mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-30 21:40:43 +02:00
ok... i hope i haven't messed too much with the code and everything is still working.
Changes:
- Ascraeus now uses constants for the phpbb root path and the php extension. This ensures more security for external applications and modifications (no more overwriting of root path and extension possible through insecure mods and register globals enabled) as well as no more globalizing needed.
- A second change implemented here is an additional short-hand-notation for append_sid(). It is allowed to omit the root path and extension now (for example calling append_sid('memberlist')) - in this case the root path and extension get added automatically. The hook is called after these are added.
git-svn-id: file:///svn/phpbb/trunk@8572 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
@@ -34,9 +34,9 @@ class mcp_reports
|
||||
function main($id, $mode)
|
||||
{
|
||||
global $auth, $db, $user, $template, $cache;
|
||||
global $config, $phpbb_root_path, $phpEx, $action;
|
||||
global $config, $action;
|
||||
|
||||
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
|
||||
include_once(PHPBB_ROOT_PATH . 'includes/functions_posting.' . PHP_EXT);
|
||||
|
||||
$forum_id = request_var('f', 0);
|
||||
$start = request_var('start', 0);
|
||||
@@ -47,7 +47,7 @@ class mcp_reports
|
||||
{
|
||||
case 'close':
|
||||
case 'delete':
|
||||
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
|
||||
include_once(PHPBB_ROOT_PATH . 'includes/functions_messenger.' . PHP_EXT);
|
||||
|
||||
$report_id_list = request_var('report_id_list', array(0));
|
||||
|
||||
@@ -139,7 +139,7 @@ class mcp_reports
|
||||
|
||||
if ($post_info['bbcode_bitfield'])
|
||||
{
|
||||
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
|
||||
include_once(PHPBB_ROOT_PATH . 'includes/bbcode.' . PHP_EXT);
|
||||
$bbcode = new bbcode($post_info['bbcode_bitfield']);
|
||||
$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
|
||||
}
|
||||
@@ -186,28 +186,28 @@ class mcp_reports
|
||||
|
||||
$template->assign_vars(array(
|
||||
'S_MCP_REPORT' => true,
|
||||
'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
|
||||
'S_CLOSE_ACTION' => append_sid('mcp', 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
|
||||
'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']),
|
||||
'S_POST_REPORTED' => $post_info['post_reported'],
|
||||
'S_POST_UNAPPROVED' => !$post_info['post_approved'],
|
||||
'S_POST_LOCKED' => $post_info['post_edit_locked'],
|
||||
'S_USER_NOTES' => true,
|
||||
|
||||
'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '',
|
||||
'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
|
||||
'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
|
||||
'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $report['user_id']),
|
||||
'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
|
||||
'U_MCP_WARN_REPORTER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $report['user_id']) : '',
|
||||
'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
|
||||
'U_VIEW_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
|
||||
'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']),
|
||||
'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid('posting', "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '',
|
||||
'U_MCP_APPROVE' => append_sid('mcp', 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
|
||||
'U_MCP_REPORT' => append_sid('mcp', 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id),
|
||||
'U_MCP_REPORTER_NOTES' => append_sid('mcp', 'i=notes&mode=user_notes&u=' . $report['user_id']),
|
||||
'U_MCP_USER_NOTES' => append_sid('mcp', 'i=notes&mode=user_notes&u=' . $post_info['user_id']),
|
||||
'U_MCP_WARN_REPORTER' => ($auth->acl_get('m_warn')) ? append_sid('mcp', 'i=warn&mode=warn_user&u=' . $report['user_id']) : '',
|
||||
'U_MCP_WARN_USER' => ($auth->acl_get('m_warn')) ? append_sid('mcp', 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '',
|
||||
'U_VIEW_POST' => append_sid('viewtopic', 'f=' . $post_info['forum_id'] . '&p=' . $post_info['post_id'] . '#p' . $post_info['post_id']),
|
||||
'U_VIEW_TOPIC' => append_sid('viewtopic', 'f=' . $post_info['forum_id'] . '&t=' . $post_info['topic_id']),
|
||||
|
||||
'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['EDIT_POST']),
|
||||
'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'NEW_POST') : $user->img('icon_post_target', 'POST'),
|
||||
'UNAPPROVED_IMG' => $user->img('icon_topic_unapproved', $user->lang['POST_UNAPPROVED']),
|
||||
|
||||
'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports' . (($post_info['post_reported']) ? '&mode=reports' : '&mode=reports_closed') . '&start=' . $start . '&f=' . $post_info['forum_id']) . '">', '</a>'),
|
||||
'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid('mcp', 'i=reports' . (($post_info['post_reported']) ? '&mode=reports' : '&mode=reports_closed') . '&start=' . $start . '&f=' . $post_info['forum_id']) . '">', '</a>'),
|
||||
'REPORTED_IMG' => $user->img('icon_topic_reported', $user->lang['POST_REPORTED']),
|
||||
'REPORT_DATE' => $user->format_date($report['report_time']),
|
||||
'REPORT_ID' => $report_id,
|
||||
@@ -372,9 +372,9 @@ class mcp_reports
|
||||
}
|
||||
|
||||
$template->assign_block_vars('postrow', array(
|
||||
'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '',
|
||||
'U_VIEWPOST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'],
|
||||
'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=reports&start=$start&mode=report_details&f={$row['forum_id']}&r={$row['report_id']}"),
|
||||
'U_VIEWFORUM' => (!$global_topic) ? append_sid('viewforum', 'f=' . $row['forum_id']) : '',
|
||||
'U_VIEWPOST' => append_sid('viewtopic', 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . '#p' . $row['post_id'],
|
||||
'U_VIEW_DETAILS' => append_sid('mcp', "i=reports&start=$start&mode=report_details&f={$row['forum_id']}&r={$row['report_id']}"),
|
||||
|
||||
'POST_AUTHOR_FULL' => get_username_string('full', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
|
||||
'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
|
||||
@@ -429,7 +429,6 @@ class mcp_reports
|
||||
function close_report($report_id_list, $mode, $action)
|
||||
{
|
||||
global $db, $template, $user, $config;
|
||||
global $phpEx, $phpbb_root_path;
|
||||
|
||||
$sql = 'SELECT r.post_id
|
||||
FROM ' . REPORTS_TABLE . ' r
|
||||
@@ -616,7 +615,7 @@ function close_report($report_id_list, $mode, $action)
|
||||
confirm_box(false, $user->lang[strtoupper($action) . '_REPORT' . ((sizeof($report_id_list) == 1) ? '' : 'S') . '_CONFIRM'], $s_hidden_fields);
|
||||
}
|
||||
|
||||
$redirect = request_var('redirect', "index.$phpEx");
|
||||
$redirect = request_var('redirect', 'index.' . PHP_EXT);
|
||||
$redirect = reapply_sid($redirect);
|
||||
|
||||
if (!$success_msg)
|
||||
@@ -629,12 +628,12 @@ function close_report($report_id_list, $mode, $action)
|
||||
$return_forum = '';
|
||||
if (sizeof($forum_ids == 1))
|
||||
{
|
||||
$return_forum = sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />';
|
||||
$return_forum = sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid('viewforum', 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />';
|
||||
}
|
||||
$return_topic = '';
|
||||
if (sizeof($topic_ids == 1))
|
||||
{
|
||||
$return_topic = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . current($topic_ids) . 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />';
|
||||
$return_topic = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid('viewtopic', 't=' . current($topic_ids) . 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />';
|
||||
}
|
||||
|
||||
trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_forum . $return_topic . sprintf($user->lang['RETURN_PAGE'], "<a href=\"$redirect\">", '</a>'));
|
||||
|
||||
Reference in New Issue
Block a user