mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-05 23:25:30 +02:00
Code Issues Releases Wiki Activity

Somewhat overhauled posting, fixed various bugs, completed new way of handling URIs in emails, blah blah

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2183 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-02-18 12:34:38 +00:00
parent ae80afa875
commit 1a37d0d8ef
6 changed files with 1545 additions and 2448 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
phpBB/common.php
View File

@ -171,60 +171,6 @@ else
} }
} }
//
// Set some server variables related to the current URL, mostly used for Email
//
if ( !empty($HTTP_SERVER_VARS['HTTPS']) )
{
$server_protocol = ( !empty($HTTP_SERVER_VARS['HTTPS']) ) ? ( ( $HTTP_SERVER_VARS['HTTPS'] == "on" ) ? "https://" : "http://" ) : "http://";
}
else if ( !empty($HTTP_ENV_VARS['HTTPS']) )
{
$server_protocol = ( !empty($HTTP_ENV_VARS['HTTPS']) ) ? ( ( $HTTP_ENV_VARS['HTTPS'] == "on" ) ? "https://" : "http://" ) : "http://";
}
else
{
$server_protocol = "http://";
}
if ( !empty($board_config['server_name']) )
{
$server_name = $board_config['server_name'];
}
else if ( !empty($board_config['cookie_domain']) )
{
$server_name = $board_config['cookie_domain'];
}
else if( !empty($HTTP_SERVER_VARS['SERVER_NAME']) || !empty($HTTP_ENV_VARS['SERVER_NAME']) )
{
$server_name = ( !empty($HTTP_SERVER_VARS['SERVER_NAME']) ) ? $HTTP_SERVER_VARS['SERVER_NAME'] : $HTTP_ENV_VARS['SERVER_NAME'];
}
else if( !empty($HTTP_SERVER_VARS['HTTP_HOST']) || !empty($HTTP_ENV_VARS['HTTP_HOST']) )
{
$server_name = ( !empty($HTTP_SERVER_VARS['HTTP_HOST']) ) ? $HTTP_SERVER_VARS['HTTP_HOST'] : $HTTP_ENV_VARS['HTTP_HOST'];
}
else
{
$server_name = "";
}
$server_port = ( !empty($board_config['server_port']) && $board_config['server_port'] <> 80 ) ? ':' . $board_config['server_port'] : '';
if ( !empty($HTTP_SERVER_VARS['PHP_SELF']) || !empty($HTTP_ENV_VARS['PHP_SELF']) )
{
$script_name = ( !empty($HTTP_SERVER_VARS['PHP_SELF']) ) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF'];
}
else if ( !empty($HTTP_SERVER_VARS['SCRIPT_NAME']) || !empty($HTTP_ENV_VARS['SCRIPT_NAME']) )
{
$script_name = ( !empty($HTTP_SERVER_VARS['SCRIPT_NAME']) ) ? $HTTP_SERVER_VARS['SCRIPT_NAME'] : $HTTP_ENV_VARS['SCRIPT_NAME'];
}
else if ( !empty($HTTP_SERVER_VARS['PATH_INFO']) || !empty($HTTP_ENV_VARS['PATH_INFO']) )
{
$script_name = ( !empty($HTTP_SERVER_VARS['PATH_INFO']) ) ? $HTTP_SERVER_VARS['PATH_INFO'] : $HTTP_ENV_VARS['PATH_INFO'];
}
$script_url = $server_protocol . $server_name . $server_port . $script_name;
// //
// Show 'Board is disabled' message if needed. // Show 'Board is disabled' message if needed.
// //
@ -233,4 +179,4 @@ if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information'); message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
} }
?> ?>

14
phpBB/groupcp.php
View File

@ -33,6 +33,14 @@ init_userprefs($userdata);
// End session management // End session management
// //
$script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/groupcp.'.$phpEx : 'groupcp.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";
$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
$server_url = $server_protocol . $script_name . $server_name . $server_port;
if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) )
{ {
$group_id = ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_GET_VARS[POST_GROUPS_URL]) : intval($HTTP_POST_VARS[POST_GROUPS_URL]); $group_id = ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_GET_VARS[POST_GROUPS_URL]) : intval($HTTP_POST_VARS[POST_GROUPS_URL]);
@ -197,7 +205,7 @@ else if( isset($HTTP_POST_VARS['joingroup']) && $group_id )
"GROUP_MODERATOR" => $moderator['username'], "GROUP_MODERATOR" => $moderator['username'],
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_GROUPCP" => $script_url . "?" . POST_GROUPS_URL . "=$group_id&validate=true") "U_GROUPCP" => $server_url . "?" . POST_GROUPS_URL . "=$group_id&validate=true")
); );
$emailer->send(); $emailer->send();
$emailer->reset(); $emailer->reset();
@ -403,7 +411,7 @@ else if( $group_id )
"GROUP_NAME" => $group_name, "GROUP_NAME" => $group_name,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_GROUPCP" => $script_url . "?" . POST_GROUPS_URL . "=$group_id") "U_GROUPCP" => $server_url . "?" . POST_GROUPS_URL . "=$group_id")
); );
$emailer->send(); $emailer->send();
$emailer->reset(); $emailer->reset();
@ -509,7 +517,7 @@ else if( $group_id )
"GROUP_NAME" => $group_name, "GROUP_NAME" => $group_name,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_GROUPCP" => $script_url . "?" . POST_GROUPS_URL . "=$group_id") "U_GROUPCP" => $server_url . "?" . POST_GROUPS_URL . "=$group_id")
); );
$emailer->send(); $emailer->send();
$emailer->reset(); $emailer->reset();

681
phpBB/includes/post.php
View File

@ -1,6 +1,6 @@
<?php <?php
/*************************************************************************** /***************************************************************************
* * post.php
* ------------------- * -------------------
* begin : Saturday, Feb 13, 2001 * begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group * copyright : (C) 2001 The phpBB Group
@ -20,6 +20,11 @@
* *
***************************************************************************/ ***************************************************************************/
$html_entities_match = array("#&#", "#<#", "#>#");
$html_entities_replace = array("&amp;", "&lt;", "&gt;");
$unhtml_specialchars_match = array("#&gt;#", "#&lt;#", "#&quot;#", "#&amp;#");
$unhtml_specialchars_replace = array(">", "<", "\"", "&");
// //
// This function will prepare a posted message for // This function will prepare a posted message for
// entry into the database. // entry into the database.
@ -27,6 +32,7 @@
function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0) function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0)
{ {
global $board_config; global $board_config;
global $html_entities_match, $html_entities_replace;
$allowed_html_tags = split(",", $board_config['allow_html_tags']); $allowed_html_tags = split(",", $board_config['allow_html_tags']);
@ -35,56 +41,55 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid
// //
$message = trim($message); $message = trim($message);
if( $html_on ) if ( $html_on )
{ {
$html_entities_match = array("#&#", "#<#", "#>#"); $message = " " . preg_replace("#&#i", "&amp;", $message);
$html_entities_replace = array("&amp;", "&lt;", "&gt;");
$message = preg_replace("#&([a-z0-9]+?);#i", "&amp;\\1;", $message);
$end_html = 0;
$start_html = 1; $start_html = 1;
$temp_message = "";
$message = " " . $message; while ( $start_html = strpos($message, "<", $start_html) )
while( $start_html = strpos($message, "<", $start_html) )
{ {
if( $end_html = strpos($message, ">", $start_html) ) $temp_message .= substr($message, $end_html + 1, ( $start_html - $end_html - 1 ));
if ( $end_html = strpos($message, ">", $start_html) )
{ {
$length = $end_html - $start_html + 1; $length = $end_html - $start_html + 1;
$hold_string = substr($message, $start_html, $length);
$tagallowed = 0; if ( ( $unclosed_open = strrpos(" " . $hold_string, "<") ) != 1 )
{
$temp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 2));
$hold_string = substr($hold_string, $unclosed_open - 1);
}
$tagallowed = false;
for($i = 0; $i < sizeof($allowed_html_tags); $i++) for($i = 0; $i < sizeof($allowed_html_tags); $i++)
{ {
$match_tag = trim($allowed_html_tags[$i]); $match_tag = trim($allowed_html_tags[$i]);
if( preg_match("/^[\/]?" . $match_tag . "( .*?)*$/i", trim(substr($message, $start_html + 1, $length - 2))) ) if ( preg_match("/^<\/?" . $match_tag . "\b/i", $hold_string) )
{ {
if( !preg_match("/(^\?)|(\?$)/", trim(substr($message, $start_html + 1, $length - 2))) ) $tagallowed = true;
{
$tagallowed = 1;
}
} }
} }
if( $length && !$tagallowed ) $temp_message .= ( $length && !$tagallowed ) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string;
{
$message = str_replace(substr($message, $start_html, $length), preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, $length)), $message);
}
$start_html += $length; $start_html += $length;
} }
else else
{ {
$message = str_replace(substr($message, $start_html, 1), preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, 1)), $message); $temp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, strlen($message)));
$start_html = strlen($message); $start_html = strlen($message);
} }
} }
$message = trim($message);
$message = ( $temp_message != "" ) ? trim($temp_message) : trim($message);
} }
else else
{ {
$html_entities_match = array("#&#", "#<#", "#>#");
$html_entities_replace = array("&amp;", "&lt;", "&gt;");
$message = preg_replace($html_entities_match, $html_entities_replace, $message); $message = preg_replace($html_entities_match, $html_entities_replace, $message);
} }
@ -93,9 +98,591 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid
$message = bbencode_first_pass($message, $bbcode_uid); $message = bbencode_first_pass($message, $bbcode_uid);
} }
return($message); return $message;
} }
function unprepare_message($message)
{
global $unhtml_specialchars_match, $unhtml_specialchars_replace;
return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $message);
}
//
// Prepare a message for posting
//
function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length)
{
global $board_config, $lang, $phpEx;
// Check username
if ( !empty($username) )
{
$username = htmlspecialchars(trim(strip_tags(str_replace("&nbsp;", " ", $username))));
$result = validate_username($username);
if ( $result['error'] )
{
$error_msg .= ( !empty($error_msg) ) ? "<br />" . $result['error_msg'] : $result['error_msg'];
}
}
// Check subject
if ( !empty($subject) )
{
$subject = htmlspecialchars(trim($subject));
}
else if ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) )
{
$error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['Empty_subject'] : $lang['Empty_subject'];
}
// Check message
if ( !empty($message) )
{
$bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : "";
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
}
else if ( $mode != "delete" && $mode != "polldelete" )
{
$error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['Empty_message'] : $lang['Empty_message'];
}
//
// Handle poll stuff
//
if ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) )
{
$poll_length = ( isset($poll_length) ) ? max(0, intval($poll_length)) : 0;
if ( !empty($poll_title) )
{
$poll_title = htmlspecialchars(trim($poll_title));
}
if( !empty($poll_options) )
{
$temp_option_text = array();
while( list($option_id, $option_text) = @each($poll_options) )
{
$option_text = trim($option_text);
if ( !empty($option_text) )
{
$temp_option_text[$option_id] = htmlspecialchars($option_text);
}
}
$option_text = $temp_option_text;
if ( count($poll_options) < 2 )
{
$error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
}
else if ( count($poll_options) > $board_config['max_poll_options'] )
{
$error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
}
else if ( $poll_title == "" )
{
$error_msg .= ( !empty($error_msg) ) ? "<br />" . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
}
}
}
return;
}
//
// Post a new topic/reply/poll or edit existing post/poll
//
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)
{
global $board_config, $lang, $db, $phpEx;
global $userdata, $user_ip;
$current_time = time();
if ( $mode == "newtopic" || $mode == "reply" )
{
//
// Flood control
//
$where_sql = ( $userdata['user_id'] == ANONYMOUS ) ? "poster_ip = '$user_ip'" : "poster_id = " . $userdata['user_id'];
$sql = "SELECT MAX(post_time) AS last_post_time
FROM " . POSTS_TABLE . "
WHERE $where_sql";
if ( $result = $db->sql_query($sql) )
{
if( $row = $db->sql_fetchrow($result) )
{
if ( $row['last_post_time'] > 0 && ( $current_time - $row['last_post_time'] ) < $board_config['flood_interval'] )
{
message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
}
}
}
}
if ( $mode == "newtopic" || ( $mode == "editpost" && $post_data['first_post'] ) )
{
$topic_vote = ( !empty($poll_title) && count($poll_options) >= 2 ) ? 1 : 0;
$sql = ( $mode != "editpost" ) ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type, topic_vote = $topic_vote WHERE topic_id = $topic_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
if( $mode == "newtopic" )
{
$topic_id = $db->sql_nextid();
}
}
$edited_sql = ( $mode == "editpost" && !$post_data['last_post'] && $post_data['poster_post'] ) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : "";
$sql = ( $mode != "editpost" ) ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)" : "UPDATE " . POSTS_TABLE . " SET enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . " WHERE post_id = $post_id";
if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
if( $mode != "editpost" )
{
$post_id = $db->sql_nextid();
}
$sql = ( $mode != "editpost" ) ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message', bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
if ( $mode == "editpost" )
{
$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "
WHERE post_id = $post_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
}
add_search_words($post_id, stripslashes($post_message), stripslashes($post_subject));
//
// Add poll
//
if ( ( $mode == "newtopic" || $mode == "editpost" ) && !empty($poll_title) && count($poll_options) >= 2 )
{
$sql = ( !$post_data['has_poll'] ) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ( $poll_length * 86400 ) . " WHERE topic_id = $topic_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
$delete_option_sql = "";
$old_poll_result = array();
if ( $mode == "editpost" && $post_data['has_poll'] )
{
$sql = "SELECT vote_option_id, vote_result
FROM " . VOTE_RESULTS_TABLE . "
WHERE vote_id = $poll_id
ORDER BY vote_option_id ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain vote data results for this topic", "", __LINE__, __FILE__, $sql);
}
while ( $row = $db->sql_fetchrow($result) )
{
$old_poll_result[$row['vote_option_id']] = $row['vote_result'];
if( !isset($poll_options[$row['vote_option_id']]) )
{
$delete_option_sql .= ( $delete_option_sql != "" ) ? ", " . $row['vote_option_id'] : $row['vote_option_id'];
}
}
}
else
{
$poll_id = $db->sql_nextid();
}
@reset($poll_options);
$poll_option_id = 1;
while ( list($option_id, $option_text) = each($poll_options) )
{
if( !empty($option_text) )
{
$option_text = str_replace("\'", "''", $option_text);
$poll_result = ( $mode == "editpost" && isset($old_poll_result[$option_id]) ) ? $old_poll_result[$option_id] : 0;
$sql = ( $mode != "editpost" || !isset($old_poll_result[$option_id]) ) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
$poll_option_id++;
}
}
if( $delete_option_sql != "" )
{
$sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "
WHERE vote_option_id IN ($delete_option_sql)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error deleting pruned poll options", "", __LINE__, __FILE__, $sql);
}
}
}
if ( $mode != "editpost" )
{
//
// Update statistics
//
$sql = "UPDATE " . TOPICS_TABLE . " SET
topic_last_post_id = $post_id";
$sql .= ( ( $mode == "reply" ) ? ", topic_replies = topic_replies + 1 " : ", topic_first_post_id = $post_id " ) . "WHERE topic_id = $topic_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . FORUMS_TABLE . "
SET forum_last_post_id = $post_id, forum_posts = forum_posts + 1";
$sql .= ( ( $mode == "newtopic" ) ? ", forum_topics = forum_topics + 1 " : " " ) . "WHERE forum_id = $forum_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . USERS_TABLE . "
SET user_posts = user_posts + 1
WHERE user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql, END_TRANSACTION)) )
{
message_die(GENERAL_ERROR, "Error in posting", "", __LINE__, __FILE__, $sql);
}
}
else
{
remove_unmatched_words();
}
$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">';
$message = $lang['Stored'] . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');
return false;
}
//
// Delete a post/poll
//
function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id)
{
global $board_config, $lang, $db, $phpEx;
global $userdata, $user_ip;
$topic_update_sql = "";
if ( $mode != "poll_delete" )
{
$sql = "DELETE FROM " . POSTS_TABLE . "
WHERE post_id = $post_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . POSTS_TEXT_TABLE . "
WHERE post_id = $post_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "
WHERE post_id = $post_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
$forum_update_sql = "forum_posts = forum_posts - 1";
$topic_update_sql .= "topic_replies = topic_replies - 1";
if ( $post_data['last_post'] )
{
if ( $post_data['first_post'] )
{
$sql = "DELETE FROM " . TOPICS_TABLE . "
WHERE topic_id = $topic_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE topic_id = $topic_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
$forum_update_sql .= ", forum_topics = forum_topics - 1";
}
else
{
$sql = "SELECT MAX(post_id) AS post_id
FROM " . POSTS_TABLE . "
WHERE topic_id = $topic_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$topic_update_sql .= ", topic_last_post_id = " . $row['post_id'];
}
}
if ( $post_data['last_topic'] )
{
$sql = "SELECT MAX(post_id) AS post_id
FROM " . POSTS_TABLE . "
WHERE forum_id = $forum_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$forum_update_sql .= ( $row['post_id'] ) ? ", forum_last_post_id = " . $row['post_id'] : ", forum_last_post_id = 0";
}
}
else if ( $post_data['first_post'] )
{
$sql = "SELECT MIN(post_id) AS post_id
FROM " . POSTS_TABLE . "
WHERE topic_id = $topic_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$topic_update_sql .= ", topic_first_post_id = " . $row['post_id'];
}
}
$sql = "UPDATE " . FORUMS_TABLE . "
SET $forum_update_sql
WHERE forum_id = $forum_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting post", "", __LINE__, __FILE__, $sql);
}
}
if( $mode == "poll_delete" || ( $mode == "delete" && $post_data['first_post'] && $post_data['last_post'] ) && $post_data['has_poll'] && $post_data['edit_poll'] )
{
if ( $mode == "poll_delete" )
{
$topic_update_sql .= "topic_vote = 0";
}
$sql = "DELETE FROM " . VOTE_DESC_TABLE . "
WHERE vote_id = $poll_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting poll", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "
WHERE vote_id = $poll_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting poll", "", __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . VOTE_USERS_TABLE . "
WHERE vote_id = $poll_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in deleting poll", "", __LINE__, __FILE__, $sql);
}
}
if ( ( $mode == "delete" && empty($post_data['first_post']) || empty($post_data['last_post']) ) || $mode == "poll_delete" )
{
$sql = "UPDATE " . TOPICS_TABLE . "
SET $topic_update_sql
WHERE topic_id = $topic_id";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error in updating topic info", "", __LINE__, __FILE__, $sql);
}
}
remove_unmatched_words();
if ( $mode == "delete" && $post_data['first_post'] && $post_data['last_post'] )
{
$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_TOPIC_URL . "=" . $forum_id) . '">';
$message = $lang['Deleted'];
}
else
{
$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=" . $topic_id) . '">';
$message = ( ( $mode == "poll_delete" ) ? $lang['Poll_delete'] : $lang['Deleted'] ) . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
}
$message .= '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');
return;
}
//
// Handle user notification on new post
//
function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$notify_user)
{
global $HTTP_SERVER_VARS, $HTTP_ENV_VARS;
global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
global $userdata, $user_ip;
$current_time = time();
if ( ( $mode == "newtopic" && !$notify_user ) || $mode == "delete" )
{
$delete_sql = ( !$post_data['first_post'] && !$post_data['last_post'] ) ? " AND user_id = " . $userdata['user_id'] : "";
$sql = ( $mode == "newtopic" ) ? "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status) VALUES (" . $userdata['user_id'] . ", $topic_id, 0)" : "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id" . $delete_sql;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't change topic notify data", "", __LINE__, __FILE__, $sql);
}
}
else
{
if ( $mode == "reply" )
{
$sql = "SELECT ban_userid
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "", "", __LINE__, __FILE__, $sql);
}
$user_id_sql = "";
while ( $row = $db->sql_fetchrow($result) )
{
$user_id_sql = ", " . $row['ban_userid'];
}
$sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title
FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u
WHERE tw.topic_id = $topic_id
AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " )
AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "
AND t.topic_id = tw.topic_id
AND u.user_id = tw.user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "", "", __LINE__, __FILE__, $sql);
}
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";
$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$update_watched_sql = "";
if ( $row = $db->sql_fetchrow($result) )
{
$topic_title = preg_replace($orig_word, $replacement_word, unprepare_message($row['topic_title']));
do
{
if ( $row['user_email'] != "" )
{
$emailer->use_template("topic_notify", $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['Topic_reply_notification']);
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"USERNAME" => $row['username'],
"SITENAME" => $board_config['sitename'],
"TOPIC_TITLE" => $topic_title,
"U_TOPIC" => $server_protocol . $server_name . $server_port . $script_name . "?" . POST_POST_URL . "=$post_id#$post_id",
"U_STOP_WATCHING_TOPIC" => $server_protocol . $server_name . $server_port . $script_name . "?" . POST_TOPIC_URL . "=$topic_id&unwatch=topic")
);
$emailer->send();
$emailer->reset();
$update_watched_sql .= ( $update_watched_sql != "" ) ? ", " . $row['user_id'] : $row['user_id'];
}
}
while ( $row = $db->sql_fetchrow($result) );
}
if ( $update_watched_sql != "" )
{
$sql = "UPDATE " . TOPICS_WATCH_TABLE . "
SET notify_status = " . TOPIC_WATCH_NOTIFIED . "
WHERE topic_id = $topic_id
AND user_id IN ($update_watched_sql)";
$db->sql_query($sql);
}
}
$sql = "SELECT topic_id
FROM " . TOPICS_WATCH_TABLE . "
WHERE topic_id = $topic_id
AND user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain topic watch information", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
if ( !$notify_user && !empty($row['topic_id']) )
{
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE topic_id = $topic_id
AND user_id = " . $userdata['user_id'];
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete topic watch information", "", __LINE__, __FILE__, $sql);
}
}
else if ( $notify_user && empty($row['topic_id']) )
{
$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)
VALUES (" . $userdata['user_id'] . ", $topic_id, 0)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't insert topic watch information", "", __LINE__, __FILE__, $sql);
}
}
}
}
// //
// Fill smiley templates (or just the variables) with smileys // Fill smiley templates (or just the variables) with smileys
@ -108,13 +695,12 @@ function generate_smilies($mode, $page_id)
global $userdata; global $userdata;
$inline_columns = 4; $inline_columns = 4;
$inline_rows = 6; $inline_rows = 5;
$window_columns = 8; $window_columns = 8;
if( $mode == "window" ) if ( $mode == "window" )
{ {
$userdata = session_pagestart($user_ip, $page_id, $session_length); $userdata = session_pagestart($user_ip, $page_id);
init_userprefs($userdata); init_userprefs($userdata);
$gen_simple_header = TRUE; $gen_simple_header = TRUE;
@ -130,23 +716,22 @@ function generate_smilies($mode, $page_id)
$sql = "SELECT emoticon, code, smile_url $sql = "SELECT emoticon, code, smile_url
FROM " . SMILIES_TABLE . " FROM " . SMILIES_TABLE . "
ORDER BY smilies_id"; ORDER BY smilies_id";
if( $result = $db->sql_query($sql) ) if ( $result = $db->sql_query($sql) )
{ {
if( $db->sql_numrows($result) ) $num_smilies = 0;
$rowset = array();
while ( $row = $db->sql_fetchrow($result) )
{ {
$num_smilies = 0; if ( empty($rowset[$row['smile_url']]) )
$rowset = array();
while( $row = $db->sql_fetchrow($result) )
{ {
// If this is the first time that we encounter this smiley: $rowset[$row['smile_url']]['code'] = str_replace("\\", "\\\\", str_replace("'", "\\'", $row['code']));
if( empty($rowset[$row['smile_url']]) ) $rowset[$row['smile_url']]['emoticon'] = $row['emoticon'];
{ $num_smilies++;
$rowset[$row['smile_url']]['code'] = str_replace("\\", "\\\\", str_replace("'", "\\'", $row['code']));
$rowset[$row['smile_url']]['emoticon'] = $row['emoticon'];
$num_smilies++;
}
} }
}
if ( $num_smilies )
{
$smilies_count = ( $mode == "inline" ) ? min(19, $num_smilies) : $num_smilies; $smilies_count = ( $mode == "inline" ) ? min(19, $num_smilies) : $num_smilies;
$smilies_split_row = ( $mode == "inline" ) ? $inline_columns - 1 : $window_columns - 1; $smilies_split_row = ( $mode == "inline" ) ? $inline_columns - 1 : $window_columns - 1;
@ -154,9 +739,9 @@ function generate_smilies($mode, $page_id)
$row = 0; $row = 0;
$col = 0; $col = 0;
while( list($smile_url, $data) = @each($rowset) ) while ( list($smile_url, $data) = @each($rowset) )
{ {
if( !$col ) if ( !$col )
{ {
$template->assign_block_vars("smilies_row", array()); $template->assign_block_vars("smilies_row", array());
} }
@ -169,9 +754,9 @@ function generate_smilies($mode, $page_id)
$s_colspan = max($s_colspan, $col + 1); $s_colspan = max($s_colspan, $col + 1);
if( $col == $smilies_split_row ) if ( $col == $smilies_split_row )
{ {
if( $mode == "inline" && $row == $inline_rows - 1 ) if ( $mode == "inline" && $row == $inline_rows - 1 )
{ {
break; break;
} }
@ -184,7 +769,7 @@ function generate_smilies($mode, $page_id)
} }
} }
if( $mode == "inline" && $num_smilies > $inline_columns * $inline_rows) if ( $mode == "inline" && $num_smilies > $inline_rows * $inline_columns )
{ {
$template->assign_block_vars("switch_smilies_extra", array()); $template->assign_block_vars("switch_smilies_extra", array());
@ -202,7 +787,7 @@ function generate_smilies($mode, $page_id)
} }
} }
if( $mode == "window" ) if ( $mode == "window" )
{ {
$template->pparse("smiliesbody"); $template->pparse("smiliesbody");
@ -210,4 +795,4 @@ function generate_smilies($mode, $page_id)
} }
} }
?> ?>

3065
phpBB/posting.php
View File

File diff suppressed because it is too large Load Diff

143
phpBB/privmsg.php
View File

@ -43,7 +43,7 @@ $html_entities_replace = array("&amp;", "&lt;", "&gt;", "&quot;");
// //
// Parameters // Parameters
// //
$submit = ( isset($HTTP_POST_VARS['submit']) ) ? TRUE : 0; $submit = ( isset($HTTP_POST_VARS['post']) ) ? TRUE : 0;
$submit_search = ( isset($HTTP_POST_VARS['usersubmit']) ) ? TRUE : 0; $submit_search = ( isset($HTTP_POST_VARS['usersubmit']) ) ? TRUE : 0;
$submit_msgdays = ( isset($HTTP_POST_VARS['submit_msgdays']) ) ? TRUE : 0; $submit_msgdays = ( isset($HTTP_POST_VARS['submit_msgdays']) ) ? TRUE : 0;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0; $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
@ -197,14 +197,16 @@ else if( $mode == "read" )
$pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . " $pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . " AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )"; OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
} }
else if($folder == "outbox") else if($folder == "outbox")
{ {
$l_box_name = $lang['Outbox']; $l_box_name = $lang['Outbox'];
$pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . " $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL; AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
} }
else if($folder == "sentbox") else if($folder == "sentbox")
{ {
@ -262,7 +264,7 @@ else if( $mode == "read" )
// Is this a new message in the inbox? If it is then save // Is this a new message in the inbox? If it is then save
// a copy in the posters sent box // a copy in the posters sent box
// //
if( $privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL && $folder == "inbox" ) if( ( $privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL || $privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL ) && $folder == "inbox" )
{ {
$sql = "UPDATE " . PRIVMSGS_TABLE . " $sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_type = " . PRIVMSGS_READ_MAIL . " SET privmsgs_type = " . PRIVMSGS_READ_MAIL . "
@ -452,28 +454,28 @@ else if( $mode == "read" )
$profile_img = "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id_from") . "\"><img src=\"" . $images['icon_profile'] . "\" alt=\"" . $lang['Read_profile'] . "\" border=\"0\" /></a>"; $profile_img = "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id_from") . "\"><img src=\"" . $images['icon_profile'] . "\" alt=\"" . $lang['Read_profile'] . "\" border=\"0\" /></a>";
if( !empty($privmsg['user_viewemail']) ) if ( !empty($privmsg['user_viewemail']) )
{ {
$email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL ."=" . $user_id_from) : "mailto:" . $privmsg['user_email']; $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL ."=" . $user_id_from) : 'mailto:' . $privmsg['user_email'];
$email_img = "<a href=\"$email_uri\"><img src=\"" . $images['icon_email'] . "\" alt=\"" . $lang['Send_email'] . "\" border=\"0\" /></a>"; $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" border="0" /></a>';
} }
else else
{ {
$email_img = ""; $email_img = '';
} }
$www_img = ( $privmsg['user_website']) ? "<a href=\"" . $privmsg['user_website'] . "\" target=\"_userwww\"><img src=\"" . $images['icon_www'] . "\" alt=\"" . $lang['Visit_website'] . "\" border=\"0\" /></a>" : ""; $www_img = ( $privmsg['user_website']) ? '<a href="' .$privmsg['user_website'] . '" target="_userwww"><img src="' .$images['icon_www'] . '" alt="' .$lang['Visit_website'] . '" border="0" /></a>' : '';
if( $privmsg['user_icq'] ) if( $privmsg['user_icq'] )
{ {
$icq_status_img = "<a href=\"http://wwp.icq.com/" . $privmsg['user_icq'] . "#pager\"><img src=\"http://web.icq.com/whitepages/online?icq=" . $privmsg['user_icq'] . "&amp;img=5\" width=\"18\" height=\"18\" border=\"0\" /></a>"; $icq_status_img = '<a href="http://wwp.icq.com/"' . $privmsg['user_icq'] . '"#pager"><img src="http://web.icq.com/whitepages/online?icq="' . $privmsg['user_icq'] . '"&amp;img=5" width="18" height="18" border="0" /></a>';
$icq_add_img = "<a href=\"http://wwp.icq.com/scripts/search.dll?to=" . $privmsg['user_icq'] . "\"><img src=\"" . $images['icon_icq'] . "\" alt=\"" . $lang['ICQ'] . "\" border=\"0\" /></a>"; $icq_add_img = '<a href="http://wwp.icq.com/scripts/search.dll?to="' . $privmsg['user_icq'] . '"><img src="' .$images['icon_icq'] . '" alt="' .$lang['ICQ'] . '" border="0" /></a>';
} }
else else
{ {
$icq_status_img = ""; $icq_status_img = '';
$icq_add_img = ""; $icq_add_img = '';
} }
$aim_img = ($privmsg['user_aim']) ? "<a href=\"aim:goim?screenname=" . $privmsg['user_aim'] . "&amp;message=Hello+Are+you+there?\"><img src=\"" . $images['icon_aim'] . "\" border=\"0\" alt=\"" . $lang['AIM'] . "\" /></a>" : ""; $aim_img = ($privmsg['user_aim']) ? "<a href=\"aim:goim?screenname=" . $privmsg['user_aim'] . "&amp;message=Hello+Are+you+there?\"><img src=\"" . $images['icon_aim'] . "\" border=\"0\" alt=\"" . $lang['AIM'] . "\" /></a>" : "";
@ -634,11 +636,11 @@ else if( ( $delete && $mark_list ) || $delete_all )
{ {
case 'inbox': case 'inbox':
$delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND ( $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )"; privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
break; break;
case 'outbox': case 'outbox':
$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_NEW_MAIL; $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
break; break;
case 'sentbox': case 'sentbox':
@ -703,6 +705,30 @@ else if( ( $delete && $mark_list ) || $delete_all )
{ {
message_die(GENERAL_ERROR, "Couldn't update users new msg counters", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't update users new msg counters", "", __LINE__, __FILE__, $sql);
} }
$sql = "SELECT privmsgs_to_userid
FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_id IN ($delete_sql_id)
AND privmsgs_from_userid = " . $userdata['user_id'] . "
AND privmsgs_type = " . PRIVMSGS_UNREAD_MAIL;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user id list for outbox messages", "", __LINE__, __FILE__, $sql);
}
$update_pm_sql = "";
while( $row = $db->sql_fetchrow($result) )
{
$update_pm_sql .= ( ( $update_pm_sql != "" ) ? ", " : "" ) . $row['privmsgs_to_userid'];
}
$sql = "UPDATE " . USERS_TABLE . "
SET user_unread_privmsg = user_unread_privmsg - 1
WHERE user_id IN ($update_pm_sql)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update users new msg counters", "", __LINE__, __FILE__, $sql);
}
} }
$delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . " $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
@ -715,7 +741,7 @@ else if( ( $delete && $mark_list ) || $delete_all )
{ {
case 'inbox': case 'inbox':
$delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND ( $delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )"; privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
break; break;
case 'outbox': case 'outbox':
@ -797,13 +823,15 @@ else if( $save && $mark_list && $folder != "savebox" && $folder != "outbox")
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "
WHERE privmsgs_to_userid = " . $userdata['user_id'] . " WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . " AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )"; OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
break; break;
case 'outbox': case 'outbox':
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
WHERE privmsgs_from_userid = " . $userdata['user_id'] . " WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
AND privmsgs_type = " . PRIVMSGS_NEW_MAIL; AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) ";
break; break;
case 'sentbox': case 'sentbox':
@ -839,18 +867,8 @@ else if( $submit || $refresh || $mode != "" )
if(!$userdata['session_logged_in']) if(!$userdata['session_logged_in'])
{ {
header("Location: " . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode", true)); $user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? "&" . POST_USERS_URL . "=" . $HTTP_GET_VARS[POST_USERS_URL] : "";
} header("Location: " . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true));
if( $mode == "searchuser" )
{
//
// This 'will' handle a simple user search
// performed from within the private message post
// form ... for 2.2 now, too late for 2.0 ... if we
// decide to do it all, I'm sooo lazy!
//
} }
// //
@ -997,7 +1015,8 @@ else if( $submit || $refresh || $mode != "" )
$sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time
FROM " . PRIVMSGS_TABLE . " FROM " . PRIVMSGS_TABLE . "
WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " ) OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
AND privmsgs_to_userid = " . $to_userdata['user_id']; AND privmsgs_to_userid = " . $to_userdata['user_id'];
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
@ -1014,7 +1033,8 @@ else if( $submit || $refresh || $mode != "" )
{ {
$sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . " $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "
WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " ) OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
AND privmsgs_date = " . $inbox_info['oldest_post_time'] . " AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
AND privmsgs_to_userid = " . $to_userdata['user_id']; AND privmsgs_to_userid = " . $to_userdata['user_id'];
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
@ -1084,6 +1104,12 @@ else if( $submit || $refresh || $mode != "" )
{ {
$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";
$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
include($phpbb_root_path . 'includes/emailer.'.$phpEx); include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']); $emailer = new emailer($board_config['smtp_delivery']);
@ -1100,7 +1126,7 @@ else if( $submit || $refresh || $mode != "" )
"SITENAME" => $board_config['sitename'], "SITENAME" => $board_config['sitename'],
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_INBOX" => $script_url . "?folder=inbox") "U_INBOX" => $server_protocol . $server_name . $server_port . $script_name . "?folder=inbox")
); );
$emailer->send(); $emailer->send();
@ -1242,7 +1268,8 @@ else if( $submit || $refresh || $mode != "" )
WHERE pm.privmsgs_id = $privmsg_id WHERE pm.privmsgs_id = $privmsg_id
AND pmt.privmsgs_text_id = pm.privmsgs_id AND pmt.privmsgs_text_id = pm.privmsgs_id
AND pm.privmsgs_from_userid = " . $userdata['user_id'] . " AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
AND u.user_id = pm.privmsgs_to_userid"; AND u.user_id = pm.privmsgs_to_userid";
if( !$pm_edit_status = $db->sql_query($sql) ) if( !$pm_edit_status = $db->sql_query($sql) )
{ {
@ -1462,26 +1489,6 @@ else if( $submit || $refresh || $mode != "" )
); );
$template->assign_var_from_handle("JUMPBOX", "jumpbox"); $template->assign_var_from_handle("JUMPBOX", "jumpbox");
//
// Generate username search output
//
$result = $db->sql_query($sql_namesearch);
$name_set = $db->sql_fetchrowset($result);
$user_names_select = "";
if($db->sql_numrows($result))
{
for($i = 0; $i < count($name_set); $i++)
{
$name_selected = ($to_username == $name_set[$i]['username']) ? " selected=\"selected\"" : "";
$user_names_select .= "<option value=\"" . $name_set[$i]['username'] . "\"$name_selected>" . $name_set[$i]['username'] . "</option>\n";
}
}
else
{
$user_names_select .= "<option value=\"" . ANONYMOUS . "\"$name_selected>" . $lang['No_match'] . "</option>\n";
}
// //
// Enable extensions in posting_body // Enable extensions in posting_body
// //
@ -1671,13 +1678,22 @@ if( !$userdata['session_logged_in'] )
// Update unread status // Update unread status
// //
$sql = "UPDATE " . USERS_TABLE . " $sql = "UPDATE " . USERS_TABLE . "
SET user_unread_privmsg = " . ( $userdata['user_new_privmsg'] + $userdata['user_unread_privmsg'] ) . ", user_new_privmsg = 0, user_last_privmsg = " . $userdata['session_start'] . " SET user_unread_privmsg = user_unread_privmsg + user_new_privmsg, user_new_privmsg = 0, user_last_privmsg = " . $userdata['session_start'] . "
WHERE user_id = " . $userdata['user_id']; WHERE user_id = " . $userdata['user_id'];
if( !$status = $db->sql_query($sql) ) if( !$status = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Could not update private message new/read status for user.", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Could not update private message new/read status for user.", "", __LINE__, __FILE__, $sql);
} }
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "
WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
AND privmsgs_to_userid = " . $userdata['user_id'];
if( !$status = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not update private message new/read status (2) for user.", "", __LINE__, __FILE__, $sql);
}
// //
// Reset PM counters // Reset PM counters
// //
@ -1727,21 +1743,25 @@ switch($folder)
case 'inbox': case 'inbox':
$sql_tot .= "WHERE privmsgs_to_userid = " . $userdata['user_id'] . " $sql_tot .= "WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " )"; OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
$sql .= "WHERE pm.privmsgs_to_userid = " . $userdata['user_id'] . " $sql .= "WHERE pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND u.user_id = pm.privmsgs_from_userid AND u.user_id = pm.privmsgs_from_userid
AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . " )"; OR pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
break; break;
case 'outbox': case 'outbox':
$sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . " $sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
AND privmsgs_type = " . PRIVMSGS_NEW_MAIL; AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
$sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . " $sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND u.user_id = pm.privmsgs_to_userid AND u.user_id = pm.privmsgs_to_userid
AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL; AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
break; break;
case 'sentbox': case 'sentbox':
@ -1766,6 +1786,7 @@ switch($folder)
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
AND u.user_id = pm.privmsgs_from_userid ) )"; AND u.user_id = pm.privmsgs_from_userid ) )";
break; break;
default: default:
message_die(GENERAL_ERROR, "Could not query private message information. No folder specified.", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Could not query private message information. No folder specified.", "", __LINE__, __FILE__, $sql);
} }
@ -1971,7 +1992,7 @@ if( $pm_count )
$privmsg_id = $pm_list[$i]['privmsgs_id']; $privmsg_id = $pm_list[$i]['privmsgs_id'];
$flag = $pm_list[$i]['privmsgs_type']; $flag = $pm_list[$i]['privmsgs_type'];
$icon_flag = ($flag == PRIVMSGS_NEW_MAIL ) ? "<img src=\"" . $images['pm_unreadmsg'] . "\" alt=\"" . $lang['Unread_message'] . "\" border=\"0\">" : "<img src=\"" . $images['pm_readmsg'] . "\" alt=\"" . $lang['Read_message'] . "\" border=\"0\">"; $icon_flag = ($flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL ) ? "<img src=\"" . $images['pm_unreadmsg'] . "\" alt=\"" . $lang['Unread_message'] . "\" border=\"0\">" : "<img src=\"" . $images['pm_readmsg'] . "\" alt=\"" . $lang['Read_message'] . "\" border=\"0\">";
$msg_userid = $pm_list[$i]['user_id']; $msg_userid = $pm_list[$i]['user_id'];
$msg_username = $pm_list[$i]['username']; $msg_username = $pm_list[$i]['username'];
@ -2035,4 +2056,4 @@ $template->pparse("body");
include($phpbb_root_path . 'includes/page_tail.'.$phpEx); include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?> ?>

34
phpBB/profile.php
View File

@ -29,12 +29,23 @@ include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
// //
// Start session management // Start session management
// //
$userdata = session_pagestart($user_ip, PAGE_PROFILE, $session_length); $userdata = session_pagestart($user_ip, PAGE_PROFILE);
init_userprefs($userdata); init_userprefs($userdata);
// //
// End session management // End session management
// //
//
// Set default email variables
//
$script_name = preg_replace("/^\/?(.*?)\/?$/", "\\1", trim($board_config['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/profile.'.$phpEx : 'profile.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ( $board_config['cookie_secure'] ) ? "https://" : "http://";
$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
$server_url = $server_protocol . $script_name . $server_name . $server_port;
// ----------------------- // -----------------------
// Page specific functions // Page specific functions
// //
@ -1065,7 +1076,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
"USERNAME" => $username, "USERNAME" => $username,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_ACTIVATE" => $script_url . "?mode=activate&act_key=$user_actkey") "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")
); );
$emailer->send(); $emailer->send();
$emailer->reset(); $emailer->reset();
@ -1163,7 +1174,8 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
"PASSWORD" => $password_confirm, "PASSWORD" => $password_confirm,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_ACTIVATE" => $script_url . "?mode=activate&act_key=$user_actkey", "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey",
"FAX_INFO" => $board_config['coppa_fax'], "FAX_INFO" => $board_config['coppa_fax'],
"MAIL_INFO" => $board_config['coppa_mail'], "MAIL_INFO" => $board_config['coppa_mail'],
"EMAIL_ADDRESS" => $email, "EMAIL_ADDRESS" => $email,
@ -1185,7 +1197,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
"PASSWORD" => $password_confirm, "PASSWORD" => $password_confirm,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_ACTIVATE" => $script_url . "?mode=activate&act_key=$user_actkey") "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")
); );
} }
@ -1204,7 +1216,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
"USERNAME" => $username, "USERNAME" => $username,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_ACTIVATE" => $script_url . "?mode=activate&act_key=$user_actkey") "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")
); );
$emailer->send(); $emailer->send();
$emailer->reset(); $emailer->reset();
@ -1717,8 +1729,8 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
"USERNAME" => $username, "USERNAME" => $username,
"PASSWORD" => $user_password, "PASSWORD" => $user_password,
"EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']), "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),
"U_ACTIVATE" => $script_url . "?mode=activate&act_key=$user_actkey") "U_ACTIVATE" => $server_url . "?mode=activate&act_key=$user_actkey")
); );
$emailer->send(); $emailer->send();
$emailer->reset(); $emailer->reset();
@ -1924,7 +1936,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$email_headers .= "X-AntiAbuse: Board servername - " . $server_name . "\n"; $email_headers .= "X-AntiAbuse: Board servername - " . $server_name . "\n";
$email_headers .= "X-AntiAbuse: User_id - " . $userdata['user_id'] . "\n"; $email_headers .= "X-AntiAbuse: User_id - " . $userdata['user_id'] . "\n";
$email_headers .= "X-AntiAbuse: Username - " . $userdata['username'] . "\n"; $email_headers .= "X-AntiAbuse: Username - " . $userdata['username'] . "\n";
$email_headers .= "X-AntiAbuse: User IP - " . decode_ip($user_ip) . "\n"; $email_headers .= "X-AntiAbuse: User IP - " . decode_ip($user_ip) . "\r\n";
$emailer->use_template("profile_send_email", $user_lang); $emailer->use_template("profile_send_email", $user_lang);
$emailer->email_address($user_email); $emailer->email_address($user_email);
@ -1945,7 +1957,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
"META" => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">') "META" => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
); );
$message = $lang['Email_sent'] . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.$phpEx") . "\">", "</a>"); $message = $lang['Email_sent'] . "<br /><br />" . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message); message_die(GENERAL_MESSAGE, $message);
} }
@ -1993,7 +2005,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$template->assign_vars(array( $template->assign_vars(array(
"USERNAME" => $username, "USERNAME" => $username,
"S_SIGNATURE_CHECKED" => ( $attach_sig ) ? "checked=\"checked\"" : "", "S_SIGNATURE_CHECKED" => ( $attach_sig ) ? 'checked="checked"' : '',
"S_POST_ACTION" => append_sid("profile.$phpEx?&amp;mode=email&amp;" . POST_USERS_URL . "=$user_id"), "S_POST_ACTION" => append_sid("profile.$phpEx?&amp;mode=email&amp;" . POST_USERS_URL . "=$user_id"),
"L_SEND_EMAIL_MSG" => $lang['Send_email_msg'], "L_SEND_EMAIL_MSG" => $lang['Send_email_msg'],
@ -2024,4 +2036,4 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
} }
} }
?> ?>