143,10 +143,10 @@ if ($sql)
if ($forum_password)
{
$forum_info = array(
'forum_id' => $forum_id,
'forum_id' => $forum_id,
'forum_password'=> $forum_password
);
login_forum_box($forum_info);
unset($forum_info);
}
@ -161,7 +161,7 @@ if ($sql)
// Get Poll Data
if ($poll_start)
{
$sql = 'SELECT poll_option_text
$sql = 'SELECT poll_option_text
FROM ' . POLL_OPTIONS_TABLE . "
WHERE topic_id = $topic_id
ORDER BY poll_option_id";
@ -198,10 +198,10 @@ if ($sql)
$result = $db->sql_query($sql);
$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
$db->sql_freeresult($result);
}
if ($poster_id == ANONYMOUS || !$poster_id)
{
$username = (in_array($mode, array('quote', 'edit', 'delete'))) ? trim($post_username) : '';
@ -230,7 +230,7 @@ if ($sql)
$sql = 'SELECT draft_id
FROM ' . DRAFTS_TABLE . '
WHERE (forum_id = ' . $forum_id . (($topic_id) ? " OR topic_id = $topic_id" : '') . ')
AND user_id = ' . $user->data['user_id'] .
AND user_id = ' . $user->data['user_id'] .
(($draft_id) ? " AND draft_id <> $draft_id" : '');
$result = $db->sql_query_limit($sql, 1);
@ -264,8 +264,8 @@ if (!$auth->acl_get('f_' . $mode, $forum_id) && $forum_type == FORUM_POST)
{
trigger_error('USER_CANNOT_' . strtoupper($mode));
}
login_box($user->cur_page, '', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
login_box('', $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)]);
}
@ -276,26 +276,29 @@ if (($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) && !$auth->ac
trigger_error($message);
}
// Can we edit this post?
// Can we edit this post ... if we're a moderator with rights then always yes
// else it depends on editing times, lock status and if we're the correct user
// !$preview && !$refresh && !$submit &&
if ($mode == 'edit' && !$preview && !$refresh && !$submit && !$auth->acl_get('m_edit', $forum_id))
{
if ($user->data['user_id'] != $poster_id)
{
trigger_error('USER_CANNOT_EDIT');
}
if (!($post_time > time() - $config['edit_time'] || !$config['edit_time']))
{
trigger_error('CANNOT_EDIT_TIME');
}
}
// Do we want to edit our post ?
if ($mode == 'edit' && !$auth->acl_get('m_edit', $forum_id) && ($user->data['user_id'] != $poster_id || $post_edit_locked))
{
if ($post_edit_locked)
{
trigger_error('CANNOT_EDIT_POST_LOCKED');
}
trigger_error('USER_CANNOT_EDIT');
}
// Do we want to edit our post ?
if ($mode == 'edit')
{
$message_parser->bbcode_uid = $bbcode_uid;
@ -318,9 +321,9 @@ if ($mode == 'delete' && (($poster_id == $user->data['user_id'] && $user->data['
'post_time' => $post_time,
'poster_id' => $poster_id
);
$next_post_id = delete_post($mode, $post_id, $topic_id, $forum_id, $data);
if ($topic_first_post_id == $topic_last_post_id)
{
$meta_info = "viewforum.$phpEx$SID&amp;f=$forum_id";
@ -392,7 +395,7 @@ if ($mode == 'bump' && ($bump_time = bump_topic_allowed($forum_id, $topic_bumped
WHERE user_id = " . $user->data['user_id']);
$db->sql_transaction('commit');
markread('post', $forum_id, $topic_id, $current_time);
add_log('mod', $forum_id, $topic_id, sprintf($user->lang['LOGM_BUMP'], $topic_title));
@ -427,7 +430,7 @@ if ($save && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts
'draft_subject' => $subject,
'draft_message' => $message));
$db->sql_query($sql);
$meta_info = ($mode == 'post') ? "viewforum.$phpEx$SID&amp;f=$forum_id" : "viewtopic.$phpEx$SID&amp;f=$forum_id&amp;t=$topic_id";
meta_refresh(3, $meta_info);
@ -446,12 +449,12 @@ if ($save && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts
// Load Draft
if ($draft_id && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts'))
{
$sql = 'SELECT draft_subject, draft_message
FROM ' . DRAFTS_TABLE . "
$sql = 'SELECT draft_subject, draft_message
FROM ' . DRAFTS_TABLE . "
WHERE draft_id = $draft_id
AND user_id = " . $user->data['user_id'];
$result = $db->sql_query_limit($sql, 1);
if ($row = $db->sql_fetchrow($result))
{
$_REQUEST['subject'] = $row['draft_subject'];
@ -482,7 +485,7 @@ if ($submit || $preview || $refresh)
{
$subject = phpbb_strtolower($subject);
}
$message_parser->message = (isset($_POST['message'])) ? htmlspecialchars(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message'])) : '';
$message_parser->message = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $message_parser->message);
// $message_parser->message = request_var('message', '', true, true);
@ -506,7 +509,7 @@ if ($submit || $preview || $refresh)
$post_lock = (isset($_POST['lock_post']));
$poll_delete = (isset($_POST['poll_delete']));
// Faster than crc32
$check_value = (($preview || $refresh) && isset($_POST['status_switch'])) ? (int) $_POST['status_switch'] : (($enable_html+1) << 16) + (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1);
$status_switch = (isset($_POST['status_switch']) && (int) $_POST['status_switch'] != $check_value);
@ -523,12 +526,12 @@ if ($submit || $preview || $refresh)
'poll_title' => '',
'poll_start' => 0,
'poll_length' => 0,
'poll_last_vote' => 0,
'poll_last_vote' => 0,
'poll_max_options' => 0
);
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $topic_sql) . "
WHERE topic_id = $topic_id";
$db->sql_query($sql);
@ -611,7 +614,7 @@ if ($submit || $preview || $refresh)
if (($username && $user->data['user_id'] == ANONYMOUS) || ($mode == 'edit' && $post_username))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (($result = validate_username(($mode == 'edit' && $post_username) ? $post_username : $username)) != false)
{
$error[] = $result;
@ -623,7 +626,7 @@ if ($submit || $preview || $refresh)
{
$error[] = $user->lang['EMPTY_SUBJECT'];
}
$poll_data = array(
'poll_title' => $poll_title,
'poll_length' => $poll_length,
@ -683,18 +686,18 @@ if ($submit || $preview || $refresh)
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
if ($row && !$row['forum_id'] && $row['topic_type'] == POST_GLOBAL)
{
$to_forum_id = request_var('to_forum_id', 0);
if (!$to_forum_id)
{
$template->assign_vars(array(
'S_FORUM_SELECT' => make_forum_select(false, false, false, true, true),
'S_UNGLOBALISE' => true)
'S_UNGLOBALISE' => true)
);
$submit = false;
$refresh = true;
}
@ -719,7 +722,7 @@ if ($submit || $preview || $refresh)
{
$change_topic_status = ITEM_LOCKED;
}
if ($change_topic_status != $topic_status)
{
$sql = 'UPDATE ' . TOPICS_TABLE . "
@ -727,7 +730,7 @@ if ($submit || $preview || $refresh)
WHERE topic_id = $topic_id
AND topic_moved_id = 0";
$db->sql_query($sql);
$user_lock = ($auth->acl_get('f_user_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster) ? 'USER_' : '';
add_log('mod', $forum_id, $topic_id, 'LOG_' . $user_lock . (($change_topic_status == ITEM_LOCKED) ? 'LOCK' : 'UNLOCK'), $topic_title);
@ -772,10 +775,10 @@ if ($submit || $preview || $refresh)
'post_edit_locked' => (int) $post_edit_locked,
'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield
);
submit_post($mode, $message_parser->message, $subject, $username, $topic_type, $message_parser->bbcode_uid, $poll, $message_parser->attachment_data, $message_parser->filename_data, $post_data, $update_message);
}
}
}
$post_text = $message_parser->message;
$post_subject = stripslashes($subject);
@ -822,7 +825,7 @@ if (!sizeof($error) && $preview)
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
$extensions = $update_count = array();
$template->assign_var('S_HAS_ATTACHMENTS', true);
display_attachments($forum_id, 'attachment', $message_parser->attachment_data, $update_count, true);
}
@ -946,7 +949,7 @@ $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_up
// Start assigning vars for main posting page ...
$template->assign_vars(array(
'L_POST_A' => $page_title,
'L_ICON' => ($mode == 'reply' || $mode == 'quote') ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
'L_ICON' => ($mode == 'reply' || $mode == 'quote') ? $user->lang['POST_ICON'] : $user->lang['TOPIC_ICON'],
'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',
'FORUM_NAME' => $forum_name,
@ -957,8 +960,8 @@ $template->assign_vars(array(
'SUBJECT' => $post_subject,
'MESSAGE' => trim($post_text),
'PREVIEW_SUBJECT' => ($preview && !sizeof($error)) ? $preview_subject : '',
'PREVIEW_MESSAGE' => ($preview && !sizeof($error)) ? $preview_message : '',
'PREVIEW_SIGNATURE' => ($preview && !sizeof($error)) ? $preview_signature : '',
'PREVIEW_MESSAGE' => ($preview && !sizeof($error)) ? $preview_message : '',
'PREVIEW_SIGNATURE' => ($preview && !sizeof($error)) ? $preview_signature : '',
'HTML_STATUS' => ($html_status) ? $user->lang['HTML_IS_ON'] : $user->lang['HTML_IS_OFF'],
'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
@ -966,7 +969,7 @@ $template->assign_vars(array(
'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']),
'POST_DATE' => ($post_time) ? $user->format_date($post_time) : '',
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'TOPIC_TIME_LIMIT' => (int) $topic_time_limit,
'EDIT_REASON' => $post_edit_reason,
@ -1017,7 +1020,7 @@ if (($mode == 'post' || ($mode == 'edit' && $post_id == $topic_first_post_id &&
'POLL_TITLE' => (isset($poll_title)) ? $poll_title : '',
'POLL_OPTIONS' => (isset($poll_options) && $poll_options) ? implode("\n", $poll_options) : '',
'POLL_MAX_OPTIONS' => (isset($poll_max_options)) ? (int) $poll_max_options : 1,
'POLL_MAX_OPTIONS' => (isset($poll_max_options)) ? (int) $poll_max_options : 1,
'POLL_LENGTH' => $poll_length)
);
}
@ -1103,10 +1106,10 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
break;
case 'delete_first_post':
$sql = 'SELECT p.post_id, p.poster_id, p.post_username, u.username
$sql = 'SELECT p.post_id, p.poster_id, p.post_username, u.username
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
WHERE p.topic_id = $topic_id
AND p.poster_id = u.user_id
WHERE p.topic_id = $topic_id
AND p.poster_id = u.user_id
ORDER BY p.post_time ASC";
$result = $db->sql_query_limit($sql, 1);
@ -1123,7 +1126,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
$next_post_id = (int) $row['post_id'];
break;
case 'delete_last_post':
if ($data['topic_type'] != POST_GLOBAL)
{
@ -1149,15 +1152,15 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$next_post_id = (int) $row['last_post_id'];
}
break;
case 'delete':
$sql = 'SELECT post_id
FROM ' . POSTS_TABLE . "
WHERE topic_id = $topic_id " .
WHERE topic_id = $topic_id " .
(($auth->acl_get('m_approve', $forum_id)) ? 'AND post_approved = 1' : '') . '
AND post_time > ' . $data['post_time'] . '
ORDER BY post_time ASC';
@ -1174,7 +1177,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
$sql_data[TOPICS_TABLE] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$next_post_id = (int) $row['post_id'];
}
$sql_data[USERS_TABLE] = ($auth->acl_get('f_postcount', $forum_id)) ? 'user_posts = user_posts - 1' : '';
set_config('num_posts', $config['num_posts'] - 1, true);
@ -1206,7 +1209,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
return;
}
$current_time = time();
if ($mode == 'post')
@ -1223,7 +1226,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
$post_mode = ($data['topic_first_post_id'] == $data['topic_last_post_id']) ? 'edit_topic' : (($data['topic_first_post_id'] == $data['post_id']) ? 'edit_first_post' : (($data['topic_last_post_id'] == $data['post_id']) ? 'edit_last_post' : 'edit'));
}
// Collect some basic informations about which tables and which rows to update/insert
$sql_data = array();
@ -1237,7 +1240,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$sql_data[POSTS_TABLE]['sql'] = array(
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
'poster_id' => (int) $user->data['user_id'],
'icon_id' => $data['icon_id'],
'icon_id' => $data['icon_id'],
'poster_ip' => $user->ip,
'post_time' => $current_time,
'post_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,
@ -1246,7 +1249,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
'enable_smilies' => $data['enable_smilies'],
'enable_magic_url' => $data['enable_urls'],
'enable_sig' => $data['enable_sig'],
'post_username' => ($user->data['user_id'] == ANONYMOUS) ? stripslashes($username) : '',
'post_username' => ($user->data['user_id'] == ANONYMOUS) ? stripslashes($username) : '',
'post_subject' => $subject,
'post_text' => $message,
'post_checksum' => $data['message_md5'],
@ -1265,7 +1268,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$sql_data[POSTS_TABLE]['sql'] = array(
'post_edit_time' => $current_time
);
$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';
}
@ -1275,12 +1278,12 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$sql_data[POSTS_TABLE]['sql'] = array(
'post_edit_time' => $current_time
);
$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';
}
case 'edit_topic':
if (!isset($sql_data[POSTS_TABLE]['sql']))
{
$sql_data[POSTS_TABLE]['sql'] = array();
@ -1296,7 +1299,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
'enable_smilies' => $data['enable_smilies'],
'enable_magic_url' => $data['enable_urls'],
'enable_sig' => $data['enable_sig'],
'post_username' => ($username && $data['poster_id'] == ANONYMOUS) ? stripslashes($username) : '',
'post_username' => ($username && $data['poster_id'] == ANONYMOUS) ? stripslashes($username) : '',
'post_subject' => $subject,
'post_edit_reason' => $data['post_edit_reason'],
'post_edit_user' => (int) $data['post_edit_user'],
@ -1315,7 +1318,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
break;
}
// And the topic ladies and gentlemen
switch ($post_mode)
{
@ -1325,7 +1328,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
'topic_time' => $current_time,
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
'icon_id' => $data['icon_id'],
'topic_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,
'topic_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,
'topic_title' => $subject,
'topic_first_poster_name' => ($user->data['user_id'] == ANONYMOUS && $username) ? stripslashes($username) : $user->data['username'],
'topic_type' => $topic_type,
@ -1337,12 +1340,12 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
$sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array(
'poll_title' => $poll['poll_title'],
'poll_start' => ($poll['poll_start']) ? $poll['poll_start'] : $current_time,
'poll_max_options' => $poll['poll_max_options'],
'poll_start' => ($poll['poll_start']) ? $poll['poll_start'] : $current_time,
'poll_max_options' => $poll['poll_max_options'],
'poll_length' => $poll['poll_length'] * 86400)
);
}
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
if (!$auth->acl_get('f_moderate', $data['forum_id']))
{
@ -1350,7 +1353,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
}
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', forum_topics = forum_topics + 1' : '');
break;
case 'reply':
$sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', topic_replies = topic_replies + 1' : '');
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
@ -1366,27 +1369,27 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$sql_data[TOPICS_TABLE]['sql'] = array(
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
'icon_id' => $data['icon_id'],
'topic_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,
'topic_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,
'topic_title' => $subject,
'topic_first_poster_name' => stripslashes($username),
'topic_type' => $topic_type,
'topic_time_limit' => ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0,
'poll_title' => ($poll['poll_options']) ? $poll['poll_title'] : '',
'poll_start' => ($poll['poll_options']) ? (($poll['poll_start']) ? $poll['poll_start'] : $current_time) : 0,
'poll_max_options' => ($poll['poll_options']) ? $poll['poll_max_options'] : 1,
'poll_start' => ($poll['poll_options']) ? (($poll['poll_start']) ? $poll['poll_start'] : $current_time) : 0,
'poll_max_options' => ($poll['poll_options']) ? $poll['poll_max_options'] : 1,
'poll_length' => ($poll['poll_options']) ? $poll['poll_length'] * 86400 : 0,
'topic_attachment' => ($post_mode == 'edit_topic') ? ((sizeof($filename_data['physical_filename'])) ? 1 : 0) : $data['topic_attachment']
);
break;
}
$db->sql_transaction();
// Submit new topic
if ($post_mode == 'post')
{
$sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' .
$sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' .
$db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']);
$db->sql_query($sql);
@ -1448,10 +1451,10 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($row['topic_replies_real'] + 1);
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics - 1' : '');
// Update forum_ids for all posts
$sql = 'UPDATE ' . POSTS_TABLE . '
SET forum_id = 0
$sql = 'UPDATE ' . POSTS_TABLE . '
SET forum_id = 0
WHERE topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
@ -1466,8 +1469,8 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics + 1' : '');
// Update forum_ids for all posts
$sql = 'UPDATE ' . POSTS_TABLE . '
SET forum_id = ' . $data['forum_id'] . '
$sql = 'UPDATE ' . POSTS_TABLE . '
SET forum_id = ' . $data['forum_id'] . '
WHERE topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
@ -1476,7 +1479,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
// Update the topics table
if (isset($sql_data[TOPICS_TABLE]['sql']))
{
$db->sql_query('UPDATE ' . TOPICS_TABLE . '
$db->sql_query('UPDATE ' . TOPICS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . '
WHERE topic_id = ' . $data['topic_id']);
}
@ -1493,10 +1496,10 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
if (isset($poll['poll_options']) && !empty($poll['poll_options']))
{
$cur_poll_options = array();
if ($poll['poll_start'] && $mode == 'edit')
{
$sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . '
$sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . '
WHERE topic_id = ' . $data['topic_id'] . '
ORDER BY poll_option_id';
$result = $db->sql_query($sql);
@ -1517,7 +1520,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
}
else if ($poll['poll_options'][$i] != $cur_poll_options[$i])
{
$sql = "UPDATE " . POLL_OPTIONS_TABLE . "
$sql = "UPDATE " . POLL_OPTIONS_TABLE . "
SET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "'
WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . "
AND topic_id = " . $data['topic_id'];
@ -1525,11 +1528,11 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
}
}
}
if (sizeof($poll['poll_options']) < sizeof($cur_poll_options))
{
$sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . '
WHERE poll_option_id > ' . sizeof($poll['poll_options']) . '
WHERE poll_option_id > ' . sizeof($poll['poll_options']) . '
AND topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
@ -1545,14 +1548,14 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
if ($attach_row['attach_id'])
{
// update entry in db if attachment already stored in db and filespace
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
SET comment = '" . $db->sql_escape($attach_row['comment']) . "'
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
SET comment = '" . $db->sql_escape($attach_row['comment']) . "'
WHERE attach_id = " . (int) $attach_row['attach_id'];
$db->sql_query($sql);
}
else
{
// insert attachment into db
// insert attachment into db
$attach_sql = array(
'post_msg_id' => $data['post_id'],
'topic_id' => $data['topic_id'],
@ -1568,7 +1571,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
'thumbnail' => $attach_row['thumbnail']
);
$sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' .
$sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' .
$db->sql_build_array('INSERT', $attach_sql);
$db->sql_query($sql);
@ -1576,7 +1579,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$files_added++;
}
}
if (count($attach_data))
{
$sql = 'UPDATE ' . POSTS_TABLE . '
@ -1679,7 +1682,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
}
$db->sql_transaction('commit');
// Delete draft if post was loaded...
$draft_id = request_var('draft_loaded', 0);
if ($draft_id)
@ -1701,7 +1704,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
AND topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
// Mark this topic as read and posted to.
$mark_mode = ($mode == 'post' || $mode == 'reply' || $mode == 'quote') ? 'post' : 'topic';
markread($mark_mode, $data['forum_id'], $data['topic_id'], $data['post_time']);

View File

@ -21,35 +21,33 @@ define('IN_PHPBB', true);
$phpbb_root_path = './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
// Define initial vars
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : false;
$search_id = (isset($_REQUEST['search_id'])) ? htmlspecialchars($_REQUEST['search_id']) : false;
$start = (isset($_REQUEST['start'])) ? intval($_REQUEST['start']) : 0;
$post_id = (isset($_GET['p'])) ? max(intval($_GET['p']), 0) : 0;
$view = (isset($_GET['view'])) ? htmlspecialchars($_GET['view']) : false;
$search_keywords = (!empty($_REQUEST['search_keywords'])) ? $_REQUEST['search_keywords'] : false;
$search_author = (!empty($_REQUEST['search_author'])) ? htmlspecialchars($_REQUEST['search_author']) : false;
$show_results = (isset($_REQUEST['show_results'])) ? htmlspecialchars($_REQUEST['show_results']) : 'posts';
$search_terms = (isset($_REQUEST['search_terms'])) ? (($_REQUEST['search_terms'] == 'all') ? 1 : 0) : 1;
$search_fields = (isset($_REQUEST['search_fields'])) ? $_REQUEST['search_fields'] : 'all';
$search_child = (!empty($_REQUEST['search_child'])) ? true : false;
$return_chars = (isset($_REQUEST['return_chars'])) ? intval($_REQUEST['return_chars']) : 200;
$search_forum = (!empty($_GET['f'])) ? array(intval($_GET['f'])) : ((isset($_REQUEST['search_forum'])) ? array_map('intval', $_REQUEST['search_forum']) : array());
$search_time = (isset($_REQUEST['search_time'])) ? (time() - intval($_REQUEST['search_time'])) * 86400 : 0;
$sort_days = (!empty($_REQUEST['st'])) ? intval($_REQUEST['st']) : 0;
$sort_key = (!empty($_REQUEST['sk'])) ? htmlspecialchars($_REQUEST['sk']) : 't';
$sort_dir = (!empty($_REQUEST['sd'])) ? htmlspecialchars($_REQUEST['sd']) : 'd';
// Start session management
$user->start();
$auth->acl($user->data);
$user->setup('search');
// Define initial vars
$mode = request_var('mode', '');
$search_id = request_var('search_id', '');
$start = request_var('start', 0);
$post_id = request_var('p', 0);
$view = request_var('view', '');
$search_keywords = request_var('search_keywords', '');
$search_author = request_var('search_author', '');
$show_results = request_var('show_results', 'posts');
$search_terms = request_var('search_terms', 'all');
$search_fields = request_var('search_fields', 'all');
$search_child = request_var('search_child', true);
$return_chars = request_var('return_chars', 200);
$search_forum = request_var('f', 0);
$sort_days = request_var('st', 0);
$sort_key = request_var('sk', 't');
$sort_dir = request_var('sd', 'd');
// Is user able to search? Has search been disabled?
if (!$auth->acl_get('u_search') || !$config['load_search'])
{
@ -100,11 +98,9 @@ if ($search_keywords || $search_author || $search_id)
$sql_forums = array();
while ($row = $db->sql_fetchrow($result))
{
// echo "<br />" . $row['forum_id'] . " -> " . $row['forum_name'] . " :: " . $auth->acl_get('f_read', $row['forum_id']) . " && " . ((!$row['forum_password'] || $row['user_id'] == $user->data['user_id']));
if ($search_child)
{
if (in_array($row['forum_id'], $search_forum) && $row['right_id'] > $right_id)
if (!$search_forum || (in_array($row['forum_id'], $search_forum) && $row['right_id'] > $right_id))
{
$right_id = $row['right_id'];
}
@ -320,13 +316,15 @@ if ($search_keywords || $search_author || $search_id)
}
if ($search_keywords && sizeof($split_words) && array_diff($split_words, $old_split_words))
if (sizeof($split_words) && array_diff($split_words, $old_split_words))
{
// This "entire" section may be switched out to allow for alternative search systems
// such as that built-in to MySQL, MSSQL, etc. or external solutions which provide
// an appropriate API
$bool = ($search_terms) ? 'AND' : 'OR';
$bool = ($search_terms == 'all') ? 'AND' : 'OR';
$sql_words = '';
foreach ($split_words as $word)
{
@ -342,8 +340,9 @@ if ($search_keywords || $search_author || $search_id)
$bool = 'OR';
continue;
default:
$bool = ($search_terms != 'all') ? 'OR' : $bool;
$sql_words[$bool][] = "'" . preg_replace('#\*+#', '%', trim($word)) . "'";
$bool = ($search_terms) ? 'AND' : 'OR';
$bool = ($search_terms == 'all') ? 'AND' : 'OR';
}
}
@ -455,7 +454,7 @@ if ($search_keywords || $search_author || $search_id)
$sql_author
$sql_and
$sql_time
$sql_match
$sql_match
$sql_find_in";
$result = $db->sql_query($sql);
@ -486,6 +485,8 @@ if ($search_keywords || $search_author || $search_id)
$post_id_ary = array_unique($post_id_ary);
if (!sizeof($post_id_ary))
{
trigger_error($user->lang['NO_SEARCH_RESULTS']);
@ -579,6 +580,8 @@ if ($search_keywords || $search_author || $search_id)
unset($data);
}
// Include the bbcode parser
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
// Look up data ...
$per_page = ($show_results == 'posts') ? $config['posts_per_page'] : $config['topics_per_page'];
@ -598,8 +601,8 @@ if ($search_keywords || $search_author || $search_id)
$template->assign_vars(array(
'SEARCH_MATCHES' => $l_search_matches,
'SEARCH_WORDS' => $split_words,
'IGNORED_WORDS' => ($ignored_words) ? $ignored_words : 'No words',
'PAGINATION' => generate_pagination("search.$phpEx$SID&amp;search_id=$search_id&amp;sk=$sort_key&amp;sd=$sort_dir&amp;st=$sort_days", $total_match_count, $per_page, $start),
'IGNORED_WORDS' => ($ignored_words) ? $ignored_words : $user->lang['NO_IGNORE_WORDS'],
'PAGINATION' => generate_pagination("search.$phpEx$SID&amp;search_id=$search_id&amp;hilit=$hilit&amp;sk=$sort_key&amp;sd=$sort_dir&amp;st=$sort_days", $total_match_count, $per_page, $start),
'PAGE_NUMBER' => on_page($total_match_count, $start),
'S_SELECT_SORT_DIR' => $s_sort_dir,

View File

@ -5,7 +5,7 @@
<form action="{S_LOGIN_ACTION}" method="post">
<table class="tablebg" width="100%" cellspacing="1">
<tr>
<tr>
<th colspan="2">{L_LOGIN}</th>
</tr>
<!-- IF LOGIN_EXPLAIN -->
@ -13,7 +13,7 @@
<td class="row3" colspan="2" align="center"><span class="gensmall">{LOGIN_EXPLAIN}</td>
</tr>
<!-- ENDIF -->
<tr>
<tr>
<td class="row1" width="50%">
<p class="genmed">{L_LOGIN_INFO}</p>
@ -27,15 +27,16 @@
</tr>
<!-- ENDIF -->
<tr>
<tr>
<td><b class="gensmall">{L_USERNAME}:</b></td>
<td><input class="post" type="text" name="username" size="25" maxlength="40" value="{USERNAME}" tabindex="1" /><br /><a class="gensmall" href="{U_REGISTER}">{L_REGISTER}</a></td>
</tr>
<tr>
<tr>
<td><b class="gensmall">{L_PASSWORD}:</b></td>
<td><input class="post" type="password" name="password" size="25" maxlength="25" tabindex="2" /><br /><a class="gensmall" href="{U_SEND_PASSWORD}">{L_FORGOT_PASS}</a></td>
</tr>
<tr>
<!-- IF S_DISPLAY_FULL_LOGIN -->
<tr>
<td>&nbsp;</td>
<td><input type="checkbox" name="autologin" tabindex="4" /> <span class="gensmall">{L_LOG_ME_IN}</span></td>
</tr>
@ -43,9 +44,10 @@
<td>&nbsp;</td>
<td><input type="checkbox" name="viewonline" tabindex="5" /> <span class="gensmall">{L_HIDE_ME}</span></td>
</tr>
<!-- ENDIF -->
</table></td>
</tr>
<tr>
<tr>
<td class="cat" colspan="2" align="center">{S_HIDDEN_FIELDS}<input type="submit" name="login" class="btnmain" value="{L_LOGIN}" tabindex="3" /></td>
</tr>
</table></form>

View File

@ -4,10 +4,10 @@
<div id="pagecontent">
<!-- You should retain this javascript in your own template! -->
<!-- IF S_SEARCH_USER --><!-- INCLUDE memberlist_search.html --><!-- ENDIF -->
<!-- IF S_SHOW_GROUP --><!-- INCLUDE memberlist_group.html --><!-- ENDIF -->
<!-- IF S_SEARCH_USER -->
<form method="post" name="results" action="{S_MODE_ACTION}" onsubmit="insert_marked(this.user);return false">
<!-- ELSEIF U_FIND_MEMBER-->
@ -41,7 +41,7 @@
<!-- ENDIF -->
<td class="gen" align="center">&nbsp;{memberrow.ROW_NUMBER}&nbsp;</td>
<td class="gen" align="center"><a href="{memberrow.U_VIEWPROFILE}"><!-- IF memberrow.USER_COLOR --><b style="color:{memberrow.USER_COLOR}"><!-- ELSE --><b><!-- ENDIF -->{memberrow.USERNAME}</b></a></td>
<td class="gen" align="center"><strong><a<!-- IF memberrow.USER_COLOR --> style="color:#{memberrow.USER_COLOR}"<!-- ENDIF --> href="{memberrow.U_VIEWPROFILE}">{memberrow.USERNAME}</a></strong></td>
<td class="gensmall" align="center" nowrap="nowrap">&nbsp;{memberrow.JOINED}&nbsp;</td>
<td class="gen" align="center">{memberrow.POSTS}</td>
<td class="gen" align="center">{memberrow.RANK_IMG}</td>

View File

@ -1,4 +1,6 @@
<!-- You should retain this javascript in your own template! -->
<script language="javascript" type="text/javascript">
<!--
function insert_user(user)

View File

@ -4,7 +4,7 @@
<div id="pagecontent">
<table class="tablebg" width="100%" cellspacing="1">
<form method="post" action="{S_PROFILE_ACTION}"><table class="tablebg" width="100%" cellspacing="1">
<tr>
<th colspan="2" nowrap="nowrap">{L_VIEWING_PROFILE}</th>
</tr>

View File

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="{S_CONTENT_ENCODING}"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="{S_CONTENT_DIRECTION}">
<head>
@ -53,7 +53,7 @@ function jumpto()
<a name="top"></a>
<div id="wrapheader">
<div id="logodesc"><table width="100%" cellspacing="0">
<tr>
<td><a href="{U_INDEX}"><img src="{T_THEME_PATH}/images/sitelogo.jpg" border="0" alt="" title="" /></a></td>

View File

@ -86,13 +86,16 @@ p.postapprove { margin: 1px 0px; color: green; }
/*
TABLE
*/
th { height: 28px; color: #FFA34F; font-size: 70%; font-weight: bold; background-color: #006699; background-image: url('./images/cellpic3.gif'); white-space: nowrap; }
th { height: 28px; color: #FFA34F; font-size: 70%; font-weight: bold; background-color: #006699; background-image: url('./images/cellpic3.gif'); white-space: nowrap; padding-left: 5px; padding-right: 5px; }
.tablebg { background-color: #A9B8C2; }
.catdiv { height: 28px; margin: 0px; padding: 0px; border: 0px; background-color: white; background-image: url('./images/cellpic2.jpg'); background-repeat: repeat-y; }
.cat { height: 28px; margin: 0px; padding: 0px; border: 0px; background-color: #C7D0D7; background-image: url('./images/cellpic1.gif'); text-indent: 4px; }
.row1 { background-color: #ECECEC; padding: 4px; }
.row2 { background-color: #DCE1E5; padding: 4px; }
.row3 { background-color: #C7CFD7; padding: 4px; }
.row3 { background-color: #C0C8D0; padding: 4px; }
.rowgood { background-color: #C2D6CD; padding: 4px; }
.rowneutral { background-color: #CAC1D7; padding: 4px; }
.rowbad { background-color: #D7C1C3; padding: 4px; }
.spacer { background-color: #D1D7DC; }
hr { height: 1px; border-width: 0px; background-color: #D1D7DC; color: #D1D7DC }

View File

@ -289,13 +289,7 @@ switch ($mode)
redirect("index.$phpEx$SID");
}
login_box("ucp.$phpEx$SID&amp;mode=login", '', '', true);
$redirect = request_var('redirect', "index.$phpEx$SID");
meta_refresh(3, $redirect);
$message = $user->lang['LOGIN_REDIRECT'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a> ');
trigger_error($message);
login_box("index.$phpEx$SID");
break;
case 'logout':
@ -304,10 +298,9 @@ switch ($mode)
$user->destroy();
}
$redirect = (!empty($_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : "index.$phpEx$SID";
meta_refresh(3, $redirect);
meta_refresh(3, "index.$phpEx$SID");
$message = $user->lang['LOGOUT_REDIRECT'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a> ');
$message = $user->lang['LOGOUT_REDIRECT'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . "index.$phpEx$SID" . '">', '</a> ');
trigger_error($message);
break;
@ -353,7 +346,7 @@ if ($user->data['user_id'] == ANONYMOUS || $user->data['user_type'] == USER_INAC
redirect("index.$phpEx$SID");
}
login_box($user->cur_page, '', $user->lang['LOGIN_EXPLAIN_UCP']);
login_box('', $user->lang['LOGIN_EXPLAIN_UCP']);
}

View File

@ -109,7 +109,7 @@ if ($forum_data['forum_link'])
$db->sql_query($sql);
}
redirect($forum_data['forum_link']);
redirect(str_replace('&amp;', '&', $forum_data['forum_link']));
}
// Configure style, language, etc.

View File

@ -7,8 +7,8 @@
// STARTED : Sat Dec 16, 2000
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
define('IN_PHPBB', true);
@ -41,7 +41,7 @@ if ($mode == 'whois')
$sql = 'SELECT u.user_id, u.username, u.user_type, s.session_ip
FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . " s
WHERE s.session_id = '$session_id'
WHERE s.session_id = '$session_id'
AND u.user_id = s.session_user_id";
$result = $db->sql_query($sql);
@ -83,10 +83,10 @@ $db->sql_freeresult($result);
// Get user list
$sql = 'SELECT u.user_id, u.username, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_id, s.session_time, s.session_page, s.session_ip, s.session_allow_viewonline
$sql = 'SELECT u.user_id, u.username, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_id, s.session_time, s.session_page, s.session_ip, s.session_viewonline
FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . ' s
WHERE u.user_id = s.session_user_id
AND s.session_time >= ' . (time() - ($config['load_online_time'] * 60)) . '
AND s.session_time >= ' . (time() - ($config['load_online_time'] * 60)) . '
ORDER BY ' . $order_by;
$result = $db->sql_query($sql);
@ -105,7 +105,7 @@ while ($row = $db->sql_fetchrow($result))
$username = '<b style="color:#' . $row['user_colour'] . '">' . $username . '</b>';
}
if (!$row['user_allow_viewonline'] || !$row['session_allow_viewonline'])
if (!$row['user_allow_viewonline'] || !$row['session_viewonline'])
{
$view_online = ($auth->acl_gets('u_viewonline')) ? true : false;
$logged_hidden_online++;
@ -158,7 +158,7 @@ while ($row = $db->sql_fetchrow($result))
{
case 'posting':
preg_match('#mode=([a-z]+)#', $row['session_page'], $on_page);
switch ($on_page[1])
{
case 'reply':
@ -221,12 +221,12 @@ while ($row = $db->sql_fetchrow($result))
$template->assign_block_vars($which_row, array(
'USERNAME' => $username,
'LASTUPDATE' => $user->format_date($row['session_time']),
'FORUM_LOCATION'=> $location,
'USER_IP' => ($auth->acl_get('a_')) ? (($mode == 'lookup' && $session_id == $row['session_id']) ? gethostbyaddr($row['session_ip']) : $row['session_ip']) : '',
'FORUM_LOCATION'=> $location,
'USER_IP' => ($auth->acl_get('a_')) ? (($mode == 'lookup' && $session_id == $row['session_id']) ? gethostbyaddr($row['session_ip']) : $row['session_ip']) : '',
'U_USER_PROFILE' => ($row['user_type'] <> USER_IGNORE) ? "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['user_id'] : '',
'U_USER_IP' => "viewonline.$phpEx$SID" . (($mode != 'lookup' || $row['session_id'] != $session_id) ? '&amp;mode=lookup&amp;s=' . $row['session_id'] : ''),
'U_WHOIS' => "viewonline.$phpEx$SID&amp;mode=whois&amp;s=" . $row['session_id'],
'U_USER_IP' => "viewonline.$phpEx$SID" . (($mode != 'lookup' || $row['session_id'] != $session_id) ? '&amp;mode=lookup&amp;s=' . $row['session_id'] : ''),
'U_WHOIS' => "viewonline.$phpEx$SID&amp;mode=whois&amp;s=" . $row['session_id'],
'U_FORUM_LOCATION' => $location_url)
);
@ -266,9 +266,9 @@ unset($vars_online);
// Grab group details for legend display
$sql = 'SELECT group_name, group_colour, group_type
FROM ' . GROUPS_TABLE . "
WHERE group_colour <> ''
$sql = 'SELECT group_name, group_colour, group_type
FROM ' . GROUPS_TABLE . "
WHERE group_colour <> ''
AND group_type NOT IN (" . GROUP_HIDDEN . ', ' . GROUP_SPECIAL . ')';
$result = $db->sql_query($sql);
@ -284,11 +284,11 @@ $db->sql_freeresult($result);
$template->assign_vars(array(
'TOTAL_REGISTERED_USERS_ONLINE' => sprintf($l_r_user_s, $logged_visible_online) . sprintf($l_h_user_s, $logged_hidden_online),
'TOTAL_GUEST_USERS_ONLINE' => sprintf($l_g_user_s, $guests_online),
'LEGEND' => $legend,
'LEGEND' => $legend,
'META' => '<meta http-equiv="refresh" content="60; url=viewonline.' . $phpEx . $SID . '">',
'U_SORT_USERNAME' => "viewonline.$phpEx$SID&amp;sk=a&amp;sd=" . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_UPDATED' => "viewonline.$phpEx$SID&amp;sk=b&amp;sd=" . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_USERNAME' => "viewonline.$phpEx$SID&amp;sk=a&amp;sd=" . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_UPDATED' => "viewonline.$phpEx$SID&amp;sk=b&amp;sd=" . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_LOCATION' => "viewonline.$phpEx$SID&amp;sk=c&amp;sd=" . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'))
);

View File

@ -258,7 +258,7 @@ if (!$auth->acl_get('f_read', $forum_id))
trigger_error($user->lang['SORRY_AUTH_READ']);
}
login_box($user->cur_page, '', $user->lang['LOGIN_VIEWTOPIC']);
login_box('', $user->lang['LOGIN_VIEWFORUM']);
}
// Forum is passworded ... check whether access has been granted to this