mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-06 16:56:44 +02:00
Code Issues Releases Wiki Activity

Mainly updates for additional/altered admin permission options ... note, you MUST empty your current auth_options table and insert the list from the mysql_basic, you will also need to empty the auth_user/auth_group tables and re-assign permissions, and you should clear the $acl_options array in config_cache

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@3020 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-11-09 00:04:18 +00:00
parent 1c5f838a2d
commit 1405e47fc1
18 changed files with 845 additions and 908 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
phpBB/admin/admin_ban.php
View File

@@ -21,9 +21,9 @@
define('IN_PHPBB', 1);
if( !empty($setmodules) )
if(!empty($setmodules))
{
if ( !$auth->acl_get('a_ban') )
if (!$auth->acl_get('a_ban'))
{
return;
}
@@ -42,15 +42,15 @@ require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
// Do we have ban permissions?
if ( !$auth->acl_get('a_ban') )
if (!$auth->acl_get('a_ban'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
// Mode setting
if ( isset($_POST['mode']) || isset($_GET['mode']) )
if (isset($_POST['mode']) || isset($_GET['mode']))
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
$mode = (isset($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
}
else
{
@@ -60,19 +60,19 @@ else
$current_time = time();
// Start program
if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
{
$ban = ( !empty($_POST['ban']) ) ? $_POST['ban'] : $_GET['ban'];
$ban = (!empty($_POST['ban'])) ? $_POST['ban'] : $_GET['ban'];
$ban_list = array_unique(explode("\n", $ban));
$ban_list_log = implode(', ', $ban_list);
$ban_reason = ( isset($_POST['banreason']) ) ? $_POST['banreason'] : '';
$ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : '';
if ( !empty($_POST['banlength']) )
if (!empty($_POST['banlength']))
{
if ( $_POST['banlength'] != -1 || empty($_POST['banlengthother']) )
if ($_POST['banlength'] != -1 || empty($_POST['banlengthother']))
{
$ban_end = max($current_time, $current_time + ( intval($_POST['banlength']) * 60 ));
$ban_end = max($current_time, $current_time + (intval($_POST['banlength']) * 60));
}
else
{
@@ -87,7 +87,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$banlist = array();
switch ( $mode )
switch ($mode)
{
case 'user':
$type = 'ban_userid';
@@ -95,7 +95,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$banlist_tmp = array();
for($i = 0; $i < count($ban_list); $i++)
{
if ( trim($ban_list[$i]) != '' )
if (trim($ban_list[$i]) != '')
{
$banlist_tmp[] = '\'' . trim($ban_list[$i]) . '\'';
}
@@ -106,13 +106,13 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
WHERE username IN (" . implode(', ', $banlist_tmp) . ")";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$banlist[] = $row['user_id'];
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
unset($banlist_tmp);
break;
@@ -122,18 +122,18 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
for($i = 0; $i < count($ban_list); $i++)
{
if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) )
if (preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode))
{
// Don't ask about all this, just don't ask ... !
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while ( $ip_1_counter <= $ip_1_end )
while ($ip_1_counter <= $ip_1_end)
{
$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;
$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
if( $ip_2_counter == 0 && $ip_2_end == 254 )
if($ip_2_counter == 0 && $ip_2_end == 254)
{
$ip_2_counter = 256;
$ip_2_fragment = 256;
@@ -141,12 +141,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$banlist[] = "'$ip_1_counter.*'";
}
while ( $ip_2_counter <= $ip_2_end )
while ($ip_2_counter <= $ip_2_end)
{
$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;
$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
if ( $ip_3_counter == 0 && $ip_3_end == 254 )
if ($ip_3_counter == 0 && $ip_3_end == 254)
{
$ip_3_counter = 256;
$ip_3_fragment = 256;
@@ -154,12 +154,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$banlist[] = "'$ip_1_counter.$ip_2_counter.*'";
}
while ( $ip_3_counter <= $ip_3_end )
while ($ip_3_counter <= $ip_3_end)
{
$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;
$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
if ( $ip_4_counter == 0 && $ip_4_end == 254 )
if ($ip_4_counter == 0 && $ip_4_end == 254)
{
$ip_4_counter = 256;
$ip_4_fragment = 256;
@@ -167,7 +167,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
}
while ( $ip_4_counter <= $ip_4_end )
while ($ip_4_counter <= $ip_4_end)
{
$banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
$ip_4_counter++;
@@ -179,19 +179,19 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$ip_1_counter++;
}
}
else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])) )
else if (preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])))
{
$ip = gethostbynamel(trim($ban_list[$i]));
for($j = 0; $j < count($ip); $j++)
{
if ( !empty($ip[$j]) )
if (!empty($ip[$j]))
{
$banlist[] = '\'' . $ip[$j] . '\'';
}
}
}
else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) || preg_match('/^[a-f0-9:]+\*?$/i', trim($ban_list[$i])) )
else if (preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) || preg_match('/^[a-f0-9:]+\*?$/i', trim($ban_list[$i])))
{
$banlist[] = '\'' . trim($ban_list[$i]) . '\'';
}
@@ -206,7 +206,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
// This ereg match is based on one by php@unreelpro.com
// contained in the annotated php manual at php.com (ereg
// section)
if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])) )
if (eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])))
{
$banlist[] = '\'' . trim($ban_list[$i]) . '\'';
}
@@ -219,12 +219,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
WHERE $type <> ''";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
$banlist_tmp = array();
do
{
switch ( $mode )
switch ($mode)
{
case 'user':
$banlist_tmp[] = $row['ban_userid'];
@@ -239,13 +239,13 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
break;
}
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
$banlist = array_unique(array_diff($banlist, $banlist_tmp));
unset($banlist_tmp);
}
if ( sizeof($banlist) )
if (sizeof($banlist))
{
for($i = 0; $i < count($banlist); $i++)
{
@@ -255,7 +255,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
}
$sql = '';
switch ( $mode )
switch ($mode)
{
case 'user':
$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
@@ -272,20 +272,20 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
$result = $db->sql_query($sql);
$sql = '';
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $row['user_id'];
$sql .= (($sql != '') ? ', ' : '') . $row['user_id'];
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
}
break;
}
if ( $sql != '' )
if ($sql != '')
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
$sql";
@@ -302,15 +302,15 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) )
message_die(MESSAGE, $message);
}
else if ( isset($_POST['unbansubmit']) )
else if (isset($_POST['unbansubmit']))
{
$unban_sql = '';
for($i = 0; $i < count($_POST['unban']); $i++ )
for($i = 0; $i < count($_POST['unban']); $i++)
{
$unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($_POST['unban'][$i]);
$unban_sql .= (($unban_sql != '') ? ', ' : '') . intval($_POST['unban'][$i]);
}
if ( $unban_sql != '' )
if ($unban_sql != '')
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
@@ -340,7 +340,7 @@ $db->sql_query($sql);
$ban_end_text = array(0 => $user->lang['Permanent'], 30 => $user->lang['30_Mins'], 60 => $user->lang['1_Hour'], 360 => $user->lang['6_Hours'], 1440 => $user->lang['1_Day'], 10080 => $user->lang['7_Days'], 20160 => $user->lang['2_Weeks'], 40320 => $user->lang['1_Month'], -1 => $user->lang['Other']);
$ban_end_options = '';
foreach ( $ban_end_text as $length => $text )
foreach ($ban_end_text as $length => $text)
{
$ban_end_options .= '<option value="' . $length . '">' . $text . '</option>';
}
@@ -348,7 +348,7 @@ foreach ( $ban_end_text as $length => $text )
//
// Title
//
switch ( $mode )
switch ($mode)
{
case 'user':
$l_title = $user->lang['Ban_users'];
@@ -372,13 +372,13 @@ page_header($l_title);
<?php
switch ( $mode )
switch ($mode)
{
case 'user':
$sql = "SELECT b.*, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE ( b.ban_end >= " . time() . "
OR b.ban_end = 0 )
WHERE (b.ban_end >= " . time() . "
OR b.ban_end = 0)
AND u.user_id = b.ban_userid
AND b.ban_userid <> 0
AND u.user_id <> " . ANONYMOUS . "
@@ -388,15 +388,15 @@ switch ( $mode )
$banned_options = '';
$banned_length = '';
$banned_options = '';
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>';
$banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\'';
$banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\'';
$banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\'';
$banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\'';
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
@@ -414,23 +414,23 @@ switch ( $mode )
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
WHERE (ban_end >= " . time() . "
OR ban_end = 0)
AND ban_ip <> ''";
$result = $db->sql_query($sql);
$banned_reasons = '';
$banned_length = '';
$banned_options = '';
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_ip'] . '</option>';
$banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\'';
$banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\'';
$banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\'';
$banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\'';
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
@@ -448,23 +448,23 @@ switch ( $mode )
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
WHERE (ban_end >= " . time() . "
OR ban_end = 0)
AND ban_email <> ''";
$result = $db->sql_query($sql);
$banned_options = '';
$banned_length = '';
$banned_options = '';
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_email'] . '</option>';
$banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\'';
$banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\'';
$banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\'';
$banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\'';
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
@@ -509,7 +509,7 @@ switch ( $mode )
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
</tr>
</table>
@@ -524,7 +524,7 @@ switch ( $mode )
<tr>
<?php
if ( $banned_options != '' )
if ($banned_options != '')
{
?>
@@ -545,7 +545,7 @@ switch ( $mode )
?>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /></td>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /></td>
</tr>
</table></form>

232
phpBB/admin/admin_board.php
View File

@@ -19,45 +19,68 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
{
return;
}
$file = basename(__FILE__);
$module['General']['Avatar_settings'] = "$file$SID&amp;mode=avatar";
$module['General']['Cookie_settings'] = "$file$SID&amp;mode=cookie";
$module['General']['Board_defaults'] = "$file$SID&amp;mode=default";
$module['General']['Board_settings'] = "$file$SID&amp;mode=setting";
$module['General']['Email_settings'] = "$file$SID&amp;mode=email";
$module['General']['Server_settings'] = "$file$SID&amp;mode=server";
$module['General']['Auth_settings'] = "$file$SID&amp;mode=auth";
$module['General']['Cookie_settings'] = ($auth->acl_get('a_cookies')) ? "$file$SID&amp;mode=cookie" : '';
$module['General']['Board_defaults'] = ($auth->acl_get('a_defaults')) ? "$file$SID&amp;mode=default" : '';
$module['General']['Board_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&amp;mode=setting" : '';
$module['General']['Avatar_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&amp;mode=avatar" : '';
$module['General']['Email_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=email" : '';
$module['General']['Server_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=server" : '';
$module['General']['Auth_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=auth" : '';
return;
}
// Let's set the root dir for phpBB
define('IN_PHPBB', 1);
// Load default header
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
// Are we authed?
if ( !$auth->acl_get('a_general') )
// Get mode
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// Check permissions/set title
switch ($mode)
{
trigger_error($user->lang['No_admin']);
case 'cookie':
$l_title = 'Cookie_settings';
$which_auth = 'a_cookies';
break;
case 'default':
$l_title = 'Board_defaults';
$which_auth = 'a_defaults';
break;
case 'avatar':
$l_title = 'Avatar_settings';
$which_auth = 'a_board';
break;
case 'setting':
$l_title = 'Board_settings';
$which_auth = 'a_board';
break;
case 'email':
$l_title = 'Email_settings';
$which_auth = 'a_server';
break;
case 'server':
$l_title = 'Server_settings';
$which_auth = 'a_server';
break;
case 'auth':
$l_title = 'Auth_settings';
$which_auth = 'a_server';
break;
default:
return;
}
// Get mod
if ( isset($_POST['mode']) || isset($_GET['mode']) )
// Check permissions
if (!$auth->acl_get($which_acl))
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
trigger_error($user->lang['NO_ADMIN']);
}
// Pull all config data
@@ -65,15 +88,15 @@ $sql = "SELECT *
FROM " . CONFIG_TABLE;
$result = $db->sql_query($sql);
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$config_name = $row['config_name'];
$config_value = $row['config_value'];
$default_config[$config_name] = $config_value;
$new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name];
$new[$config_name] = (isset($_POST[$config_name])) ? $_POST[$config_name] : $default_config[$config_name];
if ( isset($_POST['submit']) )
if (isset($_POST['submit']))
{
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '" . str_replace("\'", "''", $new[$config_name]) . "'
@@ -82,7 +105,7 @@ while ( $row = $db->sql_fetchrow($result) )
}
}
if ( isset($_POST['submit']) )
if (isset($_POST['submit']))
{
// Re-cache config data
config_config($new);
@@ -91,39 +114,6 @@ if ( isset($_POST['submit']) )
trigger_error($user->lang['Config_updated']);
}
//
// Which title?
//
switch ( $mode )
{
case 'cookie':
$l_title = 'Cookie_settings';
break;
case 'avatar':
$l_title = 'Avatar_settings';
break;
case 'default':
$l_title = 'Board_defaults';
break;
case 'setting':
$l_title = 'Board_settings';
break;
case 'email':
$l_title = 'Email_settings';
break;
case 'server':
$l_title = 'Server_settings';
break;
case 'login':
$l_title = 'Server_settings';
break;
case 'auth':
$l_title = 'Auth_settings';
break;
default:
return;
}
page_header($user->lang[$l_title]);
?>
@@ -141,12 +131,12 @@ page_header($user->lang[$l_title]);
//
// Output relevant page
//
switch ( $mode )
switch ($mode)
{
case 'cookie':
$cookie_secure_yes = ( $new['cookie_secure'] ) ? 'checked="checked"' : '';
$cookie_secure_no = ( !$new['cookie_secure'] ) ? 'checked="checked"' : '';
$cookie_secure_yes = ($new['cookie_secure']) ? 'checked="checked"' : '';
$cookie_secure_no = (!$new['cookie_secure']) ? 'checked="checked"' : '';
?>
<tr>
@@ -171,12 +161,12 @@ switch ( $mode )
case 'avatar':
$avatars_local_yes = ( $new['allow_avatar_local'] ) ? 'checked="checked"' : '';
$avatars_local_no = ( !$new['allow_avatar_local'] ) ? 'checked="checked"' : '';
$avatars_remote_yes = ( $new['allow_avatar_remote'] ) ? 'checked="checked"' : '';
$avatars_remote_no = ( !$new['allow_avatar_remote'] ) ? 'checked="checked"' : '';
$avatars_upload_yes = ( $new['allow_avatar_upload'] ) ? 'checked="checked"' : '';
$avatars_upload_no = ( !$new['allow_avatar_upload'] ) ? 'checked="checked"' : '';
$avatars_local_yes = ($new['allow_avatar_local']) ? 'checked="checked"' : '';
$avatars_local_no = (!$new['allow_avatar_local']) ? 'checked="checked"' : '';
$avatars_remote_yes = ($new['allow_avatar_remote']) ? 'checked="checked"' : '';
$avatars_remote_no = (!$new['allow_avatar_remote']) ? 'checked="checked"' : '';
$avatars_upload_yes = ($new['allow_avatar_upload']) ? 'checked="checked"' : '';
$avatars_upload_no = (!$new['allow_avatar_upload']) ? 'checked="checked"' : '';
?>
<tr>
@@ -217,29 +207,29 @@ switch ( $mode )
$lang_select = language_select($new['default_lang'], 'default_lang', '../language');
$timezone_select = tz_select($new['board_timezone'], 'board_timezone');
$override_user_style_yes = ( $new['override_user_style'] ) ? 'checked="checked"' : '';
$override_user_style_no = ( !$new['override_user_style'] ) ? 'checked="checked"' : '';
$override_user_style_yes = ($new['override_user_style']) ? 'checked="checked"' : '';
$override_user_style_no = (!$new['override_user_style']) ? 'checked="checked"' : '';
$topic_notify_yes = ( $new['allow_topic_notify'] ) ? 'checked="checked"' : '';
$topic_notify_no = ( !$new['allow_topic_notify'] ) ? 'checked="checked"' : '';
$topic_notify_yes = ($new['allow_topic_notify']) ? 'checked="checked"' : '';
$topic_notify_no = (!$new['allow_topic_notify']) ? 'checked="checked"' : '';
$forum_notify_yes = ( $new['allow_forum_notify'] ) ? 'checked="checked"' : '';
$forum_notify_no = ( !$new['allow_forum_notify'] ) ? 'checked="checked"' : '';
$forum_notify_yes = ($new['allow_forum_notify']) ? 'checked="checked"' : '';
$forum_notify_no = (!$new['allow_forum_notify']) ? 'checked="checked"' : '';
$html_yes = ( $new['allow_html'] ) ? 'checked="checked"' : '';
$html_no = ( !$new['allow_html'] ) ? 'checked="checked"' : '';
$html_yes = ($new['allow_html']) ? 'checked="checked"' : '';
$html_no = (!$new['allow_html']) ? 'checked="checked"' : '';
$bbcode_yes = ( $new['allow_bbcode'] ) ? 'checked="checked"' : '';
$bbcode_no = ( !$new['allow_bbcode'] ) ? 'checked="checked"' : '';
$bbcode_yes = ($new['allow_bbcode']) ? 'checked="checked"' : '';
$bbcode_no = (!$new['allow_bbcode']) ? 'checked="checked"' : '';
$smile_yes = ( $new['allow_smilies'] ) ? 'checked="checked"' : '';
$smile_no = ( !$new['allow_smilies'] ) ? 'checked="checked"' : '';
$smile_yes = ($new['allow_smilies']) ? 'checked="checked"' : '';
$smile_no = (!$new['allow_smilies']) ? 'checked="checked"' : '';
$sig_yes = ( $new['allow_sig'] ) ? 'checked="checked"' : '';
$sig_no = ( !$new['allow_sig'] ) ? 'checked="checked"' : '';
$sig_yes = ($new['allow_sig']) ? 'checked="checked"' : '';
$sig_no = (!$new['allow_sig']) ? 'checked="checked"' : '';
$namechange_yes = ( $new['allow_namechange'] ) ? 'checked="checked"' : '';
$namechange_no = ( !$new['allow_namechange'] ) ? 'checked="checked"' : '';
$namechange_yes = ($new['allow_namechange']) ? 'checked="checked"' : '';
$namechange_no = (!$new['allow_namechange']) ? 'checked="checked"' : '';
?>
<tr>
@@ -312,22 +302,22 @@ switch ( $mode )
case 'setting':
$disable_board_yes = ( $new['board_disable'] ) ? 'checked="checked"' : '';
$disable_board_no = ( !$new['board_disable'] ) ? 'checked="checked"' : '';
$disable_board_yes = ($new['board_disable']) ? 'checked="checked"' : '';
$disable_board_no = (!$new['board_disable']) ? 'checked="checked"' : '';
$coppa_enable_yes = ( $new['coppa_enable'] ) ? 'checked="checked"' : '';
$coppa_enable_no = ( !$new['coppa_enable'] ) ? 'checked="checked"' : '';
$coppa_enable_yes = ($new['coppa_enable']) ? 'checked="checked"' : '';
$coppa_enable_no = (!$new['coppa_enable']) ? 'checked="checked"' : '';
$activation_none = ( $new['require_activation'] == USER_ACTIVATION_NONE ) ? 'checked="checked"' : '';
$activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? 'checked="checked"' : '';
$activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : '';
$activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : '';
$activation_none = ($new['require_activation'] == USER_ACTIVATION_NONE) ? 'checked="checked"' : '';
$activation_user = ($new['require_activation'] == USER_ACTIVATION_SELF) ? 'checked="checked"' : '';
$activation_admin = ($new['require_activation'] == USER_ACTIVATION_ADMIN) ? 'checked="checked"' : '';
$activation_disable = ($new['require_activation'] == USER_ACTIVATION_DISABLE) ? 'checked="checked"' : '';
$privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : '';
$privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : '';
$privmsg_on = (!$new['privmsg_disable']) ? 'checked="checked"' : '';
$privmsg_off = ($new['privmsg_disable']) ? 'checked="checked"' : '';
$prune_yes = ( $new['prune_enable'] ) ? 'checked="checked"' : '';
$prune_no = ( !$new['prune_enable'] ) ? 'checked="checked"' : '';
$prune_yes = ($new['prune_enable']) ? 'checked="checked"' : '';
$prune_no = (!$new['prune_enable']) ? 'checked="checked"' : '';
?>
<tr>
@@ -412,14 +402,14 @@ switch ( $mode )
case 'email':
$email_yes = ( $new['email_enable'] ) ? 'checked="checked"' : '';
$email_no = ( !$new['email_enable'] ) ? 'checked="checked"' : '';
$email_yes = ($new['email_enable']) ? 'checked="checked"' : '';
$email_no = (!$new['email_enable']) ? 'checked="checked"' : '';
$board_email_form_yes = ( $new['board_email_form'] ) ? 'checked="checked"' : '';
$board_email_form_no = ( !$new['board_email_form'] ) ? 'checked="checked"' : '';
$board_email_form_yes = ($new['board_email_form']) ? 'checked="checked"' : '';
$board_email_form_no = (!$new['board_email_form']) ? 'checked="checked"' : '';
$smtp_yes = ( $new['smtp_delivery'] ) ? 'checked="checked"' : '';
$smtp_no = ( !$new['smtp_delivery'] ) ? 'checked="checked"' : '';
$smtp_yes = ($new['smtp_delivery']) ? 'checked="checked"' : '';
$smtp_no = (!$new['smtp_delivery']) ? 'checked="checked"' : '';
?>
<tr>
@@ -460,13 +450,13 @@ switch ( $mode )
case 'server':
$ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : '';
$ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : '';
$ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : '';
$ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : '';
$ip_all = ($new['ip_check'] == 4) ? 'checked="checked"' : '';
$ip_classc = ($new['ip_check'] == 3) ? 'checked="checked"' : '';
$ip_classb = ($new['ip_check'] == 2) ? 'checked="checked"' : '';
$ip_none = ($new['ip_check'] == 0) ? 'checked="checked"' : '';
$gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : '';
$gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : '';
$gzip_yes = ($new['gzip_compress']) ? 'checked="checked"' : '';
$gzip_no = (!$new['gzip_compress']) ? 'checked="checked"' : '';
?>
<tr>
<td class="row1"><?php echo $user->lang['Server_name']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Server_name_explain']; ?></span></td>
@@ -517,9 +507,9 @@ switch ( $mode )
$auth_plugins = array();
$dp = opendir($phpbb_root_path . 'includes/auth');
while ( $file = readdir($dp) )
while ($file = readdir($dp))
{
if ( preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file) )
if (preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file))
{
$auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file);
}
@@ -528,9 +518,9 @@ switch ( $mode )
sort($auth_plugins);
$auth_select = '';
foreach ( $auth_plugins as $method )
foreach ($auth_plugins as $method)
{
$selected = ( $config['auth_method'] == $method ) ? ' selected="selected"' : '';
$selected = ($config['auth_method'] == $method) ? ' selected="selected"' : '';
$auth_select .= '<option value="' . $method . '"' . $selected . '>' . ucfirst($method) . '</option>';
}
@@ -541,23 +531,23 @@ switch ( $mode )
</tr>
<?php
foreach ( $auth_plugins as $method )
foreach ($auth_plugins as $method)
{
if ( $method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx) )
if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx))
{
include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx);
$method = 'admin_' . $method;
if ( function_exists($method) )
if (function_exists($method))
{
if ( $config_fields = $method($new) )
if ($config_fields = $method($new))
{
//
// Check if we need to create config fields for this plugin
//
foreach( $config_fields as $field )
foreach($config_fields as $field)
{
if ( !isset($config[$field]) )
if (!isset($config[$field]))
{
$sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value)
VALUES ('$field', '')";
@@ -576,7 +566,7 @@ switch ( $mode )
?>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
</tr>
</table></form>

240
phpBB/admin/admin_database.php
View File

@@ -19,18 +19,13 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
{
return;
}
$filename = basename(__FILE__);
$module['DB']['DB_Backup'] = $filename . "$SID&amp;mode=backup";
$module['DB']['DB_Backup'] = ($auth->acl_get('a_backup')) ? $filename . "$SID&amp;mode=backup" : '';
$file_uploads = @ini_get('file_uploads');
if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' )
if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' && $auth->acl_get('a_restore'))
{
$module['DB']['DB_Restore'] = $filename . "$SID&amp;mode=restore";
}
@@ -39,40 +34,30 @@ if ( !empty($setmodules) )
}
define('IN_PHPBB', 1);
//
// Load default header
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have DB backup/restore permissions?
//
if ( !$auth->acl_get('a_general') )
{
message_die(MESSAGE, $user->lang['No_admin']);
}
$mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';
//
// Increase maximum execution time, but don't complain about it if it isn't
// allowed.
//
@set_time_limit(1200);
$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : '';
//
// Begin program proper
//
switch( $mode )
switch($mode)
{
case 'backup':
if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' )
if (!$auth->acl_get('a_backup'))
{
switch ( SQL_LAYER )
trigger_error($user->lang['NO_ADMIN']);
}
if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql')
{
switch (SQL_LAYER)
{
case 'oracle':
$db_type = 'Oracle';
@@ -85,17 +70,17 @@ switch( $mode )
break;
}
message_die(MESSAGE, $user->lang['Backups_not_supported']);
trigger_error($user->lang['Backups_not_supported']);
break;
}
$additional_tables = ( isset($_POST['tables']) ) ? $_POST['tables'] : ( ( isset($_GET['tables']) ) ? $_GET['tables'] : '' );
$backup_type = ( isset($_POST['type']) ) ? $_POST['type'] : ( ( isset($_GET['type']) ) ? $_GET['type'] : '' );
$search = ( !empty($_POST['search']) ) ? intval($_POST['search']) : ( ( !empty($_GET['search']) ) ? intval($_GET['search']) : 0 );
$store_path = ( isset($_POST['store']) ) ? $_POST['store'] : ( ( isset($_GET['store']) ) ? $_GET['store'] : '' );
$compress = ( !empty($_POST['compress']) ) ? $_POST['compress'] : ( ( !empty($_GET['compress']) ) ? $_GET['compress'] : 'none' );
$additional_tables = (isset($_POST['tables'])) ? $_POST['tables'] : ((isset($_GET['tables'])) ? $_GET['tables'] : '');
$backup_type = (isset($_POST['type'])) ? $_POST['type'] : ((isset($_GET['type'])) ? $_GET['type'] : '');
$search = (!empty($_POST['search'])) ? intval($_POST['search']) : ((!empty($_GET['search'])) ? intval($_GET['search']) : 0);
$store_path = (isset($_POST['store'])) ? $_POST['store'] : ((isset($_GET['store'])) ? $_GET['store'] : '');
$compress = (!empty($_POST['compress'])) ? $_POST['compress'] : ((!empty($_GET['compress'])) ? $_GET['compress'] : 'none');
if ( !isset($_POST['backupstart']) && !isset($_GET['backupstart']) )
if (!isset($_POST['backupstart']) && !isset($_GET['backupstart']))
{
page_header($user->lang['DB_Backup']);
@@ -127,7 +112,7 @@ switch( $mode )
</tr>
<?php
if ( extension_loaded('zlib') || extension_loaded('bz2') )
if (extension_loaded('zlib') || extension_loaded('bz2'))
{
?>
@@ -135,7 +120,7 @@ switch( $mode )
<td class="row1"><?php echo $user->lang['Compress_file']; ?>: </td>
<td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $user->lang['None']; ?><?php
if ( extension_loaded('zlib') )
if (extension_loaded('zlib'))
{
@@ -143,7 +128,7 @@ switch( $mode )
}
if ( extension_loaded('bz2') )
if (extension_loaded('bz2'))
{
?>&nbsp;&nbsp;<input type="radio" name="compress" value="bzip" />.bz2<?php
@@ -166,21 +151,21 @@ switch( $mode )
break;
}
else if ( !isset($_POST['startdownload']) && !isset($_GET['startdownload']) )
else if (!isset($_POST['startdownload']) && !isset($_GET['startdownload']))
{
$meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&amp;type=$backup_type&amp;tables=" . quotemeta($additional_tables) . "&amp;search=$search&amp;store=" . quotemeta($store_path) . "&amp;compress=$compress&amp;backupstart=1&amp;startdownload=1\">";
$message = ( empty($store_path) ) ? $user->lang['Backup_download'] : $user->lang['Backup_writing'];
$message = (empty($store_path)) ? $user->lang['Backup_download'] : $user->lang['Backup_writing'];
page_header($user->lang['DB_Backup'], $meta);
page_message($user->lang['DB_Backup'], $message);
page_footer();
}
$tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables();
$tables = (SQL_LAYER != 'postgresql') ? mysql_get_tables() : pg_get_tables();
@sort($tables);
if ( !empty($additional_tables) )
if (!empty($additional_tables))
{
$additional_tables = explode(',', $additional_tables);
@@ -206,7 +191,7 @@ switch( $mode )
echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n";
echo "#\n";
if ( SQL_LAYER == 'postgresql' )
if (SQL_LAYER == 'postgresql')
{
echo "\n" . pg_get_sequences("\n", $backup_type);
}
@@ -215,7 +200,7 @@ switch( $mode )
{
$table_name = $tables[$i];
if ( SQL_LAYER != 'mysql4' )
if (SQL_LAYER != 'mysql4')
{
$table_def_function = "get_table_def_" . SQL_LAYER;
$table_content_function = "get_table_content_" . SQL_LAYER;
@@ -226,18 +211,18 @@ switch( $mode )
$table_content_function = "get_table_content_mysql";
}
if ( $backup_type != 'data' )
if ($backup_type != 'data')
{
echo "#\n# TABLE: " . $table_name . "\n#\n";
echo $table_def_function($table_name, "\n") . "\n";
}
if ( $backup_type != 'structure' )
if ($backup_type != 'structure')
{
//
// Skip search table data?
//
if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) )
if ($search || (!$search && !preg_match('/search_word/', $table_name)))
{
$table_content_function($table_name, "output_table_content");
}
@@ -247,7 +232,7 @@ switch( $mode )
//
// Flush the buffer, send the file
//
switch ( $compress )
switch ($compress)
{
case 'gzip':
$extension = 'sql.gz';
@@ -258,7 +243,7 @@ switch( $mode )
case 'zip':
$extension = 'zip';
$zip = new zipfile;
$zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time());
$zip->add_file(ob_get_contents(), "phpbb_db_backup.sql", time());
ob_end_clean();
$contents = $zip->file();
break;
@@ -277,7 +262,7 @@ switch( $mode )
add_admin_log('log_db_backup');
if ( empty($store_path) )
if (empty($store_path))
{
header("Pragma: no-cache");
header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\"");
@@ -288,12 +273,12 @@ switch( $mode )
}
else
{
if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) )
if (!($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')))
{
message_die(ERROR, 'Could not open backup file');
}
if ( !fwrite($fp, $contents) )
if (!fwrite($fp, $contents))
{
message_die(ERROR, 'Could not write backup file content');
}
@@ -301,54 +286,58 @@ switch( $mode )
fclose($fp);
unset($contents);
message_die(MESSAGE, $user->lang['Backup_success']);
trigger_error($user->lang['Backup_success']);
}
exit;
break;
case 'restore':
if (!$auth->acl_get('a_restore'))
{
trigger_error($user->lang['No_admin']);
}
if ( isset($_POST['restorestart']) )
if (isset($_POST['restorestart']))
{
//
// Handle the file upload ....
// If no file was uploaded report an error...
//
if ( !empty($_POST['local']) )
if (!empty($_POST['local']))
{
$file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']);
$filename = substr($file_tmpname, strrpos($file_tmpname, '/'));
}
else
{
$filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : '';
$file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : '';
$filename = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : '';
$file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != 'none') ? $HTTP_POST_FILES['backup_file']['tmp_name'] : '';
}
if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) )
if ($file_tmpname == '' || $filename == '' || !file_exists($file_tmpname))
{
message_die(MESSAGE, $user->lang['Restore_Error_no_file']);
trigger_error($user->lang['Restore_Error_no_file']);
}
$ext = substr($filename, strrpos($filename, '.') + 1);
if ( !preg_match('/^(sql|gz|bz2)$/', $ext) )
if (!preg_match('/^(sql|gz|bz2)$/', $ext))
{
message_die(MESSAGE, $user->lang['Restore_Error_filename']);
trigger_error($user->lang['Restore_Error_filename']);
}
if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) )
if ((!extension_loaded('zlib') && $ext == 'gz') || (!extension_loaded('zip') && $ext == 'zip') || ($ext == 'bz2' && !extension_loaded('bz2')))
{
message_die(MESSAGE, $user->lang['Compress_unsupported']);
trigger_error($user->lang['Compress_unsupported']);
}
$sql_query = '';
switch ( $ext )
switch ($ext)
{
case 'gz':
$fp = gzopen($file_tmpname, 'rb');
while ( !gzeof($fp) )
while (!gzeof($fp))
{
$sql_query .= gzgets($fp, 100000);
}
@@ -359,11 +348,14 @@ switch( $mode )
$sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname)));
break;
case 'zip':
default;
$sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname));
}
if ( $sql_query != '' )
if ($sql_query != '')
{
// Strip out sql comments...
$sql_query = remove_remarks($sql_query);
@@ -374,7 +366,7 @@ switch( $mode )
{
$sql = trim($pieces[$i]);
if ( !empty($sql) && $sql[0] != '#' )
if (!empty($sql) && $sql[0] != '#')
{
$db->sql_query($sql);
}
@@ -383,7 +375,7 @@ switch( $mode )
add_admin_log('log_db_restore');
message_die(MESSAGE, $user->lang['Restore_success']);
trigger_error($user->lang['Restore_success']);
}
//
@@ -406,11 +398,11 @@ switch( $mode )
echo $user->lang['Supported_extensions'];
$types = ': <u>sql</u>';
if ( extension_loaded('zlib') )
if (extension_loaded('zlib'))
{
$types .= ', <u>sql.gz</u>';
}
if ( extension_loaded('bz2') )
if (extension_loaded('bz2'))
{
$types .= ', <u>bz2</u>';
}
@@ -434,6 +426,7 @@ switch( $mode )
break;
default:
trigger_error($user->lang['No_admin']);
exit;
}
@@ -454,16 +447,16 @@ function mysql_get_tables()
$tables = array();
$result = mysql_list_tables($db->dbname, $db->db_connect_id);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
if ( preg_match('/^' . $table_prefix . '/', $row[0]) )
if (preg_match('/^' . $table_prefix . '/', $row[0]))
{
$tables[] = $row[0];
}
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
return $tables;
@@ -483,7 +476,7 @@ function pg_get_sequences($crlf, $backup_type)
$seq = $db->sql_query($get_seq_sql);
if( !$num_seq = $db->sql_numrows($seq) )
if (!$num_seq = $db->sql_numrows($seq))
{
$return_val = "# No Sequences Found $crlf";
@@ -502,11 +495,11 @@ function pg_get_sequences($crlf, $backup_type)
$get_props_sql = "SELECT * FROM $sequence";
$seq_props = $db->sql_query($get_props_sql);
if($db->sql_numrows($seq_props) > 0)
if ($db->sql_numrows($seq_props) > 0)
{
$row1 = $db->sql_fetchrow($seq_props);
if($backup_type == 'structure')
if ($backup_type == 'structure')
{
$row['last_value'] = 1;
}
@@ -515,7 +508,7 @@ function pg_get_sequences($crlf, $backup_type)
} // End if numrows > 0
if(($row['last_value'] > 1) && ($backup_type != 'structure'))
if (($row['last_value'] > 1) && ($backup_type != 'structure'))
{
$return_val .= "SELECT NEXTVALE('$sequence'); $crlf";
unset($row['last_value']);
@@ -555,7 +548,7 @@ function get_table_def_postgresql($table, $crlf)
ORDER BY a.attnum";
$result = $db->sql_query($field_query);
if(!$result)
if (!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
} // end if..
@@ -641,12 +634,12 @@ function get_table_def_postgresql($table, $crlf)
ORDER BY index_name, tab_name, column_name ";
$result = $db->sql_query($sql_pri_keys);
if(!$result)
if (!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_pri_keys);
}
while ( $row = $db->sql_fetchrow($result))
while ($row = $db->sql_fetchrow($result))
{
if ($row['primary_key'] == 't')
{
@@ -743,37 +736,29 @@ function get_table_def_mysql($table, $crlf)
$field_query = "SHOW FIELDS FROM $table";
$key_query = "SHOW KEYS FROM $table";
//
// If the user has selected to drop existing tables when doing a restore.
// Then we add the statement to drop the tables....
//
$schema_create .= "DROP TABLE IF EXISTS $table;$crlf";
$schema_create .= "CREATE TABLE $table($crlf";
//
// Ok lets grab the fields...
//
$result = $db->sql_query($field_query);
if(!result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
}
while ($row = $db->sql_fetchrow($result))
{
$schema_create .= ' ' . $row['Field'] . ' ' . $row['Type'];
if(!empty($row['Default']))
if (!empty($row['Default']))
{
$schema_create .= ' DEFAULT \'' . $row['Default'] . '\'';
}
if($row['Null'] != "YES")
if ($row['Null'] != "YES")
{
$schema_create .= ' NOT NULL';
}
if($row['Extra'] != "")
if ($row['Extra'] != "")
{
$schema_create .= ' ' . $row['Extra'];
}
@@ -794,12 +779,12 @@ function get_table_def_mysql($table, $crlf)
{
$kname = $row['Key_name'];
if(($kname != 'PRIMARY') && ($row['Non_unique'] == 0))
if (($kname != 'PRIMARY') && ($row['Non_unique'] == 0))
{
$kname = "UNIQUE|$kname";
}
if(!is_array($index[$kname]))
if (!is_array($index[$kname]))
{
$index[$kname] = array();
}
@@ -807,11 +792,11 @@ function get_table_def_mysql($table, $crlf)
$index[$kname][] = $row['Column_name'];
}
while(list($x, $columns) = @each($index))
foreach ($index as $x => $columns)
{
$schema_create .= ", $crlf";
if($x == 'PRIMARY')
if ($x == 'PRIMARY')
{
$schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')';
}
@@ -827,7 +812,7 @@ function get_table_def_mysql($table, $crlf)
$schema_create .= "$crlf);";
if(get_magic_quotes_runtime())
if (get_magic_quotes_runtime())
{
return(stripslashes($schema_create));
}
@@ -856,10 +841,7 @@ function get_table_content_postgresql($table, $handler)
{
global $db;
//
// Grab all of the data from current table.
//
$result = $db->sql_query("SELECT * FROM $table");
$i_num_fields = $db->sql_numfields($result);
@@ -872,24 +854,23 @@ function get_table_content_postgresql($table, $handler)
$iRec = 0;
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
unset($schema_vals);
unset($schema_fields);
unset($schema_insert);
//
// Build the SQL statement to recreate the data.
//
for($i = 0; $i < $i_num_fields; $i++)
{
$strVal = $row[$aryName[$i]];
if (eregi("char|text|bool", $aryType[$i]))
if (preg_match('#char|text|bool#i', $aryType[$i]))
{
$strQuote = "'";
$strEmpty = "";
$strVal = addslashes($strVal);
}
elseif (eregi("date|timestamp", $aryType[$i]))
elseif (preg_match('#date|timestamp#i', $aryType[$i]))
{
if ($empty($strVal))
{
@@ -913,18 +894,15 @@ function get_table_content_postgresql($table, $handler)
$schema_vals .= " $strQuote$strVal$strQuote,";
$schema_fields .= " $aryName[$i],";
}
$schema_vals = ereg_replace(",$", "", $schema_vals);
$schema_vals = ereg_replace("^ ", "", $schema_vals);
$schema_fields = ereg_replace(",$", "", $schema_fields);
$schema_fields = ereg_replace("^ ", "", $schema_fields);
$schema_vals = preg_replace('#,$#', '', $schema_vals);
$schema_vals = preg_replace('#^ #', '', $schema_vals);
$schema_fields = preg_replace('#,$#', '', $schema_fields);
$schema_fields = preg_replace('#^ #', '', $schema_fields);
//
// Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data.
//
$schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);";
$handler(trim($schema_insert));
@@ -941,16 +919,13 @@ function get_table_content_postgresql($table, $handler)
function get_table_content_mysql($table, $handler)
{
global $db;
//
// Grab the data from the table.
//
$result = $db->sql_query("SELECT * FROM $table");
//
// Loop through the resulting rows and build the sql statement.
//
$schema_insert = "";
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
$schema_insert = "\n#\n# Table Data for $table\n#\n";
@@ -970,7 +945,7 @@ function get_table_content_mysql($table, $handler)
//
// Get rid of the last comma
//
$table_list = ereg_replace(', $', '', $table_list);
$table_list = preg_replace('#, $#', '', $table_list);
$table_list .= ')';
//
// Start building the SQL statement.
@@ -981,7 +956,7 @@ function get_table_content_mysql($table, $handler)
//
for ($j = 0; $j < $num_fields; $j++)
{
if(!isset($row[$j]))
if (!isset($row[$j]))
{
//
// If there is no data for the column set it to null.
@@ -1003,14 +978,14 @@ function get_table_content_mysql($table, $handler)
//
// Get rid of the the last comma.
//
$schema_insert = ereg_replace(',$', '', $schema_insert);
$schema_insert = preg_replace('#,$#', '', $schema_insert);
$schema_insert .= ');';
//
// Go ahead and send the insert statement to the handler function.
//
$handler(trim($schema_insert));
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
return true;
@@ -1041,9 +1016,9 @@ class zipfile
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0)
function unix_to_dos_time($unixtime = 0)
{
$timearray = ( $unixtime == 0 ) ? getdate() : getdate($unixtime);
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980)
{
@@ -1055,15 +1030,15 @@ class zipfile
$timearray['seconds'] = 0;
}
return ( ( $timearray['year'] - 1980) << 25 ) | ( $timearray['mon'] << 21 ) | ( $timearray['mday'] << 16 ) |
( $timearray['hours'] << 11 ) | ( $timearray['minutes'] << 5 ) | ( $timearray['seconds'] >> 1 );
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
function add_file($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix2DosTime($time));
$dtime = dechex($this->unix_to_dos_time($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
@@ -1111,14 +1086,14 @@ class zipfile
$cdrec .= pack('V', $crc); // crc32
$cdrec .= pack('V', $c_len); // compressed filesize
$cdrec .= pack('V', $unc_len); // uncompressed filesize
$cdrec .= pack('v', strlen($name) ); // length of filename
$cdrec .= pack('v', 0 ); // extra field length
$cdrec .= pack('v', 0 ); // file comment length
$cdrec .= pack('v', 0 ); // disk number start
$cdrec .= pack('v', 0 ); // internal file attributes
$cdrec .= pack('V', 32 ); // external file attributes - 'archive' bit set
$cdrec .= pack('v', strlen($name)); // length of filename
$cdrec .= pack('v', 0); // extra field length
$cdrec .= pack('v', 0); // file comment length
$cdrec .= pack('v', 0); // disk number start
$cdrec .= pack('v', 0); // internal file attributes
$cdrec .= pack('V', 32); // external file attributes - 'archive' bit set
$cdrec .= pack('V', $this -> old_offset ); // relative offset of local header
$cdrec .= pack('V', $this -> old_offset); // relative offset of local header
$this -> old_offset = $new_offset;
$cdrec .= $name;
@@ -1140,7 +1115,6 @@ class zipfile
pack('V', strlen($data)) . // offset to start of central dir
"\x00\x00"; // .zip file comment length
}
}
//

39
phpBB/admin/admin_disallow.php
View File

@@ -21,43 +21,36 @@
define('IN_PHPBB', 1);
if( !empty($setmodules) )
if(!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_names'))
{
return;
}
$filename = basename(__FILE__);
$module['Users']['Disallow'] = $filename . $SID;
$module['Users']['Disallow'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have user admin permissions?
//
if ( !$auth->acl_get('a_user') )
// Check permissions
if (!$auth->acl_get('a_names'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
if( isset($_POST['add_name']) )
if (isset($_POST['add_name']))
{
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
$disallowed_user = ( isset($_POST['disallowed_user']) ) ? $_POST['disallowed_user'] : $_GET['disallowed_user'];
$disallowed_user = (isset($_POST['disallowed_user'])) ? $_POST['disallowed_user'] : $_GET['disallowed_user'];
$disallowed_user = str_replace('*', '%', $disallowed_user);
if ( !validate_username($disallowed_user) )
if (validate_username($disallowed_user))
{
$message = $user->lang['Disallowed_already'];
}
@@ -65,7 +58,7 @@ if( isset($_POST['add_name']) )
{
$sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username)
VALUES('" . str_replace("\'", "''", $disallowed_user) . "')";
$result = $db->sql_query( $sql );
$result = $db->sql_query($sql);
$message = $user->lang['Disallow_successful'];
}
@@ -76,9 +69,9 @@ if( isset($_POST['add_name']) )
message_die(MESSAGE, $message);
}
else if( isset($_POST['delete_name']) )
else if (isset($_POST['delete_name']))
{
$disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] );
$disallowed_id = (isset($_POST['disallowed_id'])) ? intval($_POST['disallowed_id']) : intval($_GET['disallowed_id']);
$sql = "DELETE FROM " . DISALLOW_TABLE . "
WHERE disallow_id = $disallowed_id";
@@ -92,21 +85,19 @@ else if( isset($_POST['delete_name']) )
}
//
// Grab the current list of disallowed usernames...
//
$sql = "SELECT *
FROM " . DISALLOW_TABLE;
$result = $db->sql_query($sql);
$disallow_select = '';
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$disallow_select .= '<option value="' . $row['disallow_id'] . '">' . str_replace('%', '*', $row['disallow_username']) . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
//
@@ -133,7 +124,7 @@ page_header($user->lang['Users']);
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Username']; ?><br /><span class="gensmall"><?php echo $user->lang['Delete_disallow_explain']; ?></span></td>
<td class="row2"><?php if ( $disallow_select != '' ) { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select>&nbsp;<input type="submit" name="delete_name" value="<?php echo $user->lang['Delete']; ?>" class="liteoption" /><?php } else { echo $user->lang['No_disallowed']; } ?></td>
<td class="row2"><?php if ($disallow_select != '') { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select>&nbsp;<input type="submit" name="delete_name" value="<?php echo $user->lang['Delete']; ?>" class="liteoption" /><?php } else { echo $user->lang['No_disallowed']; } ?></td>
</tr>
</table></form>

35
phpBB/admin/admin_email.php
View File

@@ -19,33 +19,28 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_email'))
{
return;
}
$filename = basename(__FILE__);
$module['General']['Mass_Email'] = $filename . $SID;
$module['General']['Mass_Email'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have general admin permissions?
//
if ( !$auth->acl_get('a_general') )
// Check permissions
if (!$auth->acl_get('a_email'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
@@ -57,7 +52,7 @@ $subject = '';
//
// Do the job ...
//
if ( isset($_POST['submit']) )
if (isset($_POST['submit']))
{
//
// Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't
@@ -67,10 +62,10 @@ if ( isset($_POST['submit']) )
$group_id = intval($_POST['g']);
$sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE;
$sql = ($group_id != -1) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE;
$result = $db->sql_query($sql);
if ( !($email_list = $db->sql_fetchrowset($g_result)) )
if (!($email_list = $db->sql_fetchrowset($g_result)))
{
//
// Output a relevant GENERAL_MESSAGE about users/group
@@ -87,14 +82,14 @@ if ( isset($_POST['submit']) )
//
$error = FALSE;
if ( !$error )
if (!$error)
{
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
//
// Let's do some checking to make sure that mass mail functions
// are working in win32 versions of php.
//
if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$config['smtp_delivery'])
if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$config['smtp_delivery'])
{
// We are running on windows, force delivery to use
// our smtp functions since php's are broken by default
@@ -108,7 +103,7 @@ if ( isset($_POST['submit']) )
$bcc_list = '';
for($i = 0; $i < count($email_list); $i++)
{
$bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $email_list[$i]['user_email'];
$bcc_list .= (($bcc_list != '') ? ', ' : '') . $email_list[$i]['user_email'];
}
$email_headers .= "Bcc: $bcc_list\n";
@@ -145,13 +140,13 @@ $sql = "SELECT group_id, group_name
$result = $db->sql_query($sql);
$select_list = '<select name = "g"><option value = "-1">' . $user->lang['All_users'] . '</option>';
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$select_list .= '<option value = "' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$select_list .= '</select>';
@@ -163,7 +158,7 @@ page_header($user->lang['Mass_Email']);
<p><?php echo $user->lang['Mass_email_explain']; ?></p>
<form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
<form method="post" action="admin_mass_email.<?php echo $phpEx.$SID; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
<tr>
<th colspan="2"><?php echo $user->lang['Compose']; ?></th>
</tr>

50
phpBB/admin/admin_forums.php
View File

@@ -21,45 +21,47 @@
if (!empty($setmodules))
{
if (!$auth->acl_get('a_forum'))
if (!$auth->acl_gets('a_forum', 'a_forumadd', 'a_forumdel'))
{
return;
}
$file = basename(__FILE__);
$module['Forums']['Manage'] = $file . $SID;
$module['Forums']['Manage'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have forum admin permissions?
//
if (!$auth->acl_get('a_forum'))
// Get mode
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// Do we have permissions?
switch ($mode)
{
message_die(MESSAGE, $user->lang['No_admin']);
}
//
// Mode setting
//
if (isset($_POST['mode']) || isset($_GET['mode']))
{
$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
case 'add':
if (!$auth->acl_get('a_forumadd'))
{
trigger_error($user->lang['NO_ADMIN']);
}
case 'del':
if (!$auth->acl_get('a_forumdel'))
{
trigger_error($user->lang['NO_ADMIN']);
}
default:
if (!$auth->acl_get('a_forum'))
{
trigger_error($user->lang['NO_ADMIN']);
}
}
// Major routines
switch ($mode)
{
case 'move_up':
@@ -355,15 +357,13 @@ switch ($mode)
break;
case 'forum_sync':
sync('forum', intval($_GET[POST_FORUM_URL]));
sync('forum', intval($_GET['f']));
$show_index = TRUE;
break;
case 'add':
case 'edit':
//
// Show form to create/modify a forum
//
if ($mode == 'edit')
{
$forum_id = intval($_GET['f']);

154
phpBB/admin/admin_permissions.php
View File

@@ -19,18 +19,13 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_auth') )
{
return;
}
$filename = basename(__FILE__);
$module['Forums']['Permissions'] = $filename . $SID . '&amp;mode=forums';
$module['Forums']['Moderators'] = $filename . $SID . '&amp;mode=moderators';
$module['Forums']['Super_Moderators'] = $filename . $SID . '&amp;mode=supermoderators';
$module['General']['Administrators'] = $filename . $SID . '&amp;mode=administrators';
$module['Forums']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&amp;mode=forums' : '';
$module['Forums']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=moderators' : '';
$module['Forums']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=supermoderators' : '';
$module['General']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&amp;mode=administrators' : '';
return;
}
@@ -43,16 +38,10 @@ require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
// Do we have forum admin permissions?
if ( !$auth->acl_get('a_auth') )
{
trigger_error($user->lang['No_admin']);
}
// Define some vars
if ( isset($_GET['f']) || isset($_POST['f']) )
if (isset($_REQUEST['f']))
{
$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
$forum_id = intval($_REQUEST['f']);
$forum_sql = " WHERE forum_id = $forum_id";
}
else
@@ -61,88 +50,87 @@ else
$forum_sql = '';
}
if ( isset($_GET['mode']) || isset($_POST['mode']) )
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// Start program proper
switch ( $mode )
switch ($mode)
{
case 'forums':
$l_title = $user->lang['Permissions'];
$l_title_explain = $user->lang['Permissions_explain'];
$l_can = '_can';
$l_title = $user->lang['PERMISSIONS'];
$l_title_explain = $user->lang['PERMISSIONS_EXPLAIN'];
$which_acl = 'a_auth';
break;
case 'moderators':
$l_title = $user->lang['Moderators'];
$l_title_explain = $user->lang['Moderators_explain'];
$l_can = '_can';
$l_title = $user->lang['MODERATORS'];
$l_title_explain = $user->lang['MODERATORS_EXPLAIN'];
$which_acl = 'a_authmods';
break;
case 'supermoderators':
$l_title = $user->lang['Super_Moderators'];
$l_title_explain = $user->lang['Super_Moderators_explain'];
$l_can = '_can';
$l_title = $user->lang['SUPER_MODERATORS'];
$l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN'];
$which_acl = 'a_authmods';
break;
case 'administrators':
$l_title = $user->lang['Administrators'];
$l_title_explain = $user->lang['Administrators_explain'];
$l_can = '_can_admin';
$l_title = $user->lang['ADMINISTRATORS'];
$l_title_explain = $user->lang['ADMINISTRATORS_EXPLAIN'];
$which_acl = 'a_authadmins';
break;
}
// Permission check
if (!$auth->acl_get($which_acl))
{
trigger_error($user->lang['NO_ADMIN']);
}
// Call update or delete, both can take multiple user/group
// ids. Additionally inheritance is handled (by the auth API)
if ( isset($_POST['update']) )
if (isset($_POST['update']))
{
$auth_admin = new auth_admin();
// Admin wants subforums to inherit permissions ... so handle this
if ( !empty($_POST['inherit']) )
if (!empty($_POST['inherit']))
{
array_push($_POST['inherit'], $forum_id);
$forum_id = $_POST['inherit'];
}
foreach ( $_POST['entries'] as $id )
foreach ($_POST['entries'] as $id)
{
$auth_admin->acl_set($_POST['type'], $forum_id, $id, $_POST['option']);
}
trigger_error('Permissions updated successfully');
}
else if ( isset($_POST['delete']) )
else if (isset($_POST['delete']))
{
$auth_admin = new auth_admin();
$option_ids = false;
if ( !empty($_POST['option']) )
if (!empty($_POST['option']))
{
$sql = "SELECT auth_option_id
FROM " . ACL_OPTIONS_TABLE . "
WHERE auth_value LIKE '" . $_POST['option'] . "_%'";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
$option_ids = array();
do
{
$option_ids[] = $row['auth_option_id'];
}
while( $row = $db->sql_fetchrow($result) );
while($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
}
foreach ( $_POST['entries'] as $id )
foreach ($_POST['entries'] as $id)
{
$auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids);
}
@@ -152,12 +140,12 @@ else if ( isset($_POST['delete']) )
// Get required information, either all forums if no id was
// specified or just the requsted if it was
if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' )
if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators')
{
// Clear some vars, grab some info if relevant ...
$s_hidden_fields = '';
if ( !empty($forum_id) )
if (!empty($forum_id))
{
$sql = "SELECT forum_name
FROM " . FORUMS_TABLE . "
@@ -179,7 +167,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
<?php
switch ( $mode )
switch ($mode)
{
case 'forums':
$type_sql = 'f';
@@ -204,17 +192,17 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
ORDER BY group_name";
ORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$group_list = '';
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$group_list .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>';
$group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
if ( empty($_POST['advanced']) || empty($_POST['entries']) )
if (empty($_POST['advanced']) || empty($_POST['entries']))
{
?>
@@ -241,7 +229,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$result = $db->sql_query($sql);
$users = '';
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';
}
@@ -268,13 +256,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$forum_sql
AND a.auth_option_id = o.auth_option_id
AND g.group_id = a.group_id
ORDER BY g.group_name ASC";
ORDER BY g.group_type DESC, g.group_name ASC";
$result = $db->sql_query($sql);
$groups = '';
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$groups .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>';
$groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
@@ -301,7 +289,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
<td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td>
</tr>
<tr>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
</tr>
</table></form></td>
@@ -313,7 +301,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
<td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td>
</tr>
<tr>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
</tr>
</table></form></td>
@@ -328,7 +316,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
// Founder only operations ... these operations can
// only be altered by someone with founder status
$founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : '';
$founder_sql = (!$userdata['user_founder']) ? ' AND founder_only <> 1' : '';
$sql = "SELECT auth_option_id, auth_value
FROM " . ACL_OPTIONS_TABLE . "
@@ -338,35 +326,35 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$result = $db->sql_query($sql);
$auth_options = array();
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$auth_options[] = $row;
}
$db->sql_freeresult($result);
if ( $_POST['type'] == 'user' && !empty($_POST['new']) )
if ($_POST['type'] == 'user' && !empty($_POST['new']))
{
$_POST['entries'] = explode("\n", $_POST['entries']);
}
$where_sql = '';
foreach ( $_POST['entries'] as $value )
foreach ($_POST['entries'] as $value)
{
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $_POST['type'] == 'user' && !empty($_POST['new']) ) ? '\'' . $value . '\'' : intval($value) );
$where_sql .= (($where_sql != '') ? ', ' : '') . (($_POST['type'] == 'user' && !empty($_POST['new'])) ? '\'' . $value . '\'' : intval($value));
}
switch ( $_POST['type'] )
switch ($_POST['type'])
{
case 'group':
$l_type = 'Group';
$sql = ( empty($_POST['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC";
$sql = (empty($_POST['new'])) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC";
break;
case 'user':
$l_type = 'User';
$sql = ( empty($_POST['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC";
$sql = (empty($_POST['new'])) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC";
break;
}
@@ -375,15 +363,15 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$ug = '';;
$ug_hidden = '';
$auth = array();
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$ug_test = ( !empty($user->lang[$row['name']]) ) ? $user->lang[$row['name']] : $row['name'];
$ug .= ( !strstr($ug, $ug_test) ) ? $ug_test . "\n" : '';
$ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name'];
$ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : '';
$ug_test = '<input type="hidden" name="entries[]" value="' . $row['id'] . '" />';
$ug_hidden .= ( !strstr($ug_hidden, $ug_test) ) ? $ug_test : '';
$ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : '';
$auth[$row['auth_value']] = ( isset($auth_group[$row['auth_value']]) ) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny'];
$auth[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny'];
}
$db->sql_freeresult($result);
@@ -451,7 +439,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
//-->
</script>
<p><?php echo $user->lang['ACL_explain']; ?></p>
<p><?php echo $user->lang['ACL_EXPLAIN']; ?></p>
<form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table cellspacing="1" cellpadding="0" border="0" align="center">
<tr>
@@ -469,13 +457,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
for($i = 0; $i < sizeof($auth_options); $i++)
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
$l_can_cell = ( !empty($user->lang['acl_' . $auth_options[$i]['auth_value']]) ) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value']));
$l_can_cell = (!empty($user->lang['acl_' . $auth_options[$i]['auth_value']])) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value']));
$allow_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_ALLOW ) ? ' checked="checked"' : '';
$deny_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_DENY ) ? ' checked="checked"' : '';
$inherit_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_INHERIT ) ? ' checked="checked"' : '';
$allow_type = ($auth[$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : '';
$deny_type = ($auth[$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : '';
$inherit_type = ($auth[$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : '';
?>
<tr>
@@ -488,11 +476,11 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
}
if ( $type_sql == 'f' || $type_sql == 'm' )
if ($type_sql == 'f' || $type_sql == 'm')
{
$children = get_forum_branch($forum_id, 'children', 'descending', false);
if ( !empty($children) )
if (!empty($children))
{
?>
<tr>
@@ -504,7 +492,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
<td colspan="4" height="16"><span class="gensmall"><?php echo $user->lang['Inheritance_explain']; ?></span></td>
</tr>
<?php
foreach ( $children as $row )
foreach ($children as $row)
{
?>
@@ -528,7 +516,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
?>
<tr>
<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $user->lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="CANCEL" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
</tr>
</table></td>
</tr>

43
phpBB/admin/admin_prune.php
View File

@@ -19,41 +19,38 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_forum') )
if (!$auth->acl_get('a_prune'))
{
return;
}
$filename = basename(__FILE__);
$module['Forums']['Prune'] = $filename . $SID . '&amp;mode=forums';
$module['Forums']['Prune'] = basename(__FILE__) . $SID . '&amp;mode=forums';
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
// Do we have forum admin permissions?
if ( !$auth->acl_get('a_forum') )
// Do we have permission?
if (!$auth->acl_get('a_prune'))
{
message_die(MESSAGE, $user->lang['No_admin']);
trigger_error($user->lang['NO_ADMIN']);
}
//
// Get the forum ID for pruning
//
if ( isset($_GET['f']) || isset($_POST['f']) )
if (isset($_REQUEST['f']))
{
$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
$forum_sql = ( $forum_id == -1 ) ? '' : "AND forum_id = $forum_id";
$forum_id = intval($_REQUEST['f']);
$forum_sql = ($forum_id == -1) ? '' : "AND forum_id = $forum_id";
}
else
{
@@ -69,7 +66,7 @@ $sql = "SELECT forum_id, forum_name, left_id, right_id
$result = $db->sql_query($sql);
$forum_rows = array();
while( $row = $db->sql_fetchrow($result) )
while($row = $db->sql_fetchrow($result))
{
$forum_rows[] = $row;
}
@@ -78,12 +75,12 @@ $db->sql_freeresult($result);
//
// Check for submit to be equal to Prune. If so then proceed with the pruning.
//
if ( isset($_POST['doprune']) )
if (isset($_POST['doprune']))
{
$prunedays = ( isset($_POST['prunedays']) ) ? intval($_POST['prunedays']) : 0;
$prunedays = (isset($_POST['prunedays'])) ? intval($_POST['prunedays']) : 0;
// Convert days to seconds for timestamp functions...
$prunedate = time() - ( $prunedays * 86400 );
$prunedate = time() - ($prunedays * 86400);
$template->set_filenames(array(
'body' => 'admin/forum_prune_result_body.tpl')
@@ -103,7 +100,7 @@ if ( isset($_POST['doprune']) )
'FORUM_POSTS' => $p_result['posts'])
);
$log_data .= ( ( $log_data != '' ) ? ', ' : '' ) . $forum_rows[$i]['forum_name'];
$log_data .= (($log_data != '') ? ', ' : '') . $forum_rows[$i]['forum_name'];
}
$template->assign_vars(array(
@@ -125,7 +122,7 @@ else
// If they haven't selected a forum for pruning yet then
// display a select box to use for pruning.
//
if ( empty($forum_id) )
if (empty($forum_id))
{
//
// Output a selection table if no forum id has been specified.
@@ -135,15 +132,15 @@ else
$right = 0;
$subforum = '';
$forum_list = '';
foreach ( $forum_rows as $row )
foreach ($forum_rows as $row)
{
if ( $row['left_id'] < $right )
if ($row['left_id'] < $right )
{
$subforum .= '&nbsp;&nbsp;&nbsp;';
}
else if ( $row['left_id'] > $right + 1 )
else if ($row['left_id'] > $right + 1)
{
$subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 ));
$subforum = substr($subforum, 0, -18 * ($row['left_id'] - $right + 1));
}
$select_list .= '<option value="' . $row['forum_id'] . '">' . $subforum . $row['forum_name'] . '</option>';
@@ -171,7 +168,7 @@ else
}
else
{
$forum_name = ( $forum_id == -1 ) ? $user->lang['All_Forums'] : $forum_rows[0]['forum_name'];
$forum_name = ($forum_id == -1) ? $user->lang['All_Forums'] : $forum_rows[0]['forum_name'];
$prune_data = $user->lang['Prune_topics_not_posted'] . " ";
$prune_data .= '<input type="text" name="prunedays" size="4"> ' . $user->lang['Days'];

96
phpBB/admin/admin_prune_users.php
View File

@@ -19,61 +19,45 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_userdel'))
{
return;
}
$filename = basename(__FILE__);
$module['Users']['Prune_users'] = $filename . $SID;
$module['Users']['Prune_users'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_userdel'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
// Set mode
//
if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
{
$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
//
//
//
if ( isset($_POST['prune']) )
// Do prune
if (isset($_POST['prune']))
{
if ( empty($_POST['confirm']) )
if (empty($_POST['confirm']))
{
$values = array('prune', 'deactivate', 'delete', 'users', 'username', 'email', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'deleteposts');
$l_message = '<form method="post" action="admin_prune_users.' . $phpEx . $SID . '">' . $user->lang['Confirm_prune_users'] . '<br /><br /><input class="liteoption" type="submit" name="confirm" value="' . $user->lang['Yes'] . '" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="' . $user->lang['No'] . '" />';
foreach ( $values as $field )
foreach ($values as $field)
{
$l_message .= ( !empty($_POST[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : '';
$l_message .= (!empty($_POST[$field])) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : '';
}
$l_message .= '</form>';
@@ -92,40 +76,40 @@ if ( isset($_POST['prune']) )
page_footer();
}
else if ( isset($_POST['confirm']) )
else if (isset($_POST['confirm']))
{
if ( !empty($_POST['users']) )
if (!empty($_POST['users']))
{
$users = explode("\n", urldecode($_POST['users']));
$where_sql = '';
foreach ( $users as $username )
foreach ($users as $username)
{
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . '\'' . trim($username) . '\'';
$where_sql .= (($where_sql != '') ? ', ' : '') . '\'' . trim($username) . '\'';
}
$where_sql = " AND username IN ($where_sql)";
}
else
{
$username = ( !empty($_POST['username']) ) ? urldecode($_POST['username']) : '';
$email = ( !empty($_POST['email']) ) ? urldecode($_POST['email']) : '';
$username = (!empty($_POST['username'])) ? urldecode($_POST['username']) : '';
$email = (!empty($_POST['email'])) ? urldecode($_POST['email']) : '';
$joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : 'lt';
$active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] :'lt';
$count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : 'eq';
$joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : array();
$active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) :array();
$count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : '';
$joined_select = (!empty($_POST['joined_select'])) ? $_POST['joined_select'] : 'lt';
$active_select = (!empty($_POST['active_select'])) ? $_POST['active_select'] :'lt';
$count_select = (!empty($_POST['count_select'])) ? $_POST['count_select'] : 'eq';
$joined = (!empty($_POST['joined'])) ? explode('-', $_POST['joined']) : array();
$active = (!empty($_POST['active'])) ? explode('-', $_POST['active']) :array();
$count = (!empty($_POST['count'])) ? intval($_POST['count']) : '';
$key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
$where_sql = '';
$where_sql .= ( $username ) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : '';
$where_sql .= ( $email ) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : '';
$where_sql .= ( $joined ) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$where_sql .= ( $count ) ? " AND user_posts " . $key_match[$count_select] . " $count " : '';
$where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
$where_sql .= ($username) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : '';
$where_sql .= ($email) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : '';
$where_sql .= ($joined) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . " $count " : '';
$where_sql .= ($active) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
}
$sql = "SELECT username, user_id FROM " . USERS_TABLE . "
@@ -136,26 +120,26 @@ if ( isset($_POST['prune']) )
$where_sql = '';
$user_ids = array();
$usernames = array();
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $row['user_id'];
$where_sql .= (($where_sql != '') ? ', ' : '') . $row['user_id'];
$user_ids[] = $row['user_id'];
$usernames[] = $row['username'];
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
$where_sql = " AND user_id IN ($where_sql)";
}
$db->sql_freeresult($result);
if ( $where_sql != '' )
if ($where_sql != '')
{
$sql = '';
if ( !empty($_POST['delete']) )
if (!empty($_POST['delete']))
{
if ( !empty($_POST['deleteposts']) )
if (!empty($_POST['deleteposts']))
{
$l_admin_log = 'log_prune_user_del_del';
@@ -178,7 +162,7 @@ if ( isset($_POST['prune']) )
$sql = "DELETE FROM " . USERS_TABLE;
}
else if ( !empty($_POST['deactivate']) )
else if (!empty($_POST['deactivate']))
{
$l_admin_log = 'log_prune_user_deac';
@@ -203,20 +187,20 @@ if ( isset($_POST['prune']) )
//
$find_count = array('lt' => $user->lang['Less_than'], 'eq' => $user->lang['Equal_to'], 'gt' => $user->lang['More_than']);
$s_find_count = '';
foreach ( $find_count as $key => $value )
foreach ($find_count as $key => $value)
{
$selected = ( $key == 'eq' ) ? ' selected="selected"' : '';
$selected = ($key == 'eq') ? ' selected="selected"' : '';
$s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$find_time = array('lt' => $user->lang['Before'], 'gt' => $user->lang['After']);
$s_find_join_time = '';
foreach ( $find_time as $key => $value )
foreach ($find_time as $key => $value)
{
$s_find_join_time .= '<option value="' . $key . '">' . $value . '</option>';
}
$s_find_active_time = '';
foreach ( $find_time as $key => $value )
foreach ($find_time as $key => $value)
{
$s_find_active_time .= '<option value="' . $key . '">' . $value . '</option>';
}
@@ -237,7 +221,7 @@ page_header($user->lang['Prune_users']);
<th colspan="2"><?php echo $user->lang['Prune_users']; ?></th>
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Username']; ?>: </td>
<td class="row1"><?php echo $user->lang['USERNAME']; ?>: </td>
<td class="row2"><input class="post" type="text" name="username" /></td>
</tr>
<tr>

94
phpBB/admin/admin_ranks.php
View File

@@ -19,52 +19,42 @@
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_ranks'))
{
return;
}
$file = basename(__FILE__);
$module['Users']['Ranks'] = "$file$SID";
$module['Users']['Ranks'] = basename(__FILE__) . $SID;
return;
}
//
define('IN_PHPBB', 1);
// Let's set the root dir for phpBB
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
//
//
if ( !$auth->acl_get('a_user') )
// Do we have permission?
if (!$auth->acl_get('a_ranks'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
//
//
if ( isset($_GET['mode']) || isset($_POST['mode']) )
// Check mode
if (isset($_REQUEST['mode']))
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
$mode = $_REQUEST['mode'];
}
else
{
//
// These could be entered via a form button
//
if ( isset($_POST['add']) )
if (isset($_POST['add']))
{
$mode = 'add';
}
else if ( isset($_POST['save']) )
else if (isset($_POST['save']))
{
$mode = 'save';
}
@@ -74,23 +64,21 @@ else
}
}
//
//
//
if ( $mode != '' )
// Process mode
if ($mode != '')
{
if ( $mode == 'edit' || $mode == 'add' )
if ($mode == 'edit' || $mode == 'add')
{
//
// They want to add a new rank, show the form.
//
$rank_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0;
$rank_id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
$s_hidden_fields = '<input type="hidden" name="mode" value="save" />';
if ( $mode == 'edit' )
if ($mode == 'edit')
{
if ( empty($rank_id) )
if (empty($rank_id))
{
message_die(MESSAGE, $user->lang['Must_select_rank']);
}
@@ -126,15 +114,15 @@ if ( $mode != '' )
</tr>
<tr>
<td class="row1" width="40%"><?php echo $user->lang['Rank_special']; ?>: </td>
<td class="row2"><input type="radio" name="special_rank" value="1"<?php echo ( $rank_info['rank_special'] ) ? ' checked="checked"' : ''; ?> /><?php echo $user->lang['Yes']; ?> &nbsp;&nbsp;<input type="radio" name="special_rank" value="0"<?php echo ( !$rank_info['rank_special'] ) ? ' checked="checked"' : ''; ?> /> <?php echo $user->lang['No']; ?></td>
<td class="row2"><input type="radio" name="special_rank" value="1"<?php echo ($rank_info['rank_special']) ? ' checked="checked"' : ''; ?> /><?php echo $user->lang['Yes']; ?> &nbsp;&nbsp;<input type="radio" name="special_rank" value="0"<?php echo (!$rank_info['rank_special']) ? ' checked="checked"' : ''; ?> /> <?php echo $user->lang['No']; ?></td>
</tr>
<tr>
<td class="row1" width="40%"><?php echo $user->lang['Rank_minimum']; ?>: </td>
<td class="row2"><input type="text" name="min_posts" size="5" maxlength="10" value="<?php echo ( $rank_info['rank_special'] ) ? '' : $rank_info['rank_min']; ?>" /></td>
<td class="row2"><input type="text" name="min_posts" size="5" maxlength="10" value="<?php echo ($rank_info['rank_special']) ? '' : $rank_info['rank_min']; ?>" /></td>
</tr>
<tr>
<td class="row1" width="40%"><?php echo $user->lang['Rank_image']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Rank_image_explain']; ?></span></td>
<td class="row2"><input type="text" name="rank_image" size="40" maxlength="255" value="<?php echo ( $rank_info['rank_image'] != '' ) ? $rank_info['rank_image'] : ''; ?>" /><br /><?php echo ( $rank_info['rank_image'] != '' ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : ''; ?></td>
<td class="row2"><input type="text" name="rank_image" size="40" maxlength="255" value="<?php echo ($rank_info['rank_image'] != '') ? $rank_info['rank_image'] : ''; ?>" /><br /><?php echo ($rank_info['rank_image'] != '') ? '<img src="../' . $rank_info['rank_image'] . '" />' : ''; ?></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
@@ -146,24 +134,24 @@ if ( $mode != '' )
page_footer();
}
else if ( $mode == 'save' )
else if ($mode == 'save')
{
//
// Ok, they sent us our info, let's update it.
//
$rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0;
$rank_title = ( isset($_POST['title']) ) ? trim($_POST['title']) : '';
$special_rank = ( $_POST['special_rank'] == 1 ) ? TRUE : 0;
$min_posts = ( isset($_POST['min_posts']) ) ? intval($_POST['min_posts']) : -1;
$rank_image = ( (isset($_POST['rank_image'])) ) ? trim($_POST['rank_image']) : '';
$rank_id = (isset($_POST['id'])) ? intval($_POST['id']) : 0;
$rank_title = (isset($_POST['title'])) ? trim($_POST['title']) : '';
$special_rank = ($_POST['special_rank'] == 1) ? TRUE : 0;
$min_posts = (isset($_POST['min_posts'])) ? intval($_POST['min_posts']) : -1;
$rank_image = ((isset($_POST['rank_image']))) ? trim($_POST['rank_image']) : '';
if ( $rank_title == '' )
if ($rank_title == '')
{
message_die(MESSAGE, $user->lang['Must_select_rank']);
}
if ( $special_rank == 1 )
if ($special_rank == 1)
{
$min_posts = -1;
}
@@ -171,15 +159,15 @@ if ( $mode != '' )
//
// The rank image has to be a jpg, gif or png
//
if ( $rank_image != '' )
if ($rank_image != '')
{
if ( !preg_match('/(\.gif|\.png|\.jpg|\.jpeg)$/is', $rank_image))
if (!preg_match('/(\.gif|\.png|\.jpg|\.jpeg)$/is', $rank_image))
{
$rank_image = '';
}
}
if ( $rank_id )
if ($rank_id)
{
$sql = "UPDATE " . RANKS_TABLE . "
SET rank_title = '" . str_replace("\'", "''", $rank_title) . "', rank_special = $special_rank, rank_min = $min_posts, rank_image = '" . str_replace("\'", "''", $rank_image) . "'
@@ -202,22 +190,22 @@ if ( $mode != '' )
message_die(MESSAGE, $message);
}
else if ( $mode == 'delete' )
else if ($mode == 'delete')
{
//
// Ok, they want to delete their rank
//
if ( isset($_POST['id']) || isset($_GET['id']) )
if (isset($_POST['id']) || isset($_GET['id']))
{
$rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']);
$rank_id = (isset($_POST['id'])) ? intval($_POST['id']) : intval($_GET['id']);
}
else
{
$rank_id = 0;
}
if ( $rank_id )
if ($rank_id)
{
$sql = "DELETE FROM " . RANKS_TABLE . "
WHERE rank_id = $rank_id";
@@ -265,23 +253,23 @@ $sql = "SELECT * FROM " . RANKS_TABLE . "
ORDER BY rank_min ASC, rank_special ASC";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2';
$row_class = ($row_class != 'row1') ? 'row1' : 'row2';
?>
<tr>
<td class="<?php echo $row_class; ?>" align="center"><?php echo $row['rank_title']; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><?php echo ( $row['rank_special'] ) ? '-' : $row['rank_min']; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><?php echo ( $row['rank_special'] ) ? $user->lang['Yes'] : $user->lang['No']; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><?php echo ($row['rank_special']) ? '-' : $row['rank_min']; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><?php echo ($row['rank_special']) ? $user->lang['Yes'] : $user->lang['No']; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><a href="<?php echo "admin_ranks.$phpEx$SID&amp;mode=edit&amp;id=" . $row['rank_id']; ?>"><?php echo $user->lang['Edit']; ?></a></td>
<td class="<?php echo $row_class; ?>" align="center"><a href="<?php echo "admin_ranks.$phpEx$SID&amp;mode=delete&amp;id=" . $row['rank_id']; ?>"><?php echo $user->lang['Delete']; ?></a></td>
</tr>
<?php
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
?>

93
phpBB/admin/admin_search.php
View File

@@ -19,59 +19,50 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_search'))
{
return;
}
$filename = basename(__FILE__);
$module['DB']['Search_indexing'] = $filename . $SID;
$module['DB']['Search_indexing'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$auth->acl_get('a_general') )
// Check permissions
if (!$auth->acl_get('a_search'))
{
message_die(MESSAGE, $user->lang['No_admin']);
trigger_error($user->lang['NO_ADMIN']);
}
//
// Start indexing
//
if ( isset($_POST['start']) || isset($_GET['batchstart']) )
if (isset($_POST['start']) || isset($_GET['batchstart']))
{
$batchsize = 200; // Process this many posts per batch
$batchstart = ( !isset($_GET['batchstart']) ) ? $row['min_post_id'] : $_GET['batchstart'];
$batchcount = ( !isset($_GET['batchcount']) ) ? 1 : $_GET['batchcount'];
$batchstart = (!isset($_GET['batchstart'])) ? $row['min_post_id'] : $_GET['batchstart'];
$batchcount = (!isset($_GET['batchcount'])) ? 1 : $_GET['batchcount'];
$loopcount = 0;
$batchend = $batchstart + $batchsize;
//
// Search re-indexing is tough on the server ... so we'll check the load
// each loop and if we're on a 1min load of 3 or more we'll re-load the page
// and try again. No idea how well this will work in practice so we'll see ...
//
if ( file_exists('/proc/loadavg') )
if (file_exists('/proc/loadavg'))
{
if ( $load = @file('/proc/loadavg') )
if ($load = @file('/proc/loadavg'))
{
list($load) = explode(' ', $load[0]);
if ( $load > 3 )
if ($load > 3)
{
header("Location: admin_search.$phpEx$SID&batchstart=$batchstart&batchcount=$batch_count");
exit;
@@ -79,27 +70,25 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
}
}
//
// Try and load stopword and synonym files
//
$stopword_array = array();
$synonym_array = array();
$dir = opendir($phpbb_root_path . 'language/');
while ( $file = readdir($dir) )
while ($file = readdir($dir))
{
if ( preg_match('#^lang_#', $file) && !is_file($phpbb_root_path . 'language/' . $file) && !is_link($phpbb_root_path . 'language/' . $file) )
if (preg_match('#^lang_#', $file) && !is_file($phpbb_root_path . 'language/' . $file) && !is_link($phpbb_root_path . 'language/' . $file))
{
unset($tmp_array);
$tmp_array = @file($phpbb_root_path . 'language/' . $file . '/search_stopwords.txt');
if ( is_array($tmp_array) )
if (is_array($tmp_array))
{
$stopword_array = array_unique(array_merge($stopword_array, $tmp_array));
}
unset($tmp_array);
$tmp_array = @file($phpbb_root_path . 'language/' . $file . '/search_synonyms.txt');
if ( is_array($tmp_array) )
if (is_array($tmp_array))
{
$synonym_array = array_unique(array_merge($synonym_array, $tmp_array));
}
@@ -108,7 +97,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
closedir($dir);
if ( !isset($_GET['batchstart']) )
if (!isset($_GET['batchstart']))
{
//
// Take board offline
@@ -146,7 +135,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
AND $batchend";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
@@ -158,36 +147,36 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
$word = array();
$word_insert_sql = array();
foreach ( $search_raw_words as $word_in => $search_matches )
foreach ($search_raw_words as $word_in => $search_matches)
{
$word_insert_sql[$word_in] = '';
if ( !empty($search_matches) )
if (!empty($search_matches))
{
for ($i = 0; $i < count($search_matches); $i++)
{
$search_matches[$i] = trim($search_matches[$i]);
if ( $search_matches[$i] != '' )
if ($search_matches[$i] != '')
{
$word[] = $search_matches[$i];
$word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'";
$word_insert_sql[$word_in] .= ($word_insert_sql[$word_in] != '') ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'";
}
}
}
}
if ( count($word) )
if (count($word))
{
$word_text_sql = '';
$word = array_unique($word);
for($i = 0; $i < count($word); $i++)
{
$word_text_sql .= ( ( $word_text_sql != '' ) ? ', ' : '' ) . "'" . $word[$i] . "'";
$word_text_sql .= (($word_text_sql != '') ? ', ' : '') . "'" . $word[$i] . "'";
}
$check_words = array();
switch( SQL_LAYER )
switch(SQL_LAYER)
{
case 'postgresql':
case 'msaccess':
@@ -199,7 +188,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
WHERE word_text IN ($word_text_sql)";
$result = $db->sql_query($sql);
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
$check_words[$row['word_text']] = $row['word_id'];
}
@@ -211,21 +200,21 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
for ($i = 0; $i < count($word); $i++)
{
$new_match = true;
if ( isset($check_words[$word[$i]]) )
if (isset($check_words[$word[$i]]))
{
$new_match = false;
}
if ( $new_match )
if ($new_match)
{
switch( SQL_LAYER )
switch(SQL_LAYER)
{
case 'mysql':
case 'mysql4':
$value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\')';
$value_sql .= (($value_sql != '') ? ', ' : '') . '(\'' . $word[$i] . '\')';
break;
case 'mssql':
$value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'";
$value_sql .= (($value_sql != '') ? ' UNION ALL ' : '') . "SELECT '" . $word[$i] . "'";
break;
default:
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
@@ -236,9 +225,9 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
}
}
if ( $value_sql != '' )
if ($value_sql != '')
{
switch ( SQL_LAYER )
switch (SQL_LAYER)
{
case 'mysql':
case 'mysql4':
@@ -255,11 +244,11 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
}
}
foreach ( $word_insert_sql as $word_in => $match_sql )
foreach ($word_insert_sql as $word_in => $match_sql)
{
$title_match = ( $word_in == 'title' ) ? 1 : 0;
$title_match = ($word_in == 'title') ? 1 : 0;
if ( $match_sql != '' )
if ($match_sql != '')
{
$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match)
SELECT $post_id, word_id, $title_match
@@ -270,22 +259,22 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
}
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
// Remove common words after the first 2 batches and after every 4th batch after that.
if ( $batchcount % 4 == 3 )
if ($batchcount % 4 == 3)
{
// remove_common('global', $config['common_search']);
}
$batchcount++;
if ( ( $batchstart + $batchsize ) < $max_post_id )
if (($batchstart + $batchsize) < $max_post_id)
{
header("Location: admin_search.$phpEx$SID&batchstart=" . ( $batchstart + $batchsize ) . "&batchcount=$batch_count");
header("Location: admin_search.$phpEx$SID&batchstart=" . ($batchstart + $batchsize) . "&batchcount=$batch_count");
exit;
}
else
@@ -312,7 +301,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
exit;
}
else if ( isset($_POST['cancel']) )
else if (isset($_POST['cancel']))
{
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '0'

34
phpBB/admin/admin_smilies.php
View File

@@ -19,9 +19,9 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_icons'))
{
return;
}
@@ -34,42 +34,22 @@ if ( !empty($setmodules) )
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have general permissions?
//
if (!$auth->acl_get('a_general'))
if (!$auth->acl_get('a_icons'))
{
message_die(MESSAGE, $user->lang['No_admin']);
}
//
// Check to see what mode we should operate in.
//
if (isset($_POST['type']) || isset($_GET['type']))
{
$type = (!empty($_POST['type'])) ? $_POST['type'] : $_GET['type'];
}
else
{
$type = '';
}
if (isset($_POST['mode']) || isset($_GET['mode']))
{
$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$type = (!empty($_REQUEST['type'])) ? $_REQUEST['type'] : '';
$mode = (!empty($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// What are we doing?
switch ($type)
{
case 'emoticons':
@@ -603,7 +583,7 @@ function update_smile_dimensions()
</tr>
<?php
}
$row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2';
$row_class = ($row_class != 'row1') ? 'row1' : 'row2';
?>
<tr>
<?php

109
phpBB/admin/admin_users.php
View File

@@ -19,71 +19,57 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_gets('a_user', 'a_useradd', 'a_userdel'))
{
return;
}
$filename = basename(__FILE__);
$module['Users']['Manage'] = $filename . $SID;
$module['Users']['Manage'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
// Include files
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
// Do we have forum admin permissions?
if ( !$auth->acl_get('a_user') )
{
trigger_error($user->lang['No_admin']);
}
echo $mode;
// Set mode
if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
{
$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = 'main';
}
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main';
// Begin program
if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
if (isset($_POST['username']) || isset($_GET['u']) || isset($_POST['u']))
{
// Grab relevant userdata
if( isset( $_GET['u']) || isset( $_POST['u']) )
if(isset($_REQUEST['u']))
{
$user_id = ( isset( $_POST['u']) ) ? intval( $_POST['u']) : intval( $_GET['u']);
$user_id = intval($_REQUEST['u']);
if( !($userdata = get_userdata($user_id)) )
if(!($userdata = get_userdata($user_id)))
{
trigger_error($user->lang['No_user_id_specified'] );
trigger_error($user->lang['No_user_id_specified']);
}
}
else
{
if( !$userdata = get_userdata( $_POST['username'] ) )
if(!$userdata = get_userdata($_POST['username']))
{
trigger_error($user->lang['No_user_id_specified'] );
trigger_error($user->lang['No_user_id_specified']);
}
}
// Update entry in DB
if( $_POST['deleteuser'] && !$userdata['user_founder'] && $auth->acl_get('a_userdel') )
if ($_POST['deleteuser'] && !$userdata['user_founder'])
{
if (!$auth->acl_get('a_userdel'))
{
trigger_error($user->lang['NO_ADMIN']);
}
$db->sql_transaction();
$sql = "UPDATE " . POSTS_TABLE . "
@@ -108,6 +94,10 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . ACL_USERS_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
@@ -149,13 +139,13 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
</tr>
<tr>
<td class="row1">Registered from IP: </td>
<td class="row2"><?php if ( $userdata['user_ip'] ) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=main&amp;do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&amp;mode=ip&amp;ban=<?php echo $userdata['user_ip']; ?>&amp;bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td>
<td class="row2"><?php if ($userdata['user_ip']) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=main&amp;do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&amp;mode=ip&amp;ban=<?php echo $userdata['user_ip']; ?>&amp;bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td>
</tr>
<?php
if ( isset($_GET['do']) && $_GET['do'] == 'iplookup' )
if (isset($_GET['do']) && $_GET['do'] == 'iplookup')
{
if ( $userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip']) )
if ($userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip']))
{
?>
<tr>
@@ -164,7 +154,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
<tr>
<td class="row1" colspan="2"><?php
if ( $ipwhois = ipwhois($userdata['user_ip']) )
if ($ipwhois = ipwhois($userdata['user_ip']))
{
echo '<br /><pre align="left">' . trim($ipwhois) . '</pre>';
}
@@ -199,7 +189,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
foreach ($acl_options['global'] as $option_name => $option_id)
{
$type = substr($option_name, 0, strpos('_', $option_name) +1 );
$type = substr($option_name, 0, strpos('_', $option_name) +1);
$global[$type][$option_name] = $userauth->acl_get($option_name);
}
@@ -209,7 +199,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
$result = $db->sql_query($sql);
$permissions = array();
while( $row = $db->sql_fetchrow($result) )
while($row = $db->sql_fetchrow($result))
{
$forum_data[$row['forum_id']] = $row['forum_name'];
@@ -245,14 +235,14 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
foreach ($auth_ary as $option => $allow)
{
if ( $option != $type .'_' )
if ($option != $type .'_')
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
$l_can_cell = ( !empty($user->lang['acl_' . $option]) ) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option));
$l_can_cell = (!empty($user->lang['acl_' . $option])) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option));
$allow_type = ( $allow == ACL_ALLOW ) ? ' checked="checked"' : '';
$deny_type = ( $allow == ACL_DENY ) ? ' checked="checked"' : '';
$allow_type = ($allow == ACL_ALLOW) ? ' checked="checked"' : '';
$deny_type = ($allow == ACL_DENY) ? ' checked="checked"' : '';
?>
<tr>
<td class="<?php echo $row_class; ?>"><?php echo $l_can_cell; ?></td>
@@ -280,7 +270,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
foreach ($auth_ary as $option => $allow)
{
echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . ( ( $allow ) ? 'Allowed' : 'Denied' ) . '</td></tr>';
echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . (($allow) ? 'Allowed' : 'Denied') . '</td></tr>';
}
?>
@@ -297,10 +287,14 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
page_footer();
}
else
{
page_header($user->lang['Manage']);
// Do we have permission?
if (!$auth->acl_get('a_user'))
{
trigger_error($user->lang['No_admin']);
}
page_header($user->lang['Manage']);
?>
@@ -308,7 +302,7 @@ else
<p><?php echo $user->lang['User_admin_explain']; ?></p>
<form method="post" name="post" action="<?php echo "admin_users.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" name="post" action="admin_users.<?php echo $phpEx.$SID; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th align="center"><?php echo $user->lang['Select_a_User']; ?></th>
</tr>
@@ -319,12 +313,11 @@ else
<?php
}
page_footer();
//
//
// ---------
// FUNCTIONS
function ipwhois($ip)
{
$ipwhois = '';
@@ -336,25 +329,25 @@ function ipwhois($ip)
'#whois\.registro\.br#is' => 'whois.registro.br'
);
if ( ($fsk = fsockopen('whois.arin.net', 43)) )
if (($fsk = fsockopen('whois.arin.net', 43)))
{
@fputs($fsk, "$ip\n");
while (!feof($fsk) )
while (!feof($fsk))
{
$ipwhois .= fgets($fsk, 1024);
}
fclose($fsk);
}
foreach ( array_keys($match) as $server )
foreach (array_keys($match) as $server)
{
if ( preg_match($server, $ipwhois) )
if (preg_match($server, $ipwhois))
{
$ipwhois = '';
if ( ($fsk = fsockopen($match[$server], 43)) )
if (($fsk = fsockopen($match[$server], 43)))
{
@fputs($fsk, "$ip\n");
while (!feof($fsk) )
while (!feof($fsk))
{
$ipwhois .= fgets($fsk, 1024);
}
@@ -366,7 +359,7 @@ function ipwhois($ip)
return $ipwhois;
}
//
//
// FUNCTIONS
// ---------
?>

105
phpBB/admin/admin_words.php
View File

@@ -19,51 +19,43 @@
*
***************************************************************************/
if ( !empty($setmodules) )
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_words'))
{
return;
}
$file = basename(__FILE__);
$module['Posts']['Word_Censor'] = "$file$SID";
$module['Posts']['Word_Censor'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_words'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
//
//
if ( isset($_GET['mode']) || isset($_POST['mode']) )
// What do we want to do?
if (isset($_REQUEST['mode']))
{
$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode'];
$mode = $_REQUEST['mode'];
}
else
{
//
// These could be entered via a form button
//
if ( isset($_POST['add']) )
if (isset($_POST['add']))
{
$mode = 'add';
}
else if ( isset($_POST['save']) )
else if (isset($_POST['save']))
{
$mode = 'save';
}
@@ -73,20 +65,20 @@ else
}
}
if( $mode != '' )
if ($mode != '')
{
switch ( $mode )
switch ($mode)
{
case 'edit':
case 'add':
$word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0;
$word_id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
$s_hidden_fields = '';
if ( $mode == 'edit' )
if ($mode == 'edit')
{
if ( !$word_id )
if (!$word_id)
{
message_die(MESSAGE, $user->lang['No_word_selected']);
trigger_error($user->lang['No_word_selected']);
}
$sql = "SELECT *
@@ -119,43 +111,43 @@ if( $mode != '' )
<td class="row2"><input type="text" name="replacement" value="<?php echo $word_info['replacement']; ?>" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['Submit']; ?>" /></td>
<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['SUBMIT']; ?>" /></td>
</tr>
</table></form>
<?php
page_footer();
break;
case 'save':
$word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0;
$word = ( isset($_POST['word']) ) ? trim($_POST['word']) : '';
$replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : '';
$word_id = (isset($_POST['id'])) ? intval($_POST['id']) : 0;
$word = (isset($_POST['word'])) ? trim($_POST['word']) : '';
$replacement = (isset($_POST['replacement'])) ? trim($_POST['replacement']) : '';
if ( $word == '' || $replacement == '' )
if ($word == '' || $replacement == '')
{
message_die(MESSAGE, $user->lang['Must_enter_word']);
trigger_error($user->lang['Must_enter_word']);
}
$sql = ( $word_id ) ? "UPDATE " . WORDS_TABLE . " SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')";
$sql = ($word_id) ? "UPDATE " . WORDS_TABLE . " SET word = '" . sql_quote($word) . "', replacement = '" . sql_quote($replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . sql_quote($word) . "', '" . sql_quote($replacement) . "')";
$db->sql_query($sql);
$log_action = ( $word_id ) ? 'log_edit_word' : 'log_add_word';
$log_action = ($word_id) ? 'log_edit_word' : 'log_add_word';
add_admin_log($log_action, stripslashes($word));
$message = ( $word_id ) ? $user->lang['Word_updated'] : $user->lang['Word_added'];
message_die(MESSAGE, $message);
$message = ($word_id) ? $user->lang['Word_updated'] : $user->lang['Word_added'];
break;
case 'delete':
if ( isset($_POST['id']) || isset($_GET['id']) )
if (isset($_POST['id']) || isset($_GET['id']))
{
$word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']);
$word_id = (isset($_POST['id'])) ? intval($_POST['id']) : intval($_GET['id']);
}
else
{
message_die(MESSAGE, $user->lang['Must_specify_word']);
trigger_error($user->lang['Must_specify_word']);
}
$sql = "DELETE FROM " . WORDS_TABLE . "
@@ -164,10 +156,34 @@ if( $mode != '' )
add_admin_log('log_delete_word');
message_die(MESSAGE, $user->lang['Word_removed']);
$message = $user->lang['Word_remove'];
break;
}
$sql = "SELECT *
FROM " . WORDS_TABLE . "
ORDER BY word";
$result = $db->sql_query($sql);
$cache_str = "\$word_censors = array(\n";
$cache_str_match = $cache_str_replace = '';
if ($row = $db->sql_fetchrow($result))
{
do
{
$cache_str_match .= "\t\t'" . addslashes('#\b' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . '\b#i') . "',\n";
$cache_str_replace .= "\t\t'" . addslashes($row['replacement']) . "',\n";
}
while ($row = $db->sql_fetchrow($result));
$cache_str .= "\t'match' => array(\n$cache_str_match\t),\n\t'replace' => array(\n$cache_str_replace\t)\n);";
}
$db->sql_freeresult($result);
config_cache_write('\$word_censors = array\(.*?\);', $cache_str);
trigger_error($message);
}
else
{
@@ -194,11 +210,11 @@ else
ORDER BY word";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
do
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
?>
<tr>
@@ -210,8 +226,9 @@ else
<?php
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
?>
<tr>
@@ -221,8 +238,8 @@ else
<?php
page_footer();
}
page_footer()
?>

147
phpBB/admin/index.php
View File

@@ -22,8 +22,8 @@
define('IN_PHPBB', 1);
// Define some vars
$pane = ( isset($_GET['pane']) ) ? $_GET['pane'] : '';
$update = ( $pane == 'right' ) ? true : false;
$pane = (isset($_GET['pane'])) ? $_GET['pane'] : '';
$update = ($pane == 'right') ? true : false;
// Include files
$phpbb_root_path = '../';
@@ -31,13 +31,13 @@ require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
// Do we have any admin permissions at all?
if ( !$auth->acl_get('a_') )
if (!$auth->acl_get('a_'))
{
trigger_error('No_admin');
trigger_error($user->lang['NO_ADMIN']);
}
// Generate relevant output
if ( isset($_GET['pane']) && $_GET['pane'] == 'top' )
if (isset($_GET['pane']) && $_GET['pane'] == 'top')
{
page_header('', '', false);
@@ -55,7 +55,7 @@ if ( isset($_GET['pane']) && $_GET['pane'] == 'top' )
page_footer(false);
}
else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
else if (isset($_GET['pane']) && $_GET['pane'] == 'left')
{
// Cheat and use the meta tag to change some stylesheet info
page_header('', '<style type="text/css">body {background-color: #98AAB1}</style>', false);
@@ -64,9 +64,9 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
$dir = @opendir('.');
$setmodules = 1;
while ( $file = @readdir($dir) )
while ($file = @readdir($dir))
{
if ( preg_match('/^admin_(.*?)\.' . $phpEx . '$/', $file) )
if (preg_match('/^admin_(.*?)\.' . $phpEx . '$/', $file))
{
include($file);
}
@@ -92,12 +92,12 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
</tr>
<?php
if ( is_array($module) )
if (is_array($module))
{
@ksort($module);
foreach ( $module as $cat => $action_ary )
foreach ($module as $cat => $action_ary)
{
$cat = ( !empty($user->lang[$cat . '_cat']) ) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
$cat = (empty($user->lang[$cat . '_cat'])) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
?>
<tr>
@@ -107,17 +107,20 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
@ksort($action_ary);
foreach ( $action_ary as $action => $file )
foreach ($action_ary as $action => $file)
{
$action = ( !empty($user->lang[$action]) ) ? $user->lang[$action] : preg_replace('/_/', ' ', $action);
if (!empty($file))
{
$action = (!empty($user->lang[$action])) ? $user->lang[$action] : preg_replace('/_/', ' ', $action);
$cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1';
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
?>
<tr>
<td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
<td class="<?php echo $row_class; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
</tr>
<?php
}
}
}
}
@@ -134,24 +137,29 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
page_footer(false);
}
elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
elseif (isset($_GET['pane']) && $_GET['pane'] == 'right')
{
if ( ( isset($_POST['activate']) || isset($_POST['delete']) ) && !empty($_POST['mark']) )
if ((isset($_POST['activate']) || isset($_POST['delete'])) && !empty($_POST['mark']))
{
if ( is_array($_POST['mark']) )
if (!$auth->acl_get('a_user'))
{
trigger_error($user->lang['NO_ADMIN']);
}
if (is_array($_POST['mark']))
{
$in_sql = '';
foreach( $_POST['mark'] as $user_id )
foreach ($_POST['mark'] as $user_id)
{
$in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $user_id;
$in_sql .= (($in_sql != '') ? ', ' : '') . intval($user_id);
}
if ( $in_sql != '' )
if ($in_sql != '')
{
$sql = ( isset($_POST['activate']) ) ? "UPDATE " . USERS_TABLE . " SET user_active = 1 WHERE user_id IN ($in_sql)" : "DELETE FROM " . USERS_TABLE . " WHERE user_id IN ($in_sql)";
$sql = (isset($_POST['activate'])) ? "UPDATE " . USERS_TABLE . " SET user_active = 1 WHERE user_id IN ($in_sql)" : "DELETE FROM " . USERS_TABLE . " WHERE user_id IN ($in_sql)";
$db->sql_query($sql);
if ( isset($_POST['delete']) )
if (isset($_POST['delete']))
{
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = config_value - " . sizeof($_POST['mark']) . "
@@ -159,16 +167,20 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
$db->sql_query($sql);
}
$log_action = ( isset($_POST['activate']) ) ? 'log_index_activate' : 'log_index_delete';
$log_action = (isset($_POST['activate'])) ? 'log_index_activate' : 'log_index_delete';
add_admin_log($log_action, sizeof($_POST['mark']));
}
}
}
else if ( isset($_POST['remind']) )
else if (isset($_POST['remind']))
{
if (!$auth->acl_get('a_user'))
{
trigger_error($user->lang['NO_ADMIN']);
}
}
else if ( isset($_POST['resetonline']) )
else if (isset($_POST['resetonline']))
{
}
@@ -180,7 +192,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
$start_date = $user->format_date($config['board_startdate']);
$boarddays = ( time() - $config['board_startdate'] ) / 86400;
$boarddays = (time() - $config['board_startdate']) / 86400;
$posts_per_day = sprintf('%.2f', $total_posts / $boarddays);
$topics_per_day = sprintf('%.2f', $total_topics / $boarddays);
@@ -188,11 +200,11 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
$avatar_dir_size = 0;
if ( $avatar_dir = @opendir($phpbb_root_path . $config['avatar_path']) )
if ($avatar_dir = @opendir($phpbb_root_path . $config['avatar_path']))
{
while ( $file = @readdir($avatar_dir) )
while ($file = @readdir($avatar_dir))
{
if ( $file != '.' && $file != '..' )
if ($file != '.' && $file != '..')
{
$avatar_dir_size += @filesize($phpbb_root_path . $config['avatar_path'] . '/' . $file);
}
@@ -202,11 +214,11 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
// This bit of code translates the avatar directory size into human readable format
// Borrowed the code from the PHP.net annoted manual, origanally written by:
// Jesse (jesse@jess.on.ca)
if ( $avatar_dir_size >= 1048576 )
if ($avatar_dir_size >= 1048576)
{
$avatar_dir_size = round($avatar_dir_size / 1048576 * 100) / 100 . ' MB';
}
else if ( $avatar_dir_size >= 1024 )
else if ($avatar_dir_size >= 1024)
{
$avatar_dir_size = round($avatar_dir_size / 1024 * 100) / 100 . ' KB';
}
@@ -222,17 +234,17 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
$avatar_dir_size = $user->lang['Not_available'];
}
if ( $posts_per_day > $total_posts )
if ($posts_per_day > $total_posts)
{
$posts_per_day = $total_posts;
}
if ( $topics_per_day > $total_topics )
if ($topics_per_day > $total_topics)
{
$topics_per_day = $total_topics;
}
if ( $users_per_day > $total_users )
if ($users_per_day > $total_users)
{
$users_per_day = $total_users;
}
@@ -240,30 +252,30 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
// DB size ... MySQL only
// This code is heavily influenced by a similar routine
// in phpMyAdmin 2.2.0
if ( preg_match('/^mysql/', SQL_LAYER) )
if (preg_match('/^mysql/', SQL_LAYER))
{
$result = $db->sql_query('SELECT VERSION() AS mysql_version');
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
$version = $row['mysql_version'];
if ( preg_match('/^(3\.23|4\.)/', $version) )
if (preg_match('/^(3\.23|4\.)/', $version))
{
$db_name = ( preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version) ) ? "`$dbname`" : $dbname;
$db_name = (preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version)) ? "`$dbname`" : $dbname;
$sql = "SHOW TABLE STATUS
FROM " . $db_name;
$result = $db->sql_query($sql);
$dbsize = 0;
while ( $row = $db->sql_fetchrow($result) )
while ($row = $db->sql_fetchrow($result))
{
if ( $row['Type'] != 'MRG_MyISAM' )
if ($row['Type'] != 'MRG_MyISAM')
{
if ( $table_prefix != '' )
if ($table_prefix != '')
{
if ( strstr($row['Name'], $table_prefix) )
if (strstr($row['Name'], $table_prefix))
{
$dbsize += $row['Data_length'] + $row['Index_length'];
}
@@ -285,22 +297,22 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
$dbsize = $user->lang['Not_available'];
}
}
else if ( preg_match('/^mssql/', SQL_LAYER) )
else if (preg_match('/^mssql/', SQL_LAYER))
{
$sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize
FROM sysfiles";
$result = $db->sql_query($sql);
$dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $user->lang['Not_available'];
$dbsize = ($row = $db->sql_fetchrow($result)) ? intval($row['dbsize']) : $user->lang['Not_available'];
}
else
{
$dbsize = $user->lang['Not_available'];
}
if ( is_int($dbsize) )
if (is_int($dbsize))
{
$dbsize = ( $dbsize >= 1048576 ) ? sprintf('%.2f MB', ( $dbsize / 1048576 )) : ( ( $dbsize >= 1024 ) ? sprintf('%.2f KB', ( $dbsize / 1024 )) : sprintf('%.2f Bytes', $dbsize) );
$dbsize = ($dbsize >= 1048576) ? sprintf('%.2f MB', ($dbsize / 1048576)) : (($dbsize >= 1024) ? sprintf('%.2f KB', ($dbsize / 1024)) : sprintf('%.2f Bytes', $dbsize));
}
page_header($user->lang['Admin_Index']);
@@ -360,7 +372,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
<td class="row1" nowrap="nowrap"><?php echo $user->lang['Database_size']; ?>:</td>
<td class="row2"><b><?php echo $dbsize; ?></b></td>
<td class="row1" nowrap="nowrap"><?php echo $user->lang['Gzip_compression']; ?>:</td>
<td class="row2"><b><?php echo ( $config['gzip_compress'] ) ? $user->lang['ON'] : $user->lang['OFF']; ?></b></td>
<td class="row2"><b><?php echo ($config['gzip_compress']) ? $user->lang['ON'] : $user->lang['OFF']; ?></b></td>
</tr>
<!-- tr>
<td class="row1" colspan="4"><?php echo sprintf($user->lang['Record_online_users'], $config['record_online_users'], $user->format_date($config['record_online_date'])); ?></td>
@@ -384,7 +396,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
for($i = 0; $i < sizeof($log_data); $i++)
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
?>
<tr>
@@ -397,6 +409,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
}
if ($auth->acl_get('a_user'))
{
?>
</table>
@@ -412,18 +427,18 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
</tr>
<?php
$sql = "SELECT user_id, username, user_regdate
FROM " . USERS_TABLE . "
WHERE user_active = 0
AND user_id <> " . ANONYMOUS . "
ORDER BY user_regdate ASC";
$result = $db->sql_query($sql);
$sql = "SELECT user_id, username, user_regdate
FROM " . USERS_TABLE . "
WHERE user_active = 0
AND user_id <> " . ANONYMOUS . "
ORDER BY user_regdate ASC";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
do
if ($row = $db->sql_fetchrow($result))
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
do
{
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
?>
<tr>
@@ -433,8 +448,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
</tr>
<?php
}
while ( $row = $db->sql_fetchrow($result) );
}
while ($row = $db->sql_fetchrow($result));
?>
<tr>
@@ -442,9 +457,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
</tr>
<?php
}
else
{
}
else
{
?>
<tr>
@@ -452,7 +467,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
</tr>
<?php
}
}
?>
</table>
@@ -465,6 +480,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
<?php
}
page_footer();
}

30
phpBB/admin/pagestart.php
View File

@@ -19,7 +19,7 @@
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
if (!defined('IN_PHPBB'))
{
die('Hacking attempt');
}
@@ -53,9 +53,9 @@ function page_header($sub_title, $meta = '', $table_html = true)
define('HEADER_INC', true);
// gzip_compression
if ( $config['gzip_compress'] )
if ($config['gzip_compress'])
{
if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() )
if (extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent())
{
ob_start('ob_gzhandler');
}
@@ -87,7 +87,7 @@ td.cat { background-image: url('images/cellpic1.gif') }
<?php
if ( $table_html )
if ($table_html)
{
?>
@@ -122,7 +122,7 @@ function page_footer($copyright_html = true)
</table>
<?php
if ( $copyright_html )
if ($copyright_html)
{
?>
@@ -144,7 +144,7 @@ function page_message($title, $message, $show_header = false)
{
global $phpEx, $SID, $user;
if ( $show_header )
if ($show_header)
{
?>
@@ -186,7 +186,7 @@ function add_admin_log()
$arguments = func_get_args();
$action = array_shift($arguments);
$data = ( !sizeof($arguments) ) ? '' : addslashes(serialize($arguments));
$data = (!sizeof($arguments)) ? '' : addslashes(serialize($arguments));
$sql = "INSERT INTO " . LOG_ADMIN_TABLE . " (user_id, log_ip, log_time, log_operation, log_data)
VALUES (" . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')";
@@ -199,9 +199,9 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
{
global $db, $user, $phpEx, $SID;
$table_sql = ( $mode == 'admin' ) ? LOG_ADMIN_TABLE : LOG_MOD_TABLE;
$forum_sql = ( $mode == 'mod' && $forum_id ) ? "AND l.forum_id = $forum_id" : '';
$limit_sql = ( $limit ) ? ( ( $offset ) ? "LIMIT $offset, $limit" : "LIMIT $limit" ) : '';
$table_sql = ($mode == 'admin') ? LOG_ADMIN_TABLE : LOG_MOD_TABLE;
$forum_sql = ($mode == 'mod' && $forum_id) ? "AND l.forum_id = $forum_id" : '';
$limit_sql = ($limit) ? (($offset) ? "LIMIT $offset, $limit" : "LIMIT $limit") : '';
$sql = "SELECT l.log_id, l.user_id, l.log_ip, l.log_time, l.log_operation, l.log_data, u.username
FROM $table_sql l, " . USERS_TABLE . " u
@@ -213,7 +213,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
$result = $db->sql_query($sql);
$log = array();
if ( $row = $db->sql_fetchrow($result) )
if ($row = $db->sql_fetchrow($result))
{
$i = 0;
do
@@ -223,13 +223,13 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
$log[$i]['ip'] = $row['log_ip'];
$log[$i]['time'] = $row['log_time'];
$log[$i]['action'] = ( !empty($user->lang[$row['log_operation']]) ) ? $user->lang[$row['log_operation']] : ucfirst(str_replace('_', ' ', $row['log_operation']));
$log[$i]['action'] = (!empty($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : ucfirst(str_replace('_', ' ', $row['log_operation']));
if ( !empty($row['log_data']) )
if (!empty($row['log_data']))
{
$log_data_ary = unserialize(stripslashes($row['log_data']));
foreach ( $log_data_ary as $log_data )
foreach ($log_data_ary as $log_data)
{
$log[$i]['action'] = preg_replace('#%s#', $log_data, $log[$i]['action'], 1);
}
@@ -237,7 +237,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
$i++;
}
while ( $row = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);