To all people having their bug status set to fixed: SF pserver CVS access is currently down, therefore the snapshots are still out of date.

- fix a bunch of bugs
- <!-- $Id$ --> is no longer allowed in template (.html) files
- changed layout of private message screens (folders are menu items)
- removed unread mode for private messages
- added new feature to template engine - "jump out of loop" or "loop another loop within my loop" :D (will be documented within the coding guidelines)
- added autologin field to sessions
- check session length checks
- added add_log statement to sessions to track session valid to invalid changes if ip/browser change depending on config settings (only debug)
- added multibyte support for various variables (exception at the moment is usernames which needs some discussion)
- hopefully not broke something. :/


git-svn-id: file:///svn/phpbb/trunk@5765 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/mcp/mcp_ban.php

@@ -40,8 +40,8 @@ class mcp_ban
 			$ban_len			= request_var('banlength', 0);
 			$ban_len_other		= request_var('banlengthother', '');
 			$ban_exclude		= request_var('banexclude', 0);
-			$ban_reason			= request_var('banreason', '');
-			$ban_give_reason	= request_var('bangivereason', '');
+			$ban_reason			= request_var('banreason', '', true);
+			$ban_give_reason	= request_var('bangivereason', '', true);
 
 			user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
 

phpBB/includes/mcp/mcp_logs.php

@@ -34,12 +34,12 @@ class mcp_logs
 		{
 			list($action, ) = each($action);
 		}
+		else
+		{
+			$action = request_var('action', '');
+		}
 
 		// Set up general vars
-
-		// Isn't this set above? :o
-		$action		= request_var('action', '');
-		
 		$start		= request_var('start', 0);
 		$deletemark = (isset($_POST['del_marked'])) ? true : false;
 		$deleteall	= (isset($_POST['del_all'])) ? true : false;

phpBB/includes/mcp/mcp_notes.php

@@ -86,7 +86,7 @@ function mcp_notes_user_view($id, $mode, $action)
 	$deletemark = ($action == 'del_marked') ? true : false;
 	$deleteall	= ($action == 'del_all') ? true : false;
 	$marked		= request_var('marknote', array(0));
-	$usernote	= request_var('usernote', '');
+	$usernote	= request_var('usernote', '', true);
 
 	// Handle any actions
 	if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))

phpBB/includes/mcp/mcp_queue.php

@@ -535,7 +535,7 @@ function disapprove_post($post_id_list, $mode)
 	}
 
 	$redirect = request_var('redirect', $user->data['session_page']);
-	$reason = request_var('reason', '');
+	$reason = request_var('reason', '', true);
 	$reason_id = request_var('reason_id', 0);
 	$success_msg = $additional_msg = '';
 

phpBB/includes/mcp/mcp_topic.php

@@ -32,7 +32,7 @@ function mcp_topic_view($id, $mode, $action)
 
 	// Set up some vars
 	$icon_id = request_var('icon', 0);
-	$subject = request_var('subject', '');
+	$subject = request_var('subject', '', true);
 	$start = request_var('start', 0);
 	$to_topic_id = request_var('to_topic_id', 0);
 	$to_forum_id = request_var('to_forum_id', 0);

phpBB/includes/mcp/mcp_warn.php

@@ -188,7 +188,7 @@ function mcp_warn_post_view($id, $mode, $action)
 
 	$post_id = request_var('p', 0);
 	$notify = (isset($_REQUEST['notify_user'])) ? true : false;
-	$warning = request_var('warning', '');
+	$warning = request_var('warning', '', true);
 
 	$sql = 'SELECT u.*, p.* FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u 
 		WHERE post_id = $post_id
@@ -302,7 +302,7 @@ function mcp_warn_user_view($id, $mode, $action)
 	$user_id = request_var('u', 0);
 	$username = request_var('username', '');
 	$notify = (isset($_REQUEST['notify_user'])) ? true : false;
-	$warning = request_var('warning', '');
+	$warning = request_var('warning', '', true);
 
 	$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";