mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-06 15:45:34 +02:00
Code Issues Releases Wiki Activity

Changed sendpassword so it dosan't deactivate the account

Browse Source 
Fixed a security hole in group cp (thanks Ashe)


git-svn-id: file:///svn/phpbb/trunk@1164 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
James Atkinson 2001-10-11 08:03:03 +00:00
parent 2f10b2076e
commit 38d780d1ce
3 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
phpBB/groupcp.php
View File

@ -40,6 +40,7 @@ if(!isset($HTTP_GET_VARS['start']))
} }
$page_title = $lang['Group_Control_Panel']; $page_title = $lang['Group_Control_Panel'];
$is_moderator = FALSE;
// //
// First, joining a group // First, joining a group
@ -157,18 +158,44 @@ else if( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending'
// //
else if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) else if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) )
{ {
// //
// Include page header here because we might need to send a header redirect from the unsub section // Include page header here because we might need to send a header redirect from the unsub section
// //
include($phpbb_root_path . 'includes/page_header.'.$phpEx); include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? $HTTP_POST_VARS[POST_GROUPS_URL] : $HTTP_GET_VARS[POST_GROUPS_URL]; $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? $HTTP_POST_VARS[POST_GROUPS_URL] : $HTTP_GET_VARS[POST_GROUPS_URL];
//
// For security, get the ID of the group moderator.
//
$sql = "SELECT group_moderator FROM " . GROUPS_TABLE . " WHERE group_id = $group_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get moderator information", $lang['Error'], __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$group_moderator = $row['group_moderator'];
if($group_moderator == $userdata['user_id'] || $userdata['user_level'] == ADMIN)
{
$is_moderator = TRUE;
}
// //
// Handle Additions, removals, approvals and denials // Handle Additions, removals, approvals and denials
// //
if(isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) || $HTTP_POST_VARS['add'] || $HTTP_POST_VARS['remove']) if(isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) || $HTTP_POST_VARS['add'] || $HTTP_POST_VARS['remove'])
{ {
if(!$is_moderator)
{
message_die(GENERAL_ERROR, $lang['Not_group_moderator'], $lang['Error']);
}
$members = $HTTP_POST_VARS['member']; $members = $HTTP_POST_VARS['member'];
if(isset($HTTP_POST_VARS['add'])) if(isset($HTTP_POST_VARS['add']))
@ -307,7 +334,7 @@ else if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GR
// //
// END approve or deny // END approve or deny
// //
$start = ( isset($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0; $start = ( isset($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0;

1
phpBB/language/lang_english.php
View File

@ -558,6 +558,7 @@ $lang['Deny_selected'] = "Deny Selected";
$lang['Not_logged_in'] = "You must be logged in to join a group."; $lang['Not_logged_in'] = "You must be logged in to join a group.";
$lang['Remove_selected'] = "Remove Selected"; $lang['Remove_selected'] = "Remove Selected";
$lang['Add_member'] = "Add Member"; $lang['Add_member'] = "Add Member";
$lang['Not_group_moderator'] = "You are not this groups moderator therefor you cannot preform that action.";
$lang['This_open_group'] = "This is an open group, click to request membership"; $lang['This_open_group'] = "This is an open group, click to request membership";
$lang['This_closed_group'] = "This is a closed group, no more users accepted"; $lang['This_closed_group'] = "This is a closed group, no more users accepted";

4
phpBB/profile.php
View File

@ -1429,9 +1429,9 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
$username = $row['username']; $username = $row['username'];
$user_actkey = generate_activation_key(); $user_actkey = generate_activation_key();
$user_password = generate_password(); $user_password = generate_password();
$sql = "UPDATE " . USERS_TABLE . " $sql = "UPDATE " . USERS_TABLE . "
SET user_active = 0, user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'
WHERE user_id = " . $row['user_id']; WHERE user_id = " . $row['user_id'];
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {