mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-18 14:48:28 +01:00
Code Issues Releases Wiki Activity

my attempt to break things...

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@4682 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2003-11-23 22:25:46 +00:00
parent 37edf4148c
commit 5f35bc9bc1
10 changed files with 556 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

320
phpBB/adm/admin_board.php
View File

@ -113,7 +113,12 @@ while ($row = $db->sql_fetchrow($result))
if ($config_name == 'bump_interval' && $submit)
{
$new['bump_interval'] = request_var('bump_interval', 0) . request_var('bump_type', '');
$new['bump_interval'] = request_var('bump_interval', 2) . request_var('bump_type', 'd');
}
if ($config_name == 'email_function_name')
{
$new['email_function_name'] = (empty($new['email_function_name']) || !function_exists($new['email_function_name'])) ? 'mail' : str_replace(array('(', ')'), array('', ''), trim($new['email_function_name']));
}
if ($mode == 'attach')
@ -172,6 +177,11 @@ while ($row = $db->sql_fetchrow($result))
}
}
if ($mode == 'attach')
{
perform_site_list();
}
if ($submit)
{
add_log('admin', 'LOG_' . strtoupper($mode) . '_CONFIG');
@ -180,7 +190,6 @@ if ($submit)
{
// Check Settings
test_upload($error, $new['upload_dir'], false);
// test_upload($error, $new['upload_dir'] . '/thumbs', true);
}
if (!sizeof($error))
@ -252,6 +261,15 @@ switch ($mode)
$create_thumbnail_yes = ($new['img_create_thumbnail']) ? 'checked="checked"' : '';
$create_thumbnail_no = (!$new['img_create_thumbnail']) ? 'checked="checked"' : '';
$secure_downloads_yes = ($new['secure_downloads']) ? 'checked="checked"' : '';
$secure_downloads_no = (!$new['secure_downloads']) ? 'checked="checked"' : '';
$secure_allow_deny_yes = ($new['secure_allow_deny']) ? 'checked="checked"' : '';
$secure_allow_deny_no = (!$new['secure_allow_deny']) ? 'checked="checked"' : '';
$secure_allow_empty_referer_yes = ($new['secure_allow_empty_referer']) ? 'checked="checked"' : '';
$secure_allow_empty_referer_no = (!$new['secure_allow_empty_referer']) ? 'checked="checked"' : '';
?>
<tr>
@ -282,6 +300,18 @@ switch ($mode)
<td class="row1"><b><?php echo $user->lang['MAX_ATTACHMENTS_PM'] ?>: </b></td>
<td class="row2"><input type="text" size="3" maxlength="3" name="max_attachments_pm" class="post" value="<?php echo $new['max_attachments_pm']; ?>" /></td>
</tr>
<tr>
<td class="row1"><b><?php echo $user->lang['SECURE_DOWNLOADS']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['SECURE_DOWNLOADS_EXPLAIN']; ?></span></td>
<td class="row2"><input type="radio" name="secure_downloads" value="1" <?php echo $secure_downloads_yes ?> /> <?php echo $user->lang['YES']; ?>&nbsp;&nbsp;<input type="radio" name="secure_downloads" value="0" <?php echo $secure_downloads_no ?> /> <?php echo $user->lang['NO']; ?></td>
</tr>
<tr>
<td class="row1"><b><?php echo $user->lang['SECURE_ALLOW_DENY']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['SECURE_ALLOW_DENY_EXPLAIN']; ?></span></td>
<td class="row2"><input type="radio" name="secure_allow_deny" value="1" <?php echo $secure_allow_deny_yes ?> /> <?php echo $user->lang['ORDER_ALLOW_DENY']; ?>&nbsp;&nbsp;<input type="radio" name="secure_allow_deny" value="0" <?php echo $secure_allow_deny_no ?> /> <?php echo $user->lang['ORDER_DENY_ALLOW']; ?></td>
</tr>
<tr>
<td class="row1"><b><?php echo $user->lang['SECURE_EMPTY_REFERER']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['SECURE_EMPTY_REFERER_EXPLAIN']; ?></span></td>
<td class="row2"><input type="radio" name="secure_allow_empty_referer" value="1" <?php echo $secure_allow_empty_referer_yes ?> /> <?php echo $user->lang['YES']; ?>&nbsp;&nbsp;<input type="radio" name="secure_allow_empty_referer" value="0" <?php echo $secure_allow_empty_referer_no ?> /> <?php echo $user->lang['NO']; ?></td>
</tr>
<tr>
<th align="center" colspan="2"><?php echo $user->lang['SETTINGS_CAT_IMAGES']; ?></th>
</tr>
@ -294,13 +324,13 @@ switch ($mode)
</tr>
<?php
// Check Thumbnail Support
if (!$new['img_imagick'] && !count(get_supported_image_types()))
{
$new['img_create_thumbnail'] = '0';
}
else
{
// Check Thumbnail Support
if (!$new['img_imagick'] && !count(get_supported_image_types()))
{
$new['img_create_thumbnail'] = '0';
}
else
{
?>
<tr>
@ -313,7 +343,7 @@ switch ($mode)
</tr>
<?php
}
}
?>
<tr>
@ -328,7 +358,86 @@ switch ($mode)
<td class="row1"><b><?php echo $user->lang['IMAGE_LINK_SIZE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['IMAGE_LINK_SIZE_EXPLAIN']; ?></span></td>
<td class="row2"><input type="text" size="3" maxlength="4" name="img_link_width" value="<?php echo $new['img_link_width']; ?>" class="post" /> px X <input type="text" size="3" maxlength="4" name="img_link_height" value="<?php echo $new['img_link_height']; ?>" class="post" /> px</td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" /></td>
</tr>
</table>
<?php
// Secure Download Options - Same procedure as with banning
if ($new['secure_downloads'])
{
$allow_deny = ($new['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED';
$sql = 'SELECT *
FROM ' . SITELIST_TABLE;
$result = $db->sql_query($sql);
$defined_ips = '';
$ips = array();
while ($row = $db->sql_fetchrow($result))
{
$value = ($row['site_ip']) ? $row['site_ip'] : $row['site_hostname'];
if ($value)
{
$defined_ips .= '<option' . (($row['ip_exclude']) ? ' class="sep"' : '') . ' value="' . $row['site_id'] . '">' . $value . '</option>';
$ips[$row['site_id']] = $value;
}
}
$db->sql_freeresult($result);
?>
<br />
<table class="bg" width="95%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $user->lang['DEFINE_' . $allow_deny . '_IPS']; ?></th>
</tr>
<tr>
<td colspan="2" class="row3"><?php echo $user->lang['DOWNLOAD_ADD_IPS_EXPLAIN']; ?></td>
<tr>
<td class="row1" width="45%"><b><?php echo $user->lang['IP_HOSTNAME']; ?>: </b></td>
<td class="row2"><textarea cols="40" rows="3" name="ips"></textarea></td>
</tr>
<tr>
<td class="row1" width="45%"><b><?php echo $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['EXCLUDE_ENTERED_IP']; ?></span></td>
<td class="row2"><input type="radio" name="ipexclude" value="1" /> <?php echo $user->lang['YES']; ?> &nbsp; <input type="radio" name="ipexclude" value="0" checked="checked" /> <?php echo $user->lang['NO']; ?></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="securesubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" />&nbsp; </td>
</tr>
<tr>
<th colspan="2"><?php echo $user->lang['REMOVE_' . $allow_deny . '_IPS']; ?></th>
</tr>
<?php
if ($defined_ips != '')
{
?>
<tr>
<td colspan="2" class="row3"><?php echo $user->lang['DOWNLOAD_REMOVE_IPS_EXPLAIN']; ?></td>
<tr>
<tr>
<td class="row1" width="45%"><?php echo $user->lang['IP_HOSTNAME']; ?>: <br /></td>
<td class="row2"> <select name="unip[]" multiple="multiple" size="10"><?php echo $defined_ips; ?></select></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unsecuresubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" /></td>
</tr>
<?php
}
else
{
?>
<tr>
<td class="row1" colspan="2" align="center"><?php echo $user->lang['NO_IPS_DEFINED']; ?></td>
</tr>
<?php
}
}
?>
</table>
<?php
break;
@ -676,6 +785,10 @@ switch ($mode)
<td class="row1"><b><?php echo $user->lang['BOARD_EMAIL_FORM']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['BOARD_EMAIL_FORM_EXPLAIN']; ?></span></td>
<td class="row2"><input type="radio" name="board_email_form" value="1" <?php echo $board_email_form_yes; ?> /> <?php echo $user->lang['ENABLED']; ?>&nbsp;&nbsp;<input type="radio" name="board_email_form" value="0" <?php echo $board_email_form_no; ?> /> <?php echo $user->lang['DISABLED']; ?></td>
</tr>
<tr>
<td class="row1"><b><?php echo $user->lang['EMAIL_FUNCTION_NAME']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['EMAIL_FUNCTION_NAME_EXPLAIN']; ?></span></td>
<td class="row2"><input class="post" type="text" size="20" maxlength="50" name="email_function_name" value="<?php echo $new['email_function_name']; ?>" /></td>
</tr>
<tr>
<td class="row1"><b><?php echo $user->lang['EMAIL_PACKAGE_SIZE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['EMAIL_PACKAGE_SIZE_EXPLAIN']; ?></span></td>
<td class="row2"><input class="post" type="text" size="5" maxlength="5" name="email_package_size" value="<?php echo $new['email_package_size']; ?>" /></td>
@ -971,11 +1084,17 @@ switch ($mode)
break;
}
if ($mode != 'attach')
{
?>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" /></td>
</tr>
</table></form>
</table>
<?php
}
?>
</form>
<?php
@ -1049,4 +1168,181 @@ function test_upload(&$error, $upload_dir, $create_directory = false)
}
}
function perform_site_list()
{
global $db, $user;
if (isset($_REQUEST['securesubmit']))
{
// Grab the list of entries
$ips = request_var('ips', '');
$ip_list = array_unique(explode("\n", $ips));
$ip_list_log = implode(', ', $ip_list);
$ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0;
$iplist = array();
$hostlist = array();
foreach ($ip_list as $item)
{
if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($item), $ip_range_explode))
{
// Don't ask about all this, just don't ask ... !
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while ($ip_1_counter <= $ip_1_end)
{
$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
if($ip_2_counter == 0 && $ip_2_end == 254)
{
$ip_2_counter = 256;
$ip_2_fragment = 256;
$iplist[] = "'$ip_1_counter.*'";
}
while ($ip_2_counter <= $ip_2_end)
{
$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
if ($ip_3_counter == 0 && $ip_3_end == 254)
{
$ip_3_counter = 256;
$ip_3_fragment = 256;
$iplist[] = "'$ip_1_counter.$ip_2_counter.*'";
}
while ($ip_3_counter <= $ip_3_end)
{
$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
if ($ip_4_counter == 0 && $ip_4_end == 254)
{
$ip_4_counter = 256;
$ip_4_fragment = 256;
$iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
}
while ($ip_4_counter <= $ip_4_end)
{
$iplist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($item)))
{
$iplist[] = "'" . trim($item) . "'";
}
else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($item)))
{
$hostlist[] = "'" . trim($item) . "'";
}
else if (preg_match("#^([a-z0-9\-\*\._/]+?)$#is", trim($item)))
{
$hostlist[] = "'" . trim($item) . "'";
}
}
$sql = 'SELECT site_ip, site_hostname
FROM ' . SITELIST_TABLE . "
WHERE ip_exclude = $ip_exclude";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$iplist_tmp = array();
$hostlist_tmp = array();
do
{
if ($row['site_ip'])
{
$iplist_tmp[] = "'" . $row['site_ip'] . "'";
}
else if ($row['site_hostname'])
{
$hostlist_tmp[] = "'" . $row['site_hostname'] . "'";
}
break;
}
while ($row = $db->sql_fetchrow($result));
$iplist = array_unique(array_diff($iplist, $iplist_tmp));
$hostlist = array_unique(array_diff($hostlist, $hostlist_tmp));
unset($iplist_tmp);
unset($hostlist_tmp);
}
if (sizeof($iplist))
{
foreach ($iplist as $ip_entry)
{
$sql = 'INSERT INTO ' . SITELIST_TABLE . " (site_ip, ip_exclude)
VALUES ($ip_entry, $ip_exclude)";
$db->sql_query($sql);
}
}
if (sizeof($hostlist))
{
foreach ($hostlist as $host_entry)
{
$sql = 'INSERT INTO ' . SITELIST_TABLE . ' (site_hostname, ip_exclude)
VALUES ($host_entry, $ip_exclude)";
$db->sql_query($sql);
}
}
if (!empty($ip_list_log))
{
// Update log
$log_entry = ($ip_exclude) ? 'LOG_DOWNLOAD_EXCLUDE_IP' : 'LOG_DOWNLOAD_IP';
add_log('admin', $log_entry, $ip_list_log);
}
trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCESSFUL']);
}
else if (isset($_POST['unsecuresubmit']))
{
$unip_sql = implode(', ', array_map('intval', $_POST['unip']));
if ($unip_sql != '')
{
$l_unip_list = '';
// Grab details of ips for logging information later
$sql = 'SELECT site_ip, site_hostname
FROM ' . SITELIST_TABLE . "
WHERE site_id IN ($unip_sql)";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']);
}
$sql = 'DELETE FROM ' . SITELIST_TABLE . "
WHERE site_id IN ($unip_sql)";
$db->sql_query($sql);
add_log('admin', 'LOG_DOWNLOAD_REMOVE_IP', $l_unip_list);
}
trigger_error($user->lang['SECURE_DOWNLOAD_UPDATE_SUCESSFUL']);
}
}
?>

1
phpBB/common.php
View File

@ -181,6 +181,7 @@ define('SEARCH_TABLE', $table_prefix.'search_results');
define('SEARCH_WORD_TABLE', $table_prefix.'search_wordlist');
define('SEARCH_MATCH_TABLE', $table_prefix.'search_wordmatch');
define('SESSIONS_TABLE', $table_prefix.'sessions');
define('SITELIST_TABLE', $table_prefix.'sitelist');
define('SMILIES_TABLE', $table_prefix.'smilies');
define('STYLES_TABLE', $table_prefix.'styles');
define('STYLES_TPL_TABLE', $table_prefix.'styles_template');

100
phpBB/download.php
View File

@ -77,6 +77,11 @@ if (!in_array($attachment['extension'], $extensions['_allowed_']))
trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
}
if (!download_allowed())
{
trigger_error($user->lang['LINKAGE_FORBIDDEN']);
}
$download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
if ($thumbnail)
@ -197,6 +202,101 @@ function send_file_to_browser($attachment, $upload_dir, $category)
flush();
exit;
}
function download_allowed()
{
global $config, $user, $db;
if (!$config['secure_downloads'])
{
return true;
}
$url = trim(getenv('HTTP_REFERER'));
if ($url == '')
{
$url = trim($_SERVER['HTTP_REFERER']);
}
if ($url == '')
{
return ($config['secure_allow_empty_referer']) ? true : false;
}
// Split URL into domain and script part
$url = explode('?', str_replace(array('http://', 'https://'), array('', ''), $url));
$hostname = trim($url[0]);
unset($url);
$allowed = ($config['secure_allow_deny']) ? FALSE : TRUE;
$iplist = array();
$ip_ary = gethostbynamel($hostname);
foreach ($ip_ary as $ip)
{
if (!empty($ip))
{
$iplist[] = $ip;
}
}
// Check for own server...
if (preg_match('#^.*?' . $config['server_name'] . '.*?$#i', $hostname))
{
$allowed = true;
}
// Get IP's and Hostnames
if (!$allowed)
{
$sql = 'SELECT site_ip, site_hostname, ip_exclude
FROM ' . SITELIST_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (!empty($row['site_ip']))
{
foreach ($iplist as $ip)
{
if (preg_match('#^' . str_replace('*', '.*?', $row['site_ip']) . '$#i', $ip))
{
if (!empty($row['ip_exclude']))
{
$allowed = ($config['secure_allow_deny']) ? false : true;
break 2;
}
else
{
$allowed = ($config['secure_allow_deny']) ? true : false;
}
}
}
}
if (!empty($row['site_hostname']))
{
if (preg_match('#^' . str_replace('*', '.*?', $row['site_hostname']) . '$#i', $hostname))
{
if (!empty($row['ip_exclude']))
{
$allowed = ($config['secure_allow_deny']) ? false : true;
break;
}
else
{
$allowed = ($config['secure_allow_deny']) ? true : false;
}
}
}
}
$db->sql_freeresult($result);
}
return $allowed;
}
//
// FUNCTIONS
// ---------

20
phpBB/includes/functions_messenger.php
View File

@ -272,8 +272,10 @@ class messenger
$headers .= 'Date: ' . gmdate('D, d M Y H:i:s T', time()) . "\n";
$headers .= "X-Priority: 3\n";
$headers .= "X-MSMail-Priority: Normal\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "X-MimeOLE: Produced By phpBB2\n";
$headers .= "X-Mailer: PhpBB\n";
$headers .= "X-MimeOLE: phpBB\n";
$headers .= "X-phpBB-Origin: phpbb://" . str_replace(array('http://', 'https://'), array('', ''), generate_board_url()) . "\n";
$headers .= ($this->extra_headers != '') ? $this->extra_headers : '';
$headers .= "Content-type: text/plain; charset=" . $this->encoding . "\n";
$headers .= "Content-transfer-encoding: 8bit\n";
@ -281,9 +283,9 @@ class messenger
// Send message ... removed $this->encode() from subject for time being
if (!$use_queue)
{
$mail_to = ($to == '') ? 'Undisclosed-Recipients:;' : $to;
$mail_to = ($to == '') ? 'Undisclosed-Recipient:;' : $to;
$err_msg = '';
$result = ($config['smtp_delivery']) ? smtpmail($this->addresses, $this->subject, $this->msg, $err_msg, $headers) : @mail($mail_to, $this->subject, preg_replace("#(?<!\r)\n#s", "\n", $this->msg), $headers);
$result = ($config['smtp_delivery']) ? smtpmail($this->addresses, $this->subject, $this->msg, $err_msg, $headers) : @$config['mail_function_name']($mail_to, $this->subject, implode("\n", preg_split("/\r?\n/", $this->msg)), $headers);
if (!$result)
{
@ -406,7 +408,7 @@ class queue
$this->data[$object]['data'][] = $scope;
}
// Thinking about a lock file...
// Using lock file...
function process()
{
global $db, $config, $phpEx, $phpbb_root_path;
@ -483,10 +485,10 @@ class queue
{
case 'email':
$err_msg = '';
$to = (!$to) ? 'Undisclosed-Recipients:;' : $to;
$to = (!$to) ? 'Undisclosed-Recipient:;' : $to;
$result = ($config['smtp_delivery']) ? smtpmail($addresses, $subject, $msg, $err_msg, $headers) : $config['email_function_name']($to, $subject, implode("\n", preg_split("/\r?\n/", $msg)), $headers);
$result = ($config['smtp_delivery']) ? smtpmail($addresses, $subject, $msg, $err_msg, $headers) : mail($to, $subject, preg_replace("#(?<!\r)\n#s", "\r\n", $msg), $headers);
if (!$result)
{
@unlink($this->cache_file . '.lock');
@ -562,7 +564,7 @@ class queue
$file = '<?php $this->queue_data = ' . $this->format_array($this->data) . '; ?>';
if ($fp = @fopen($this->cache_file, 'w'))
if ($fp = fopen($this->cache_file, 'w'))
{
@flock($fp, LOCK_EX);
fwrite($fp, $file);

8
phpBB/includes/message_parser.php
View File

@ -752,13 +752,7 @@ class parse_message
unset($this->attachment_data[$index]);
// Reindex Array
$attachment_data = $this->attachment_data;
unset($this->attachment_data);
foreach ($attachment_data as $element)
{
$this->attachment_data[] = $element;
}
unset($attachment_data);
$this->attachment_data = array_values($this->attachment_data);
}
else if ($edit_comment || $add_file || $preview)
{

9
phpBB/install/schemas/mysql_schema.sql
View File

@ -481,6 +481,15 @@ CREATE TABLE phpbb_sessions (
KEY session_user_id (session_user_id)
);
# Table: 'phpbb_sitelist'
CREATE TABLE phpbb_sitelist (
site_id mediumint(8) UNSIGNED NOT NULL auto_increment,
site_ip varchar(40) DEFAULT '' NOT NULL,
site_hostname varchar(255) DEFAULT '' NOT NULL,
ip_exclude tinyint(1) DEFAULT '0' NOT NULL,
PRIMARY KEY (site_id)
)
# Table: 'phpbb_smilies'
CREATE TABLE phpbb_smilies (
smile_id tinyint(4) UNSIGNED NOT NULL auto_increment,

4
phpBB/install/schemas/schema_data.sql
View File

@ -91,6 +91,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('display_last_edite
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_sig','Thanks, The Management');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email','address@yourdomain.tld');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_contact','contact@yourdomain.tld');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_function_name','mail');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_package_size','50');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_delivery','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_host','');
@ -143,6 +144,9 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_attachments_pm
INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_pm_attach', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_dir', 'files');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_display_inlined','1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('secure_downloads', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('secure_allow_deny', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('secure_allow_empty_referer', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_width','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_height','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_link_width','0');

32
phpBB/language/en/lang_admin.php
View File

@ -127,6 +127,10 @@ $lang += array(
'LOG_UNBAN_IP' => '<b>Unbanned ip</b><br />&#187; %s',
'LOG_UNBAN_EMAIL' => '<b>Unbanned email</b><br />&#187; %s',
'LOG_DOWNLOAD_EXCLUDE_IP' => '<b>Exluded ip/hostname from download list</b><br />&#187; %s',
'LOG_DOWNLOAD_IP' => '<b>Added ip/hostname to download list</b><br />&#187; %s',
'LOG_DOWNLOAD_REMOVE_IP' => '<b>Removed ip/hostname from download list</b><br />&#187; %s',
'LOG_SERVER_CONFIG' => '<b>Altered server settings</b>',
'LOG_DEFAULT_CONFIG' => '<b>Altered board defaults</b>',
'LOG_SETTING_CONFIG' => '<b>Altered board settings</b>',
@ -669,6 +673,8 @@ $lang += array(
'ENABLE_EMAIL_EXPLAIN' => 'If this is set to disabled no emails will be sent by the board at all.',
'BOARD_EMAIL_FORM' => 'Users send email via board',
'BOARD_EMAIL_FORM_EXPLAIN' => 'This function keeps email addresses completely private.',
'EMAIL_FUNCTION_NAME' => 'Email Function Name',
'EMAIL_FUNCTION_NAME_EXPLAIN' => 'The email function used to send mails through PHP.',
'EMAIL_PACKAGE_SIZE' => 'Email Package Size',
'EMAIL_PACKAGE_SIZE_EXPLAIN' => 'This is the number of emails sent in one package.',
'ADMIN_EMAIL' => 'Return Email Address',
@ -1687,14 +1693,36 @@ $lang += array(
'NOT_ASSIGNED' => 'Not assigned',
'ORPHAN_ATTACHMENTS' => 'Orphan Attachments', // Title
'ORPHAN_ATTACHMENTS_EXPLAIN'=> 'Here you are able to see files within the Attachments upload directory but not assigned to posts. This happens mostly if users are attaching files but not submitting the post. You are able to delete the files or attach them to existing posts. Attaching to posts requires a valid post id, you have to determine this id by yourself, this feature is mainly for those people wanting to upload files with another program and assigning those (mostly large) files to an existing post.',
'ORPHAN_ATTACHMENTS_EXPLAIN' => 'Here you are able to see files within the Attachments upload directory but not assigned to posts. This happens mostly if users are attaching files but not submitting the post. You are able to delete the files or attach them to existing posts. Attaching to posts requires a valid post id, you have to determine this id by yourself, this feature is mainly for those people wanting to upload files with another program and assigning those (mostly large) files to an existing post.',
'UPLOADING_FILES' => 'Uploading Files',
'UPLOADING_FILE_TO' => 'Uploading File "%1$s" to Post Number %2$d...',
'UPLOAD_DENIED_FORUM' => 'You do not have the permission to upload files to forum "%s"',
'ATTACH_POST_ID' => 'Post ID',
'ATTACH_TO_POST' => 'Attach file to post',
'SUCCESSFULLY_UPLOADED' => 'Succeessfully uploaded',
'ADMIN_UPLOAD_ERROR' => 'Errors while trying to attach file: %s'
'ADMIN_UPLOAD_ERROR' => 'Errors while trying to attach file: %s',
'SECURE_DOWNLOADS' => 'Enable secure downloads',
'SECURE_DOWNLOADS_EXPLAIN' => 'With this option enabled, downloads are limited to ip\'s/hostnames you defined.',
'SECURE_ALLOW_DENY' => 'Allow/Deny Order',
'SECURE_ALLOW_DENY_EXPLAIN' => 'This setting only applies to downloading files',
'ORDER_ALLOW_DENY' => 'Allow listed IPs, deny all others',
'ORDER_DENY_ALLOW' => 'Deny listed IPs, allow all others',
'SECURE_EMPTY_REFERER' => 'Allow empty referer',
'SECURE_EMPTY_REFERER_EXPLAIN' => 'Secure downloads are based on referers. Do you want to allow downloads for those ommitting the referer?',
'DEFINE_ALLOWED_IPS' => 'Define allowed IPs/Hostnames',
'DEFINE_DISALLOWED_IPS' => 'Define disallowed IPs/Hostnames',
'EXCLUDE_FROM_ALLOWED_IP' => 'Exclude IP from allowed IPs/Hostnames',
'EXCLUDE_FROM_DISALLOWED_IP' => 'Exclude IP from disallowed IPs/Hostnames',
'REMOVE_ALLOWED_IPS' => 'Remove or Un-exclude allowed IPs/Hostnames',
'REMOVE_DISALLOWED_IPS' => 'Remove or Un-exclude disallowed IPs/Hostnames',
'DOWNLOAD_ADD_IPS_EXPLAIN' => 'To specify several different IP\'s or hostnames enter each on a new line. To specify a range of IP addresses separate the start and end with a hyphen (-), to specify a wildcard use *',
'DOWNLOAD_REMOVE_IPS_EXPLAIN' => 'You can remove (or un-exclude) multiple IP addresses in one go using the appropriate combination of mouse and keyboard for your computer and browser. Excluded IP\'s have a blue background.',
'EXCLUDE_ENTERED_IP' => 'Enable this to exclude the entered IP/Hostname.',
'NO_IPS_DEFINED' => 'No IPs or Hostnames defined',
'SECURE_DOWNLOAD_UPDATE_SUCESSFUL' => 'The IP list has been updated successfully'
);
// Installation

4
phpBB/language/en/lang_main.php
View File

@ -684,6 +684,10 @@ $lang += array(
'DOWNLOAD_NONE' => '0 Times', // replace %d with count
'DOWNLOAD_COUNT' => '%d Time', // replace %d with count
'DOWNLOAD_COUNTS' => '%d Times', // replace %d with count
'LINKAGE_FORBIDDEN' => 'You are not authorized to view, download or link from/to this Site.',
'NO_ATTACHMENT_SELECTED' => 'You haven\'t selected an attachment to download or view.',
'ERROR_NO_ATTACHMENT' => 'The selected Attachment does not exist anymore'
);
// ucp_main

210
phpBB/posting.php
View File

@ -511,7 +511,7 @@ if ($submit || $preview || $refresh)
$enable_bbcode = (!$bbcode_status || !empty($_POST['disable_bbcode'])) ? FALSE : TRUE;
$enable_smilies = (!$smilies_status || !empty($_POST['disable_smilies'])) ? FALSE : TRUE;
$enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1;
$enable_sig = (!$config['allow_sig']) ? FALSE : ((!empty($_POST['attach_sig'])) ? TRUE : FALSE);
$enable_sig = (!$config['allow_sig']) ? FALSE : ((!empty($_POST['attach_sig']) && $user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE);
$notify = (!empty($_POST['notify'])) ? TRUE : FALSE;
$topic_lock = (isset($_POST['lock_topic'])) ? TRUE : FALSE;
@ -1034,7 +1034,7 @@ $template->assign_vars(array(
'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '',
'S_SMILIES_ALLOWED' => $smilies_status,
'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',
'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig']) ? TRUE : FALSE,
'S_SIG_ALLOWED' => ($auth->acl_get('f_sigs', $forum_id) && $config['allow_sig'] && $user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE,
'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '',
'S_NOTIFY_ALLOWED' => ($user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE,
'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '',
@ -1151,7 +1151,7 @@ page_footer();
// User Notification
function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id, $topic_id, $post_id)
{
global $db, $user, $censors, $config, $phpbb_root_path, $phpEx;
global $db, $user, $censors, $config, $phpbb_root_path, $phpEx, $auth;
$topic_notification = ($mode == 'reply' || $mode == 'quote') ? TRUE : FALSE;
$forum_notification = ($mode == 'post') ? TRUE : FALSE;
@ -1251,25 +1251,23 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
return;
}
/*
foreach (discover_auth(array_keys($notify_rows), array('f_read'), $forum_id) as $user_id => $forum_ary)
foreach ($auth->acl_get_list(array_keys($notify_rows), 'f_read', $forum_id) as $forum_id => $forum_ary)
{
foreach ($forum_ary as $forum_id => $option_ary)
foreach ($forum_ary as $auth_option => $user_ary)
{
if (array_sum(array_values($option_ary)))
foreach ($user_ary as $user_id)
{
$notify_rows[$user_id]['allowed'] = true;
break;
}
}
}
*/
// Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;)
$email_users = $delete_ids = $update_notification = array();
foreach ($notify_rows as $user_id => $row)
{//!$row['allowed'] ||
if (!trim($row['user_email']))
{
if (!$row['allowed'] || !trim($row['user_email']))
{
$delete_ids[$row['notify_type']][] = $row['user_id'];
}
@ -1281,10 +1279,6 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
}
unset($notify_rows);
// Now, we are able to really send out notifications
if (sizeof($msg_users))
{
@ -1298,11 +1292,11 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
{
$pos = sizeof($msg_list_ary[$row['template']]);
$msg_list_ary[$row['template']][$pos]['method'] = $row['method'];
$msg_list_ary[$row['template']][$pos]['email'] = $row['user_email'];
$msg_list_ary[$row['template']][$pos]['jabber'] = $row['user_jabber'];
$msg_list_ary[$row['template']][$pos]['name'] = $row['username'];
$msg_list_ary[$row['template']][$pos]['lang'] = $row['user_lang'];
$msg_list_ary[$row['template']][$pos]['method'] = $row['method'];
$msg_list_ary[$row['template']][$pos]['email'] = $row['user_email'];
$msg_list_ary[$row['template']][$pos]['jabber'] = $row['user_jabber'];
$msg_list_ary[$row['template']][$pos]['name'] = $row['username'];
$msg_list_ary[$row['template']][$pos]['lang'] = $row['user_lang'];
}
unset($email_users);
@ -1523,7 +1517,7 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
$db->sql_transaction('commit');
// Collect the necessary informations for updating the tables
$sql_data['forum'] = '';
$sql_data[FORUMS_TABLE] = '';
switch ($post_mode)
{
case 'delete_topic':
@ -1532,16 +1526,13 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data['forum'] .= 'forum_posts = forum_posts - 1, forum_topics_real = forum_topics_real - 1';
$sql_data['forum'] .= ($data['topic_approved']) ? ', forum_topics = forum_topics - 1' : '';
$sql_data[FORUMS_TABLE] .= 'forum_posts = forum_posts - 1, forum_topics_real = forum_topics_real - 1';
$sql_data[FORUMS_TABLE] .= ($data['topic_approved']) ? ', forum_topics = forum_topics - 1' : '';
}
$update = update_last_post_information('forum', $forum_id);
if (sizeof($update))
{
$sql_data['forum'] .= ($sql_data['forum'] != '') ? ', ' . implode(', ', $update) : implode(', ', $update);
}
$sql_data['topic'] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$sql_data[FORUMS_TABLE] .= ($sql_data[FORUMS_TABLE] != '') ? ', ' : '';
$sql_data[FORUMS_TABLE] .= implode(', ', update_last_post_information('forum', $forum_id));
$sql_data[TOPICS_TABLE] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
break;
case 'delete_first_post':
@ -1557,11 +1548,11 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data['forum'] = 'forum_posts = forum_posts - 1';
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
}
$sql_data['topic'] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
$sql_data['topic'] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$sql_data[TOPICS_TABLE] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
$sql_data[TOPICS_TABLE] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$next_post_id = (int) $row['post_id'];
break;
@ -1569,20 +1560,17 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
case 'delete_last_post':
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data['forum'] = 'forum_posts = forum_posts - 1';
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
}
$update = update_last_post_information('forum', $forum_id);
if (sizeof($update))
{
$sql_data['forum'] .= ($sql_data['forum'] != '') ? ', ' . implode(', ', $update) : implode(', ', $update);
}
$sql_data['topic'] = 'topic_bumped = 0, topic_bumper = 0, topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$sql_data[FORUMS_TABLE] .= ($sql_data[FORUMS_TABLE] != '') ? ', ' : '';
$sql_data[FORUMS_TABLE] .= implode(', ', update_last_post_information('forum', $forum_id));
$sql_data[TOPICS_TABLE] = 'topic_bumped = 0, topic_bumper = 0, topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$update = update_last_post_information('topic', $topic_id);
if (sizeof($update))
{
$sql_data['topic'] .= ', ' . implode(', ', $update);
$sql_data[TOPICS_TABLE] .= ', ' . implode(', ', $update);
$next_post_id = (int) str_replace('topic_last_post_id = ', '', $update[0]);
}
else
@ -1613,37 +1601,26 @@ function delete_post($mode, $post_id, $topic_id, $forum_id, $data)
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data['forum'] = 'forum_posts = forum_posts - 1';
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
}
$sql_data['topic'] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$sql_data[TOPICS_TABLE] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
$next_post_id = (int) $row['post_id'];
}
$sql_data['user'] = ($auth->acl_get('f_postcount', $forum_id)) ? 'user_posts = user_posts - 1' : '';
$sql_data[USERS_TABLE] = ($auth->acl_get('f_postcount', $forum_id)) ? 'user_posts = user_posts - 1' : '';
set_config('num_posts', $config['num_posts'] - 1, TRUE);
$db->sql_transaction();
if (isset($sql_data['forum']) && $sql_data['forum'] != '')
{
$db->sql_query('UPDATE ' . FORUMS_TABLE . '
SET ' . $sql_data['forum'] . "
WHERE forum_id = $forum_id");
}
$where_sql = array(FORUMS_TABLE => "forum_id = $forum_id", TOPICS_TABLE => "topic_id = $topic_id", USERS_TABLE => 'user_id = ' . $data['poster_id']);
if (isset($sql_data['topic']) && $sql_data['topic'] != '')
foreach ($sql_data as $table => $update_sql)
{
$db->sql_query('UPDATE ' . TOPICS_TABLE . '
SET ' . $sql_data['topic'] . "
WHERE topic_id = $topic_id");
}
if (isset($sql_data['user']) && $sql_data['user'] != '')
{
$db->sql_query('UPDATE ' . USERS_TABLE . '
SET ' . $sql_data['user'] . '
WHERE user_id = ' . $data['poster_id']);
if ($update_sql != '')
{
$db->sql_query("UPDATE $table SET $update_sql WHERE " . $where_sql[$table]);
}
}
$db->sql_transaction('commit');
@ -1688,7 +1665,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
case 'post':
case 'reply':
$sql_data['post']['sql'] = array(
$sql_data[POSTS_TABLE]['sql'] = array(
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
'poster_id' => (int) $user->data['user_id'],
'icon_id' => $data['icon_id'],
@ -1716,17 +1693,17 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
case 'edit':
if (!$auth->acl_gets('m_', 'a_'))
{
$sql_data['post']['sql'] = array(
$sql_data[POSTS_TABLE]['sql'] = array(
'post_edit_time' => $current_time
);
$sql_data['post']['stat'][] = 'post_edit_count = post_edit_count + 1';
$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';
}
case 'edit_topic':
case 'edit_last_post':
$sql_data['post']['sql'] = array_merge($sql_data['post']['sql'], array(
$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array(
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
'poster_id' => $data['poster_id'],
'icon_id' => $data['icon_id'],
@ -1753,7 +1730,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
switch ($post_mode)
{
case 'post':
$sql_data['topic']['sql'] = array(
$sql_data[TOPICS_TABLE]['sql'] = array(
'topic_poster' => (int) $user->data['user_id'],
'topic_time' => $current_time,
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
@ -1768,7 +1745,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
if (!empty($poll['poll_options']))
{
$sql_data['topic']['sql'] = array_merge($sql_data['topic']['sql'], array(
$sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array(
'poll_title' => $poll['poll_title'],
'poll_start' => ($poll['poll_start']) ? $poll['poll_start'] : $current_time,
'poll_max_options' => $poll['poll_max_options'],
@ -1776,22 +1753,21 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
);
}
$sql_data['user']['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
$sql_data['forum']['stat'][] = 'forum_posts = forum_posts + 1'; //(!$auth->acl_get('f_moderate', $data['forum_id'])) ? 'forum_posts = forum_posts + 1' : '';
$sql_data['forum']['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', forum_topics = forum_topics + 1' : '');
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; //(!$auth->acl_get('f_moderate', $data['forum_id'])) ? 'forum_posts = forum_posts + 1' : '';
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', forum_topics = forum_topics + 1' : '');
break;
case 'reply':
$sql_data['topic']['stat'][] = 'topic_replies_real = topic_replies_real + 1' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', topic_replies = topic_replies + 1' : '');
$sql_data['topic']['stat'][] = 'topic_bumped = 0, topic_bumper = 0';
$sql_data['user']['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
$sql_data['forum']['stat'][] = 'forum_posts = forum_posts + 1'; //(!$auth->acl_get('f_moderate', $data['forum_id'])) ? 'forum_posts = forum_posts + 1' : '';
$sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies_real = topic_replies_real + 1, topic_bumped = 0, topic_bumper = 0' . ((!$auth->acl_get('f_moderate', $data['forum_id'])) ? ', topic_replies = topic_replies + 1' : '');
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = $current_time" . (($auth->acl_get('f_postcount', $data['forum_id'])) ? ', user_posts = user_posts + 1' : '');
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + 1'; //(!$auth->acl_get('f_moderate', $data['forum_id'])) ? 'forum_posts = forum_posts + 1' : '';
break;
case 'edit_topic':
case 'edit_first_post':
$sql_data['topic']['sql'] = array(
$sql_data[TOPICS_TABLE]['sql'] = array(
'forum_id' => ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id'],
'icon_id' => $data['icon_id'],
'topic_approved' => ($auth->acl_get('f_moderate', $data['forum_id'])) ? 0 : 1,
@ -1815,15 +1791,15 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
if ($post_mode == 'post')
{
$sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' .
$db->sql_build_array('INSERT', $sql_data['topic']['sql']);
$db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']);
$db->sql_query($sql);
$data['topic_id'] = $db->sql_nextid();
$sql_data['post']['sql'] = array_merge($sql_data['post']['sql'], array(
$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array(
'topic_id' => $data['topic_id'])
);
unset($sql_data['topic']['sql']);
unset($sql_data[TOPICS_TABLE]['sql']);
}
// Submit new post
@ -1831,19 +1807,19 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
if ($post_mode == 'reply')
{
$sql_data['post']['sql'] = array_merge($sql_data['post']['sql'], array(
$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array(
'topic_id' => $data['topic_id'])
);
}
$sql = 'INSERT INTO ' . POSTS_TABLE . ' ' .
$db->sql_build_array('INSERT', $sql_data['post']['sql']);
$db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']);
$db->sql_query($sql);
$data['post_id'] = $db->sql_nextid();
if ($post_mode == 'post')
{
$sql_data['topic']['sql'] = array(
$sql_data[TOPICS_TABLE]['sql'] = array(
'topic_first_post_id' => $data['post_id'],
'topic_last_post_id' => $data['post_id'],
'topic_last_post_time' => $current_time,
@ -1852,7 +1828,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
);
}
unset($sql_data['post']['sql']);
unset($sql_data[POSTS_TABLE]['sql']);
}
$make_global = FALSE;
@ -1872,36 +1848,36 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
{
// Decrement topic/post count
$make_global = TRUE;
$sql_data['forum']['stat'] = array();
$sql_data[FORUMS_TABLE]['stat'] = array();
$sql_data['forum']['stat'][] = 'forum_posts = forum_posts - ' . ($row['topic_replies_real'] + 1);
$sql_data['forum']['stat'][] = 'forum_topics_real = forum_topics_real - 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics - 1' : '');
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - ' . ($row['topic_replies_real'] + 1);
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real - 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics - 1' : '');
}
// unglobalise
else if ((int)$row['topic_type'] == POST_GLOBAL && $topic_type != POST_GLOBAL)
{
// Increment topic/post count
$make_global = TRUE;
$sql_data['forum']['stat'] = array();
$sql_data[FORUMS_TABLE]['stat'] = array();
$sql_data['forum']['stat'][] = 'forum_posts = forum_posts + ' . ($row['topic_replies_real'] + 1);
$sql_data['forum']['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics + 1' : '');
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts + ' . ($row['topic_replies_real'] + 1);
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_real = forum_topics_real + 1' . (($row['topic_approved']) ? ', forum_topics = forum_topics + 1' : '');
}
}
// Update the topics table
if (isset($sql_data['topic']['sql']))
if (isset($sql_data[TOPICS_TABLE]['sql']))
{
$db->sql_query('UPDATE ' . TOPICS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_data['topic']['sql']) . '
SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . '
WHERE topic_id = ' . $data['topic_id']);
}
// Update the posts table
if (isset($sql_data['post']['sql']))
if (isset($sql_data[POSTS_TABLE]['sql']))
{
$db->sql_query('UPDATE ' . POSTS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_data['post']['sql']) . '
SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . '
WHERE post_id = ' . $data['post_id']);
}
@ -2017,7 +1993,7 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
// We get the last post information not for posting or replying, we can assume the correct params here, which is much faster
if ($post_mode == 'edit_last_post')
{
$sql_data['forum']['stat'][] = implode(', ', update_last_post_information('forum', $data['forum_id']));
$sql_data[FORUMS_TABLE]['stat'][] = implode(', ', update_last_post_information('forum', $data['forum_id']));
}
else if (!$auth->acl_get('f_moderate', $data['forum_id']))
{
@ -2025,24 +2001,32 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
$update_sql .= ", forum_last_post_time = $current_time";
$update_sql .= ', forum_last_poster_id = ' . $user->data['user_id'];
$update_sql .= ", forum_last_poster_name = '" . (($user->data['user_id'] == ANONYMOUS) ? $db->sql_escape(stripslashes($username)) : $db->sql_escape($user->data['username'])) . "'";
$sql_data['forum']['stat'][] = $update_sql;
$sql_data[FORUMS_TABLE]['stat'][] = $update_sql;
}
}
$sql_data['topic']['stat'][] = implode(', ', update_last_post_information('topic', $data['topic_id']));
$update = update_last_post_information('topic', $data['topic_id']);
if (sizeof($update))
{
$sql_data[TOPICS_TABLE]['stat'][] = implode(', ', $update);
}
}
if ($make_global)
{
$sql_data['forum']['stat'][] = implode(', ', update_last_post_information('forum', $data['forum_id']));
$sql_data[FORUMS_TABLE]['stat'][] = implode(', ', update_last_post_information('forum', $data['forum_id']));
}
if ($post_mode == 'edit_topic')
{
$sql_data['topic']['stat'] = implode(', ', update_last_post_information('topic', $data['topic_id']));
$update = update_last_post_information('topic', $data['topic_id']);
if (sizeof($update))
{
$sql_data[TOPICS_TABLE]['stat'][] = implode(', ', $update);
}
}
// Update total post count, do not consider moderated posts/topics
// Mental Note: adjust Resync Stats in admin index if you delete these comments.
if (!$auth->acl_get('f_moderate', $data['forum_id']))
{
if ($post_mode == 'post')
@ -2060,32 +2044,14 @@ function submit_post($mode, $message, $subject, $username, $topic_type, $bbcode_
// Update forum stats
$db->sql_transaction();
if (implode('', $sql_data['post']['stat']) != '')
{
$db->sql_query('UPDATE ' . POSTS_TABLE . '
SET ' . implode(', ', $sql_data['post']['stat']) . '
WHERE post_id = ' . $data['post_id']);
}
$where_sql = array(POSTS_TABLE => 'post_id = ' . $data['post_id'], TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], USERS_TABLE => 'user_id = ' . $user->data['user_id']);
if (implode('', $sql_data['topic']['stat']) != '')
foreach ($sql_data as $table => $update_ary)
{
$db->sql_query('UPDATE ' . TOPICS_TABLE . '
SET ' . implode(', ', $sql_data['topic']['stat']) . '
WHERE topic_id = ' . $data['topic_id']);
}
if (implode('', $sql_data['forum']['stat']) != '')
{
$db->sql_query('UPDATE ' . FORUMS_TABLE . '
SET ' . implode(', ', $sql_data['forum']['stat']) . '
WHERE forum_id = ' . $data['forum_id']);
}
if (implode('', $sql_data['user']['stat']) != '')
{
$db->sql_query('UPDATE ' . USERS_TABLE . '
SET ' . implode(', ', $sql_data['user']['stat']) . '
WHERE user_id = ' . $user->data['user_id']);
if (implode('', $update_ary['stat']) != '')
{
$db->sql_query("UPDATE $table SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table]);
}
}
// Fulltext parse