mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-25 21:56:32 +02:00 
			
		
		
		
	Ok, several things accomplished here...
1) Improvements to deletion of users in admin_users. This includes bug 166 and Sourceforge tracker task #49374. 2) Two security holes were patched, both pointed out by Nick Cleaton <nick at cleaton dot net>. Thanks for letting us know, Nick! That's about it for now, and it took almost all day. :P Bye for now! -Doug git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@2632 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
		| @@ -525,7 +525,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) | | ||||
| 				$row = $db->sql_fetchrow($result); | ||||
| 				 | ||||
| 				$sql = "UPDATE " . POSTS_TABLE . " | ||||
| 					SET poster_id = " . ANONYMOUS . ", post_username = '$username'  | ||||
| 					SET poster_id = " . DELETED . ", post_username = '$username'  | ||||
| 					WHERE poster_id = $user_id"; | ||||
| 				if( !$db->sql_query($sql) ) | ||||
| 				{ | ||||
| @@ -533,12 +533,46 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) | | ||||
| 				} | ||||
|  | ||||
| 				$sql = "UPDATE " . TOPICS_TABLE . " | ||||
| 					SET topic_poster = " . ANONYMOUS . "  | ||||
| 					SET topic_poster = " . DELETED . "  | ||||
| 					WHERE topic_poster = $user_id"; | ||||
| 				if( !$db->sql_query($sql) ) | ||||
| 				{ | ||||
| 					message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
| 				 | ||||
| 				$sql = "UPDATE " . VOTE_USERS_TABLE . " | ||||
| 					SET vote_user_id = " . DELETED . " | ||||
| 					WHERE vote_user_id = $user_id"; | ||||
| 				if( !$db->sql_query($sql) ) | ||||
| 				{ | ||||
| 					message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
| 				 | ||||
| 				$sql = "SELECT group_id | ||||
| 					FROM " . GROUPS_TABLE . " | ||||
| 					WHERE group_moderator = $user_id"; | ||||
| 				if( !($result = $db->sql_query($sql)) ) | ||||
| 				{ | ||||
| 					message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
| 				 | ||||
| 				while ( $row_group = $db->sql_fetchrow($result) ) | ||||
| 				{ | ||||
| 					$group_moderator[] = $row_group['group_id']; | ||||
| 				} | ||||
| 				 | ||||
| 				if ( count($group_moderator) ) | ||||
| 				{ | ||||
| 					$update_moderator_id = implode(', ', $group_moderator); | ||||
| 					 | ||||
| 					$sql = "UPDATE " . GROUPS_TABLE . " | ||||
| 						SET group_moderator = " . $userdata['user_id'] . " | ||||
| 						WHERE group_moderator IN ($update_moderator_id)"; | ||||
| 					if( !$db->sql_query($sql) ) | ||||
| 					{ | ||||
| 						message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql); | ||||
| 					} | ||||
| 				} | ||||
|  | ||||
| 				$sql = "DELETE FROM " . USERS_TABLE . " | ||||
| 					WHERE user_id = $user_id"; | ||||
| @@ -575,6 +609,80 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) | | ||||
| 					message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
|  | ||||
| 				$sql = "SELECT privmsgs_id | ||||
| 					FROM " . PRIVMSGS_TABLE . " | ||||
| 					WHERE ( ( privmsgs_from_userid = $user_id  | ||||
| 							AND privmsgs_type = " . PRIVMSGS_NEW_MAIL . " ) | ||||
| 						OR ( privmsgs_from_userid = $user_id | ||||
| 							AND privmsgs_type = " . PRIVMSGS_SENT_MAIL . " ) | ||||
| 						OR ( privmsgs_to_userid = $user_id | ||||
| 							AND privmsgs_type = " . PRIVMSGS_READ_MAIL . " ) | ||||
| 						OR ( privmsgs_to_userid = $user_id | ||||
| 							AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) | ||||
| 						OR ( privmsgs_from_userid = $user_id | ||||
| 							AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) )"; | ||||
| 				if ( !($result = $db->sql_query($sql)) ) | ||||
| 				{ | ||||
| 					message_die(GENERAL_ERROR, 'Could not select all user\'s private messages', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
| 				 | ||||
| 				// | ||||
| 				// This little bit of code directly from the private messaging section. | ||||
| 				// Thanks Paul! | ||||
| 				// | ||||
| 				 | ||||
| 				while ( $row_privmsgs = $db->sql_fetchrow($result) ) | ||||
| 				{ | ||||
| 					$mark_list[] = $row_privmsgs['privmsgs_id']; | ||||
| 				} | ||||
| 				 | ||||
| 				if ( count($mark_list) ) | ||||
| 				{ | ||||
| 					$delete_sql_id = implode(', ', $mark_list); | ||||
| 					 | ||||
| 					// | ||||
| 					// We shouldn't need to worry about updating conters here... | ||||
| 					// They are already gone! | ||||
| 					// | ||||
| 					 | ||||
| 					$delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . " | ||||
| 						WHERE privmsgs_text_id IN ($delete_sql_id)"; | ||||
| 					$delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . " | ||||
| 						WHERE privmsgs_id IN ($delete_sql_id)"; | ||||
| 					 | ||||
| 					// | ||||
| 					// Shouldn't need the switch statement here, either, as we just want | ||||
| 					// to take out all of the private messages.  This will not affect | ||||
| 					// the other messages we want to keep; the ids are unique. | ||||
| 					// | ||||
| 					 | ||||
| 					if ( !$db->sql_query($delete_sql) ) | ||||
| 					{ | ||||
| 						message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql); | ||||
| 					} | ||||
| 					 | ||||
| 					if ( !$db->sql_query($delete_text_sql) ) | ||||
| 					{ | ||||
| 						message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql); | ||||
| 					} | ||||
| 				} | ||||
| 				 | ||||
| 				$sql = "UPDATE " . PRIVMSGS_TABLE . " | ||||
| 					SET privmsgs_to_userid = " . DELETED . " | ||||
| 					WHERE privmsgs_to_userid = $user_id"; | ||||
| 				if ( !$db->sql_query($sql) ) | ||||
| 				{ | ||||
| 					message_die(GENERAL_ERROR, 'Could not update private messages saved to the user', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
| 				 | ||||
| 				$sql = "UPDATE " . PRIVMSGS_TABLE . " | ||||
| 					SET privmsgs_from_userid = " . DELETED . " | ||||
| 					WHERE privmsgs_from_userid = $user_id"; | ||||
| 				if ( !$db->sql_query($sql) ) | ||||
| 				{ | ||||
| 					message_die(GENERAL_ERROR, 'Could not update private messages saved from the user', '', __LINE__, __FILE__, $sql); | ||||
| 				} | ||||
|  | ||||
| 				$message = $lang['User_deleted']; | ||||
|  | ||||
| 			} | ||||
| @@ -1031,7 +1139,6 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) | | ||||
| 	} | ||||
|  | ||||
| 	$template->pparse('body'); | ||||
|  | ||||
| } | ||||
| else | ||||
| { | ||||
|   | ||||
| @@ -282,7 +282,7 @@ function bbencode_first_pass($text, $uid) | ||||
| 	$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text); | ||||
|  | ||||
| 	// [img]image_url_here[/img] code.. | ||||
| 	$text = preg_replace("#\[img\](([a-z]+?)://([^ \"\n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text); | ||||
| 	$text = preg_replace("#\[img\]([http|https]+?://)([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/img\]#si", "[img:$uid]\\1\\2[/img:$uid]", $text); | ||||
|  | ||||
| 	// Remove our padding from the string.. | ||||
| 	$text = substr($text, 1); | ||||
|   | ||||
| @@ -77,7 +77,10 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid | ||||
|  | ||||
| 					if ( preg_match('/^<\/?' . $match_tag . '\b/i', $hold_string) ) | ||||
| 					{ | ||||
| 						$tagallowed = true; | ||||
| 						if ( !preg_match('/style[="](.*?)["]/i', $hold_string) ) | ||||
| 						{ | ||||
| 							$tagallowed = true; | ||||
| 						} | ||||
| 					} | ||||
| 				} | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user