mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-11 19:24:01 +02:00
Code Issues Releases Wiki Activity

Well, here are all my changes ... don't blame me if things break :D

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2923 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-10-04 13:09:10 +00:00
parent b5bbc005a5
commit 30aeac65dc
63 changed files with 2217 additions and 2728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
phpBB/admin/admin_ban.php
View File

@@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('ban') )
if ( !$auth->get_acl_admin('ban') )
{
return;
}
@@ -46,7 +46,7 @@ require('pagestart.' . $phpEx);
//
// Do we have ban permissions?
//
if ( !$acl->get_acl_admin('ban') )
if ( !$auth->get_acl_admin('ban') )
{
return;
}
@@ -74,7 +74,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
$ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban']));
$ban_list_log = implode(', ', $ban_list);
if ( !empty($HTTP_POST_VARS['banlength']) )
if ( !empty($HTTP_POST_VARS['banlength']) )
{
if ( $HTTP_POST_VARS['banlength'] != -1 || empty($HTTP_POST_VARS['banlengthother']) )
{
@@ -107,8 +107,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
}
}
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE username IN (" . implode(', ', $banlist_tmp) . ")";
$result = $db->sql_query($sql);
@@ -224,8 +224,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
break;
}
$sql = "SELECT $type
FROM " . BANLIST_TABLE . "
$sql = "SELECT $type
FROM " . BANLIST_TABLE . "
WHERE $type <> ''";
$result = $db->sql_query($sql);
@@ -253,13 +253,13 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
$banlist = array_unique(array_diff($banlist, $banlist_tmp));
unset($banlist_tmp);
}
}
if ( sizeof($banlist) )
{
for($i = 0; $i < count($banlist); $i++)
{
$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason)
$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason)
VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')";
$db->sql_query($sql);
}
@@ -276,8 +276,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
break;
case 'email':
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE user_email IN (" . implode(', ', $banlist) . ")";
$result = $db->sql_query($sql);
@@ -297,7 +297,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
if ( $sql != '' )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
$sql = "DELETE FROM " . SESSIONS_TABLE . "
$sql";
$db->sql_query($sql);
}
@@ -322,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) )
if ( $unban_sql != '' )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
$db->sql_query($sql);
@@ -339,8 +339,8 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) )
//
// Remove timed out bans
//
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_end < " . time() . "
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_end < " . time() . "
AND ban_end <> 0";
$db->sql_query($sql);
@@ -387,7 +387,7 @@ switch ( $mode )
case 'user':
$sql = "SELECT b.*, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE ( b.ban_end >= " . time() . "
WHERE ( b.ban_end >= " . time() . "
OR b.ban_end = 0 )
AND u.user_id = b.ban_userid
AND b.ban_userid <> 0
@@ -422,10 +422,10 @@ switch ( $mode )
case 'ip':
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
AND ban_ip <> ''";
$result = $db->sql_query($sql);
@@ -456,10 +456,10 @@ switch ( $mode )
case 'email':
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
AND ban_email <> ''";
$result = $db->sql_query($sql);
@@ -496,17 +496,17 @@ switch ( $mode )
<p><?php echo $l_ban_explain; ?></p>
<script language="Javascript" type="text/javascript">
<!--
<!--
var ban_length = new Array(<?php echo $banned_length; ?>);
var ban_reasons = new Array(<?php echo $banned_reasons; ?>);
//-->
</script>
<form method="post" action="<?php echo "admin_ban.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<tr>
<th colspan="2"><?php echo $l_ban_title; ?></th>
</tr>
<tr>
<tr>
<td class="row1" width="45%"><?php echo $l_ban_cell; ?>: </td>
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
</tr>
@@ -518,7 +518,7 @@ switch ( $mode )
<td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td>
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
</tr>
<tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
</tr>
</table>
@@ -528,14 +528,14 @@ switch ( $mode )
<p><?php echo $l_unban_explain; ?></p>
<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<tr>
<th colspan="2"><?php echo $l_unban_title; ?></th>
</tr>
<tr>
<tr>
<td class="row1" width="45%"><?php echo $l_ban_cell; ?>: <br /></td>
<td class="row1"> <?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $l_no_ban_cell; } ?></td>
</tr>
<tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td>
</tr>
</table></form>

64
phpBB/admin/admin_board.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@@ -45,7 +45,7 @@ $phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -325,9 +325,6 @@ switch ( $mode )
$activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : '';
$activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : '';
$gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : '';
$gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : '';
$privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : '';
$privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : '';
@@ -347,18 +344,6 @@ switch ( $mode )
<td class="row1"><?php echo $lang['Board_disable']; ?>: <br /><span class="gensmall"><?php echo $lang['Board_disable_explain']; ?></span></td>
<td class="row2"><input type="radio" name="board_disable" value="1" <?php echo $disable_board_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="board_disable" value="0" <?php echo $disable_board_no; ?> /> <?php echo $lang['No']; ?><br /><input type="text" name="board_disable_msg" maxlength="255" size="40" value="<?php echo $new['board_disable_msg']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Enable_gzip']; ?>: </td>
<td class="row2"><input type="radio" name="gzip_compress" value="1" <?php echo $gzip_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="gzip_compress" value="0" <?php echo $gzip_no; ?> /> <?php echo $lang['No']; ?></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Enable_prune']; ?>: </td>
<td class="row2"><input type="radio" name="prune_enable" value="1" <?php echo $prune_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="prune_enable" value="0" <?php echo $prune_no; ?> /> <?php echo $lang['No']; ?></td>
@@ -407,14 +392,6 @@ switch ( $mode )
<td class="row1"><?php echo $lang['Max_search_chars']; ?>: <br /><span class="gensmall"><?php echo $lang['Max_search_chars_explain']; ?></span</td>
<td class="row2"><input type="text" size="3" maxlength="3" name="max_search_chars" value="<?php echo $new['max_search_chars']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Smilies_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Smilies_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="smilies_path" value="<?php echo $new['smilies_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Icons_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Icons_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="icons_path" value="<?php echo $new['icons_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Topics_per_page']; ?>: </td>
<td class="row2"><input type="text" name="topics_per_page" size="3" maxlength="4" value="<?php echo $new['topics_per_page']; ?>" /></td>
@@ -485,6 +462,13 @@ switch ( $mode )
case 'server':
$ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : '';
$ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : '';
$ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : '';
$ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : '';
$gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : '';
$gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : '';
?>
<tr>
<td class="row1"><?php echo $lang['Server_name']; ?>: <br /><span class="gensmall"><?php echo $lang['Server_name_explain']; ?></span></td>
@@ -498,6 +482,30 @@ switch ( $mode )
<td class="row1"><?php echo $lang['Script_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Script_path_explain']; ?></span></td>
<td class="row2"><input type="text" maxlength="255" name="script_path" value="<?php echo $new['script_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['IP_valid']; ?>: <br /><span class="gensmall"><?php echo $lang['IP_valid_explain']; ?></span></td>
<td class="row2"><input type="radio" name="ip_check" value="4" <?php echo $ip_all; ?> /> <?php echo $lang['All']; ?>&nbsp;&nbsp;<input type="radio" name="ip_check" value="3" <?php echo $ip_classc; ?> /> <?php echo $lang['Class_C']; ?>&nbsp;&nbsp;<input type="radio" name="ip_check" value="2" <?php echo $ip_classb; ?> /> <?php echo $lang['Class_B']; ?>&nbsp;&nbsp;<input type="radio" name="ip_check" value="0" <?php echo $ip_none; ?> /> <?php echo $lang['None']; ?>&nbsp;&nbsp;</td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Enable_gzip']; ?>: </td>
<td class="row2"><input type="radio" name="gzip_compress" value="1" <?php echo $gzip_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="gzip_compress" value="0" <?php echo $gzip_no; ?> /> <?php echo $lang['No']; ?></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Smilies_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Smilies_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="smilies_path" value="<?php echo $new['smilies_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Icons_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Icons_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="icons_path" value="<?php echo $new['icons_path']; ?>" /></td>
</tr>
<?php
break;
@@ -513,7 +521,7 @@ switch ( $mode )
$dp = opendir($phpbb_root_path . 'includes/auth');
while ( $file = readdir($dp) )
{
if ( preg_match('/^auth_(.*?)\.' . $phpEx . '$/', $file) )
if ( preg_match('/^auth_(.*?)\.' . $phpEx . '$/', $file) )
{
$auth_plugins[] = preg_replace('/^auth_(.*?)\.' . $phpEx . '$/', '\1', $file);
}
@@ -534,7 +542,7 @@ switch ( $mode )
<td class="row2"><select name="auth_method"><?php echo $auth_select; ?></select></td>
</tr>
<?php
foreach ( $auth_plugins as $method )
{
if ( $method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx) )
@@ -553,7 +561,7 @@ switch ( $mode )
{
if ( !isset($board_config[$field]) )
{
$sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value)
$sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value)
VALUES ('$field', '')";
$db->sql_query($sql);
}

531
phpBB/admin/admin_database.php
View File

@@ -1,6 +1,6 @@
<?php
/***************************************************************************
* admin_db_utilities.php
* admin_database.php
* -------------------
* begin : Thu May 31, 2001
* copyright : (C) 2001 The phpBB Group
@@ -18,17 +18,14 @@
* (at your option) any later version.
*
***************************************************************************/
//
// Some functions are adapted phpMyAdmin 2.2.0.
//
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
$filename = basename(__FILE__);
$module['DB']['DB_Backup'] = $filename . "$SID&amp;mode=backup";
@@ -51,9 +48,9 @@ require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have DB backup/restore permissions?
//
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -64,46 +61,43 @@ if ( !$acl->get_acl_admin('general') )
//
@set_time_limit(1200);
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : '';
//
// Begin program proper
//
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
switch( $mode )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
case 'backup':
switch( $mode )
{
case 'backup':
if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' )
if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' )
{
switch ( SQL_LAYER )
{
switch ( SQL_LAYER )
{
case 'oracle':
$db_type = 'Oracle';
break;
case 'odbc':
$db_type = 'ODBC';
break;
case 'mssql':
$db_type = 'MSSQL';
break;
}
message_die(MESSAGE, $lang['Backups_not_supported']);
break;
case 'oracle':
$db_type = 'Oracle';
break;
case 'odbc':
$db_type = 'ODBC';
break;
case 'mssql':
$db_type = 'MSSQL';
break;
}
$additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' );
$backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' );
$search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 );
$store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' );
$compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' );
message_die(MESSAGE, $lang['Backups_not_supported']);
break;
}
if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) )
{
page_header($lang['DB_Backup']);
$additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' );
$backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' );
$search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 );
$store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' );
$compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' );
if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) )
{
page_header($lang['DB_Backup']);
?>
@@ -132,35 +126,35 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
<td class="row2"><input type="text" name="store" size="40" /></td>
</tr>
<?php
if ( extension_loaded('zlib') || extension_loaded('bz2') )
{
if ( extension_loaded('zlib') || extension_loaded('bz2') )
{
?>
<tr>
<td class="row1"><?php echo $lang['Compress_file']; ?>: </td>
<td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $lang['None']; ?><?php
if ( extension_loaded('zlib') )
{
if ( extension_loaded('zlib') )
{
?>&nbsp;&nbsp;<input type="radio" name="compress" value="gzip" />.gz&nbsp;&nbsp;<input type="radio" name="compress" value="zip" />.zip<?php
}
if ( extension_loaded('bz2') )
{
}
if ( extension_loaded('bz2') )
{
?>&nbsp;&nbsp;<input type="radio" name="compress" value="bzip" />.bz2<?php
}
}
?></td>
</tr>
<?php
}
}
?>
<tr>
@@ -170,229 +164,232 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
<?php
break;
break;
}
else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )
{
$meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&amp;type=$backup_type&amp;tables=" . quotemeta($additional_tables) . "&amp;search=$search&amp;store=" . quotemeta($store_path) . "&amp;compress=$compress&amp;backupstart=1&amp;startdownload=1\">";
}
else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )
$message = ( empty($store_path) ) ? $lang['Backup_download'] : $lang['Backup_writing'];
page_header($lang['DB_Backup'], $meta);
page_message($lang['DB_Backup'], $message);
page_footer();
}
$tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables();
@sort($tables);
if ( !empty($additional_tables) )
{
$additional_tables = explode(',', $additional_tables);
for($i = 0; $i < count($additional_tables); $i++)
{
$meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&amp;type=$backup_type&amp;tables=" . quotemeta($additional_tables) . "&amp;search=$search&amp;store=" . quotemeta($store_path) . "&amp;compress=$compress&amp;backupstart=1&amp;startdownload=1\">";
$message = ( empty($store_path) ) ? $lang['Backup_download'] : $lang['Backup_writing'];
page_header($lang['DB_Backup'], $meta);
page_message($lang['DB_Backup'], $message);
page_footer();
$tables[] = trim($additional_tables[$i]);
}
unset($additional_tables);
}
$tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables();
@sort($tables);
//
// Enable output buffering
//
@ob_start();
@ob_implicit_flush(0);
if ( !empty($additional_tables) )
//
// Build the sql script file...
//
echo "#\n";
echo "# phpBB Backup Script\n";
echo "# Dump of tables for $dbname\n";
echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n";
echo "#\n";
if ( SQL_LAYER == 'postgresql' )
{
echo "\n" . pg_get_sequences("\n", $backup_type);
}
for($i = 0; $i < count($tables); $i++)
{
$table_name = $tables[$i];
if ( SQL_LAYER != 'mysql4' )
{
$additional_tables = explode(',', $additional_tables);
for($i = 0; $i < count($additional_tables); $i++)
{
$tables[] = trim($additional_tables[$i]);
}
unset($additional_tables);
}
//
// Enable output buffering
//
@ob_start();
@ob_implicit_flush(0);
//
// Build the sql script file...
//
echo "#\n";
echo "# phpBB Backup Script\n";
echo "# Dump of tables for $dbname\n";
echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n";
echo "#\n";
if ( SQL_LAYER == 'postgresql' )
{
echo "\n" . pg_get_sequences("\n", $backup_type);
}
for($i = 0; $i < count($tables); $i++)
{
$table_name = $tables[$i];
if ( SQL_LAYER != 'mysql4' )
{
$table_def_function = "get_table_def_" . SQL_LAYER;
$table_content_function = "get_table_content_" . SQL_LAYER;
}
else
{
$table_def_function = "get_table_def_mysql";
$table_content_function = "get_table_content_mysql";
}
if ( $backup_type != 'data' )
{
echo "#\n# TABLE: " . $table_name . "\n#\n";
echo $table_def_function($table_name, "\n") . "\n";
}
if ( $backup_type != 'structure' )
{
//
// Skip search table data?
//
if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) )
{
$table_content_function($table_name, "output_table_content");
}
}
}
//
// Flush the buffer, send the file
//
switch ( $compress )
{
case 'gzip':
$extension = 'sql.gz';
$contents = gzencode(ob_get_contents());
ob_end_clean();
break;
case 'zip':
$extension = 'zip';
$zip = new zipfile;
$zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time());
ob_end_clean();
$contents = $zip->file();
break;
case 'bzip':
$extension = 'bz2';
$contents = bzcompress(ob_get_contents());
ob_end_clean();
break;
default:
$extension = 'sql';
$contents = ob_get_contents();
ob_end_clean();
}
if ( empty($store_path) )
{
header("Pragma: no-cache");
header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\"");
header("Content-disposition: attachment; filename=phpbb_db_backup.$extension");
echo $contents;
unset($contents);
$table_def_function = "get_table_def_" . SQL_LAYER;
$table_content_function = "get_table_content_" . SQL_LAYER;
}
else
{
if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) )
{
message_die(ERROR, 'Could not open backup file');
}
if ( !fwrite($fp, $contents) )
{
message_die(ERROR, 'Could not write backup file content');
}
fclose($fp);
unset($contents);
message_die(MESSAGE, $lang['Backup_success']);
$table_def_function = "get_table_def_mysql";
$table_content_function = "get_table_content_mysql";
}
exit;
break;
if ( $backup_type != 'data' )
{
echo "#\n# TABLE: " . $table_name . "\n#\n";
echo $table_def_function($table_name, "\n") . "\n";
}
case 'restore':
if ( isset($HTTP_POST_VARS['restorestart']) )
if ( $backup_type != 'structure' )
{
//
// Handle the file upload ....
// If no file was uploaded report an error...
// Skip search table data?
//
if ( !empty($HTTP_POST_VARS['local']) )
if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) )
{
$file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']);
$filename = substr($file_tmpname, strrpos($file_tmpname, '/'));
}
else
{
$filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : '';
$file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : '';
$table_content_function($table_name, "output_table_content");
}
}
}
if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) )
{
message_die(MESSAGE, $lang['Restore_Error_no_file']);
}
//
// Flush the buffer, send the file
//
switch ( $compress )
{
case 'gzip':
$extension = 'sql.gz';
$contents = gzencode(ob_get_contents());
ob_end_clean();
break;
$ext = substr($filename, strrpos($filename, '.') + 1);
case 'zip':
$extension = 'zip';
$zip = new zipfile;
$zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time());
ob_end_clean();
$contents = $zip->file();
break;
if ( !preg_match('/^(sql|gz|bz2)$/', $ext) )
{
message_die(MESSAGE, $lang['Restore_Error_filename']);
}
case 'bzip':
$extension = 'bz2';
$contents = bzcompress(ob_get_contents());
ob_end_clean();
break;
if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) )
{
message_die(MESSAGE, $lang['Compress_unsupported']);
}
default:
$extension = 'sql';
$contents = ob_get_contents();
ob_end_clean();
}
$sql_query = '';
switch ( $ext )
{
case 'gz':
$fp = gzopen($file_tmpname, 'rb');
while ( !gzeof($fp) )
{
$sql_query .= gzgets($fp, 100000);
}
gzclose($fp);
break;
add_admin_log('log_db_backup');
case 'bz2':
$sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname)));
break;
if ( empty($store_path) )
{
header("Pragma: no-cache");
header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\"");
header("Content-disposition: attachment; filename=phpbb_db_backup.$extension");
default;
$sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname));
}
if ( $sql_query != '' )
{
// Strip out sql comments...
$sql_query = remove_remarks($sql_query);
$pieces = split_sql_file($sql_query, ';');
$sql_count = count($pieces);
for($i = 0; $i < $sql_count; $i++)
{
$sql = trim($pieces[$i]);
if ( !empty($sql) && $sql[0] != '#' )
{
$db->sql_query($sql);
}
}
}
message_die(MESSAGE, $lang['Restore_success']);
echo $contents;
unset($contents);
}
else
{
if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) )
{
message_die(ERROR, 'Could not open backup file');
}
if ( !fwrite($fp, $contents) )
{
message_die(ERROR, 'Could not write backup file content');
}
fclose($fp);
unset($contents);
message_die(MESSAGE, $lang['Backup_success']);
}
exit;
break;
case 'restore':
if ( isset($HTTP_POST_VARS['restorestart']) )
{
//
// Restore page
// Handle the file upload ....
// If no file was uploaded report an error...
//
page_header($lang['DB_Restore']);
if ( !empty($HTTP_POST_VARS['local']) )
{
$file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']);
$filename = substr($file_tmpname, strrpos($file_tmpname, '/'));
}
else
{
$filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : '';
$file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : '';
}
if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) )
{
message_die(MESSAGE, $lang['Restore_Error_no_file']);
}
$ext = substr($filename, strrpos($filename, '.') + 1);
if ( !preg_match('/^(sql|gz|bz2)$/', $ext) )
{
message_die(MESSAGE, $lang['Restore_Error_filename']);
}
if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) )
{
message_die(MESSAGE, $lang['Compress_unsupported']);
}
$sql_query = '';
switch ( $ext )
{
case 'gz':
$fp = gzopen($file_tmpname, 'rb');
while ( !gzeof($fp) )
{
$sql_query .= gzgets($fp, 100000);
}
gzclose($fp);
break;
case 'bz2':
$sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname)));
break;
default;
$sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname));
}
if ( $sql_query != '' )
{
// Strip out sql comments...
$sql_query = remove_remarks($sql_query);
$pieces = split_sql_file($sql_query, ';');
$sql_count = count($pieces);
for($i = 0; $i < $sql_count; $i++)
{
$sql = trim($pieces[$i]);
if ( !empty($sql) && $sql[0] != '#' )
{
$db->sql_query($sql);
}
}
}
add_admin_log('log_db_restore');
message_die(MESSAGE, $lang['Restore_success']);
}
//
// Restore page
//
page_header($lang['DB_Restore']);
?>
@@ -404,21 +401,21 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
<th colspan="2"><?php echo $lang['Select_file']; ?></th>
</tr>
<tr>
<td class="row1"><?php echo $lang['Upload_file']; ?>: <br /><span class="gensmall"><?php
echo $lang['Supported_extensions'];
<td class="row1"><?php echo $lang['Upload_file']; ?>: <br /><span class="gensmall"><?php
$types = ': <u>sql</u>';
if ( extension_loaded('zlib') )
{
$types .= ', <u>sql.gz</u>';
}
if ( extension_loaded('bz2') )
{
$types .= ', <u>bz2</u>';
}
echo $lang['Supported_extensions'];
echo $types;
$types = ': <u>sql</u>';
if ( extension_loaded('zlib') )
{
$types .= ', <u>sql.gz</u>';
}
if ( extension_loaded('bz2') )
{
$types .= ', <u>bz2</u>';
}
echo $types;
?></span></td>
<td class="row2"><input type="file" name="backup_file" /></td>
@@ -434,7 +431,11 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
<?php
}
break;
default:
exit;
}
page_footer();
@@ -1030,7 +1031,7 @@ function output_table_content($content)
// Zip creation class from phpMyAdmin 2.3.0 (c) Tobias Ratschiller, Olivier M<>ller, Lo<4C>c Chapeaux, Marc Delisle
// http://www.phpmyadmin.net/
//
// Based on work by Eric Mueller and Denis125
// Based on work by Eric Mueller and Denis125
// Official ZIP file format: http://www.pkware.com/appnote.txt
//
class zipfile
@@ -1138,7 +1139,7 @@ class zipfile
pack('V', strlen($ctrldir)) . // size of central dir
pack('V', strlen($data)) . // offset to start of central dir
"\x00\x00"; // .zip file comment length
}
}
}

20
phpBB/admin/admin_disallow.php
View File

@@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -45,7 +45,7 @@ require('pagestart.' . $phpEx);
//
// Do we have user admin permissions?
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -63,7 +63,7 @@ if( isset($HTTP_POST_VARS['add_name']) )
}
else
{
$sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username)
$sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username)
VALUES('" . str_replace("\'", "''", $disallowed_user) . "')";
$result = $db->sql_query( $sql );
@@ -79,8 +79,8 @@ if( isset($HTTP_POST_VARS['add_name']) )
else if( isset($HTTP_POST_VARS['delete_name']) )
{
$disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] );
$sql = "DELETE FROM " . DISALLOW_TABLE . "
$sql = "DELETE FROM " . DISALLOW_TABLE . "
WHERE disallow_id = $disallowed_id";
$db->sql_query($sql);
@@ -95,7 +95,7 @@ else if( isset($HTTP_POST_VARS['delete_name']) )
//
// Grab the current list of disallowed usernames...
//
$sql = "SELECT *
$sql = "SELECT *
FROM " . DISALLOW_TABLE;
$result = $db->sql_query($sql);
@@ -121,17 +121,17 @@ page_header($lang['Users']);
<p><?php echo $lang['Disallow_explain']; ?></p>
<form method="post" action="<?php echo "admin_disallow.$phpEx$SID"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<tr>
<th colspan="2"><?php echo $lang['Add_disallow_title']; ?></th>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Username']; ?><br /><span class="gensmall"><?php echo $lang['Add_disallow_explain']; ?></span></td>
<td class="row2"><input type="text" name="disallowed_user" size="30" />&nbsp;<input type="submit" name="add_name" value="<?php echo $lang['Add_disallow']; ?>" class="mainoption" /></td>
</tr>
<tr>
<tr>
<th colspan="2"><?php echo $lang['Delete_disallow_title']; ?></th>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Username']; ?><br /><span class="gensmall"><?php echo $lang['Delete_disallow_explain']; ?></span></td>
<td class="row2"><?php if ( $disallow_select != '' ) { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select>&nbsp;<input type="submit" name="delete_name" value="<?php echo $lang['Delete']; ?>" class="liteoption" /><?php } else { echo $lang['No_disallowed']; } ?></td>
</tr>

36
phpBB/admin/admin_email.php
View File

@@ -21,14 +21,14 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
$filename = basename(__FILE__);
$module['General']['Mass_Email'] = $filename . $SID;
return;
}
@@ -43,14 +43,14 @@ require('pagestart.' . $phpEx);
//
// Do we have general admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
//
// Set some vars
//
//
$message = '';
$subject = '';
@@ -80,7 +80,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$subject = stripslashes($HTTP_POST_VARS['subject']);
$message = stripslashes($HTTP_POST_VARS['message']);
//
// Error checking needs to go here ... if no subject and/or
// no message then skip over the send and return to the form
@@ -102,7 +102,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$board_config['smtp_host'] = get_cfg_var('SMTP');
}
$emailer = new emailer($board_config['smtp_delivery']);
$email_headers = 'From: ' . $board_config['board_email'] . "\n";
$bcc_list = '';
@@ -111,7 +111,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $email_list[$i]['user_email'];
}
$email_headers .= "Bcc: $bcc_list\n";
$email_headers .= 'Return-Path: ' . $userdata['board_email'] . "\n";
$email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
@@ -124,8 +124,8 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'BOARD_EMAIL' => $board_config['board_email'],
'SITENAME' => $board_config['sitename'],
'BOARD_EMAIL' => $board_config['board_email'],
'MESSAGE' => $message)
);
@@ -134,13 +134,13 @@ if ( isset($HTTP_POST_VARS['submit']) )
message_die(MESSAGE, $lang['Email_sent']);
}
}
}
//
// Initial selection
//
$sql = "SELECT group_id, group_name
$sql = "SELECT group_id, group_name
FROM ".GROUPS_TABLE;
$result = $db->sql_query($sql);
@@ -164,22 +164,22 @@ page_header($lang['Mass_Email']);
<p><?php echo $lang['Mass_email_explain']; ?></p>
<form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
<tr>
<tr>
<th colspan="2"><?php echo $lang['Compose']; ?></th>
</tr>
<tr>
<tr>
<td class="row1" align="right"><b><?php echo $lang['Recipients']; ?></b></td>
<td class="row2" align="left"><?php echo $select_list; ?></td>
</tr>
<tr>
<tr>
<td class="row1" align="right"><b><?php echo $lang['Subject']; ?></b></td>
<td class="row2"><span class="gen"><input type="text" name="subject" size="45" maxlength="100" tabindex="2" class="post" value="<?php echo $subject; ?>" /></span></td>
</tr>
<tr>
<td class="row1" align="right" valign="top"><span class="gen"><b><?php echo $lang['Message']; ?></b></span>
<td class="row2"><textarea class="post" name="message" rows="15" cols="35" wrap="virtual" style="width:450px" tabindex="3"><?php echo $message; ?></textarea></td>
<tr>
<td class="row1" align="right" valign="top"><span class="gen"><b><?php echo $lang['Message']; ?></b></span>
<td class="row2"><textarea class="post" name="message" rows="15" cols="35" wrap="virtual" style="width:450px" tabindex="3"><?php echo $message; ?></textarea></td>
</tr>
<tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" value="<?php echo $lang['Email']; ?>" name="submit" class="mainoption" /></td>
</tr>
</table></form>

22
phpBB/admin/admin_forums.php
View File

@@ -21,7 +21,7 @@
if (!empty($setmodules))
{
if (!$acl->get_acl_admin('forum'))
if (!$auth->get_acl_admin('forum'))
{
return;
}
@@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have forum admin permissions?
//
if (!$acl->get_acl_admin('forum'))
if (!$auth->get_acl_admin('forum'))
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -535,7 +535,7 @@ switch ($mode)
</tr>
</table>
</form>
<br clear="all" />
<?php
@@ -562,10 +562,10 @@ switch ($mode)
<form action="admin_forums.<?php echo $phpEx . $SID ?>&mode=remove&f=<?php echo $forum_id ?>" method="post">
<table cellpadding="4" cellspacing="1" border="0" class="forumline" align="center">
<tr>
<tr>
<th colspan="2" class="thHead"><?php echo $lang['Forum_delete'] ?></th>
</tr>
<tr>
<tr>
<td class="row1"><?php echo ($forum_status == ITEM_CATEGORY) ? $lang['Category_name'] : $lang['Forum_name'] ?></td>
<td class="row1"><span class="row1"><?php echo $forum_name ?></span></td>
</tr>
@@ -573,11 +573,11 @@ switch ($mode)
if ($forum_status != ITEM_CATEGORY)
{
?>
<tr>
<tr>
<td class="row1"><?php echo $lang['Action'] ?></td>
<td class="row1"><input type="radio" name="action_posts" value="delete" checked="checked" /> <?php echo $lang['Delete_all_posts'] ?></td>
</tr>
<tr>
<tr>
<td class="row1"></td>
<td class="row1"><input type="radio" name="action_posts" value="move" /> <?php echo $lang['Move_posts_to'] ?> <select name="posts_to_id" ?><option value="0"></option><?php echo $move_posts_list ?></select></td>
</tr>
@@ -586,18 +586,18 @@ switch ($mode)
if ($right_id - $left_id > 1)
{
?>
<tr>
<tr>
<td class="row1"><?php echo $lang['Action'] ?></td>
<td class="row1"><input type="radio" name="action_subforums" value="delete" checked="checked" /> <?php echo $lang['Delete_subforums'] ?></td>
</tr>
<tr>
<tr>
<td class="row1"></td>
<td class="row1"><input type="radio" name="action_subforums" value="move" /> <?php echo $lang['Move_subforums_to'] ?> <select name="subforums_to_id" ?><option value="0"></option><?php echo $forums_list ?></select></td>
</tr>
<?php
}
?>
<tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $lang['Move_and_Delete'] ?>" class="mainoption" /></td>
</tr>
</table>
@@ -705,7 +705,7 @@ while ($row = $db->sql_fetchrow($result))
$forum_title = htmlspecialchars($sub_row['forum_name']);
$forum_desc = htmlspecialchars($sub_row['forum_desc']);
$subforums = ($sub_row['right_id'] - $sub_row['left_id'] - 1) / 2;
if ($sub_row['forum_status'] != ITEM_CATEGORY)
{
$colspan = '';

189
phpBB/admin/admin_groups.php
View File

@@ -19,10 +19,13 @@
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$auth->get_acl_admin('group') )
{
return;
}
$filename = basename(__FILE__);
$module['Groups']['Create'] = $filename . "$SID&amp;mode=create";
$module['Groups']['Delete'] = $filename . "$SID&amp;mode=delete";
@@ -31,20 +34,29 @@ if( !empty($setmodules) )
return;
}
define('IN_PHPBB', 1);
//
// Load default header
// Include files
//
$phpbb_root_path = "../";
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have general permissions?
//
if ( !$auth->get_acl_admin('group') )
{
message_die(MESSAGE, $lang['No_admin']);
}
if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
{
$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
}
else
{
$group_id = "";
$group_id = '';
}
//
@@ -122,7 +134,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
for($i = 0; $i < count($user_list); $i++)
{
if( $user_list[$i]['user_id'] == $group_info['group_moderator'] )
if( $user_list[$i]['user_id'] == $group_info['group_moderator'] )
{
$group_moderator = $user_list[$i]['username'];
}
@@ -136,15 +148,15 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
$template->assign_vars(array(
"GROUP_NAME" => $group_info['group_name'],
"GROUP_DESCRIPTION" => $group_info['group_description'],
"GROUP_MODERATOR" => $group_moderator,
"GROUP_DESCRIPTION" => $group_info['group_description'],
"GROUP_MODERATOR" => $group_moderator,
"L_GROUP_TITLE" => $lang['Group_administration'],
"L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
"L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
"L_GROUP_NAME" => $lang['group_name'],
"L_GROUP_DESCRIPTION" => $lang['group_description'],
"L_GROUP_MODERATOR" => $lang['group_moderator'],
"L_FIND_USERNAME" => $lang['Find_username'],
"L_GROUP_MODERATOR" => $lang['group_moderator'],
"L_FIND_USERNAME" => $lang['Find_username'],
"L_GROUP_STATUS" => $lang['group_status'],
"L_GROUP_OPEN" => $lang['group_open'],
"L_GROUP_CLOSED" => $lang['group_closed'],
@@ -157,7 +169,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
"L_DELETE_MODERATOR_EXPLAIN" => $lang['delete_moderator_explain'],
"L_YES" => $lang['Yes'],
"U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"),
"U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"),
"S_GROUP_OPEN_TYPE" => GROUP_OPEN,
"S_GROUP_CLOSED_TYPE" => GROUP_CLOSED,
@@ -220,7 +232,7 @@ else if( isset($HTTP_POST_VARS['group_update']) )
{
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
$this_userdata = get_userdata($group_moderator);
$group_moderator = $this_userdata['user_id'];
@@ -228,7 +240,7 @@ else if( isset($HTTP_POST_VARS['group_update']) )
{
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
if( $mode == "editgroup" )
{
$sql = "SELECT *
@@ -243,14 +255,14 @@ else if( isset($HTTP_POST_VARS['group_update']) )
{
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
}
$group_info = $db->sql_fetchrow($result);
$group_info = $db->sql_fetchrow($result);
if ( $group_info['group_moderator'] != $group_moderator )
{
if ( $delete_old_moderator != "" )
{
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = " . $group_info['group_moderator'] . "
WHERE user_id = " . $group_info['group_moderator'] . "
AND group_id = " . $group_id;
if ( !$result = $db->sql_query($sql) )
{
@@ -265,20 +277,20 @@ else if( isset($HTTP_POST_VARS['group_update']) )
}
}
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator
SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator
WHERE group_id = $group_id";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Updated_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");;
message_die(GENERAL_MESSAGE, $message);
}
else if( $mode == "newgroup" )
{
$sql = "SELECT MAX(group_id) AS new_group_id
$sql = "SELECT MAX(group_id) AS new_group_id
FROM " . GROUPS_TABLE;
if ( !$result = $db->sql_query($sql) )
{
@@ -288,7 +300,7 @@ else if( isset($HTTP_POST_VARS['group_update']) )
$new_group_id = $row['new_group_id'] + 1;
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user)
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user)
VALUES ($new_group_id, $group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')";
if ( !$result = $db->sql_query($sql) )
{
@@ -301,7 +313,7 @@ else if( isset($HTTP_POST_VARS['group_update']) )
{
message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Added_new_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");;
message_die(GENERAL_MESSAGE, $message);
@@ -313,48 +325,97 @@ else if( isset($HTTP_POST_VARS['group_update']) )
}
}
}
else
{
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
ORDER BY group_name";
$g_result = $db->sql_query($sql);
$group_list = $db->sql_fetchrowset($g_result);
$select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
for($i = 0; $i < count($group_list); $i++)
{
$select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
}
$select_list .= "</select>";
$template->set_filenames(array(
"body" => "admin/group_select_body.tpl")
);
$template->assign_vars(array(
"L_GROUP_TITLE" => $lang['Group_administration'],
"L_GROUP_EXPLAIN" => $lang['Group_admin_explain'],
"L_GROUP_SELECT" => $lang['Select_group'],
"L_LOOK_UP" => $lang['Look_up_group'],
"L_CREATE_NEW_GROUP" => $lang['New_group'],
"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
"S_GROUP_SELECT" => $select_list)
);
//
// Faking the IF... ELSE statements again...
//
if( count($group_list) > 0 )
{
$template->assign_block_vars("select_box", array());
}
$template->pparse('body');
}
include('page_footer_admin.'.$phpEx);
page_header($lang['Manage']);
?>
<h1><?php echo $lang['Manage']; ?></h1>
<p><?php echo $lang['Group_manage_explain']; ?></p>
<form method="post" action="<?php echo "admin_groups.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="3"><?php echo $lang['Manage']; ?></th>
</tr>
<?php
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
ORDER BY group_name";
$result = $db->sql_query($sql);
$groups = array();
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$groups[] = $row;
}
while ( $row = $db->sql_fetchrow($result) );
}
$sql = "SELECT ug.group_id, u.user_id, u.username
FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug
WHERE ug.user_pending = 1
AND u.user_id = ug.user_id
ORDER BY ug.group_id";
$result = $db->sql_query($sql);
$pending = array();
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$pending[$row['group_id']][] = $row;
}
while ( $row = $db->sql_fetchrow($result) );
}
foreach ( $groups as $group_ary )
{
$group_id = $group_ary['group_id'];
$group_name = ( !empty($lang[$group_ary['group_name']]) ) ? $lang[$group_ary['group_name']] : $group_ary['group_name'];
?>
<tr>
<td class="cat"><span class="cattitle"><?php echo $group_name;?></span></td>
<td class="cat" align="center">&nbsp;<input class="liteoption" type="submit" name="edit[<?php echo $group_id; ?>]" value="<?php echo $lang['Edit'];?>" />&nbsp;</td>
<td class="cat" align="center">&nbsp;<input class="liteoption" type="submit" name="delete[<?php echo $group_id; ?>]" value="<?php echo $lang['Delete'];?>" />&nbsp;</td>
</tr>
<?php
if ( is_array($pending[$group_id]) )
{
$row_class = '';
foreach( $pending[$group_id] as $pending_ary )
{
$row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2';
?>
<tr>
<td class="<?php echo $row_class; ?>"><?php echo $pending_ary['username'];?></td>
<td class="<?php echo $row_class; ?>" align="center"><input class="liteoption" type="submit" name="approve[<?php echo $pending_ary['user_id']; ?>]" value="<?php echo $lang['Approve_selected'];?>" /></td>
<td class="<?php echo $row_class; ?>" align="center"><input class="liteoption" type="submit" name="decline[<?php echo $pending_ary['user_id']; ?>]" value="<?php echo $lang['Deny_selected'];?>" /></td>
</tr>
<?php
}
}
else
{
?>
<tr>
<td class="row1" colspan="4" align="center">No pending users</td>
</tr>
<?php
}
}
?>
</table></form>
<?php
page_footer();
?>

24
phpBB/admin/admin_permissions.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('auth') )
if ( !$auth->get_acl_admin('auth') )
{
return;
}
@@ -46,7 +46,7 @@ require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('auth') )
if ( !$auth->get_acl_admin('auth') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -101,6 +101,13 @@ switch ( $mode )
break;
}
//
// Brief explanation of how things work when updating ...
//
// Granting someone any admin permissions grants them permissions
// to all other options, e.g. Moderator and Forums across the board.
// This is done via the acl class
//
if ( isset($HTTP_POST_VARS['update']) )
{
switch ( $HTTP_POST_VARS['type'] )
@@ -116,7 +123,7 @@ if ( isset($HTTP_POST_VARS['update']) )
foreach ( $HTTP_POST_VARS['entries'] as $id )
{
$acl->$set($forum_id, $id, $HTTP_POST_VARS['option']);
$auth->$set($forum_id, $id, $HTTP_POST_VARS['option']);
}
message_die(MESSAGE, 'Permissions updated successfully');
@@ -156,7 +163,7 @@ else if ( isset($HTTP_POST_VARS['delete']) )
foreach ( $HTTP_POST_VARS['entries'] as $id )
{
$acl->$set($forum_id, $id, $option_ids);
$auth->$set($forum_id, $id, $option_ids);
}
message_die(MESSAGE, 'Permissions updated successfully');
@@ -344,9 +351,16 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
else
{
//
// Founder only operations ... these operations can
// only be altered by someone with founder status
//
$founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : '';
$sql = "SELECT auth_option_id, auth_value
FROM " . ACL_OPTIONS_TABLE . "
WHERE auth_value LIKE '" . $type_sql . "_%'";
WHERE auth_value LIKE '" . $type_sql . "_%'
$founder_sql";
$result = $db->sql_query($sql);
$auth_options = array();

20
phpBB/admin/admin_prune.php
View File

@@ -21,11 +21,11 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('forum') )
if ( !$auth->get_acl_admin('forum') )
{
return;
}
$filename = basename(__FILE__);
$module['Forums']['Prune'] = $filename . $SID . '&amp;mode=forums';
@@ -39,12 +39,12 @@ define('IN_PHPBB', 1);
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('forum') )
if ( !$auth->get_acl_admin('forum') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -97,10 +97,10 @@ if ( isset($HTTP_POST_VARS['doprune']) )
{
$p_result = prune($forum_rows[$i]['forum_id'], $prunedate);
sync('forum', $forum_rows[$i]['forum_id']);
$template->assign_block_vars('prune_results', array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'FORUM_NAME' => $forum_rows[$i]['forum_name'],
'FORUM_TOPICS' => $p_result['topics'],
'FORUM_POSTS' => $p_result['posts'])
@@ -161,7 +161,7 @@ else
{
$forum_name = ( $forum_id == -1 ) ? $lang['All_Forums'] : $forum_rows[0]['forum_name'];
$prune_data = $lang['Prune_topics_not_posted'] . " ";
$prune_data = $lang['Prune_topics_not_posted'] . " ";
$prune_data .= '<input type="text" name="prunedays" size="4"> ' . $lang['Days'];
$s_hidden_fields = '<input type="hidden" name="f" value="' . $forum_id . '">';
@@ -175,13 +175,13 @@ else
<h2><?php echo $lang['Forum'] . ': ' . $forum_name; ?></h2>
<form method="post" action="<?php echo "admin_prune.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<tr>
<th class="th"><?php echo $lang['Forum_Prune']; ?></th>
</tr>
<tr>
<td class="row1"><?php echo $prune_data; ?></td>
</tr>
<tr>
<tr>
<td class="cat" align="center"><?php echo $s_hidden_fields; ?><input type="submit" name="doprune" value="<?php echo $lang['Do_Prune']; ?>" class="mainoption"></td>
</tr>
</table></form>

30
phpBB/admin/admin_prune_users.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -75,7 +75,7 @@ if ( isset($HTTP_POST_VARS['prune']) )
{
$l_message .= ( !empty($HTTP_POST_VARS[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($HTTP_POST_VARS[$field]) . '" />' : '';
}
$l_message .= '</form>';
page_header($lang['Prune_users']);
@@ -90,7 +90,7 @@ if ( isset($HTTP_POST_VARS['prune']) )
page_message($lang['Confirm'], $l_message, false);
page_footer();
}
else if ( isset($HTTP_POST_VARS['confirm']) )
{
@@ -128,8 +128,8 @@ if ( isset($HTTP_POST_VARS['prune']) )
$where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
}
$sql = "SELECT username, user_id FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
$sql = "SELECT username, user_id FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
$where_sql";
$result = $db->sql_query($sql);
@@ -169,8 +169,8 @@ if ( isset($HTTP_POST_VARS['prune']) )
for($i = 0; $i < sizeof($user_ids); $i++)
{
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . ANONYMOUS . ", post_username = '" . $usernames[$i] . "'
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . ANONYMOUS . ", post_username = '" . $usernames[$i] . "'
WHERE user_id = " . $userids[$i];
// $db->sql_query($sql);
}
@@ -184,7 +184,7 @@ if ( isset($HTTP_POST_VARS['prune']) )
$sql = "UPDATE " . USERS_TABLE . " SET user_active = 0";
}
$sql .= " WHERE user_id <> " . ANONYMOUS . "
$sql .= " WHERE user_id <> " . ANONYMOUS . "
$where_sql";
// $db->sql_query($sql);
@@ -233,26 +233,26 @@ page_header($lang['Prune_users']);
<p><?php echo $lang['Prune_users_explain']; ?></p>
<form method="post" name="post" action="<?php echo "admin_prune_users.$phpEx$SID"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<tr>
<th colspan="2"><?php echo $lang['Prune_users']; ?></th>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Username']; ?>: </td>
<td class="row2"><input class="post" type="text" name="username" /></td>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Email']; ?>: </td>
<td class="row2"><input class="post" type="text" name="email" /></td>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Joined']; ?>: <br /><span class="gensmall"><?php echo $lang['Joined_explain']; ?></span></td>
<td class="row2"><select name="joined_select"><?php echo $s_find_join_time; ?></select> <input class="post" type="text" name="joined" maxlength="10" size="10" /></td>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Last_active']; ?>: <br /><span class="gensmall"><?php echo $lang['Last_active_explain']; ?></span></td>
<td class="row2"><select name="active_select"><?php echo $s_find_active_time; ?></select> <input class="post" type="text" name="active" maxlength="10" size="10" /></td>
</tr>
<tr>
<tr>
<td class="row1"><?php echo $lang['Posts']; ?>: </td>
<td class="row2"><select name="count_select"><?php echo $s_find_count; ?></select> <input class="post" type="text" name="count" /></td>
</tr>

26
phpBB/admin/admin_ranks.php
View File

@@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
//
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -55,7 +55,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
}
else
else
{
//
// These could be entered via a form button
@@ -85,9 +85,9 @@ if ( $mode != '' )
// They want to add a new rank, show the form.
//
$rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
$s_hidden_fields = '<input type="hidden" name="mode" value="save" />';
if ( $mode == 'edit' )
{
if ( empty($rank_id) )
@@ -98,7 +98,7 @@ if ( $mode != '' )
$sql = "SELECT * FROM " . RANKS_TABLE . "
WHERE rank_id = $rank_id";
$result = $db->sql_query($sql);
$rank_info = $db->sql_fetchrow($result);
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
@@ -151,7 +151,7 @@ if ( $mode != '' )
//
// Ok, they sent us our info, let's update it.
//
$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
$rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : '';
$special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
@@ -194,7 +194,7 @@ if ( $mode != '' )
$message = $lang['Rank_added'];
}
$db->sql_query($sql);
$message .= '<br /><br />' . sprintf($lang['Click_return_rankadmin'], '<a href="' . "admin_ranks.$phpEx$SID" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&amp;pane=right" . '">', '</a>');
@@ -207,7 +207,7 @@ if ( $mode != '' )
//
// Ok, they want to delete their rank
//
if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
@@ -216,15 +216,15 @@ if ( $mode != '' )
{
$rank_id = 0;
}
if ( $rank_id )
{
$sql = "DELETE FROM " . RANKS_TABLE . "
WHERE rank_id = $rank_id";
$db->sql_query($sql);
$sql = "UPDATE " . USERS_TABLE . "
SET user_rank = 0
$sql = "UPDATE " . USERS_TABLE . "
SET user_rank = 0
WHERE user_rank = $rank_id";
$db->sql_query($sql);

64
phpBB/admin/admin_search.php
View File

@@ -1,4 +1,4 @@
<?php
<?php
/***************************************************************************
* admin_search.php
* -------------------
@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -113,8 +113,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
//
// Take board offline
//
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '1'
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '1'
WHERE config_name = 'board_disable'";
$db->sql_query($sql);
@@ -129,7 +129,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
//
// Fetch a batch of posts_text entries
//
$sql = "SELECT COUNT(*) AS total, MAX(post_id) AS max_post_id, MIN(post_id) AS min_post_id
$sql = "SELECT COUNT(*) AS total, MAX(post_id) AS max_post_id, MIN(post_id) AS min_post_id
FROM " . POSTS_TEXT_TABLE;
$result = $db->sql_query($sql);
@@ -139,18 +139,18 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
$db->sql_freeresult($result);
$sql = "SELECT *
FROM " . POSTS_TEXT_TABLE . "
WHERE post_id
BETWEEN $batchstart
$sql = "SELECT *
FROM " . POSTS_TEXT_TABLE . "
WHERE post_id
BETWEEN $batchstart
AND $batchend";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$post_id = $row['post_id'];
$post_id = $row['post_id'];
$search_raw_words = array();
$search_raw_words['text'] = split_words(clean_words('post', $row['post_text'], $stopword_array, $synonym_array));
@@ -164,14 +164,14 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
if ( !empty($search_matches) )
{
for ($i = 0; $i < count($search_matches); $i++)
{
{
$search_matches[$i] = trim($search_matches[$i]);
if ( $search_matches[$i] != '' )
if ( $search_matches[$i] != '' )
{
$word[] = $search_matches[$i];
$word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'";
}
}
}
}
}
@@ -194,8 +194,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
case 'mssql-odbc':
case 'oracle':
case 'db2':
$sql = "SELECT word_id, word_text
FROM " . SEARCH_WORD_TABLE . "
$sql = "SELECT word_id, word_text
FROM " . SEARCH_WORD_TABLE . "
WHERE word_text IN ($word_text_sql)";
$result = $db->sql_query($sql);
@@ -209,7 +209,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
$value_sql = '';
$match_word = array();
for ($i = 0; $i < count($word); $i++)
{
{
$new_match = true;
if ( isset($check_words[$word[$i]]) )
{
@@ -228,8 +228,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
$value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'";
break;
default:
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES ('" . $word[$i] . "')";
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES ('" . $word[$i] . "')";
$db->sql_query($sql);
break;
}
@@ -242,12 +242,12 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
{
case 'mysql':
case 'mysql4':
$sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES $value_sql";
$sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text)
VALUES $value_sql";
break;
case 'mssql':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
$value_sql";
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)
$value_sql";
break;
}
@@ -261,10 +261,10 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
if ( $match_sql != '' )
{
$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match)
SELECT $post_id, word_id, $title_match
FROM " . SEARCH_WORD_TABLE . "
WHERE word_text IN ($match_sql)";
$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match)
SELECT $post_id, word_id, $title_match
FROM " . SEARCH_WORD_TABLE . "
WHERE word_text IN ($match_sql)";
$db->sql_query($sql);
}
}
@@ -290,8 +290,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
}
else
{
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '0'
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '0'
WHERE config_name = 'board_disable'";
$db->sql_query($sql);
@@ -314,8 +314,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
}
else if ( isset($HTTP_POST_VARS['cancel']) )
{
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '0'
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '0'
WHERE config_name = 'board_disable'";
$db->sql_query($sql);

24
phpBB/admin/admin_smilies.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
// Do we have general permissions?
//
if (!$acl->get_acl_admin('general'))
if (!$auth->get_acl_admin('general'))
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -79,7 +79,7 @@ if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS[
$smilies_images[] = $file;
}
elseif (preg_match('/\.pak$/i', $file))
{
{
$smilies_paks[] = $file;
}
}
@@ -175,7 +175,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
}
}
message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return);
message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return);
}
else
{
@@ -200,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
<p><?php echo $lang['Import_smilies_explain'] ?></p>
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th class="thHead" colspan="2"><?php echo $lang['Smilies_import'] ?></th>
</tr>
@@ -220,7 +220,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
</td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center"><input class="mainoption" name="import_pak" type="submit" value="<?php echo $lang['Import_smilies'] ?>" /></td>
<td class="cat" colspan="2" align="center"><input class="mainoption" name="import_pak" type="submit" value="<?php echo $lang['Import_smilies'] ?>" /></td>
</tr>
</table></form>
<?php
@@ -288,7 +288,7 @@ function update_smile_dimensions()
//-->
</script>
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=create"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=create"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th class="thHead" colspan="2"><?php echo $lang['smile_config'] ?></th>
</tr>
@@ -313,7 +313,7 @@ function update_smile_dimensions()
<td class="row2"><input type="text" name="smile_emotion" /></td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center"><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
<td class="cat" colspan="2" align="center"><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
</tr>
</table></form>
<?php
@@ -397,9 +397,9 @@ function update_smile_dimensions()
//-->
</script>
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=modify"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=modify"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th class="thHead" colspan="2"><?php echo $lang['Smile_config'] ?></th>
<th class="th" colspan="2"><?php echo $lang['Smile_config'] ?></th>
</tr>
<tr>
<td class="row2"><?php echo $lang['Smile_code'] ?></td>
@@ -430,7 +430,7 @@ function update_smile_dimensions()
<td class="row2"><select name="smile_order"><?php echo $order_list ?></select></td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center"><input type="hidden" name="smile_id" value="<?php echo $smile_data['smilies_id'] ?>" /><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
<td class="cat" colspan="2" align="center"><input type="hidden" name="smile_id" value="<?php echo $smile_data['smilies_id'] ?>" /><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
</tr>
</table></form>
<?php
@@ -458,7 +458,7 @@ function update_smile_dimensions()
'emoticon' => stripslashes($HTTP_POST_VARS['smile_emotion']),
'smile_on_posting' => (!empty($HTTP_POST_VARS['smile_on_posting'])) ? 1 : 0
);
$smile_id = $HTTP_POST_VARS['smile_id'];
$smile_order = $HTTP_POST_VARS['smile_order'];

28
phpBB/admin/admin_styles.php
View File

@@ -2,7 +2,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('styles') )
if ( !$auth->get_acl_admin('styles') )
{
return;
}
@@ -27,7 +27,7 @@ require('pagestart.' . $phpEx);
//
// Do we have styles admin permissions?
//
if ( !$acl->get_acl_admin('styles') )
if ( !$auth->get_acl_admin('styles') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -57,8 +57,8 @@ switch ( $mode )
if ( isset($HTTP_POST_VARS['img_root']) )
{
$sql = "SELECT *
FROM " . STYLES_IMAGE_TABLE . "
$sql = "SELECT *
FROM " . STYLES_IMAGE_TABLE . "
WHERE imageset_path LIKE '" . $HTTP_POST_VARS['imgroot'] . "'";
$result = $db->sql_query($sql);
@@ -74,7 +74,7 @@ switch ( $mode )
$imageset = array('imageset_path', 'post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_profile', 'icon_pm', 'icon_delete', 'icon_ip', 'icon_quote', 'icon_search', 'icon_edit', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm', 'goto_post', 'goto_post_new', 'goto_post_latest', 'goto_post_newest', 'forum', 'forum_new', 'forum_locked', 'folder', 'folder_new', 'folder_hot', 'folder_hot_new', 'folder_locked', 'folder_locked_new', 'folder_sticky', 'folder_sticky_new', 'folder_announce', 'folder_announce_new', 'topic_watch', 'topic_unwatch', 'poll_left', 'poll_center', 'poll_right', 'rating');
$sql = "SELECT imageset_name, imageset_path
FROM " . STYLES_IMAGE_TABLE . "
FROM " . STYLES_IMAGE_TABLE . "
ORDER BY imageset_name";
$result = $db->sql_query($sql);
@@ -117,7 +117,7 @@ switch ( $mode )
echo '<tr>';
echo '<th height="25">Image</th><th>Source</th><th>Width</th><th>Height</th><th>Border</th><th>&nbsp;</th>';
echo '</tr>';
for($i = 0; $i < count($imageset); $i++)
{
$class = ( !($i%2) ) ? 'row1' : 'row2';
@@ -246,8 +246,8 @@ switch ( $mode )
if ( isset($HTTP_POST_VARS['update']) )
{
$sql = "SELECT theme_id, theme_name
FROM " . STYLES_CSS_TABLE . "
$sql = "SELECT theme_id, theme_name
FROM " . STYLES_CSS_TABLE . "
WHERE theme_id = $theme_id";
$result = $db->sql_query($sql);
@@ -258,8 +258,8 @@ switch ( $mode )
$css_data = ( !empty($HTTP_POST_VARS['css_data']) ) ? htmlentities($HTTP_POST_VARS['css_data']) : '';
$css_external = ( !empty($HTTP_POST_VARS['css_data']) ) ? $HTTP_POST_VARS['css_data'] : '';
$sql = "UPDATE " > STYLES_CSS_TABLE . "
SET css_data = '$css_data', css_external = '$css_external'
$sql = "UPDATE " > STYLES_CSS_TABLE . "
SET css_data = '$css_data', css_external = '$css_external'
WHERE theme_id = $theme_id";
$db->sql_query($sql);
@@ -271,7 +271,7 @@ switch ( $mode )
page_header($lang['Edit_theme']);
$sql = "SELECT theme_id, theme_name
$sql = "SELECT theme_id, theme_name
FROM " . STYLES_CSS_TABLE;
$result = $db->sql_query($sql);
@@ -290,7 +290,7 @@ switch ( $mode )
$css_external = '';
if ( $theme_id )
{
$sql = "SELECT css_data, css_external
$sql = "SELECT css_data, css_external
FROM " . STYLES_CSS_TABLE . "
WHERE theme_id = $theme_id";
$result = $db->sql_query($sql);
@@ -343,7 +343,7 @@ function get_templates($tplroot = '')
global $db;
$sql = "SELECT template_name, template_path
FROM " . STYLES_TPL_TABLE . "
FROM " . STYLES_TPL_TABLE . "
ORDER BY template_name";
$result = $db->sql_query($sql);
@@ -353,7 +353,7 @@ function get_templates($tplroot = '')
$selected = ( $tplroot == $row['template_path'] ) ? ' selected="selected"' : '';
$tplroot_options .= '<option value="' . $row['template_path'] . '"' . $selected . '>' . $row['template_path'] . '</option>';
}
return $tplroot_options;
}

66
phpBB/admin/admin_users.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@@ -127,7 +127,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
$user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : '';
$user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : '';
$user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : '';
$user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0;
$user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0;
@@ -155,7 +155,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
if ( !isset($HTTP_POST_VARS['cancelavatar']))
if ( !isset($HTTP_POST_VARS['cancelavatar']))
{
$user_avatar = $user_avatar_local;
$user_avatar_type = USER_AVATAR_GALLERY;
@@ -215,7 +215,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
if( $user_status == 0 )
{
// User is (made) inactive. Delete all their sessions.
$sql = "DELETE FROM " . SESSIONS_TABLE . "
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_user_id = $user_id";
$db->sql_query($sql);
}
@@ -237,7 +237,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
if ( strlen($sig_length_check) > $board_config['max_sig_chars'] )
{
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long'];
}
@@ -388,7 +388,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) )
{
$file_size = $file_data1[1];
$file_size = $file_data1[1];
$file_type = $file_data2[1];
switch( $file_type )
@@ -512,7 +512,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
{
$avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
}
//
// Update entry in DB
//
@@ -520,10 +520,10 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
{
if( $HTTP_POST_VARS['deleteuser'] )
{
$sql = "SELECT g.group_id
FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
$sql = "SELECT g.group_id
FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
AND g.group_single_user = 1";
$result = $db->sql_query($sql);
@@ -533,12 +533,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$db->sql_transaction();
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . ANONYMOUS . ", post_username = '$username'
SET poster_id = " . ANONYMOUS . ", post_username = '$username'
WHERE poster_id = $user_id";
$db->sql_query($sql);
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_poster = " . ANONYMOUS . "
SET topic_poster = " . ANONYMOUS . "
WHERE topic_poster = $user_id";
$db->sql_query($sql);
@@ -677,11 +677,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$user_lang = $this_userdata['user_lang'];
$user_timezone = $this_userdata['user_timezone'];
$user_dateformat = $this_userdata['user_dateformat'];
$user_status = $this_userdata['user_active'];
$user_allowavatar = $this_userdata['user_allowavatar'];
$user_allowpm = $this_userdata['user_allow_pm'];
$COPPA = false;
$html_status = ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
@@ -727,7 +727,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
}
}
}
@closedir($dir);
if( isset($HTTP_POST_VARS['avatarcategory']) )
@@ -794,7 +794,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />';
$s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />';
$s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />';
$s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />';
$s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />';
$s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
$s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
$s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", "&quot;", $user_dateformat) . '" />';
@@ -807,15 +807,15 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
$template->assign_vars(array(
"L_USER_TITLE" => $lang['User_admin'],
"L_USER_EXPLAIN" => $lang['User_admin_explain'],
"L_AVATAR_GALLERY" => $lang['Avatar_gallery'],
"L_SELECT_AVATAR" => $lang['Select_avatar'],
"L_RETURN_PROFILE" => $lang['Return_profile'],
"L_CATEGORY" => $lang['Select_category'],
"L_AVATAR_GALLERY" => $lang['Avatar_gallery'],
"L_SELECT_AVATAR" => $lang['Select_avatar'],
"L_RETURN_PROFILE" => $lang['Return_profile'],
"L_CATEGORY" => $lang['Select_category'],
"L_GO" => $lang['Go'],
"S_OPTIONS_CATEGORIES" => $s_categories,
"S_COLSPAN" => $s_colspan,
"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"),
"S_OPTIONS_CATEGORIES" => $s_categories,
"S_COLSPAN" => $s_colspan,
"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
}
@@ -860,17 +860,17 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
{
$rank = $row['rank_title'];
$rank_id = $row['rank_id'];
$selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : '';
$rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>';
}
$signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature);
$template->set_filenames(array(
"body" => "admin/user_edit_body.tpl")
);
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
@@ -918,12 +918,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '',
'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '',
'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '',
'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '',
'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '',
'RANK_SELECT_BOX' => $rank_select_box,
'L_USER_TITLE' => $lang['User_admin'],
'L_USER_EXPLAIN' => $lang['User_admin_explain'],
'L_NEW_PASSWORD' => $lang['New_password'],
'L_NEW_PASSWORD' => $lang['New_password'],
'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'],
'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'],
@@ -949,13 +949,13 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'],
'L_HIDE_USER' => $lang['Hide_user'],
'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'],
'L_SPECIAL' => $lang['User_special'],
'L_SPECIAL_EXPLAIN' => $lang['User_specail_explain'],
'L_USER_ACTIVE' => $lang['User_status'],
'L_ALLOW_PM' => $lang['User_allowpm'],
'L_ALLOW_AVATAR' => $lang['User_allowavatar'],
'L_AVATAR_PANEL' => $lang['Avatar_panel'],
'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'],
'L_DELETE_AVATAR' => $lang['Delete_Image'],
@@ -981,7 +981,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
'S_FORM_ENCTYPE' => $form_enctype,
'HTML_STATUS' => $html_status,
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'SMILIES_STATUS' => $smilies_status,
'L_DELETE_USER' => $lang['User_delete'],

24
phpBB/admin/admin_viewlogs.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@@ -44,7 +44,7 @@ require('pagestart.' . $phpEx);
//
// Do we have styles admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@@ -73,7 +73,7 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M
//
// Delete entries if requested and able
//
if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $acl->get_acl_admin('clearlogs'))
if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs'))
{
$where_sql = '';
if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) )
@@ -85,7 +85,7 @@ if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) )
$where_sql = "WHERE log_id IN ($where_sql)";
}
$sql = "DELETE FROM $table_sql
$sql = "DELETE FROM $table_sql
$where_sql";
$db->sql_query($sql);
@@ -148,7 +148,7 @@ $forum_options = '';
if ( $mode == 'mod' )
{
$sql = "SELECT forum_id, forum_name
FROM " . FORUMS_TABLE . "
FROM " . FORUMS_TABLE . "
ORDER BY cat_id, forum_order";
$result = $db->sql_query($sql);
@@ -203,7 +203,7 @@ if ( $mode == 'mod' )
<tr>
<td class="cat" colspan="5" height="28" align="center"><span class="gensmall"><?php echo $lang['Display_log']; ?>: &nbsp;<select name="sort_days"><?php echo $sort_day_options; ?></select>&nbsp;<?php echo $lang['Sort_by']; ?> <select name="sort_key"><?php echo $sort_key_options; ?></select> <select name="sort_dir"><?php echo $sort_order_options; ?></select>&nbsp;<input class="liteoption" type="submit" value="<?php echo $lang['Go']; ?>" name="sort" /></span></td>
</tr>
<tr>
<tr>
<th width="15%" height="25" nowrap="nowrap"><?php echo $lang['Username']; ?></th>
<th width="15%" nowrap="nowrap"><?php echo $lang['IP']; ?></th>
<th width="20%" nowrap="nowrap"><?php echo $lang['Time']; ?></th>
@@ -224,7 +224,7 @@ if ( $log_count )
for($i = 0; $i < sizeof($log_data); $i++)
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
?>
<tr>
<td class="<?php echo $row_class; ?>" nowrap="nowrap"><?php echo $log_data[$i]['username']; ?></td>
@@ -237,7 +237,7 @@ if ( $log_count )
}
if ( $acl->get_acl_admin('clearlogs') )
if ( $auth->get_acl_admin('clearlogs') )
{
?>
@@ -262,14 +262,14 @@ else
</table>
<table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
<tr>
<tr>
<td align="left" valign="top">&nbsp;<span class="nav"><?php echo on_page($log_count, $board_config['topics_per_page'], $start); ?></span></td>
<td align="right" valign="top" nowrap="nowrap"><?php
<td align="right" valign="top" nowrap="nowrap"><?php
if ( $acl->get_acl_admin('clearlogs') )
if ( $auth->get_acl_admin('clearlogs') )
{
?><b><span class="gensmall"><a href="javascript:marklist(true);" class="gensmall"><?php echo $lang['Mark_all']; ?></a> :: <a href="javascript:marklist(false);" class="gensmall"><?php echo $lang['Unmark_all']; ?></a></span></b>&nbsp;<br /><br /><?php
}

16
phpBB/admin/admin_words.php
View File

@@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@@ -42,7 +42,7 @@ require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@@ -54,7 +54,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
}
else
else
{
//
// These could be entered via a form button
@@ -89,8 +89,8 @@ if( $mode != '' )
message_die(MESSAGE, $lang['No_word_selected']);
}
$sql = "SELECT *
FROM " . WORDS_TABLE . "
$sql = "SELECT *
FROM " . WORDS_TABLE . "
WHERE word_id = $word_id";
$result = $db->sql_query($sql);
@@ -158,7 +158,7 @@ if( $mode != '' )
message_die(MESSAGE, $lang['Must_specify_word']);
}
$sql = "DELETE FROM " . WORDS_TABLE . "
$sql = "DELETE FROM " . WORDS_TABLE . "
WHERE word_id = $word_id";
$db->sql_query($sql);
@@ -189,8 +189,8 @@ else
<?php
$sql = "SELECT *
FROM " . WORDS_TABLE . "
$sql = "SELECT *
FROM " . WORDS_TABLE . "
ORDER BY word";
$result = $db->sql_query($sql);

56
phpBB/admin/index.php
View File

@@ -37,7 +37,7 @@ require('pagestart.' . $phpEx);
//
// Do we have any admin permissions at all?
//
if ( !$acl->get_acl_admin() )
if ( !$auth->get_acl_admin() )
{
message_die(MESSAGE, 'No_admin', '', true);
}
@@ -112,20 +112,20 @@ else if ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' )
$cat = ( !empty($lang[$cat . '_cat']) ) ? $lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
?>
<tr>
<tr>
<th class="menu" height="25">&#0187; <?php echo $cat; ?></th>
</tr>
<?php
@ksort($action_ary);
foreach ( $action_ary as $action => $file )
foreach ( $action_ary as $action => $file )
{
$action = ( !empty($lang[$action]) ) ? $lang[$action] : preg_replace('/_/', ' ', $action);
$cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1';
?>
<tr>
<tr>
<td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
</tr>
<?php
@@ -167,13 +167,13 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
if ( isset($HTTP_POST_VARS['delete']) )
{
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = config_value - " . sizeof($HTTP_POST_VARS['mark']) . "
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = config_value - " . sizeof($HTTP_POST_VARS['mark']) . "
WHERE config_name = 'num_users'";
$db->sql_query($sql);
}
$log_action = ( isset($HTTP_POST_VARS['activate']) ) ? 'log_index_activate' : 'log_index_delete';
$log_action = ( isset($HTTP_POST_VARS['activate']) ) ? 'log_index_activate' : 'log_index_delete';
add_admin_log($log_action, sizeof($HTTP_POST_VARS['mark']));
}
}
@@ -264,7 +264,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
if ( preg_match('/^mysql/', SQL_LAYER) )
{
$result = $db->sql_query('SELECT VERSION() AS mysql_version');
if ( $row = $db->sql_fetchrow($result) )
{
$version = $row['mysql_version'];
@@ -273,10 +273,10 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
{
$db_name = ( preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version) ) ? "`$dbname`" : $dbname;
$sql = "SHOW TABLE STATUS
$sql = "SHOW TABLE STATUS
FROM " . $db_name;
$result = $db->sql_query($sql);
$dbsize = 0;
while ( $row = $db->sql_fetchrow($result) )
{
@@ -308,10 +308,10 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
}
else if ( preg_match('/^mssql/', SQL_LAYER) )
{
$sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize
FROM sysfiles";
$sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize
FROM sysfiles";
$result = $db->sql_query($sql);
$dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $lang['Not_available'];
}
else
@@ -347,37 +347,37 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
<h1><?php echo $lang['Forum_stats']; ?></h1>
<table class="bg" width="100%" cellpadding="4" cellspacing="1" border="0">
<tr>
<tr>
<th width="25%" nowrap="nowrap" height="25"><?php echo $lang['Statistic']; ?></th>
<th width="25%"><?php echo $lang['Value']; ?></th>
<th width="25%" nowrap="nowrap"><?php echo $lang['Statistic']; ?></th>
<th width="25%"><?php echo $lang['Value']; ?></th>
</tr>
<tr>
<tr>
<td class="row1" nowrap="nowrap"><?php echo $lang['Number_posts']; ?>:</td>
<td class="row2"><b><?php echo $total_posts; ?></b></td>
<td class="row1" nowrap="nowrap"><?php echo $lang['Posts_per_day']; ?>:</td>
<td class="row2"><b><?php echo $posts_per_day; ?></b></td>
</tr>
<tr>
<tr>
<td class="row1" nowrap="nowrap"><?php echo $lang['Number_topics']; ?>:</td>
<td class="row2"><b><?php echo $total_topics; ?></b></td>
<td class="row1" nowrap="nowrap"><?php echo $lang['Topics_per_day']; ?>:</td>
<td class="row2"><b><?php echo $topics_per_day; ?></b></td>
</tr>
<tr>
<tr>
<td class="row1" nowrap="nowrap"><?php echo $lang['Number_users']; ?>:</td>
<td class="row2"><b><?php echo $total_users; ?></b></td>
<td class="row1" nowrap="nowrap"><?php echo $lang['Users_per_day']; ?>:</td>
<td class="row2"><b><?php echo $users_per_day; ?></b></td>
</tr>
<tr>
<tr>
<td class="row1" nowrap="nowrap"><?php echo $lang['Board_started']; ?>:</td>
<td class="row2"><b><?php echo $start_date; ?></b></td>
<td class="row1" nowrap="nowrap"><?php echo $lang['Avatar_dir_size']; ?>:</td>
<td class="row2"><b><?php echo $avatar_dir_size; ?></b></td>
</tr>
<tr>
<tr>
<td class="row1" nowrap="nowrap"><?php echo $lang['Database_size']; ?>:</td>
<td class="row2"><b><?php echo $dbsize; ?></b></td>
<td class="row1" nowrap="nowrap"><?php echo $lang['Gzip_compression']; ?>:</td>
@@ -393,7 +393,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
<p><?php echo $lang['Admin_log_index_explain']; ?></p>
<table class="bg" width="100%" cellpadding="4" cellspacing="1" border="0">
<tr>
<tr>
<th width="15%" height="25" nowrap="nowrap"><?php echo $lang['Username']; ?></th>
<th width="15%"><?php echo $lang['IP']; ?></th>
<th width="20%"><?php echo $lang['Time']; ?></th>
@@ -406,7 +406,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
for($i = 0; $i < sizeof($log_data); $i++)
{
$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
?>
<tr>
<td class="<?php echo $row_class; ?>"><?php echo $log_data[$i]['username']; ?></td>
@@ -426,17 +426,17 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
<p><?php echo $lang['Inactive_users_explain']; ?></p>
<form method="post" name="inactive" action="<?php echo "index.$phpEx$SID&amp;pane=right"; ?>"><table class="bg" width="100%" cellpadding="4" cellspacing="1" border="0">
<tr>
<tr>
<th width="45%" height="25" nowrap="nowrap"><?php echo $lang['Username']; ?></th>
<th width="45%"><?php echo $lang['Joined']; ?></th>
<th width="5%" nowrap="nowrap"><?php echo $lang['Mark']; ?></th>
</tr>
<?php
$sql = "SELECT user_id, username, user_regdate
FROM " . USERS_TABLE . "
WHERE user_active = 0
AND user_id <> " . ANONYMOUS . "
$sql = "SELECT user_id, username, user_regdate
FROM " . USERS_TABLE . "
WHERE user_active = 0
AND user_id <> " . ANONYMOUS . "
ORDER BY user_regdate ASC";
$result = $db->sql_query($sql);
@@ -479,7 +479,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
</table>
<table width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<tr>
<td align="right" valign="top" nowrap="nowrap"><b><span class="gensmall"><a href="javascript:marklist(true);" class="gensmall"><?php echo $lang['Mark_all']; ?></a> :: <a href="javascript:marklist(false);" class="gensmall"><?php echo $lang['Unmark_all']; ?></a></span></b></td>
</tr>
</table></form>
@@ -506,7 +506,7 @@ else
<frameset rows="60, *" border="0" framespacing="0" frameborder="NO">
<frame src="<?php echo "index.$phpEx$SID&amp;pane=top"; ?>" name="title" noresize marginwidth="0" marginheight="0" scrolling="NO">
<frameset cols="155,*" rows="*" border="2" framespacing="0" frameborder="yes">
<frameset cols="155,*" rows="*" border="2" framespacing="0" frameborder="yes">
<frame src="<?php echo "index.$phpEx$SID&amp;pane=left"; ?>" name="nav" marginwidth="3" marginheight="3" scrolling="yes">
<frame src="<?php echo "index.$phpEx$SID&amp;pane=right"; ?>" name="main" marginwidth="0" marginheight="0" scrolling="auto">
</frameset>

2
phpBB/admin/pagestart.php
View File

@@ -31,7 +31,7 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Start session management
//
$userdata = $session->start($update);
$acl = new acl($userdata);
$auth->acl($userdata);
//
// End session management
//