mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

Merging revisions #r8346, #r8347 and #r8348

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@8349 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2008-01-29 15:57:56 +00:00
parent e970da6514
commit 1407460895
10 changed files with 117 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/includes/db/dbal.php
View File

@@ -271,6 +271,13 @@ class dbal
return true;
}
// Check if there is a transaction (no transaction can happen if there was an error, with a combined rollback and error returning enabled)
// This implies we have transaction always set for autocommit db's
if (!$this->transaction)
{
return false;
}
$result = $this->_sql_transaction('commit');
if (!$result)

62
phpBB/includes/functions.php
View File

@@ -287,7 +287,7 @@ function phpbb_hash($password)
}
$random = substr($random, 0, $count);
}
$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);
if (strlen($hash) == 34)
@@ -360,7 +360,7 @@ function _hash_encode64($input, $count, &$itoa64)
}
$output .= $itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count)
{
break;
@@ -723,7 +723,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
unset($tracking_topics['t']);
unset($tracking_topics['f']);
$tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36);
$user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000);
$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking_topics)) : tracking_serialize($tracking_topics);
@@ -1016,7 +1016,7 @@ function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $
{
$mark_time[$forum_id] = $forum_mark_time[$forum_id];
}
$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
foreach ($topic_ids as $topic_id)
@@ -1064,7 +1064,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis
$last_read[$row['topic_id']] = $row['mark_time'];
}
$db->sql_freeresult($result);
$topic_ids = array_diff($topic_ids, array_keys($last_read));
if (sizeof($topic_ids))
@@ -1075,7 +1075,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis
AND forum_id " .
(($global_announce_list && sizeof($global_announce_list)) ? "IN (0, $forum_id)" : "= $forum_id");
$result = $db->sql_query($sql);
$mark_time = array();
while ($row = $db->sql_fetchrow($result))
{
@@ -1346,7 +1346,7 @@ function tracking_unserialize($string, $max_depth = 3)
break;
}
break;
case 2:
switch ($string[$i])
{
@@ -1364,7 +1364,7 @@ function tracking_unserialize($string, $max_depth = 3)
break;
}
break;
case 3:
switch ($string[$i])
{
@@ -1388,7 +1388,7 @@ function tracking_unserialize($string, $max_depth = 3)
{
die('Invalid data supplied');
}
return $level;
}
@@ -1606,7 +1606,7 @@ function generate_board_url($without_script_path = false)
{
global $config, $user;
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_name = $user->host;
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
// Forcing server vars is the only way to specify/override the protocol
@@ -1630,7 +1630,11 @@ function generate_board_url($without_script_path = false)
if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80)))
{
$url .= ':' . $server_port;
// HTTP HOST can carry a port number...
if (strpos($server_name, ':') === false)
{
$url .= ':' . $server_port;
}
}
if (!$without_script_path)
@@ -1871,7 +1875,7 @@ function build_url($strip_vars = false)
unset($query[$strip]);
}
}
// Glue the remaining parts together... already urlencoded
foreach ($query as $key => $value)
{
@@ -1943,7 +1947,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
{
$minimum_time = (int) $config['form_token_mintime'];
}
if (isset($_POST['creation_time']) && isset($_POST['form_token']))
{
$creation_time = abs(request_var('creation_time', 0));
@@ -1954,7 +1958,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
if (($diff >= $minimum_time) && (($diff <= $timespan) || $timespan == -1))
{
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);
if ($key === $token)
{
@@ -2252,7 +2256,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
{
$err = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>');
}
break;
}
}
@@ -2389,7 +2393,7 @@ function login_forum_box($forum_data)
$template->set_filenames(array(
'body' => 'login_forum.html')
);
page_footer();
}
@@ -2488,10 +2492,10 @@ function parse_cfg_file($filename, $lines = false)
{
$value = substr($value, 1, sizeof($value)-2);
}
$parsed_items[$key] = $value;
}
return $parsed_items;
}
@@ -2518,13 +2522,13 @@ function add_log()
'log_operation' => $action,
'log_data' => $data,
);
switch ($mode)
{
case 'admin':
$sql_ary['log_type'] = LOG_ADMIN;
break;
case 'mod':
$sql_ary += array(
'log_type' => LOG_MOD,
@@ -2543,7 +2547,7 @@ function add_log()
case 'critical':
$sql_ary['log_type'] = LOG_CRITICAL;
break;
default:
return false;
}
@@ -2868,9 +2872,9 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
echo ' <div class="panel">';
echo ' <div id="content">';
echo ' <h1>' . $msg_title . '</h1>';
echo ' <div>' . $msg_text . '</div>';
echo $l_notify;
echo ' </div>';
@@ -2882,7 +2886,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
echo '</div>';
echo '</body>';
echo '</html>';
exit_handler();
break;
@@ -2932,7 +2936,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
// We do not want the cron script to be called on error messages
define('IN_CRON', true);
if (defined('IN_ADMIN') && isset($user->data['session_admin']) && $user->data['session_admin'])
{
adm_page_footer();
@@ -2962,7 +2966,7 @@ function page_header($page_title = '', $display_online_list = true)
{
return;
}
define('HEADER_INC', true);
// gzip_compression
@@ -3189,14 +3193,14 @@ function page_header($page_title = '', $display_online_list = true)
// Which timezone?
$tz = ($user->data['user_id'] != ANONYMOUS) ? strval(doubleval($user->data['user_timezone'])) : strval(doubleval($config['board_timezone']));
// Send a proper content-language to the output
$user_lang = $user->lang['USER_LANG'];
if (strpos($user_lang, '-x-') !== false)
{
$user_lang = substr($user_lang, 0, strpos($user_lang, '-x-'));
}
// The following assigns all _common_ variables that may be used at any point in a template.
$template->assign_vars(array(
'SITENAME' => $config['sitename'],
@@ -3345,7 +3349,7 @@ function page_footer($run_cron = true)
if (!defined('IN_CRON') && $run_cron && !$config['board_disable'])
{
$cron_type = '';
if (time() - $config['queue_interval'] > $config['last_queue_run'] && !defined('IN_ADMIN') && file_exists($phpbb_root_path . 'cache/queue.' . $phpEx))
{
// Process email queue

14
phpBB/includes/functions_module.php
View File

@@ -59,7 +59,7 @@ class p_master
WHERE module_class = '" . $db->sql_escape($this->p_class) . "'
ORDER BY left_id ASC";
$result = $db->sql_query($sql);
$rows = array();
while ($row = $db->sql_fetchrow($result))
{
@@ -114,7 +114,7 @@ class p_master
unset($this->module_cache['modules'][$key]);
continue;
}
$right_id = false;
}
@@ -147,7 +147,7 @@ class p_master
{
continue;
}
$right_id = false;
}
@@ -194,7 +194,7 @@ class p_master
$custom_func = '_module_' . $row['module_basename'];
$names[$row['module_basename'] . '_' . $row['module_mode']][] = true;
$module_row = array(
'depth' => $depth,
@@ -209,7 +209,7 @@ class p_master
'display' => (int) $row['module_display'],
'url_extra' => (function_exists($url_func)) ? $url_func($row['module_mode'], $row) : '',
'lang' => ($row['module_basename'] && function_exists($lang_func)) ? $lang_func($row['module_mode'], $row['module_langname']) : ((!empty($user->lang[$row['module_langname']])) ? $user->lang[$row['module_langname']] : $row['module_langname']),
'langname' => $row['module_langname'],
@@ -309,7 +309,7 @@ class p_master
break;
default:
if (!preg_match('#(?:acl_([a-z_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z_]+))|(?:cfg_([a-z_]+))|(?:request_([a-z_]+))#', $token))
if (!preg_match('#(?:acl_([a-z0-9_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z0-9_]+))|(?:cfg_([a-z0-9_]+))|(?:request_([a-zA-Z0-9_]+))#', $token))
{
$token = '';
}
@@ -325,7 +325,7 @@ class p_master
$forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id;
$is_auth = false;
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#', '#request_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');');
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');');
return $is_auth;
}

7
phpBB/includes/message_parser.php
View File

@@ -983,7 +983,7 @@ class bbcode_firstpass extends bbcode
// Is the user trying to link to a php file in this domain and script path?
if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false)
{
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_name = $user->host;
// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)
@@ -1084,7 +1084,7 @@ class parse_message extends bbcode_firstpass
if ($config['max_' . $mode . '_chars'] > 0)
{
$msg_len = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message));
if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars'])
{
$this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $msg_len, $config['max_' . $mode . '_chars']);
@@ -1254,12 +1254,11 @@ class parse_message extends bbcode_firstpass
$match = $replace = array();
// NOTE: obtain_* function? chaching the table contents?
// For now setting the ttl to 10 minutes
$sql = 'SELECT *
FROM ' . SMILIES_TABLE . '
ORDER BY ' . $db->sql_function('length_varchar', 'code') . ' DESC';
$result = $db->sql_query($sql, 600);
while ($row = $db->sql_fetchrow($result))

20
phpBB/includes/session.php
View File

@@ -158,7 +158,7 @@ class session
$this->update_session_page = $update_session_page;
$this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : '';
$this->forwarded_for = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? (string) $_SERVER['HTTP_X_FORWARDED_FOR'] : '';
$this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) $_SERVER['HTTP_HOST'] : 'localhost';
$this->host = (!empty($_SERVER['HTTP_HOST'])) ? (string) strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
$this->page = $this->extract_current_page($phpbb_root_path);
// if the forwarded for header shall be checked we have to validate its contents
@@ -649,7 +649,7 @@ class session
$this->set_cookie('sid', $this->session_id, $cookie_expire);
unset($cookie_expire);
$sql = 'SELECT COUNT(session_id) AS sessions
FROM ' . SESSIONS_TABLE . '
WHERE session_user_id = ' . (int) $this->data['user_id'] . '
@@ -777,7 +777,7 @@ class session
global $db, $config;
$batch_size = 10;
if (!$this->time_now)
{
$this->time_now = time();
@@ -825,7 +825,7 @@ class session
// Less than 10 users, update gc timer ... else we want gc
// called again to delete other sessions
set_config('session_last_gc', $this->time_now, true);
if ($config['max_autologin_time'])
{
$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
@@ -834,14 +834,14 @@ class session
}
$this->confirm_gc();
}
return;
}
function confirm_gc($type = 0)
{
global $db, $config;
$sql = 'SELECT DISTINCT c.session_id
FROM ' . CONFIRM_TABLE . ' c
LEFT JOIN ' . SESSIONS_TABLE . ' s ON (c.session_id = s.session_id)
@@ -867,8 +867,8 @@ class session
}
$db->sql_freeresult($result);
}
/**
* Sets a cookie
*
@@ -1479,7 +1479,7 @@ class user extends session
$sql = 'SELECT image_name, image_filename, image_lang, image_height, image_width
FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $this->theme['imageset_id'] . "
AND image_filename <> ''
AND image_filename <> ''
AND image_lang IN ('" . $db->sql_escape($this->img_lang) . "', '')";
$result = $db->sql_query($sql, 3600);