mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-26 01:43:45 +02:00
Code Issues Releases Wiki Activity

This commit was manufactured by cvs2svn to create tag

Browse Source 
'release_2_0_2'.

git-svn-id: file:///svn/phpbb/tags/release_2_0_2@2845 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
(no author)
2002-08-08 18:06:53 +00:00
parent 212515e02c
commit 435058a7be
561 changed files with 24331 additions and 19533 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
phpBB/admin/admin_board.php
View File

@@ -23,9 +23,9 @@ if( !empty($setmodules) )
//
// Let's set the root dir for phpBB
//
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
//
@@ -311,6 +311,6 @@ $template->assign_vars(array(
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

40
phpBB/admin/admin_db_utilities.php
View File

@@ -42,6 +42,7 @@ if( !empty($setmodules) )
{
$file_uploads = @get_cfg_var('file_uploads');
}
if( ($file_uploads != 0 || empty($file_uploads)) && (strtolower($file_uploads) != 'off') && (@phpversion() != '4.0.4pl1') )
{
$module['General']['Restore_DB'] = $filename . "?perform=restore";
@@ -54,9 +55,9 @@ if( !empty($setmodules) )
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/sql_parse.'.$phpEx);
//
@@ -375,7 +376,7 @@ function get_table_def_mysql($table, $crlf)
// Ok lets grab the fields...
//
$result = $db->sql_query($field_query);
if(!result)
if(!$result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
}
@@ -695,7 +696,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
break;
}
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
@@ -711,7 +712,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
break;
}
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
@@ -740,12 +741,11 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
if( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']))
{
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/db_utils_backup_body.tpl")
);
);
$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"backup\" /><input type=\"hidden\" name=\"drop\" value=\"1\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";
$template->assign_vars(array(
@@ -771,22 +771,26 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
}
else if( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )
{
if(is_array($additional_tables))
{
$additional_tables = implode(',', $additional_tables);
}
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
$template->assign_vars(array(
"META" => "<meta http-equiv=\"refresh\" content=\"0;url=admin_db_utilities.$phpEx?perform=backup&amp;additional_tables=" . quotemeta($additional_tables) . "&amp;backup_type=$backup_type&amp;drop=1&amp;backupstart=1&amp;gzipcompress=$gzipcompress&amp;startdownload=1\">",
"META" => "<meta http-equiv=\"refresh\" content=\"2;url=admin_db_utilities.$phpEx?perform=backup&additional_tables=" . quotemeta($additional_tables) . "&backup_type=$backup_type&drop=1&amp;backupstart=1&gzipcompress=$gzipcompress&startdownload=1\">",
"MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Backup'],
"MESSAGE_TEXT" => $lang['Backup_download'])
);
include('page_header_admin.php');
include('./page_header_admin.'.$phpEx);
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
}
header("Pragma: no-cache");
@@ -807,7 +811,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
{
@ob_start();
@ob_implicit_flush(0);
header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.sql.gz\"");
header("Content-Type: application/x-gzip; name=\"phpbb_db_backup.sql.gz\"");
header("Content-disposition: attachment; filename=phpbb_db_backup.sql.gz");
}
else
@@ -873,7 +877,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
//
// Define Template files...
//
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/db_utils_restore_body.tpl")
@@ -907,7 +911,6 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
if($backup_file_tmpname == "" || $backup_file_name == "")
{
include('page_header_admin.'.$phpEx);
message_die(GENERAL_MESSAGE, $lang['Restore_Error_no_file']);
}
//
@@ -943,7 +946,6 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
}
else
{
include('page_header_admin.'.$phpEx);
message_die(GENERAL_ERROR, $lang['Restore_Error_decompress']);
}
}
@@ -958,13 +960,11 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
}
else
{
include('page_header_admin.'.$phpEx);
message_die(GENERAL_ERROR, $lang['Restore_Error_filename'] ." $backup_file_type $backup_file_name");
}
}
else
{
include('page_header_admin.'.$phpEx);
message_die(GENERAL_ERROR, $lang['Restore_Error_uploading']);
}
@@ -991,15 +991,13 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
if(!$result && ( !(SQL_LAYER == 'postgresql' && eregi("drop table", $sql) ) ) )
{
//include('page_header_admin.'.$phpEx);
// echo "~~$sql~~";
message_die(GENERAL_ERROR, "Error importing backup file", "", __LINE__, __FILE__, $sql);
}
}
}
}
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
@@ -1019,6 +1017,6 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
}
}
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

9
phpBB/admin/admin_disallow.php
View File

@@ -33,16 +33,15 @@ if( !empty($setmodules) )
//
// Include required files, get $phpEx and check permissions
//
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
if( isset($HTTP_POST_VARS['add_name']) )
{
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
$disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? $HTTP_POST_VARS['disallowed_user'] : $HTTP_GET_VARS['disallowed_user'];
$disallowed_user = preg_replace( '/\*/', '%', $disallowed_user );
if( !validate_username($disallowed_user) )
{
@@ -110,8 +109,6 @@ else
$user = array();
for( $i = 0; $i < count($disallowed); $i++ )
{
$disallowed[$i]['disallow_username'] = preg_replace('/%/', '*', $disallowed[$i]['disallow_username']);
$disallow_select .= '<option value="' . $disallowed[$i]['disallow_id'] . '">' . $disallowed[$i]['disallow_username'] . '</option>';
}
}
@@ -140,4 +137,6 @@ $template->assign_vars(array(
$template->pparse("body");
include('./page_footer_admin.'.$phpEx);
?>

7
phpBB/admin/admin_forum_prune.php
View File

@@ -32,9 +32,9 @@ if ( !empty($setmodules) )
//
// Load default header
//
$phpbb_root_path = '../';
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/prune.'.$phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
@@ -178,6 +178,7 @@ else
$template->assign_vars(array(
'FORUM_NAME' => $forum_name,
'L_FORUM' => $lang['Forum'],
'L_FORUM_PRUNE' => $lang['Forum_Prune'],
'L_FORUM_PRUNE_EXPLAIN' => $lang['Forum_Prune_explain'],
'L_DO_PRUNE' => $lang['Do_Prune'],
@@ -193,6 +194,6 @@ else
//
$template->pparse('body');
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

162
phpBB/admin/admin_forumauth.php
View File

@@ -34,9 +34,9 @@ if( !empty($setmodules) )
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "../";
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
//
// Start program - define vars
@@ -52,23 +52,23 @@ $simple_auth_ary = array(
6 => array(AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD, AUTH_MOD),
);
$simple_auth_types = array($lang['Public'], $lang['Registered'], $lang['Registered'] . " [" . $lang['Hidden'] . "]", $lang['Private'], $lang['Private'] . " [" . $lang['Hidden'] . "]", $lang['Moderators'], $lang['Moderators'] . " [" . $lang['Hidden'] . "]");
$simple_auth_types = array($lang['Public'], $lang['Registered'], $lang['Registered'] . ' [' . $lang['Hidden'] . ']', $lang['Private'], $lang['Private'] . ' [' . $lang['Hidden'] . ']', $lang['Moderators'], $lang['Moderators'] . ' [' . $lang['Hidden'] . ']');
$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_vote", "auth_pollcreate");
$forum_auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
$field_names = array(
"auth_view" => $lang['View'],
"auth_read" => $lang['Read'],
"auth_post" => $lang['Post'],
"auth_reply" => $lang['Reply'],
"auth_edit" => $lang['Edit'],
"auth_delete" => $lang['Delete'],
"auth_sticky" => $lang['Sticky'],
"auth_announce" => $lang['Announce'],
"auth_vote" => $lang['Vote'],
"auth_pollcreate" => $lang['Pollcreate']);
'auth_view' => $lang['View'],
'auth_read' => $lang['Read'],
'auth_post' => $lang['Post'],
'auth_reply' => $lang['Reply'],
'auth_edit' => $lang['Edit'],
'auth_delete' => $lang['Delete'],
'auth_sticky' => $lang['Sticky'],
'auth_announce' => $lang['Announce'],
'auth_vote' => $lang['Vote'],
'auth_pollcreate' => $lang['Pollcreate']);
$forum_auth_levels = array("ALL", "REG", "PRIVATE", "MOD", "ADMIN");
$forum_auth_levels = array('ALL', 'REG', 'PRIVATE', 'MOD', 'ADMIN');
$forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN);
if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))
@@ -79,7 +79,7 @@ if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL
else
{
unset($forum_id);
$forum_sql = "";
$forum_sql = '';
}
if( isset($HTTP_GET_VARS['adv']) )
@@ -96,26 +96,20 @@ else
//
if( isset($HTTP_POST_VARS['submit']) )
{
$sql = "";
$sql = '';
if(!empty($forum_id))
{
$sql = "UPDATE " . FORUMS_TABLE . " SET ";
if(isset($HTTP_POST_VARS['simpleauth']))
{
$simple_ary = $simple_auth_ary[$HTTP_POST_VARS['simpleauth']];
for($i = 0; $i < count($simple_ary); $i++)
{
$sql .= $forum_auth_fields[$i] . " = " . $simple_ary[$i];
if($i < count($simple_ary) - 1)
{
$sql .= ", ";
}
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
}
$sql .= " WHERE forum_id = $forum_id";
$sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
}
else
{
@@ -123,39 +117,34 @@ if( isset($HTTP_POST_VARS['submit']) )
{
$value = $HTTP_POST_VARS[$forum_auth_fields[$i]];
if($forum_auth_fields[$i] == 'auth_vote')
if ( $forum_auth_fields[$i] == 'auth_vote' )
{
if( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL )
if ( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL )
{
$value = AUTH_REG;
}
}
$sql .= $forum_auth_fields[$i] . " = " . $value;
if($i < count($forum_auth_fields) - 1)
{
$sql .= ", ";
}
$sql .= ( ( $sql != '' ) ? ', ' : '' ) .$forum_auth_fields[$i] . ' = ' . $value;
}
$sql .= " WHERE forum_id = $forum_id";
$sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
}
if($sql != "")
if ( $sql != '' )
{
if(!$db->sql_query($sql))
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update auth table!", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not update auth table', '', __LINE__, __FILE__, $sql);
}
}
$forum_sql = "";
$forum_sql = '';
$adv = 0;
}
$template->assign_vars(array(
"META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">')
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">')
);
$message = $lang['Forum_auth_updated'] . '<br /><br />' . sprintf($lang['Click_return_forumauth'], '<a href="' . append_sid("admin_forumauth.$phpEx") . '">', "</a>");
message_die(GENERAL_MESSAGE, $message);
@@ -187,7 +176,7 @@ if( empty($forum_id) )
// specified
//
$template->set_filenames(array(
"body" => "admin/auth_select_body.tpl")
'body' => 'admin/auth_select_body.tpl')
);
$select_list = '<select name="' . POST_FORUM_URL . '">';
@@ -198,13 +187,13 @@ if( empty($forum_id) )
$select_list .= '</select>';
$template->assign_vars(array(
"L_AUTH_TITLE" => $lang['Auth_Control_Forum'],
"L_AUTH_EXPLAIN" => $lang['Forum_auth_explain'],
"L_AUTH_SELECT" => $lang['Select_a_Forum'],
"L_LOOK_UP" => $lang['Look_up_Forum'],
'L_AUTH_TITLE' => $lang['Auth_Control_Forum'],
'L_AUTH_EXPLAIN' => $lang['Forum_auth_explain'],
'L_AUTH_SELECT' => $lang['Select_a_Forum'],
'L_LOOK_UP' => $lang['Look_up_Forum'],
"S_AUTH_ACTION" => append_sid("admin_forumauth.$phpEx"),
"S_AUTH_SELECT" => $select_list)
'S_AUTH_ACTION' => append_sid("admin_forumauth.$phpEx"),
'S_AUTH_SELECT' => $select_list)
);
}
@@ -215,7 +204,7 @@ else
// specified
//
$template->set_filenames(array(
"body" => "admin/auth_forum_body.tpl")
'body' => 'admin/auth_forum_body.tpl')
);
$forum_name = $forum_rows[0]['forum_name'];
@@ -244,38 +233,30 @@ else
// If we didn't get a match above then we
// automatically switch into 'advanced' mode
//
if(!isset($adv) && !$matched)
if ( !isset($adv) && !$matched )
{
$adv = 1;
}
$s_column_span == 0;
if( empty($adv) )
if ( empty($adv) )
{
$simple_auth = "<select name=\"simpleauth\">";
$simple_auth = '<select name="simpleauth">';
for($j = 0; $j < count($simple_auth_types); $j++)
{
if($matched_type == $j)
{
$simple_auth .= "<option value=\"$j\" selected>";
$simple_auth .= $simple_auth_types[$j];
$simple_auth .= "</option>";
}
else
{
$simple_auth .= "<option value=\"$j\">" . $simple_auth_types[$j] . "</option>";
}
$selected = ( $matched_type == $j ) ? ' selected="selected"' : '';
$simple_auth .= '<option value="' . $j . '"' . $selected . '>' . $simple_auth_types[$j] . '</option>';
}
$simple_auth .= "</select>";
$simple_auth .= '</select>';
$template->assign_block_vars("forum_auth_titles", array(
"CELL_TITLE" => $lang['Simple_mode'])
$template->assign_block_vars('forum_auth_titles', array(
'CELL_TITLE' => $lang['Simple_mode'])
);
$template->assign_block_vars("forum_auth_data", array(
"S_AUTH_LEVELS_SELECT" => $simple_auth)
$template->assign_block_vars('forum_auth_data', array(
'S_AUTH_LEVELS_SELECT' => $simple_auth)
);
$s_column_span++;
@@ -288,37 +269,29 @@ else
//
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$custom_auth[$j] = "&nbsp;<select name=\"" . $forum_auth_fields[$j] . "\">";
$custom_auth[$j] = '&nbsp;<select name="' . $forum_auth_fields[$j] . '">';
for($k = 0; $k < count($forum_auth_levels); $k++)
{
if ( $forum_rows[0][$forum_auth_fields[$j]] == $forum_auth_const[$k] )
{
$custom_auth[$j] .= "<option value=\"" . $forum_auth_const[$k] . "\" selected>";
$custom_auth[$j] .= $lang['Forum_' . $forum_auth_levels[$k]];
$custom_auth[$j] .= "</option>";
}
else
{
$custom_auth[$j] .= "<option value=\"" . $forum_auth_const[$k] . "\">". $lang['Forum_' . $forum_auth_levels[$k]] . "</option>";
}
$selected = ( $forum_rows[0][$forum_auth_fields[$j]] == $forum_auth_const[$k] ) ? ' selected="selected"' : '';
$custom_auth[$j] .= '<option value="' . $forum_auth_const[$k] . '"' . $selected . '>' . $lang['Forum_' . $forum_auth_levels[$k]] . '</option>';
}
$custom_auth[$j] .= "</select>&nbsp;";
$custom_auth[$j] .= '</select>&nbsp;';
$cell_title = $field_names[$forum_auth_fields[$j]];
$template->assign_block_vars("forum_auth_titles", array(
"CELL_TITLE" => $cell_title)
$template->assign_block_vars('forum_auth_titles', array(
'CELL_TITLE' => $cell_title)
);
$template->assign_block_vars("forum_auth_data", array(
"S_AUTH_LEVELS_SELECT" => $custom_auth[$j])
$template->assign_block_vars('forum_auth_data', array(
'S_AUTH_LEVELS_SELECT' => $custom_auth[$j])
);
$s_column_span++;
}
}
$adv_mode = (empty($adv)) ? "1" : "0";
$adv_mode = ( empty($adv) ) ? '1' : '0';
$switch_mode = append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv=". $adv_mode);
$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
@@ -326,26 +299,27 @@ else
$s_hidden_fields = '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '">';
$template->assign_vars(array(
"FORUM_NAME" => $forum_name,
'FORUM_NAME' => $forum_name,
"L_AUTH_TITLE" => $lang['Auth_Control_Forum'],
"L_AUTH_EXPLAIN" => $lang['Forum_auth_explain'],
"L_SUBMIT" => $lang['Submit'],
"L_RESET" => $lang['Reset'],
'L_FORUM' => $lang['Forum'],
'L_AUTH_TITLE' => $lang['Auth_Control_Forum'],
'L_AUTH_EXPLAIN' => $lang['Forum_auth_explain'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
"U_SWITCH_MODE" => $u_switch_mode,
'U_SWITCH_MODE' => $u_switch_mode,
"S_FORUMAUTH_ACTION" => append_sid("admin_forumauth.$phpEx"),
"S_COLUMN_SPAN" => $s_column_span,
"S_HIDDEN_FIELDS" => $s_hidden_fields)
'S_FORUMAUTH_ACTION' => append_sid("admin_forumauth.$phpEx"),
'S_COLUMN_SPAN' => $s_column_span,
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
}
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->pparse("body");
$template->pparse('body');
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

18
phpBB/admin/admin_forums.php
View File

@@ -1,6 +1,6 @@
<?php
/***************************************************************************
* admin_forums.php
* admin_forums.php
* -------------------
* begin : Thursday, Jul 12, 2001
* copyright : (C) 2001 The phpBB Group
@@ -8,7 +8,6 @@
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
@@ -32,9 +31,9 @@ if( !empty($setmodules) )
//
// Load default header
//
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
$forum_auth_ary = array(
@@ -302,8 +301,9 @@ if( !empty($mode) )
$catlist = get_list('category', $cat_id, TRUE);
$forumstatus == ( FORUM_LOCKED ) ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
$statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>Unlocked</option>\n";
$statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>Locked</option>\n";
$statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>" . $lang['Status_unlocked'] . "</option>\n";
$statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>" . $lang['Status_locked'] . "</option>\n";
$template->set_filenames(array(
"body" => "admin/forum_edit_body.tpl")
@@ -493,7 +493,7 @@ if( !empty($mode) )
// There is no problem having duplicate forum names so we won't check for it.
//
$sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order)
VALUES ('" . $HTTP_POST_VARS['categoryname'] . "', $next_order)";
VALUES ('" . str_replace("\'", "''", $HTTP_POST_VARS['categoryname']) . "', $next_order)";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);
@@ -826,7 +826,7 @@ if( !empty($mode) )
if ($show_index != TRUE)
{
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
exit;
}
}
@@ -931,6 +931,6 @@ if( $total_categories = $db->sql_numrows($q_categories) )
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

274
phpBB/admin/admin_groups.php
View File

@@ -22,7 +22,7 @@
define('IN_PHPBB', 1);
if( !empty($setmodules) )
if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Groups']['Manage'] = $filename;
@@ -33,38 +33,35 @@ if( !empty($setmodules) )
//
// Load default header
//
$phpbb_root_path = "../";
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
if ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
{
$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
}
else
{
$group_id = "";
$group_id = '';
}
//
// Mode setting
//
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
}
else
{
$mode = "";
$mode = '';
}
if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
{
//
// Ok they are editing a group or creating a new group
//
$template->set_filenames(array(
"body" => "admin/group_edit_body.tpl")
'body' => 'admin/group_edit_body.tpl')
);
if ( isset($HTTP_POST_VARS['edit']) )
@@ -76,34 +73,33 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
AND group_id = $group_id";
if(!$result = $db->sql_query($sql))
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error getting group information", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if( !$db->sql_numrows($result) )
if ( !($group_info = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
}
$group_info = $db->sql_fetchrow($result);
$mode = "editgroup";
$template->assign_block_vars("group_edit", array());
$mode = 'editgroup';
$template->assign_block_vars('group_edit', array());
}
else if( isset($HTTP_POST_VARS['new']) )
else if ( isset($HTTP_POST_VARS['new']) )
{
$group_info = array (
"group_name" => "",
"group_description" => "",
"group_moderator" => "",
"group_type" => GROUP_OPEN);
$group_open = "checked=\"checked\"";
'group_name' => '',
'group_description' => '',
'group_moderator' => '',
'group_type' => GROUP_OPEN);
$group_open = ' checked="checked"';
$mode = "newgroup";
$mode = 'newgroup';
}
//
// Ok, now we know everything about them, let's show the page.
//
@@ -111,111 +107,108 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
ORDER BY username";
$u_result = $db->sql_query($sql);
if( !$u_result )
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain user info for moderator list", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
}
$user_list = $db->sql_fetchrowset($u_result);
for($i = 0; $i < count($user_list); $i++)
while ( $row = $db->sql_fetchrow($result) )
{
if( $user_list[$i]['user_id'] == $group_info['group_moderator'] )
if ( $row['user_id'] == $group_info['group_moderator'] )
{
$group_moderator = $user_list[$i]['username'];
$group_moderator = $row['username'];
}
}
$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? "checked=\"checked\"" : "";
$group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? "checked=\"checked\"" : "";
$group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? "checked=\"checked\"" : "";
$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
$group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '';
$group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '';
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
$template->assign_vars(array(
"GROUP_NAME" => $group_info['group_name'],
"GROUP_DESCRIPTION" => $group_info['group_description'],
"GROUP_MODERATOR" => $group_moderator,
'GROUP_NAME' => $group_info['group_name'],
'GROUP_DESCRIPTION' => $group_info['group_description'],
'GROUP_MODERATOR' => $group_moderator,
"L_GROUP_TITLE" => $lang['Group_administration'],
"L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
"L_GROUP_NAME" => $lang['group_name'],
"L_GROUP_DESCRIPTION" => $lang['group_description'],
"L_GROUP_MODERATOR" => $lang['group_moderator'],
"L_FIND_USERNAME" => $lang['Find_username'],
"L_GROUP_STATUS" => $lang['group_status'],
"L_GROUP_OPEN" => $lang['group_open'],
"L_GROUP_CLOSED" => $lang['group_closed'],
"L_GROUP_HIDDEN" => $lang['group_hidden'],
"L_GROUP_DELETE" => $lang['group_delete'],
"L_GROUP_DELETE_CHECK" => $lang['group_delete_check'],
"L_SUBMIT" => $lang['Submit'],
"L_RESET" => $lang['Reset'],
"L_DELETE_MODERATOR" => $lang['delete_group_moderator'],
"L_DELETE_MODERATOR_EXPLAIN" => $lang['delete_moderator_explain'],
"L_YES" => $lang['Yes'],
'L_GROUP_TITLE' => $lang['Group_administration'],
'L_GROUP_EDIT_DELETE' => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
'L_GROUP_NAME' => $lang['group_name'],
'L_GROUP_DESCRIPTION' => $lang['group_description'],
'L_GROUP_MODERATOR' => $lang['group_moderator'],
'L_FIND_USERNAME' => $lang['Find_username'],
'L_GROUP_STATUS' => $lang['group_status'],
'L_GROUP_OPEN' => $lang['group_open'],
'L_GROUP_CLOSED' => $lang['group_closed'],
'L_GROUP_HIDDEN' => $lang['group_hidden'],
'L_GROUP_DELETE' => $lang['group_delete'],
'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'L_DELETE_MODERATOR' => $lang['delete_group_moderator'],
'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'],
'L_YES' => $lang['Yes'],
"U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"),
'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"),
"S_GROUP_OPEN_TYPE" => GROUP_OPEN,
"S_GROUP_CLOSED_TYPE" => GROUP_CLOSED,
"S_GROUP_HIDDEN_TYPE" => GROUP_HIDDEN,
"S_GROUP_OPEN_CHECKED" => $group_open,
"S_GROUP_CLOSED_CHECKED" => $group_closed,
"S_GROUP_HIDDEN_CHECKED" => $group_hidden,
"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
'S_GROUP_OPEN_CHECKED' => $group_open,
'S_GROUP_CLOSED_CHECKED' => $group_closed,
'S_GROUP_HIDDEN_CHECKED' => $group_hidden,
'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('body');
}
else if( isset($HTTP_POST_VARS['group_update']) )
else if ( isset($HTTP_POST_VARS['group_update']) )
{
//
// Ok, they are submitting a group, let's save the data based on if it's new or editing
//
if( isset($HTTP_POST_VARS['group_delete']) )
if ( isset($HTTP_POST_VARS['group_delete']) )
{
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $group_id;
if ( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE group_id = " . $group_id;
if ( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update user_group", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not update user_group', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = " . $group_id;
if ( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update auth_access", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not update auth_access', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Deleted_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");;
$message = $lang['Deleted_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
else
{
$group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : "";
$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : "";
$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : "";
$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? intval($HTTP_POST_VARS['delete_old_moderator']) : "";
$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : '';
$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;
if( $group_name == "" )
if ( $group_name == '' )
{
message_die(GENERAL_MESSAGE, $lang['No_group_name']);
}
else if( $group_moderator == "" )
else if ( $group_moderator == '' )
{
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
@@ -223,7 +216,7 @@ else if( isset($HTTP_POST_VARS['group_update']) )
$this_userdata = get_userdata($group_moderator);
$group_moderator = $this_userdata['user_id'];
if( !$group_moderator )
if ( !$group_moderator )
{
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
@@ -234,81 +227,86 @@ else if( isset($HTTP_POST_VARS['group_update']) )
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
AND group_id = " . $group_id;
if(!$result = $db->sql_query($sql))
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Error getting group information", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if( !$db->sql_numrows($result) )
if( !($group_info = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
}
$group_info = $db->sql_fetchrow($result);
if ( $group_info['group_moderator'] != $group_moderator )
{
if ( $delete_old_moderator != "" )
if ( $delete_old_moderator )
{
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = " . $group_info['group_moderator'] . "
AND group_id = " . $group_id;
if ( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update group moderator", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
}
}
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES (" . $group_id . ", " . $group_moderator . ", 0)";
if ( !$result = $db->sql_query($sql) )
$sql = "SELECT user_id
FROM " . USER_GROUP_TABLE . "
WHERE user_id = $group_moderator
AND group_id = $group_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't update group moderator", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Failed to obtain current group moderator info', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES (" . $group_id . ", " . $group_moderator . ", 0)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
}
}
}
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator
WHERE group_id = $group_id";
if ( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Updated_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");;
$message = $lang['Updated_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
message_die(GENERAL_MESSAGE, $message);
}
else if( $mode == "newgroup" )
else if( $mode == 'newgroup' )
{
$sql = "SELECT MAX(group_id) AS new_group_id
FROM " . GROUPS_TABLE;
if ( !$result = $db->sql_query($sql) )
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user)
VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert new group", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$new_group_id = $row['new_group_id'] + 1;
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user)
VALUES ($new_group_id, $group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')";
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert new group", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql);
}
$new_group_id = $db->sql_nextid();
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
VALUES ($new_group_id, $group_moderator, 0)";
if ( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not insert new user-group info', '', __LINE__, __FILE__, $sql);
}
$message = $lang['Added_new_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");;
$message = $lang['Added_new_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
message_die(GENERAL_MESSAGE, $message);
}
else
{
message_die(GENERAL_MESSAGE, $lang['Group_mode_not_selected']);
message_die(GENERAL_MESSAGE, $lang['No_group_action']);
}
}
}
@@ -318,42 +316,46 @@ else
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
ORDER BY group_name";
$g_result = $db->sql_query($sql);
$group_list = $db->sql_fetchrowset($g_result);
$select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
for($i = 0; $i < count($group_list); $i++)
if ( !($result = $db->sql_query($sql)) )
{
$select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
message_die(GENERAL_ERROR, 'Could not obtain group list', '', __LINE__, __FILE__, $sql);
}
$select_list = '';
if ( $row = $db->sql_fetchrow($result) )
{
$select_list .= '<select name="' . POST_GROUPS_URL . '">';
do
{
$select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
$select_list .= '</select>';
}
$select_list .= "</select>";
$template->set_filenames(array(
"body" => "admin/group_select_body.tpl")
'body' => 'admin/group_select_body.tpl')
);
$template->assign_vars(array(
"L_GROUP_TITLE" => $lang['Group_administration'],
"L_GROUP_EXPLAIN" => $lang['Group_admin_explain'],
"L_GROUP_SELECT" => $lang['Select_group'],
"L_LOOK_UP" => $lang['Look_up_group'],
"L_CREATE_NEW_GROUP" => $lang['New_group'],
'L_GROUP_TITLE' => $lang['Group_administration'],
'L_GROUP_EXPLAIN' => $lang['Group_admin_explain'],
'L_GROUP_SELECT' => $lang['Select_group'],
'L_LOOK_UP' => $lang['Look_up_group'],
'L_CREATE_NEW_GROUP' => $lang['New_group'],
"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
"S_GROUP_SELECT" => $select_list)
'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
'S_GROUP_SELECT' => $select_list)
);
//
// Faking the IF... ELSE statements again...
//
if( count($group_list) > 0 )
if ( $select_list != '' )
{
$template->assign_block_vars("select_box", array());
$template->assign_block_vars('select_box', array());
}
$template->pparse('body');
}
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

193
phpBB/admin/admin_mass_email.php
View File

@@ -33,9 +33,9 @@ if( !empty($setmodules) )
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "../";
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
//
// Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't
@@ -43,108 +43,114 @@ require('pagestart.' . $phpEx);
//
@set_time_limit(1200);
$message = "";
$subject = "";
$message = '';
$subject = '';
//
// Do the job ...
//
if( isset($HTTP_POST_VARS['submit']) )
if ( isset($HTTP_POST_VARS['submit']) )
{
$subject = stripslashes(trim($HTTP_POST_VARS['subject']));
$message = stripslashes(trim($HTTP_POST_VARS['message']));
$error = FALSE;
$error_msg = '';
if ( empty($subject) )
{
$error = true;
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
}
if ( empty($message) )
{
$error = true;
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
$group_id = intval($HTTP_POST_VARS[POST_GROUPS_URL]);
if( $group_id != -1 )
$sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
$sql = "SELECT u.user_email
FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug
WHERE ug.group_id = $group_id
AND ug.user_pending <> " . TRUE . "
AND u.user_id = ug.user_id";
message_die(GENERAL_ERROR, 'Could not select group members', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
$bcc_list = '';
do
{
$bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $row['user_email'];
}
while ( $row = $db->sql_fetchrow($result) );
$db->sql_freeresult($result);
}
else
{
$sql = "SELECT user_email
FROM " . USERS_TABLE;
$message = ( $group_id != -1 ) ? $lang['Group_not_exist'] : $lang['No_such_user'];
$error = true;
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $message : $message;
}
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Coult not select group members!", __LINE__, __FILE__, $sql);
}
if( !$db->sql_numrows($result) )
{
//
// Output a relevant GENERAL_MESSAGE about users/group
// not existing
//
}
$email_list = $db->sql_fetchrowset($g_result);
$subject = stripslashes($HTTP_POST_VARS["subject"]);
$message = stripslashes($HTTP_POST_VARS["message"]);
//
// Error checking needs to go here ... if no subject and/or
// no message then skip over the send and return to the form
//
$error = FALSE;
if( !$error )
if ( !$error )
{
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
//
// Let's do some checking to make sure that mass mail functions
// are working in win32 versions of php.
//
if( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery'])
if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery'])
{
// We are running on windows, force delivery to use
// our smtp functions since php's are broken by default
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
// We are running on windows, force delivery to use our smtp functions
// since php's are broken by default
$board_config['smtp_delivery'] = 1;
$board_config['smtp_host'] = get_cfg_var('SMTP');
$board_config['smtp_host'] = @$ini_val('SMTP');
}
$emailer = new emailer($board_config['smtp_delivery']);
$email_headers = "From: " . $board_config['board_email'] . "\n";
$bcc_list = "";
for($i = 0; $i < count($email_list); $i++)
{
if( $bcc_list != "" )
{
$bcc_list .= ", ";
}
$bcc_list .= $email_list[$i]['user_email'];
}
$email_headers = 'Return-Path: ' . $userdata['board_email'] . "\nFrom: " . $board_config['board_email'] . "\n";
$email_headers .= 'X-AntiAbuse: Board servername - ' . $board_config['server_name'] . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
$email_headers .= "Bcc: $bcc_list\n";
$email_headers .= "Return-Path: " . $userdata['board_email'] . "\n";
$email_headers .= "X-AntiAbuse: Board servername - " . $server_name . "\n";
$email_headers .= "X-AntiAbuse: User_id - " . $userdata['user_id'] . "\n";
$email_headers .= "X-AntiAbuse: Username - " . $userdata['username'] . "\n";
$email_headers .= "X-AntiAbuse: User IP - " . decode_ip($user_ip) . "\r\n";
$emailer->use_template("admin_send_email");
$emailer->use_template('admin_send_email');
$emailer->email_address($board_config['board_email']);
$emailer->set_subject($subject);
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
"SITENAME" => $board_config['sitename'],
"BOARD_EMAIL" => $board_config['board_email'],
"MESSAGE" => $message)
'SITENAME' => $board_config['sitename'],
'BOARD_EMAIL' => $board_config['board_email'],
'MESSAGE' => $message)
);
$emailer->send();
$emailer->reset();
$message = $lang['Email_sent'] . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
message_die(GENERAL_MESSAGE, $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>'));
}
}
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
//
// Initial selection
//
@@ -152,47 +158,50 @@ if( isset($HTTP_POST_VARS['submit']) )
$sql = "SELECT group_id, group_name
FROM ".GROUPS_TABLE . "
WHERE group_single_user <> 1";
$g_result = $db->sql_query($sql);
$group_list = $db->sql_fetchrowset($g_result);
$select_list = '<select name = "' . POST_GROUPS_URL . '">';
$select_list .= '<option value = "-1">' . $lang['All_users'] . '</option>';
for($i = 0;$i < count($group_list); $i++)
if ( !($result = $db->sql_query($sql)) )
{
$select_list .= "<option value = \"" . $group_list[$i]['group_id'];
$select_list .= "\">" . $group_list[$i]['group_name'] . "</option>";
message_die(GENERAL_ERROR, 'Could not obtain list of groups', '', __LINE__, __FILE__, $sql);
}
$select_list .= "</select>";
$select_list = '<select name = "' . POST_GROUPS_URL . '"><option value = "-1">' . $lang['All_users'] . '</option>';
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$select_list .= '<option value = "' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
}
while ( $row = $db->sql_fetchrow($result) );
}
$select_list .= '</select>';
//
// Generate page
//
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/user_email_body.tpl")
'body' => 'admin/user_email_body.tpl')
);
$template->assign_vars(array(
"MESSAGE" => $message,
"SUBJECT" => $subject,
'MESSAGE' => $message,
'SUBJECT' => $subject,
"L_EMAIL_TITLE" => $lang['Email'],
"L_EMAIL_EXPLAIN" => $lang['Mass_email_explain'],
"L_COMPOSE" => $lang['Compose'],
"L_RECIPIENTS" => $lang['Recipients'],
"L_EMAIL_SUBJECT" => $lang['Subject'],
"L_EMAIL_MSG" => $lang['Message'],
"L_EMAIL" => $lang['Email'],
"L_NOTICE" => $notice,
'L_EMAIL_TITLE' => $lang['Email'],
'L_EMAIL_EXPLAIN' => $lang['Mass_email_explain'],
'L_COMPOSE' => $lang['Compose'],
'L_RECIPIENTS' => $lang['Recipients'],
'L_EMAIL_SUBJECT' => $lang['Subject'],
'L_EMAIL_MSG' => $lang['Message'],
'L_EMAIL' => $lang['Email'],
'L_NOTICE' => $notice,
"S_USER_ACTION" => append_sid('admin_mass_email.'.$phpEx),
"S_GROUP_SELECT" => $select_list)
'S_USER_ACTION' => append_sid('admin_mass_email.'.$phpEx),
'S_GROUP_SELECT' => $select_list)
);
$template->pparse('body');
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>
?>

8
phpBB/admin/admin_ranks.php
View File

@@ -32,9 +32,9 @@ if( !empty($setmodules) )
//
// Let's set the root dir for phpBB
//
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
@@ -255,7 +255,7 @@ if( $mode != "" )
$template->assign_vars(array(
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
"L_RANK" => $lang['Rank'],
"L_RANK" => $lang['Rank_title'],
"L_RANK_MINIMUM" => $lang['Rank_minimum'],
"L_SPECIAL_RANK" => $lang['Special_rank'],
"L_EDIT" => $lang['Edit'],
@@ -360,6 +360,6 @@ else
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

14
phpBB/admin/admin_smilies.php
View File

@@ -47,9 +47,9 @@ if( isset($HTTP_GET_VARS['export_pack']) )
}
}
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
//
// Check to see what mode we should operate in.
@@ -265,7 +265,7 @@ else if( isset($HTTP_POST_VARS['export_pack']) || isset($HTTP_GET_VARS['export_p
message_die(GENERAL_MESSAGE, $message);
}
else if( isset($HTTP_POST_VARS['add']) )
else if( isset($HTTP_POST_VARS['add']) || isset($HTTP_GET_VARS['add']) )
{
//
// Admin has selected to add a smiley.
@@ -286,7 +286,7 @@ else if( isset($HTTP_POST_VARS['add']) )
$template->assign_vars(array(
"L_SMILEY_TITLE" => $lang['smiley_title'],
"L_SMILEY_CONFIG" => $lang['smiley_config'],
"L_SMILEY_EXPLAIN" => $lang['smiley_instr'],
"L_SMILEY_EXPLAIN" => $lang['smile_desc'],
"L_SMILEY_CODE" => $lang['smiley_code'],
"L_SMILEY_URL" => $lang['smiley_url'],
"L_SMILEY_EMOTION" => $lang['smiley_emot'],
@@ -340,7 +340,7 @@ else if ( $mode != "" )
$result = $db->sql_query($sql);
if( !$result )
{
message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);
message_die(GENERAL_ERROR, 'Could not obtain emoticon information', "", __LINE__, __FILE__, $sql);
}
$smile_data = $db->sql_fetchrow($result);
@@ -536,6 +536,6 @@ else
//
// Page Footer
//
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>
?>

11
phpBB/admin/admin_styles.php
View File

@@ -38,7 +38,7 @@ if( !empty($setmodules) )
//
// Check if the user has cancled a confirmation message.
//
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
@@ -47,12 +47,14 @@ if( empty($HTTP_POST_VARS['send_file']) )
{
$no_page_header = ( $cancel ) ? TRUE : FALSE;
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
}
if( $cancel )
{
header("Location: " . append_sid("admin_styles.$phpEx"));
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . append_sid("admin_styles.$phpEx"));
exit;
}
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
@@ -561,6 +563,7 @@ switch( $mode )
}
}
}
$s_template_select .= '</select>';
}
else
{
@@ -931,7 +934,7 @@ switch( $mode )
if( !$HTTP_POST_VARS['send_file'] )
{
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
}
?>

22
phpBB/admin/admin_ug_auth.php
View File

@@ -36,9 +36,9 @@ if( !empty($setmodules) )
//
$no_page_header = TRUE;
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
$params = array('mode' => 'mode', 'user_id' => POST_USERS_URL, 'group_id' => POST_GROUPS_URL, 'adv' => 'adv');
@@ -787,7 +787,9 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
$t_usergroup_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode&amp;" . POST_GROUPS_URL . "=" . $id[$i]) . '">' . $name[$i] . '</a>';
$ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
$t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
}
}
else
@@ -819,7 +821,7 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
//
// Dump in the page header ...
//
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => 'admin/auth_ug_body.tpl')
@@ -856,14 +858,14 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
$template->assign_vars(array(
'L_USER_OR_GROUPNAME' => ( $mode == 'user' ) ? $lang['Username'] : $lang['Group_name'],
'L_USER_OR_GROUP' => ( $mode == 'user' ) ? $lang['User'] : $lang['Group'],
'L_AUTH_TITLE' => ( $mode == 'user' ) ? $lang['Auth_Control_User'] : $lang['Auth_Control_Group'],
'L_AUTH_EXPLAIN' => ( $mode == 'user' ) ? $lang['User_auth_explain'] : $lang['Group_auth_explain'],
'L_MODERATOR_STATUS' => $lang['Moderator_status'],
'L_PERMISSIONS' => $lang['Permissions'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'L_RESET' => $lang['Reset'],
'L_FORUM' => $lang['Forum'],
'U_USER_OR_GROUP' => append_sid("admin_ug_auth.$phpEx"),
'U_SWITCH_MODE' => $u_switch_mode,
@@ -878,7 +880,7 @@ else
//
// Select a user/group
//
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
'body' => ( $mode == 'user' ) ? 'admin/user_select_body.tpl' : 'admin/auth_select_body.tpl')
@@ -920,7 +922,7 @@ else
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
$l_type = ( $mode == 'user' ) ? "USER" : "AUTH";
$l_type = ( $mode == 'user' ) ? 'USER' : 'AUTH';
$template->assign_vars(array(
'L_' . $l_type . '_TITLE' => ( $mode == 'user' ) ? $lang['Auth_Control_User'] : $lang['Auth_Control_Group'],
@@ -936,6 +938,6 @@ else
$template->pparse('body');
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>
?>

187
phpBB/admin/admin_user_ban.php
View File

@@ -22,7 +22,7 @@
define('IN_PHPBB', 1);
if( !empty($setmodules) )
if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Users']['Ban_Management'] = $filename;
@@ -33,38 +33,39 @@ if( !empty($setmodules) )
//
// Load default header
//
$phpbb_root_path = "../";
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
//
// Start program
//
if( isset($HTTP_POST_VARS['submit']) )
if ( isset($HTTP_POST_VARS['submit']) )
{
$user_bansql = "";
$email_bansql = "";
$ip_bansql = "";
$user_bansql = '';
$email_bansql = '';
$ip_bansql = '';
$user_list = array();
if( isset($HTTP_POST_VARS['ban_user']) )
if ( !empty($HTTP_POST_VARS['username']) )
{
$user_list_temp = $HTTP_POST_VARS['ban_user'];
for($i = 0; $i < count($user_list_temp); $i++)
$this_userdata = get_userdata($HTTP_POST_VARS['username']);
if( !$this_userdata )
{
$user_list[] = trim($user_list_temp[$i]);
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
}
$user_list[] = $this_userdata['user_id'];
}
$ip_list = array();
if( isset($HTTP_POST_VARS['ban_ip']) )
if ( isset($HTTP_POST_VARS['ban_ip']) )
{
$ip_list_temp = explode(",", $HTTP_POST_VARS['ban_ip']);
$ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']);
for($i = 0; $i < count($ip_list_temp); $i++)
{
if( preg_match("/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/", trim($ip_list_temp[$i]), $ip_range_explode) )
if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) )
{
//
// Don't ask about all this, just don't ask ... !
@@ -72,12 +73,12 @@ if( isset($HTTP_POST_VARS['submit']) )
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while($ip_1_counter <= $ip_1_end)
while ( $ip_1_counter <= $ip_1_end )
{
$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;
$ip_2_end = ( $ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[6];
if($ip_2_counter == 0 && $ip_2_end == 254)
if ( $ip_2_counter == 0 && $ip_2_end == 254 )
{
$ip_2_counter = 255;
$ip_2_fragment = 255;
@@ -85,12 +86,12 @@ if( isset($HTTP_POST_VARS['submit']) )
$ip_list[] = encode_ip("$ip_1_counter.255.255.255");
}
while($ip_2_counter <= $ip_2_end)
while ( $ip_2_counter <= $ip_2_end )
{
$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;
$ip_3_end = ( $ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[7];
if($ip_3_counter == 0 && $ip_3_end == 254 )
if ( $ip_3_counter == 0 && $ip_3_end == 254 )
{
$ip_3_counter = 255;
$ip_3_fragment = 255;
@@ -98,12 +99,12 @@ if( isset($HTTP_POST_VARS['submit']) )
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.255.255");
}
while($ip_3_counter <= $ip_3_end)
while ( $ip_3_counter <= $ip_3_end )
{
$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;
$ip_4_end = ( $ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end ) ? 254 : $ip_range_explode[8];
if($ip_4_counter == 0 && $ip_4_end == 254)
if ( $ip_4_counter == 0 && $ip_4_end == 254 )
{
$ip_4_counter = 255;
$ip_4_fragment = 255;
@@ -111,7 +112,7 @@ if( isset($HTTP_POST_VARS['submit']) )
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");
}
while($ip_4_counter <= $ip_4_end)
while ( $ip_4_counter <= $ip_4_end )
{
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");
$ip_4_counter++;
@@ -123,29 +124,29 @@ if( isset($HTTP_POST_VARS['submit']) )
$ip_1_counter++;
}
}
else if( preg_match("/^([\w\-_]\.?){2,}$/is", trim($ip_list_temp[$i])) )
else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ip_list_temp[$i])) )
{
$ip = gethostbynamel(trim($ip_list_temp[$i]));
for($j = 0; $j < count($ip); $j++)
{
if( !empty($ip[$j]) )
if ( !empty($ip[$j]) )
{
$ip_list[] = encode_ip($ip[$j]);
}
}
}
else if( preg_match("/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/", trim($ip_list_temp[$i])) )
else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ip_list_temp[$i])) )
{
$ip_list[] = encode_ip(str_replace("*", "255", trim($ip_list_temp[$i])));
$ip_list[] = encode_ip(str_replace('*', '255', trim($ip_list_temp[$i])));
}
}
}
$email_list = array();
if(isset($HTTP_POST_VARS['ban_email']))
if ( isset($HTTP_POST_VARS['ban_email']) )
{
$email_list_temp = explode(",", $HTTP_POST_VARS['ban_email']);
$email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']);
for($i = 0; $i < count($email_list_temp); $i++)
{
@@ -154,7 +155,7 @@ if( isset($HTTP_POST_VARS['submit']) )
// contained in the annotated php manual at php.com (ereg
// section)
//
if( eregi("^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$", trim($email_list_temp[$i])) )
if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) )
{
$email_list[] = trim($email_list_temp[$i]);
}
@@ -163,32 +164,33 @@ if( isset($HTTP_POST_VARS['submit']) )
$sql = "SELECT *
FROM " . BANLIST_TABLE;
if( !$result = $db->sql_query($sql) )
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql);
}
$current_banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$kill_session_sql = "";
$kill_session_sql = '';
for($i = 0; $i < count($user_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if($user_list[$i] == $current_banlist[$j]['ban_userid'])
if ( $user_list[$i] == $current_banlist[$j]['ban_userid'] )
{
$in_banlist = true;
}
}
if(!$in_banlist)
if ( !$in_banlist )
{
$kill_session_sql .= ( ($kill_session_sql != "") ? " OR " : "" ) . "session_user_id = $user_list[$i]";
$kill_session_sql .= ( ( $kill_session_sql != '' ) ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i];
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)
VALUES (" . $user_list[$i] . ")";
if( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql);
}
@@ -200,28 +202,28 @@ if( isset($HTTP_POST_VARS['submit']) )
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if($ip_list[$i] == $current_banlist[$j]['ban_ip'])
if ( $ip_list[$i] == $current_banlist[$j]['ban_ip'] )
{
$in_banlist = true;
}
}
if(!$in_banlist)
if ( !$in_banlist )
{
if( preg_match("/(ff\.)|(\.ff)/is", chunk_split($ip_list[$i], 2, ".")) )
if ( preg_match('/(ff\.)|(\.ff)/is', chunk_split($ip_list[$i], 2, '.')) )
{
$kill_ip_sql = "session_ip LIKE '" . str_replace(".", "", preg_replace("/(ff\.)|(\.ff)/is", "%", chunk_split($ip_list[$i], 2, "."))) . "'";
$kill_ip_sql = "session_ip LIKE '" . str_replace('.', '', preg_replace('/(ff\.)|(\.ff)/is', '%', chunk_split($ip_list[$i], 2, "."))) . "'";
}
else
{
$kill_ip_sql = "session_ip = '" . $ip_list[$i] . "'";
}
$kill_session_sql .= ( ($kill_session_sql != "") ? " OR " : "" ) . $kill_ip_sql;
$kill_session_sql .= ( ( $kill_session_sql != '' ) ? ' OR ' : '' ) . $kill_ip_sql;
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)
VALUES ('" . $ip_list[$i] . "')";
if( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql);
}
@@ -229,18 +231,15 @@ if( isset($HTTP_POST_VARS['submit']) )
}
//
// Now we'll delete all entries from the
// session table with any of the banned
// user or IP info just entered into the
// ban table ... this will force a session
// initialisation resulting in an instant
// ban
// Now we'll delete all entries from the session table with any of the banned
// user or IP info just entered into the ban table ... this will force a session
// initialisation resulting in an instant ban
//
if( $kill_session_sql != "" )
if ( $kill_session_sql != '' )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE $kill_session_sql";
if( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);
}
@@ -251,87 +250,75 @@ if( isset($HTTP_POST_VARS['submit']) )
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if( $email_list[$i] == $current_banlist[$j]['ban_email'] )
if ( $email_list[$i] == $current_banlist[$j]['ban_email'] )
{
$in_banlist = true;
}
}
if( !$in_banlist )
if ( !$in_banlist )
{
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)
VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')";
if( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql);
}
}
}
$where_sql = "";
$where_sql = '';
if(isset($HTTP_POST_VARS['unban_user']))
if ( isset($HTTP_POST_VARS['unban_user']) )
{
$user_list = $HTTP_POST_VARS['unban_user'];
for($i = 0; $i < count($user_list); $i++)
{
if($user_list[$i] != -1)
if ( $user_list[$i] != -1 )
{
if($where_sql != "")
{
$where_sql .= ", ";
}
$where_sql .= $user_list[$i];
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $user_list[$i];
}
}
}
if( isset($HTTP_POST_VARS['unban_ip']) )
if ( isset($HTTP_POST_VARS['unban_ip']) )
{
$ip_list = $HTTP_POST_VARS['unban_ip'];
for($i = 0; $i < count($ip_list); $i++)
{
if($ip_list[$i] != -1)
if ( $ip_list[$i] != -1 )
{
if($where_sql != "")
{
$where_sql .= ", ";
}
$where_sql .= $ip_list[$i];
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $ip_list[$i];
}
}
}
if( isset($HTTP_POST_VARS['unban_email']) )
if ( isset($HTTP_POST_VARS['unban_email']) )
{
$email_list = $HTTP_POST_VARS['unban_email'];
for($i = 0; $i < count($email_list); $i++)
{
if($email_list[$i] != -1)
if ( $email_list[$i] != -1 )
{
if($where_sql != "")
{
$where_sql .= ", ";
}
$where_sql .= $email_list[$i];
$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $email_list[$i];
}
}
}
if( $where_sql != "" )
if ( $where_sql != '' )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($where_sql)";
if( !$result = $db->sql_query($sql) )
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql);
}
}
$message = $lang['Ban_update_sucessful'] . "<br /><br />" . sprintf($lang['Click_return_banadmin'], "<a href=\"" . append_sid("admin_user_ban.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
$message = $lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($lang['Click_return_banadmin'], '<a href="' . append_sid("admin_user_ban.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
@@ -354,37 +341,13 @@ else
'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx"))
);
$userban_count = 0;
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
ORDER BY username ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql);
}
$user_list = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_userlist = '';
for($i = 0; $i < count($user_list); $i++)
{
$select_userlist .= '<option value="' . $user_list[$i]['user_id'] . '">' . $user_list[$i]['username'] . '</option>';
$userban_count++;
}
$select_userlist = '<select name="ban_user[]" multiple="multiple" size="5">' . $select_userlist . '</select>';
$template->assign_vars(array(
'L_BAN_USER' => $lang['Ban_username'],
'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'],
'L_BAN_IP' => $lang['Ban_IP'],
'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'],
'L_BAN_EMAIL' => $lang['Ban_email'],
'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'],
'S_BAN_USERLIST_SELECT' => $select_userlist)
'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'])
);
$userban_count = 0;
@@ -469,8 +432,12 @@ else
'L_UNBAN_IP' => $lang['Unban_IP'],
'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'],
'L_UNBAN_EMAIL' => $lang['Unban_email'],
'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'],
'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'],
'L_USERNAME' => $lang['Username'],
'L_LOOK_UP' => $lang['Look_up_User'],
'L_FIND_USERNAME' => $lang['Find_username'],
'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"),
'S_UNBAN_USERLIST_SELECT' => $select_userlist,
'S_UNBAN_IPLIST_SELECT' => $select_iplist,
'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist,
@@ -480,6 +447,6 @@ else
$template->pparse('body');
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

169
phpBB/admin/admin_users.php
View File

@@ -30,9 +30,9 @@ if( !empty($setmodules) )
return;
}
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/bbcode.'.$phpEx);
require($phpbb_root_path . 'includes/functions_post.'.$phpEx);
require($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
@@ -159,10 +159,12 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
if( stripslashes($username) != $this_userdata['username'] )
{
unset($rename_user);
if( !validate_username($username) )
$result = validate_username($username);
if ( $result['error'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Invalid_username'];
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
}
else
{
@@ -199,17 +201,6 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
}
if( $user_status == 0 )
{
// User is (made) inactive. Delete all their sessions.
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete this users sessions', '', __LINE__, __FILE__, $sql);
}
}
if( $signature != "" )
{
$sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
@@ -217,7 +208,6 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
{
$sig_length_check = preg_replace('/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is', '\\1\\3\\4', $sig_length_check);
}
$sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
// Only create a new bbcode_uid when there was no uid yet.
if ( $signature_bbcode_uid == '' )
@@ -233,9 +223,6 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
}
}
//
// Avatar stuff
//
//
// Avatar stuff
//
@@ -523,7 +510,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . ANONYMOUS . ", post_username = '$username'
SET poster_id = " . DELETED . ", post_username = '$username'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
@@ -531,12 +518,46 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_poster = " . ANONYMOUS . "
SET topic_poster = " . DELETED . "
WHERE topic_poster = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . VOTE_USERS_TABLE . "
SET vote_user_id = " . DELETED . "
WHERE vote_user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT group_id
FROM " . GROUPS_TABLE . "
WHERE group_moderator = $user_id";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
}
while ( $row_group = $db->sql_fetchrow($result) )
{
$group_moderator[] = $row_group['group_id'];
}
if ( count($group_moderator) )
{
$update_moderator_id = implode(', ', $group_moderator);
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_moderator = " . $userdata['user_id'] . "
WHERE group_moderator IN ($update_moderator_id)";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
}
}
$sql = "DELETE FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
@@ -573,6 +594,80 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT privmsgs_id
FROM " . PRIVMSGS_TABLE . "
WHERE ( ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )
OR ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SENT_MAIL . " )
OR ( privmsgs_to_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_READ_MAIL . " )
OR ( privmsgs_to_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) )";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select all user\'s private messages', '', __LINE__, __FILE__, $sql);
}
//
// This little bit of code directly from the private messaging section.
// Thanks Paul!
//
while ( $row_privmsgs = $db->sql_fetchrow($result) )
{
$mark_list[] = $row_privmsgs['privmsgs_id'];
}
if ( count($mark_list) )
{
$delete_sql_id = implode(', ', $mark_list);
//
// We shouldn't need to worry about updating conters here...
// They are already gone!
//
$delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
WHERE privmsgs_text_id IN ($delete_sql_id)";
$delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_id IN ($delete_sql_id)";
//
// Shouldn't need the switch statement here, either, as we just want
// to take out all of the private messages. This will not affect
// the other messages we want to keep; the ids are unique.
//
if ( !$db->sql_query($delete_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
}
if ( !$db->sql_query($delete_text_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
}
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_to_userid = " . DELETED . "
WHERE privmsgs_to_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private messages saved to the user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_from_userid = " . DELETED . "
WHERE privmsgs_from_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private messages saved from the user', '', __LINE__, __FILE__, $sql);
}
$message = $lang['User_deleted'];
}
@@ -941,6 +1036,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '',
'RANK_SELECT_BOX' => $rank_select_box,
'L_USERNAME' => $lang['Username'],
'L_USER_TITLE' => $lang['User_admin'],
'L_USER_EXPLAIN' => $lang['User_admin_explain'],
'L_NEW_PASSWORD' => $lang['New_password'],
@@ -954,7 +1050,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
'L_YAHOO' => $lang['YIM'],
'L_WEBSITE' => $lang['Website'],
'L_AIM' => $lang['AIM'],
'L_LOCATION' => $lang['From'],
'L_LOCATION' => $lang['Location'],
'L_OCCUPATION' => $lang['Occupation'],
'L_BOARD_LANGUAGE' => $lang['Board_lang'],
'L_BOARD_STYLE' => $lang['Board_style'],
@@ -971,7 +1067,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'],
'L_SPECIAL' => $lang['User_special'],
'L_SPECIAL_EXPLAIN' => $lang['User_specail_explain'],
'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'],
'L_USER_ACTIVE' => $lang['User_status'],
'L_ALLOW_PM' => $lang['User_allowpm'],
'L_ALLOW_AVATAR' => $lang['User_allowavatar'],
@@ -1012,7 +1108,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
'S_PROFILE_ACTION' => append_sid("admin_users.$phpEx"))
);
if( file_exists('./../' . $board_config['avatar_path'] ) )
if( file_exists('./../' . $board_config['avatar_path'] ) && ($board_config['allow_avatar_upload'] == TRUE) )
{
if ( $form_enctype != '' )
{
@@ -1021,33 +1117,24 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$template->assign_block_vars('avatar_remote_upload', array() );
}
if( file_exists('./../' . $board_config['avatar_gallery_path'] ) )
if( file_exists('./../' . $board_config['avatar_gallery_path'] ) && ($board_config['allow_avatar_local'] == TRUE) )
{
$template->assign_block_vars('avatar_local_gallery', array() );
}
if( $board_config['allow_avatar_remote'] == TRUE )
{
$template->assign_block_vars('avatar_remote_link', array() );
}
}
$template->pparse('body');
}
else
{
//
// Default user selection box
//
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS ."
ORDER BY username";
$result = $db->sql_query($sql);
$select_list = '<select name="' . POST_USERS_URL . '">';
while( $row = $db->sql_fetchrow($result) )
{
$select_list .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';
}
$select_list .= '</select>';
$template->set_filenames(array(
'body' => 'admin/user_select_body.tpl')
);
@@ -1059,7 +1146,7 @@ else
'L_LOOK_UP' => $lang['Look_up_user'],
'L_FIND_USERNAME' => $lang['Find_username'],
'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"),
'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"),
'S_USER_ACTION' => append_sid("admin_users.$phpEx"),
'S_USER_SELECT' => $select_list)
@@ -1068,6 +1155,6 @@ else
}
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

10
phpBB/admin/admin_words.php
View File

@@ -32,9 +32,9 @@ if( !empty($setmodules) )
//
// Load default header
//
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
@@ -109,7 +109,7 @@ if( $mode != "" )
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
}
else if( $mode == "save" )
{
@@ -172,7 +172,7 @@ if( $mode != "" )
}
else
{
message_die(GENERAL_MESSAGE, $lang['Must_specify_word']);
message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
}
}
}
@@ -230,6 +230,6 @@ else
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
?>

15
phpBB/admin/index.php
View File

@@ -26,9 +26,9 @@ define('IN_PHPBB', 1);
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "../";
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require('./pagestart.' . $phpEx);
// ---------------
// Begin functions
@@ -68,7 +68,7 @@ if( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' )
unset($setmodules);
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/index_navigate.tpl")
@@ -116,12 +116,12 @@ if( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' )
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
}
elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
{
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
$template->set_filenames(array(
"body" => "admin/index_body.tpl")
@@ -561,7 +561,7 @@ elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
include('./page_footer_admin.'.$phpEx);
}
else
@@ -583,8 +583,9 @@ else
$template->pparse("body");
$db->sql_close();
exit;
}
?>
?>

23
phpBB/admin/page_footer_admin.php
View File

@@ -28,27 +28,16 @@ if ( !defined('IN_PHPBB') )
//
// Show the overall footer.
//
$current_time = time();
$template->set_filenames(array(
"page_footer" => "admin/page_footer.tpl")
'page_footer' => 'admin/page_footer.tpl')
);
$template->assign_vars(array(
"PHPBB_VERSION" => "2.0 " . $board_config['version'],
"TRANSLATION_INFO" => $lang['TRANSLATION_INFO'])
'PHPBB_VERSION' => '2' . $board_config['version'],
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
$template->pparse("page_footer");
//
// Output page creation time
//
$mtime = microtime();
$mtime = explode(" ",$mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = ($endtime - $starttime);
$template->pparse('page_footer');
//
// Close our DB connection.
@@ -75,8 +64,8 @@ if( $do_gzip_compress )
echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";
echo $gzip_contents;
echo pack("V", $gzip_crc);
echo pack("V", $gzip_size);
echo pack('V', $gzip_crc);
echo pack('V', $gzip_size);
}
exit;

36
phpBB/admin/page_header_admin.php
View File

@@ -31,22 +31,22 @@ define('HEADER_INC', true);
// gzip_compression
//
$do_gzip_compress = FALSE;
if($board_config['gzip_compress'])
if ( $board_config['gzip_compress'] )
{
$phpver = phpversion();
if($phpver >= '4.0.4pl1')
if ( $phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible') )
{
if(extension_loaded('zlib'))
if ( extension_loaded('zlib') )
{
ob_start('ob_gzhandler');
}
}
else if($phpver > '4.0')
else if ( $phpver > '4.0' )
{
if(strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip'))
if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') )
{
if(extension_loaded('zlib'))
if ( extension_loaded('zlib') )
{
$do_gzip_compress = TRUE;
ob_start();
@@ -72,30 +72,8 @@ $template->assign_vars(array(
'PAGE_TITLE' => $page_title,
'L_ADMIN' => $lang['Admin'],
'L_USERNAME' => $lang['Username'],
'L_PASSWORD' => $lang['Password'],
'L_INDEX' => $lang['Forum_Index'],
'L_REGISTER' => $lang['Register'],
'L_PROFILE' => $lang['Profile'],
'L_SEARCH' => $lang['Search'],
'L_PRIVATEMSGS' => $lang['Private_msgs'],
'L_MEMBERLIST' => $lang['Memberlist'],
'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']),
'L_FAQ' => $lang['FAQ'],
'L_USERGROUPS' => $lang['Usergroups'],
'L_FORUM' => $lang['Forum'],
'L_TOPICS' => $lang['Topics'],
'L_REPLIES' => $lang['Replies'],
'L_VIEWS' => $lang['Views'],
'L_POSTS' => $lang['Posts'],
'L_LASTPOST' => $lang['Last_Post'],
'L_MODERATOR' => $lang['Moderator'],
'L_NONEWPOSTS' => $lang['No_new_posts'],
'L_NEWPOSTS' => $lang['New_posts'],
'L_POSTED' => $lang['Posted'],
'L_JOINED' => $lang['Joined'],
'L_AUTHOR' => $lang['Author'],
'L_MESSAGE' => $lang['Message'],
'L_BY' => $lang['by'],
'U_INDEX' => append_sid('../index.'.$phpEx),

6
phpBB/admin/pagestart.php
View File

@@ -39,7 +39,9 @@ init_userprefs($userdata);
//
if( !$userdata['session_logged_in'] )
{
header("Location: ../" . append_sid("login.$phpEx?redirect=admin/"));
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . '../' . append_sid("login.$phpEx?redirect=admin/"));
exit;
}
else if( $userdata['user_level'] != ADMIN )
{
@@ -50,7 +52,7 @@ if ( empty($no_page_header) )
{
// Not including the pageheader can be neccesarry if META tags are
// needed in the calling script.
include('page_header_admin.'.$phpEx);
include('./page_header_admin.'.$phpEx);
}
?>