mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-12 09:22:01 +02:00
Removed encoding of IP and fixed reversed userdata checks for allow
git-svn-id: file:///svn/phpbb/trunk@347 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
@ -96,8 +96,9 @@ if(isset($HTTP_POST_VARS['submit']))
|
|||||||
//
|
//
|
||||||
if($mode != 'editpost')
|
if($mode != 'editpost')
|
||||||
{
|
{
|
||||||
$enc_ip = encode_ip($user_ip);
|
$sql = "SELECT max(post_time) AS last_post_time
|
||||||
$sql = "SELECT max(post_time) AS last_post_time FROM ".POSTS_TABLE." WHERE poster_ip = '$enc_ip'";
|
FROM ".POSTS_TABLE."
|
||||||
|
WHERE poster_ip = '$user_ip'";
|
||||||
if($result = $db->sql_query($sql))
|
if($result = $db->sql_query($sql))
|
||||||
{
|
{
|
||||||
$db_row = $db->sql_fetchrowset($result);
|
$db_row = $db->sql_fetchrowset($result);
|
||||||
@ -199,7 +200,7 @@ switch($mode)
|
|||||||
{
|
{
|
||||||
$new_topic_id = $db->sql_nextid();
|
$new_topic_id = $db->sql_nextid();
|
||||||
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
|
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
|
||||||
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '".encode_ip($user_ip)."', '$uid')";
|
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '$user_ip', '$uid')";
|
||||||
|
|
||||||
if($db->sql_query($sql))
|
if($db->sql_query($sql))
|
||||||
{
|
{
|
||||||
@ -298,6 +299,7 @@ switch($mode)
|
|||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'reply':
|
case 'reply':
|
||||||
$page_title = " $l_reply";
|
$page_title = " $l_reply";
|
||||||
$section_title = $l_postreplyto;
|
$section_title = $l_postreplyto;
|
||||||
@ -308,7 +310,7 @@ switch($mode)
|
|||||||
$topic_time = get_gmt_ts();
|
$topic_time = get_gmt_ts();
|
||||||
|
|
||||||
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
|
$sql = "INSERT INTO ".POSTS_TABLE." (topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)
|
||||||
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '".encode_ip($user_ip)."', '$uid')";
|
VALUES ($new_topic_id, $forum_id, ".$userdata['user_id'].", $topic_time, '$user_ip', '$uid')";
|
||||||
|
|
||||||
if($db->sql_query($sql))
|
if($db->sql_query($sql))
|
||||||
{
|
{
|
||||||
@ -388,6 +390,7 @@ switch($mode)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'editpost':
|
case 'editpost':
|
||||||
$page_title = " $l_editpost";
|
$page_title = " $l_editpost";
|
||||||
$section_title = $l_editpostin;
|
$section_title = $l_editpostin;
|
||||||
@ -510,10 +513,9 @@ switch($mode)
|
|||||||
break;
|
break;
|
||||||
} // end switch
|
} // end switch
|
||||||
|
|
||||||
|
//
|
||||||
|
// Output page
|
||||||
|
//
|
||||||
|
|
||||||
include('includes/page_header.'.$phpEx);
|
include('includes/page_header.'.$phpEx);
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -541,7 +543,6 @@ if($error)
|
|||||||
error_die(GENERAL_ERROR, "Sorry, no there is no such forum");
|
error_die(GENERAL_ERROR, "Sorry, no there is no such forum");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$sql = "SELECT forum_name, forum_access
|
$sql = "SELECT forum_name, forum_access
|
||||||
FROM ".FORUMS_TABLE."
|
FROM ".FORUMS_TABLE."
|
||||||
WHERE forum_id = $forum_id";
|
WHERE forum_id = $forum_id";
|
||||||
@ -577,7 +578,6 @@ if($error)
|
|||||||
);
|
);
|
||||||
$template->assign_var_from_handle("JUMPBOX", "jumpbox");
|
$template->assign_var_from_handle("JUMPBOX", "jumpbox");
|
||||||
|
|
||||||
|
|
||||||
$template->assign_vars(array(
|
$template->assign_vars(array(
|
||||||
"L_POSTNEWIN" => $section_title,
|
"L_POSTNEWIN" => $section_title,
|
||||||
"FORUM_ID" => $forum_id,
|
"FORUM_ID" => $forum_id,
|
||||||
@ -586,7 +586,6 @@ if($error)
|
|||||||
"U_VIEW_FORUM" => append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id"))
|
"U_VIEW_FORUM" => append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id"))
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
if($userdata['session_logged_in'])
|
if($userdata['session_logged_in'])
|
||||||
{
|
{
|
||||||
$username_input = $userdata["username"];
|
$username_input = $userdata["username"];
|
||||||
@ -603,11 +602,12 @@ if($error)
|
|||||||
}
|
}
|
||||||
$subject_input = '<input type="text" name="subject" value="'.$subject.'" size="50" maxlenght="255">';
|
$subject_input = '<input type="text" name="subject" value="'.$subject.'" size="50" maxlenght="255">';
|
||||||
$message_input = '<textarea name="message" rows="10" cols="35" wrap="virtual">'.$message.'</textarea>';
|
$message_input = '<textarea name="message" rows="10" cols="35" wrap="virtual">'.$message.'</textarea>';
|
||||||
|
|
||||||
if($board_config['allow_html'])
|
if($board_config['allow_html'])
|
||||||
{
|
{
|
||||||
$html_status = $l_htmlis . " " . $l_on;
|
$html_status = $l_htmlis . " " . $l_on;
|
||||||
$html_toggle = '<input type="checkbox" name="disable_html" ';
|
$html_toggle = '<input type="checkbox" name="disable_html" ';
|
||||||
if($disable_html || $userdata['user_allowhtml'])
|
if(!$userdata['user_allowhtml'])
|
||||||
{
|
{
|
||||||
$html_toggle .= 'checked';
|
$html_toggle .= 'checked';
|
||||||
}
|
}
|
||||||
@ -617,11 +617,12 @@ if($error)
|
|||||||
{
|
{
|
||||||
$html_status = $l_htmlis . " " . $l_off;
|
$html_status = $l_htmlis . " " . $l_off;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($board_config['allow_bbcode'])
|
if($board_config['allow_bbcode'])
|
||||||
{
|
{
|
||||||
$bbcode_status = $l_bbcodeis . " " . $l_on;
|
$bbcode_status = $l_bbcodeis . " " . $l_on;
|
||||||
$bbcode_toggle = '<input type="checkbox" name="disable_bbcode" ';
|
$bbcode_toggle = '<input type="checkbox" name="disable_bbcode" ';
|
||||||
if($disable_bbcode || $userdata['user_allowbbcode'])
|
if(!$userdata['user_allowbbcode'])
|
||||||
{
|
{
|
||||||
$bbcode_toggle .= "checked";
|
$bbcode_toggle .= "checked";
|
||||||
}
|
}
|
||||||
@ -632,15 +633,18 @@ if($error)
|
|||||||
$bbcode_status = $l_bbcodeis . " " . $l_off;
|
$bbcode_status = $l_bbcodeis . " " . $l_off;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if($board_config['allow_smilies'])
|
||||||
|
{
|
||||||
$smile_toggle = '<input type="checkbox" name="disable_smile" ';
|
$smile_toggle = '<input type="checkbox" name="disable_smile" ';
|
||||||
if($disable_smile || $userdata['user_allowsmile'])
|
if(!$userdata['user_allowsmile'])
|
||||||
{
|
{
|
||||||
$smile_toggle .= "checked";
|
$smile_toggle .= "checked";
|
||||||
}
|
}
|
||||||
$smile_toggle .= "> $l_disable $l_smilies $l_onthispost";
|
$smile_toggle .= "> $l_disable $l_smilies $l_onthispost";
|
||||||
|
}
|
||||||
|
|
||||||
$sig_toggle = '<input type="checkbox" name="attach_sig" ';
|
$sig_toggle = '<input type="checkbox" name="attach_sig" ';
|
||||||
if($attach_sig || $userdata['user_attachsig'] == 1)
|
if($userdata['user_attachsig'])
|
||||||
{
|
{
|
||||||
$sig_toggle .= "checked";
|
$sig_toggle .= "checked";
|
||||||
}
|
}
|
||||||
@ -688,6 +692,8 @@ if($error)
|
|||||||
"S_POST_ACTION" => append_sid("posting.$phpEx"),
|
"S_POST_ACTION" => append_sid("posting.$phpEx"),
|
||||||
"S_HIDDEN_FORM_FIELDS" => $hidden_form_fields)
|
"S_HIDDEN_FORM_FIELDS" => $hidden_form_fields)
|
||||||
);
|
);
|
||||||
|
|
||||||
$template->pparse("body");
|
$template->pparse("body");
|
||||||
|
|
||||||
include('includes/page_tail.'.$phpEx);
|
include('includes/page_tail.'.$phpEx);
|
||||||
?>
|
?>
|
||||||
Reference in New Issue
Block a user