mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-03-13 20:28:44 +01:00
Code Issues Releases Wiki Activity

Fixed reply w/ quote link (functionality still dosan't exist for it though)

Browse Source 
Fixed bug with being able to modifiy someone elses profile
Fixed bug with BBCode not working
Fixed bug with validate_username causing editing of profile to fail (only checks if you actually change you name now)


git-svn-id: file:///svn/phpbb/trunk@421 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
James Atkinson 2001-06-03 23:10:07 +00:00
parent bfa2136438
commit 10fa55f5a0
5 changed files with 110 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
phpBB/common.php
View File

@ -122,7 +122,6 @@ else
$board_config['avatar_filesize'] = $config['avatar_filesize'];
$board_config['avatar_path'] = $config['avatar_path'];
}
include('language/lang_'.$board_config['default_lang'].'.'.$phpEx);
?>

7
phpBB/language/lang_english.php
View File

@ -149,6 +149,7 @@ $lang['Post_new_in'] = "Post New Topic in:"; // Followed by forum name
//
$lang['Website'] = "Website";
$lang['From'] = "From";
$lang['Wrong_Profile'] = "You cannot modify a profile that is not your own.";
//
// Memberslist
@ -170,10 +171,10 @@ $lang['All'] = "All";
//
// Topic Admin <= Should be blank for now
//
//
//
// Errors (not related to a
// Errors (not related to a
// specific failure on a page, eg.
// incorrect password messages do
// not belong here!)
@ -378,7 +379,7 @@ $l_memberslist = "Memberslist";
$l_faq = "FAQ";
$l_privmsgs = "Private $l_messages";
$l_sendpmsg = "Send a Private Message";
$l_postedtotal =
$l_postedtotal =
$l_wehave = "We have";
$l_regedusers = "registered users.";
$l_newestuser = "The newest Registered User is";

18
phpBB/posting.php
View File

@ -124,7 +124,7 @@ if(!$is_auth[$is_auth_type])
// to read this forum ...
//
include('includes/page_header.'.$phpEx);
$msg = "I am sorry but you are not currently authorised to post to this forum. You could try logging on and trying again. If you are logged on then this is a private forum for which you have not been granted access.";
$template->set_filenames(array(
@ -147,9 +147,9 @@ $error = FALSE;
//
// Set initial conditions
//
$disable_html = (isset($HTTP_POST_VARS['disable_html'])) ? $HTTP_POST_VARS['disable_html'] : !$userdata['user_allowhtml'];
$disable_bbcode = (isset($HTTP_POST_VARS['disable_bbcode'])) ? $HTTP_POST_VARS['disable_bbcode'] : !$userdata['user_allowbbcode'];
$disable_smilies = (isset($HTTP_POST_VARS['disable_smile'])) ? $HTTP_POST_VARS['disable_smile'] : !$userdata['user_allowsmile'];
$disable_html = (isset($HTTP_POST_VARS['disable_html'])) ? $HTTP_POST_VARS['disable_html'] : $userdata['user_allowhtml'];
$disable_bbcode = (isset($HTTP_POST_VARS['disable_bbcode'])) ? $HTTP_POST_VARS['disable_bbcode'] : $userdata['user_allowbbcode'];
$disable_smilies = (isset($HTTP_POST_VARS['disable_smile'])) ? $HTTP_POST_VARS['disable_smile'] : $userdata['user_allowsmile'];
$attach_sig = (isset($HTTP_POST_VARS['attach_sig'])) ? $HTTP_POST_VARS['attach_sig'] : $userdata['user_attachsig'];
$notify = (isset($HTTP_POST_VARS['notify'])) ? $HTTP_POST_VARS['notify'] : $userdata["always_notify"];
@ -163,8 +163,8 @@ if(isset($HTTP_POST_VARS['submit']))
//
if($mode != 'editpost')
{
$sql = "SELECT max(post_time) AS last_post_time
FROM ".POSTS_TABLE."
$sql = "SELECT max(post_time) AS last_post_time
FROM ".POSTS_TABLE."
WHERE poster_ip = '$user_ip'";
if($result = $db->sql_query($sql))
{
@ -454,7 +454,7 @@ switch($mode)
}
break;
case 'reply':
@ -520,7 +520,7 @@ switch($mode)
error_die(SQL_ERROR, "Couldn't commit");
}
}
$msg = "$l_stored<br /><br />$l_click <a href=\"".append_sid("viewtopic.$phpEx?".POST_POST_URL."=$new_post_id#$new_post_id")."\">$l_here</a>$l_viewmsg<br /><br />$l_click <a href=\"".append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id")."\">$l_here</a> $l_returntopic";
$template->set_filenames(array(
@ -779,7 +779,7 @@ if($error)
error_die(GENERAL_ERROR, "Sorry, no there is no such forum");
}
$sql = "SELECT forum_name
$sql = "SELECT forum_name
FROM ".FORUMS_TABLE."
WHERE forum_id = $forum_id";
if(!$result = $db->sql_query($sql))

138
phpBB/profile.php
View File

@ -13,7 +13,7 @@
/***************************************************************************
*
*
* This program is free software; you can redistribute it and/or modified
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@ -48,11 +48,11 @@ function validate_username($username)
// a UNION clause which would be very nice here :(
// So we have to use two queries
case 'mysql':
$sql_users = "SELECT username
FROM ".USERS_TABLE."
$sql_users = "SELECT username
FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
$sql_disallow = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
$sql_disallow = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'";
if($result = $db->sql_query($sql_users))
@ -72,12 +72,12 @@ function validate_username($username)
break;
default:
$sql = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'
UNION
SELECT username
FROM ".USERS_TABLE."
$sql = "SELECT disallow_username
FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'
UNION
SELECT username
FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
if($result = $db->sql_query($sql))
@ -97,9 +97,9 @@ function language_select($default, $dirname="language/")
global $phpEx;
$dir = opendir($dirname);
$lang_select = "<select name=\"language\">\n";
while ($file = readdir($dir))
while ($file = readdir($dir))
{
if (ereg("^lang_", $file))
if (ereg("^lang_", $file))
{
$filename = str_replace("lang_", "", $file);
$filename = str_replace(".$phpEx", "", $filename);
@ -208,7 +208,7 @@ function tz_select($default)
"+10" => "(GMT +10:00 hours) Guam, Melbourne, Papua New Guinea, Sydney, Vladivostok",
"+11" => "(GMT +11:00 hours) Magadan, Solomon Islands, New Caledonia",
"+12" => "(GMT +12:00 hours) Auckland, Wellington, Fiji, Kamchatka, Marshall Island");
while(list($offset, $zone) = each($tz_array))
{
if($offset == $default)
@ -232,7 +232,7 @@ function tz_select($default)
//
// Start of program proper
//
//
if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
@ -269,7 +269,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
if(DEBUG)
{
error_die(GENERAL_ERROR, "You must supply the user ID number of the user you want to view", __LINE__, __FILE__);
error_die(GENERAL_ERROR, "You must supply the user ID number of the user you want to view", __LINE__, __FILE__);
}
else
{
@ -323,10 +323,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"WEBSITE" => stripslashes($profiledata['user_website']),
"LOCATION" => stripslashes($profiledata['user_from']),
"OCCUPATION" => stripslashes($profiledata['user_occ']),
"INTERESTS" => stripslashes($profiledata['user_interests']),
"AVATAR_IMG" => $board_config['avatar_path'] . "/" . stripslashes($profiledata['user_avatar']),
"L_VIEWING_PROFILE" => $l_viewing_profile,
"INTERESTS" => stripslashes($profiledata['user_interests']),
"AVATAR_IMG" => $board_config['avatar_path'] . "/" . stripslashes($profiledata['user_avatar']),
"L_VIEWING_PROFILE" => $l_viewing_profile,
"L_USERNAME" => $l_username,
"L_VIEW_USERS_POSTS" => $l_view_users_posts,
"L_JOINED" => $l_joined,
@ -339,10 +339,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"L_MESSENGER" => $l_messenger,
"L_LOCATION" => $l_from,
"L_OCCUPATION" => $l_occupation,
"L_INTERESTS" => $l_interests,
"L_AVATAR" => $l_avatar,
"L_INTERESTS" => $l_interests,
"L_AVATAR" => $l_avatar,
"U_SEARCH_USER" => append_sid("search.$phpEx?a=".urlencode($profiledata['username'])."&f=all&b=0&d=DESC&c=100&dosearch=1"),
"U_SEARCH_USER" => append_sid("search.$phpEx?a=".urlencode($profiledata['username'])."&f=all&b=0&d=DESC&c=100&dosearch=1"),
"U_USER_WEBSITE" => stripslashes($profiledata['user_website']),
"S_PROFILE_ACTION" => append_sid("profile.$phpEx"))
@ -408,8 +408,14 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$user_avatar = (empty($user_avatar_loc)) ? $userdata['user_avatar'] : "";
$error = FALSE;
$passwd_sql = "";
if($user_id != $userdata['user_id'])
{
$error = TRUE;
$error_msg = $lang['Wrong_Profile'];
}
if(!empty($password) && !empty($password_confirm))
{
// The user wants to change their password, isn't that cute..
@ -427,12 +433,12 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
else if($password && !$password_confirm)
{
$error = TRUE;
$error_msg = $l_mismatch . "<br />" . $l_tryagain;
$error_msg = $l_mismatch . "<br />" . $l_tryagain;
}
if($board_config['allow_namechange'])
{
if(!validate_username($username))
if(!validate_username($username) && ($username != $userdata['username']))
{
$error = TRUE;
if(isset($error_msg))
@ -462,13 +468,13 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$error_type = false;
switch($user_avatar_type)
{
case "image/pjpeg":
case "image/pjpeg":
$imgtype = '.jpg';
break;
case "image/gif":
case "image/gif":
$imgtype = '.gif';
break;
case "image/png":
case "image/png":
$imgtype = '.png';
break;
default:
@ -508,11 +514,11 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
if(!$error)
{
$sql = "UPDATE ".USERS_TABLE."
SET username = '$username'".$passwd_sql.", user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occ', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_lang = '$user_lang', user_template = '$user_template', user_theme = $user_theme".$avatar_sql."
$sql = "UPDATE ".USERS_TABLE."
SET username = '$username'".$passwd_sql.", user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occ', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_lang = '$user_lang', user_template = '$user_template', user_theme = $user_theme".$avatar_sql."
WHERE user_id = $user_id";
if($result = $db->sql_query($sql))
{
$msg = $l_infoupdated;
@ -523,7 +529,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ERROR_MESSAGE" => $msg
));
$template->pparse("reg_header");
include('includes/page_tail.'.$phpEx);
}
else
@ -625,10 +631,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? "CHECKED" : "",
"ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
"ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
"AVATAR" => ($user_avatar != "") ? "<img src=\"".$board_config['avatar_path']."/$user_avatar\">" : "",
"AVATAR_SIZE" => $board_config['avatar_filesize'],
"ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
"ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
"AVATAR" => ($user_avatar != "") ? "<img src=\"".$board_config['avatar_path']."/$user_avatar\">" : "",
"AVATAR_SIZE" => $board_config['avatar_filesize'],
"LANGUAGE_SELECT" => language_select($user_lang),
"THEME_SELECT" => theme_select($user_theme),
"TIMEZONE_SELECT" => tz_select($user_timezone),
@ -674,7 +680,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"L_PROFILE_INFO_NOTICE" => $l_profile_info_notice,
"L_CONFIRM" => $l_confirm,
"L_EMAIL_ADDRESS" => $l_emailaddress,
"S_PROFILE_ACTION" => append_sid("profile.$phpEx"))
);
@ -726,7 +732,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
$coppa = 1;
}
list($hr, $min, $sec, $mon, $day, $year) = explode(",", gmdate("H,i,s,m,d,Y", time()));
$regdate = gmmktime($hr, $min, $sec, $mon, $day, $year);
@ -754,7 +760,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$template->assign_var_from_handle("JUMPBOX", "jumpbox");
$template->assign_vars(array(
"COPPA" => $coppa,
"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"),
"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true"))
);
@ -793,11 +799,11 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
}
//
// The AUTO_INCREMENT field in MySQL v3.23 doesn't work
// correctly when there is a row with -1 in that field
// The AUTO_INCREMENT field in MySQL v3.23 doesn't work
// correctly when there is a row with -1 in that field
// so we have to explicitly get the next user ID.
//
$sql = "SELECT MAX(user_id) AS total
$sql = "SELECT MAX(user_id) AS total
FROM ".USERS_TABLE;
if($result = $db->sql_query($sql))
{
@ -823,13 +829,13 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$error_type = false;
switch($user_avatar_type)
{
case "image/pjpeg":
case "image/pjpeg":
$imgtype = '.jpg';
break;
case "image/gif":
case "image/gif":
$imgtype = '.gif';
break;
case "image/png":
case "image/png":
$imgtype = '.png';
break;
default:
@ -871,9 +877,9 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
$md_pass = md5($password);
$sql = "INSERT INTO ".USERS_TABLE."
(user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_timezone, user_dateformat, user_lang, user_template, user_theme, user_active, user_actkey)
VALUES
$sql = "INSERT INTO ".USERS_TABLE."
(user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_timezone, user_dateformat, user_lang, user_template, user_theme, user_active, user_actkey)
VALUES
($new_user_id, '$username', '$regdate', '$md_pass', '$email', '$icq', '$website', '$occupation', '$location', '$interests', '$signature', '$avatar_filename', '$viewemail', '$aim', '$yim', '$msn', $attachsig, $allowsmilies, '$allowhtml', $allowbbcode, $user_timezone, '$user_dateformat', '$user_lang', '$user_template', $user_theme, ";
if($require_activation || $coppa == 1)
{
@ -887,15 +893,15 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
if($result = $db->sql_query($sql))
{
$sql = "INSERT INTO ".GROUPS_TABLE."
(group_name, group_description, group_single_user)
VALUES
$sql = "INSERT INTO ".GROUPS_TABLE."
(group_name, group_description, group_single_user)
VALUES
('$username', 'Personal User', 1)";
if($result = $db->sql_query($sql))
{
$group_id = $db->sql_nextid();
$sql = "INSERT INTO ".USER_GROUP_TABLE."
$sql = "INSERT INTO ".USER_GROUP_TABLE."
(user_id, group_id)
VALUES
($new_user_id, $group_id)";
@ -916,7 +922,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$msg = $l_acountadded;
$email_msg = $l_welcomemail;
}
if(!$coppa)
{
$email_msg .= "\r\n" . $board_config['board_email'];
@ -930,7 +936,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ERROR_MESSAGE" => $msg
));
$template->pparse("reg_header");
include('includes/page_tail.'.$phpEx);
}
else
@ -1025,8 +1031,8 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? "CHECKED" : "",
"ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
"ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
"ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
"ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
"LANGUAGE_SELECT" => language_select($user_lang),
"THEME_SELECT" => theme_select($user_theme),
"TIMEZONE_SELECT" => tz_select($user_timezone),
@ -1070,10 +1076,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"L_PROFILE_INFO_NOTICE" => $l_profile_info_notice,
"L_CONFIRM" => $l_confirm,
"L_EMAIL_ADDRESS" => $l_emailaddress,
"S_PROFILE_ACTION" => append_sid("profile.$phpEx"))
);
);
$template->pparse("body");
include('includes/page_tail.'.$phpEx);
}
@ -1081,16 +1087,16 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
case 'activate':
$sql = "SELECT user_id
FROM ".USERS_TABLE."
$sql = "SELECT user_id
FROM ".USERS_TABLE."
WHERE user_actkey = '$act_key'";
if($result = $db->sql_query($sql))
{
if($num = $db->sql_numrows($result))
{
$rowset = $db->sql_fetchrowset($result);
$sql_update = "UPDATE ".USERS_TABLE."
SET user_active = 1, user_actkey = ''
$sql_update = "UPDATE ".USERS_TABLE."
SET user_active = 1, user_actkey = ''
WHERE user_id = ".$rowset[0]['user_id'];
if($result = $db->sql_query($sql_update))
{

50
phpBB/viewtopic.php
View File

@ -78,8 +78,8 @@ if(isset($HTTP_GET_VARS['view']))
{
case 'mysql':
// And now the stupid MySQL case...I wish they would get around to implementing subselectes...
$sub_query = "SELECT topic_time
FROM ".TOPICS_TABLE."
$sub_query = "SELECT topic_time
FROM ".TOPICS_TABLE."
WHERE topic_id = $topic_id";
if($sub_result = $db->sql_query($sub_query))
{
@ -141,11 +141,11 @@ else
$count_sql = (!isset($post_id)) ? "" : ", COUNT(p2.post_id) AS prev_posts";
$order_sql = (!isset($post_id)) ? "" : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote ORDER BY p.post_id ASC";
$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote" . $count_sql . "
FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".AUTH_FORUMS_TABLE." fa
WHERE $join_sql
AND f.forum_id = t.forum_id
AND fa.forum_id = f.forum_id
$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote" . $count_sql . "
FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".AUTH_FORUMS_TABLE." fa
WHERE $join_sql
AND f.forum_id = t.forum_id
AND fa.forum_id = f.forum_id
$order_sql";
// This closes out the opening braces above
@ -223,7 +223,7 @@ if(!$is_auth['auth_view'] || !$is_auth['auth_view'])
// to read this forum ...
//
include('includes/page_header.'.$phpEx);
$msg = "I am sorry but you are not currently authorised to read this forum. You could try logging on and trying again. If you are logged on then this is a private forum for which you have not been granted access.";
$template->set_filenames(array(
@ -238,7 +238,7 @@ if(!$is_auth['auth_view'] || !$is_auth['auth_view'])
}
//
// End auth check
//
//
for($x = 0; $x < $total_rows; $x++)
@ -254,17 +254,17 @@ for($x = 0; $x < $total_rows; $x++)
//
// Get next and previous topic_id's
//
$sql_next_id = "SELECT topic_id
FROM ".TOPICS_TABLE."
WHERE topic_time > $topic_time
AND forum_id = $forum_id
ORDER BY topic_time ASC
$sql_next_id = "SELECT topic_id
FROM ".TOPICS_TABLE."
WHERE topic_time > $topic_time
AND forum_id = $forum_id
ORDER BY topic_time ASC
LIMIT 1";
$sql_prev_id = "SELECT topic_id
FROM ".TOPICS_TABLE."
WHERE topic_time < $topic_time
AND forum_id = $forum_id
ORDER BY topic_time DESC
$sql_prev_id = "SELECT topic_id
FROM ".TOPICS_TABLE."
WHERE topic_time < $topic_time
AND forum_id = $forum_id
ORDER BY topic_time DESC
LIMIT 1";
$result_next = $db->sql_query($sql_next_id);
$result_prev = $db->sql_query($sql_prev_id);
@ -277,7 +277,7 @@ $topic_prev_row = $db->sql_fetchrow($result_prev);
$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, p.post_time, p.post_id, p.bbcode_uid, pt.post_text, pt.post_subject
FROM ".POSTS_TABLE." p, ".USERS_TABLE." u, ".POSTS_TEXT_TABLE." pt
WHERE p.topic_id = $topic_id
AND p.poster_id = u.user_id
AND p.poster_id = u.user_id
AND p.post_id = pt.post_id
ORDER BY p.post_time ASC
LIMIT $start, ".$board_config['posts_per_page'];
@ -356,8 +356,8 @@ $template->assign_vars(array(
// If we get here then the page is unlikely
// to fail generating ...
//
$sql = "UPDATE ".TOPICS_TABLE."
SET topic_views = topic_views + 1
$sql = "UPDATE ".TOPICS_TABLE."
SET topic_views = topic_views + 1
WHERE topic_id = $topic_id";
if(!$update_result = $db->sql_query($sql))
{
@ -427,7 +427,7 @@ for($x = 0; $x < $total_posts; $x++)
$yim_img = ($postrow[$x]['user_yim']) ? "<a href=\"http://edit.yahoo.com/config/send_webmesg?.target=".$postrow[$x]['user_yim']."&.src=pg\"><img src=\"".$images['yim']."\" border=\"0\"></a>" : "";
$edit_img = "<a href=\"".append_sid("posting.$phpEx?mode=editpost&".POST_POST_URL."=".$postrow[$x]['post_id']."&".POST_TOPIC_URL."=$topic_id&".POST_FORUM_URL."=$forum_id")."\"><img src=\"".$images['edit']."\" alt=\"$l_editdelete\" border=\"0\"></a>";
$quote_img = "<a href=\"".append_sid("posting.$phpEx?mode=reply&quote=true&post_id=".$postrow[$x]['post_id']."&topic_id=$topic_id&forum_id=$forum_id")."\"><img src=\"".$images['quote']."\" alt=\"$l_replyquote\" border=\"0\"></a>";
$quote_img = "<a href=\"".append_sid("posting.$phpEx?mode=reply&quote=true&".POST_POST_URL."=".$postrow[$x]['post_id']."&".POST_TOPIC_URL."=$topic_id&".POST_FORUM_URL."=$forum_id")."\"><img src=\"".$images['quote']."\" alt=\"$l_replyquote\" border=\"0\"></a>";
$pmsg_img = "<a href=\"".append_sid("priv_msgs.$phpEx?mode=send")."\"><img src=\"".$images['pmsg']."\" alt=\"$l_sendpmsg\" border=\"0\"></a>";
if($is_auth['auth_mod'])
@ -482,7 +482,7 @@ for($x = 0; $x < $total_posts; $x++)
"POSTER_JOINED" => $poster_joined,
"POSTER_POSTS" => $poster_posts,
"POSTER_FROM" => $poster_from,
"POSTER_AVATAR" => $poster_avatar,
"POSTER_AVATAR" => $poster_avatar,
"POST_DATE" => $post_date,
"POST_SUBJECT" => $post_subject,
"MESSAGE" => $message,
@ -529,7 +529,7 @@ $template->assign_vars(array(
"PAGINATION" => generate_pagination("viewtopic.$phpEx?".POST_TOPIC_URL."=$topic_id", $total_replies, $board_config['posts_per_page'], $start),
"ON_PAGE" => (floor($start/$board_config['posts_per_page'])+1),
"TOTAL_PAGES" => ceil(($total_replies)/$board_config['posts_per_page']),
"S_AUTH_LIST" => $s_auth_can,
"L_OF" => $lang['of'],