diff --git a/phpBB/includes/forums_display.php b/phpBB/includes/forums_display.php index d995afc9de..e9e7a2ac45 100644 --- a/phpBB/includes/forums_display.php +++ b/phpBB/includes/forums_display.php @@ -45,12 +45,12 @@ foreach ($forum_rows as $row) unset($stored_cat); } - if ($auth->get_acl($forum_id, 'forum', 'list')) + if ($auth->acl_get('f_list', $forum_id)) { switch ($forum_status) { case ITEM_CATEGORY: - $folder_image = $theme['forum_locked']; + $folder_image = $theme['sub_forum']; $folder_alt = $lang['Category']; break; diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 7ba27c61c2..b45eced074 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -68,6 +68,11 @@ function get_db_stat($mode) return false; } +function sql_quote($msg) +{ + return str_replace('\'', '\'\'', $msg); +} + function get_userdata($user) { global $db; @@ -75,7 +80,7 @@ function get_userdata($user) $sql = "SELECT * FROM " . USERS_TABLE . " WHERE "; - $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS; + $sql .= ( ( is_int($user) ) ? "user_id = $user" : "username = '" . sql_quote($user) . "'" ) . " AND user_id <> " . ANONYMOUS; $result = $db->sql_query($sql); return ( $row = $db->sql_fetchrow($result) ) ? $row : false; @@ -129,30 +134,26 @@ function get_moderators(&$forum_moderators, $forum_id = false) $sql = "SELECT au.forum_id, u.user_id, u.username FROM " . ACL_USERS_TABLE . " au, " . ACL_OPTIONS_TABLE . " ao, " . USERS_TABLE . " u - WHERE ao.auth_value LIKE 'mod_%' + WHERE ao.auth_value = 'm_global' $forum_sql AND au.auth_option_id = ao.auth_option_id - AND u.user_id = au.user_id - GROUP BY au.forum_id, u.user_id, u.username - ORDER BY au.forum_id, u.user_id"; + AND u.user_id = au.user_id"; $result = $db->sql_query($sql); - while( $row = $db->sql_fetchrow($result) ) + while ( $row = $db->sql_fetchrow($result) ) { $forum_moderators[$row['forum_id']][] = '' . $row['username'] . ''; } $sql = "SELECT au.forum_id, g.group_id, g.group_name FROM " . ACL_GROUPS_TABLE . " au, " . ACL_OPTIONS_TABLE . " ao, " . GROUPS_TABLE . " g - WHERE ao.auth_value LIKE 'mod_%' + WHERE ao.auth_value = 'm_global' $forum_sql AND au.auth_option_id = ao.auth_option_id - AND g.group_id = au.group_id - GROUP BY au.forum_id, g.group_id, g.group_name - ORDER BY au.forum_id, g.group_id"; + AND g.group_id = au.group_id"; $result = $db->sql_query($sql); - while( $row = $db->sql_fetchrow($result) ) + while ( $row = $db->sql_fetchrow($result) ) { $forum_moderators[$row['forum_id']][] = '' . $row['group_name'] . ''; } @@ -167,13 +168,13 @@ function get_forum_rules($mode, &$rules, &$forum_id) { global $SID, $auth, $lang, $phpEx; - $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'post') ) ? $lang['Rules_post_can'] : $lang['Rules_post_cannot'] ) . '
'; - $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'reply') ) ? $lang['Rules_reply_can'] : $lang['Rules_reply_cannot'] ) . '
'; - $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'edit') ) ? $lang['Rules_edit_can'] : $lang['Rules_edit_cannot'] ) . '
'; - $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'delete') || $auth->get_acl($forum_id, 'mod', 'delete') ) ? $lang['Rules_delete_can'] : $lang['Rules_delete_cannot'] ) . '
'; - $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'attach') ) ? $lang['Rules_attach_can'] : $lang['Rules_attach_cannot'] ) . '
'; + $rules .= ( ( $auth->acl_get('f_post', $forum_id) ) ? $lang['Rules_post_can'] : $lang['Rules_post_cannot'] ) . '
'; + $rules .= ( ( $auth->acl_get('f_reply', $forum_id) ) ? $lang['Rules_reply_can'] : $lang['Rules_reply_cannot'] ) . '
'; + $rules .= ( ( $auth->acl_get('f_edit', $forum_id) ) ? $lang['Rules_edit_can'] : $lang['Rules_edit_cannot'] ) . '
'; + $rules .= ( ( $auth->acl_get('f_delete', $forum_id) || $auth->acl_get('m_delete', $forum_id) ) ? $lang['Rules_delete_can'] : $lang['Rules_delete_cannot'] ) . '
'; + $rules .= ( ( $auth->acl_get('f_attach', $forum_id) ) ? $lang['Rules_attach_can'] : $lang['Rules_attach_cannot'] ) . '
'; - if ( $auth->get_acl($forum_id, 'mod') ) + if ( $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id) ) { $rules .= sprintf($lang['Rules_moderate'], '', ''); } @@ -181,63 +182,45 @@ function get_forum_rules($mode, &$rules, &$forum_id) return; } -function make_jumpbox($action, $match_forum_id = 0) +function make_jumpbox($action, $forum_id = false) { - global $SID, $auth, $template, $lang, $db, $nav_links, $phpEx; + global $auth, $template, $lang, $db, $nav_links, $phpEx; -// $sql = "SELECT f.*, p.post_time, p.post_username, u.username, u.user_id -// FROM (( " . FORUMS_TABLE . " f -// LEFT JOIN " . POSTS_TABLE . " p ON p.post_id = f.forum_last_post_id ) -// LEFT JOIN " . USERS_TABLE . " u ON u.user_id = p.poster_id ) -// ORDER BY f.forum_id"; -// $result = $db->sql_query($sql); + $boxstring = ''; - - $forum_rows = array(); - do + if ( $auth->acl_get('f_list', $forum_id) || $auth->acl_get('a_') ) { - if ( $row['forum_status'] == 2 ) + if ( $row['left_id'] < $right ) { - $boxstring .= ''; - $boxstring .= ''; - $boxstring .= ''; + $subforum .= '   '; } - else + else if ( $row['left_id'] > $right + 1 ) { - if ( $row['forum_left_id'] > $last_forum_right_id ) - { - if ( $auth->get_acl($row['forum_id'], 'forum', 'list') ) - { - $selected = ( $row['forum_id'] == $match_forum_id ) ? 'selected="selected"' : ''; - $boxstring .= ''; + $subforum = substr($subforum, 0, -13 * ( $row['left_id'] - $right + 1 )); + } - // - // Add an array to $nav_links for the Mozilla navigation bar. - // 'chapter' and 'forum' can create multiple items, therefore we are using a nested array. - // - $nav_links['chapter forum'][$row['forum_id']] = array ( - 'url' => "viewforum.$phpEx$SID&f=" . $row['forum_id'], - 'title' => $row['forum_name'] - ); - } - } - } + $right = $row['right_id']; + + $selected = ( $row['forum_id'] == $forum_id ) ? 'selected="selected"' : ''; + $boxstring .= ''; + + $nav_links['chapter forum'][$row['forum_id']] = array ( + 'url' => "viewforum.$phpEx$SID&f=" . $row['forum_id'], + 'title' => $row['forum_name'] + ); } - while( $row = $db->sql_fetchrow($result) ); - - $boxstring .= ''; - } - else - { - $boxstring .= ''; - } - - $boxstring .= ''; - + $db->sql_freeresult($result); +*/ $template->assign_vars(array( 'L_GO' => $lang['Go'], 'L_JUMP_TO' => $lang['Jump_to'], @@ -334,7 +317,7 @@ function tz_select($default, $select_name = 'timezone') // function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $match_id) { - global $template, $db, $lang, $HTTP_GET_VARS, $phpEx, $SID, $start; + global $template, $db, $lang, $phpEx, $SID, $start; $table_sql = ( $mode == 'forum' ) ? FORUMS_WATCH_TABLE : TOPICS_WATCH_TABLE; $where_sql = ( $mode == 'forum' ) ? 'forum_id' : 'topic_id'; @@ -355,9 +338,9 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat if ( $row = $db->sql_fetchrow($result) ) { - if ( isset($HTTP_GET_VARS['unwatch']) ) + if ( isset($_GET['unwatch']) ) { - if ( $HTTP_GET_VARS['unwatch'] == $mode ) + if ( $_GET['unwatch'] == $mode ) { $is_watching = 0; @@ -390,9 +373,9 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat } else { - if ( isset($HTTP_GET_VARS['watch']) ) + if ( isset($_GET['watch']) ) { - if ( $HTTP_GET_VARS['watch'] == $mode ) + if ( $_GET['watch'] == $mode ) { $is_watching = TRUE; @@ -416,9 +399,9 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat } else { - if ( isset($HTTP_GET_VARS['unwatch']) ) + if ( isset($_GET['unwatch']) ) { - if ( $HTTP_GET_VARS['unwatch'] == $mode ) + if ( $_GET['unwatch'] == $mode ) { $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . "login.$phpEx$SID&redirect=view$mode.$phpEx&" . $u_url . "=$match_id&unwatch=forum"); @@ -567,11 +550,9 @@ function format_subforums_list($subforums) return implode(', ', $links); } -// // Obtain list of naughty words and build preg style replacement arrays for use by the // calling script, note that the vars are passed as references this just makes it easier // to return both sets of arrays -// function obtain_word_list(&$orig_word, &$replacement_word) { global $db; @@ -604,8 +585,8 @@ function obtain_word_list(&$orig_word, &$replacement_word) // $errno, $errstr, $errfile, $errline function message_die($msg_code, $msg_text = '', $msg_title = '') { - global $db, $session, $auth, $template, $board_config, $theme, $lang, $userdata, $user_ip; - global $phpEx, $phpbb_root_path, $nav_links, $starttime; + global $db, $session, $auth, $template, $board_config, $theme, $lang, $user; + global $userdata, $user_ip, $phpEx, $phpbb_root_path, $nav_links, $starttime; switch ( $msg_code ) { @@ -673,4 +654,79 @@ function message_die($msg_code, $msg_text = '', $msg_title = '') exit; } +// Error and message handler, call with trigger_error if reqd +function msg_handler($errno, $msg_text, $errfile, $errline) +{ + global $db, $session, $auth, $template, $board_config, $theme, $lang, $userdata, $user_ip; + global $phpEx, $phpbb_root_path, $nav_links, $starttime; + + switch ( $errno ) + { + case E_WARNING: + break; + + case E_NOTICE: + break; + + case E_ERROR: + case E_USER_ERROR: + echo 'phpBB 2 :: General Error' . "\n"; + echo '

phpBB2 :: General Error

' . $msg_text . '

Contact the site administrator to report this failure

'; + $db->sql_close(); + break; + + case E_USER_NOTICE: + if ( empty($lang) && !empty($board_config['default_lang']) ) + { + if ( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx) ) + { + $board_config['default_lang'] = 'english'; + } + + include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx); + } + + $msg_text = ( !empty($lang[$msg_text]) ) ? $lang[$msg_text] : $msg_text; + + if ( !defined('HEADER_INC') ) + { + if ( empty($userdata) ) + { + echo '' . $lang['Information'] . '' . "\n"; + echo '
' . $lang['Information'] . '
' . $msg_text . '
'; + $db->sql_close(); + exit; + } + else if ( defined('IN_ADMIN') ) + { + page_header('', '', false); + } + else + { + include($phpbb_root_path . 'includes/page_header.' . $phpEx); + } + } + + if ( defined('IN_ADMIN') ) + { + page_message($msg_title, $msg_text, $display_header); + page_footer(); + } + else + { + $template->set_filenames(array( + 'body' => 'message_body.html') + ); + + $template->assign_vars(array( + 'MESSAGE_TITLE' => $msg_title, + 'MESSAGE_TEXT' => $msg_text) + ); + + include($phpbb_root_path . 'includes/page_tail.' . $phpEx); + } + break; + } +} + ?> \ No newline at end of file diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index e17a4138a8..c44aa1df40 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -19,35 +19,46 @@ * ***************************************************************************/ -// // Simple version of jumpbox, just lists authed forums -// function make_forum_select($box_name, $ignore_forum = false) { - global $db, $userdata, $acl, $lang; + global $db, $userdata, $auth, $lang; - $sql = "SELECT forum_id, forum_name - FROM " . FORUMS_TABLE . " - ORDER BY cat_id, forum_order"; + $sql = "SELECT forum_id, forum_name, left_id, right_id + FROM " . FORUMS_TABLE . " + ORDER BY left_id ASC"; $result = $db->sql_query($sql); + $right = 0; + $subforum = ''; $forum_list = ''; - while( $row = $db->sql_fetchrow($result) ) + while ( $row = $db->sql_fetchrow($result) ) { - if ( $acl->get_acl($row['forum_id'], 'forum', 'read') && $ignore_forum != $row['forum_id'] ) + if ( ( $auth->acl_get('f_list', $forum_id) || $auth->acl_get('a_') ) && $ignore_forum != $row['forum_id'] ) { - $forum_list .= ''; + if ( $row['left_id'] < $right ) + { + $subforum .= '   '; + } + else if ( $row['left_id'] > $right + 1 ) + { + $subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 )); + } + + $forum_list .= ''; + + $right = $row['right_id']; } + } + $db->sql_freeresult($result); $forum_list = ( $forum_list == '' ) ? '' : ''; return $forum_list; } -// // Synchronise functions for forums/topics -// function sync($type, $id) { global $db; @@ -77,10 +88,10 @@ function sync($type, $id) break; case 'forum': - $sql = "SELECT MAX(p.post_id) AS last_post, COUNT(p.post_id) AS total - FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t - WHERE p.forum_id = $id - AND t.topic_id = p.topic_id + $sql = "SELECT MAX(p.post_id) AS last_post, COUNT(p.post_id) AS total + FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t + WHERE p.forum_id = $id + AND t.topic_id = p.topic_id AND t.topic_status <> " . ITEM_MOVED; $result = $db->sql_query($sql); @@ -97,7 +108,7 @@ function sync($type, $id) $sql = "SELECT COUNT(topic_id) AS total FROM " . TOPICS_TABLE . " - WHERE forum_id = $id + WHERE forum_id = $id AND topic_status <> " . ITEM_MOVED; $result = $db->sql_query($sql); @@ -118,7 +129,7 @@ function sync($type, $id) if ( $row = $db->sql_fetchrow($result) ) { $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " + SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = $id"; $db->sql_query($sql); } @@ -128,7 +139,7 @@ function sync($type, $id) break; } - + return true; } @@ -138,15 +149,13 @@ function prune($forum_id, $prune_date) require_once($phpbb_root_path . 'includes/functions_posting.'.$phpEx); - // // Those without polls ... - // - $sql = "SELECT t.topic_id + $sql = "SELECT t.topic_id FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t WHERE t.forum_id = $forum_id - AND t.topic_vote = 0 - AND t.topic_type <> " . POST_ANNOUNCE . " - AND ( p.post_id = t.topic_last_post_id + AND t.topic_vote = 0 + AND t.topic_type <> " . POST_ANNOUNCE . " + AND ( p.post_id = t.topic_last_post_id OR t.topic_last_post_id = 0 )"; if ( $prune_date != '' ) { @@ -159,12 +168,12 @@ function prune($forum_id, $prune_date) { $sql_topics .= ( ( $sql_topics != '' ) ? ', ' : '' ) . $row['topic_id']; } - + if ( $sql_topics != '' ) { $sql = "SELECT post_id - FROM " . POSTS_TABLE . " - WHERE forum_id = $forum_id + FROM " . POSTS_TABLE . " + WHERE forum_id = $forum_id AND topic_id IN ($sql_topics)"; $result = $db->sql_query($sql); @@ -178,23 +187,23 @@ function prune($forum_id, $prune_date) { $db->sql_transaction(); - $sql = "DELETE FROM " . TOPICS_TABLE . " + $sql = "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id IN ($sql_topics)"; $db->sql_query($sql); $pruned_topics = $db->sql_affectedrows(); - $sql = "DELETE FROM " . POSTS_TABLE . " + $sql = "DELETE FROM " . POSTS_TABLE . " WHERE post_id IN ($sql_post)"; $db->sql_query($sql); $pruned_posts = $db->sql_affectedrows(); - $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " + $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " WHERE post_id IN ($sql_post)"; $db->sql_query($sql); - $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " + $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " WHERE post_id IN ($sql_post)"; $db->sql_query($sql); @@ -209,15 +218,13 @@ function prune($forum_id, $prune_date) return array('topics' => 0, 'posts' => 0); } -// // Function auto_prune(), this function will read the configuration data from // the auto_prune table and call the prune function with the necessary info. -// function auto_prune($forum_id = 0) { global $db, $lang; - $sql = "SELECT prune_freq, prune_days + $sql = "SELECT prune_freq, prune_days FROM " . FORUMS_TABLE . " WHERE forum_id = $forum_id"; $result = $db->sql_query($sql); @@ -232,8 +239,8 @@ function auto_prune($forum_id = 0) prune($forum_id, $prune_date); sync('forum', $forum_id); - $sql = "UPDATE " . FORUMS_TABLE . " - SET prune_next = $next_prune + $sql = "UPDATE " . FORUMS_TABLE . " + SET prune_next = $next_prune WHERE forum_id = $forum_id"; $db->sql_query($sql); } @@ -242,19 +249,8 @@ function auto_prune($forum_id = 0) return; } -/*************************************************************************** -* -* These functions are mainly for use in the db_utilities under the admin -* however in order to make these functions available elsewhere, specifically -* in the installation phase of phpBB I have seperated out a couple of -* functions into this file. JLH -* -\***************************************************************************/ - -// // remove_comments will strip the sql comment lines out of an uploaded sql file // specifically for mssql and postgres type files in the install.... -// function remove_comments(&$output) { $lines = explode("\n", $output); @@ -286,16 +282,14 @@ function remove_comments(&$output) return $output; } -// // remove_remarks will strip the sql comment lines out of an uploaded sql file -// function remove_remarks($sql) { $lines = explode("\n", $sql); - + // try to keep mem. use down $sql = ''; - + $linecount = count($lines); $output = ''; @@ -308,15 +302,13 @@ function remove_remarks($sql) $lines[$i] = ''; } } - + return $output; - + } -// // split_sql_file will split an uploaded sql file into single sql statements. // Note: expects trim() to have already been run on $sql. -// function split_sql_file($sql, $delimiter) { // Split up our string into "possible" SQL statements. @@ -325,10 +317,10 @@ function split_sql_file($sql, $delimiter) // try to save mem. $sql = ''; $output = array(); - + // we don't actually care about the matches preg gives us. $matches = array(); - + // this is faster than calling count($oktens) every time thru the loop. $token_count = count($tokens); for ($i = 0; $i < $token_count; $i++) @@ -338,12 +330,12 @@ function split_sql_file($sql, $delimiter) { // This is the total number of single quotes in the token. $total_quotes = preg_match_all("/'/", $tokens[$i], $matches); - // Counts single quotes that are preceded by an odd number of backslashes, + // Counts single quotes that are preceded by an odd number of backslashes, // which means they're escaped quotes. $escaped_quotes = preg_match_all("/(?sql_query($sql); + + $user_auth = array(); + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $user_auth[$user_id][$row['auth_option_id']] = $row['auth_allow_deny']; + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + + foreach ( $auth as $auth_option_id => $allow ) + { + if ( !empty($user_auth) ) + { + foreach ( $user_auth as $user => $user_auth_ary ) + { + $sql_ary[] = ( !isset($user_auth_ary[$auth_option_id]) ) ? "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option_id, $allow)" : ( ( $user_auth_ary[$auth_option_id] != $allow ) ? "UPDATE " . ACL_USERS_TABLE . " SET auth_allow_deny = $allow WHERE user_id = $user_id AND forum_id = $forum_id AND auth_option_id = $auth_option_id" : '' ); + } + } + else + { + $sql_ary[] = "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option_id, $allow)"; + } + } + + foreach ( $sql_ary as $sql ) + { + $db->sql_query($sql); + } + + unset($user_auth); + unset($sql_ary); + + $this->acl_clear_prefetch(); + } + + function acl_set_group(&$forum_id, &$group_id, &$auth) + { + global $db; + + $forum_sql = "AND a.forum_id IN ($forum_id, 0)"; + + $sql = "SELECT o.auth_option_id, o.auth_value, a.auth_allow_deny + FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o + WHERE a.auth_option_id = o.auth_option_id + $forum_sql + AND a.group_id = $group_id"; + $result = $db->sql_query($sql); + + $group_auth = array(); + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $group_auth[$group_id][$row['auth_option_id']] = $row['auth_allow_deny']; + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + + foreach ( $auth as $auth_option_id => $allow ) + { + if ( !empty($group_auth) ) + { + foreach ( $group_auth as $group => $group_auth_ary ) + { + $sql_ary[] = ( !isset($group_auth_ary[$auth_option_id]) ) ? "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option_id, $allow)" : ( ( $group_auth_ary[$auth_option_id] != $allow ) ? "UPDATE " . ACL_GROUPS_TABLE . " SET auth_allow_deny = $allow WHERE group_id = $group_id AND forum_id = $forum_id and auth_option_id = $auth_option_id" : '' ); + } + } + else + { + $sql_ary[] = "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option_id, $allow)"; + } + } + + foreach ( $sql_ary as $sql ) + { + $db->sql_query($sql); + } + + unset($group_auth); + unset($sql_ary); + + $this->acl_clear_prefetch(); + } + + function acl_delete_user($forum_id, $user_id, $auth_ids = false) + { + global $db; + + $auth_sql = ''; + if ( $auth_ids ) + { + for($i = 0; $i < count($auth_ids); $i++) + { + $auth_sql .= ( ( $auth_sql != '' ) ? ', ' : '' ) . $auth_ids[$i]; + } + $auth_sql = " AND auth_option_id IN ($auth_sql)"; + } + + $sql = "DELETE FROM " . ACL_USERS_TABLE . " + WHERE user_id = $user_id + AND forum_id = $forum_id + $auth_sql"; + $db->sql_query($sql); + + $this->acl_clear_prefetch(); + } + + function acl_delete_group($forum_id, $group_id, $auth_type = false) + { + global $db; + + $auth_sql = ''; + if ( $auth_ids ) + { + for($i = 0; $i < count($auth_ids); $i++) + { + $auth_sql .= ( ( $auth_sql != '' ) ? ', ' : '' ) . $auth_ids[$i]; + } + $auth_sql = " AND auth_option_id IN ($auth_sql)"; + } + + $sql = "DELETE FROM " . ACL_GROUPS_TABLE . " + WHERE group_id = $group_id + AND forum_id = $forum_id + $auth_sql"; + $db->sql_query($sql); + + $this->acl_clear_prefetch(); + } + + function acl_clear_prefetch() + { + global $db; + + $sql = "UPDATE " . USERS_TABLE . " + SET user_permissions = ''"; + $db->sql_query($sql); + + return; + } +} + ?> \ No newline at end of file diff --git a/phpBB/includes/page_header.php b/phpBB/includes/page_header.php index 71e00c0958..e813254fbe 100644 --- a/phpBB/includes/page_header.php +++ b/phpBB/includes/page_header.php @@ -48,7 +48,7 @@ else } // Last visit date/time -$s_last_visit = ( $userdata['user_id'] ) ? create_date($board_config['default_dateformat'], $userdata['session_last_visit'], $board_config['board_timezone']) : ''; +$s_last_visit = ( $userdata['user_id'] ) ? $user->format_date($userdata['session_last_visit']) : ''; // Timezone : $user->dst $s_timezone = ( $userdata['user_dst'] ) ? sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])], $lang['tz']['dst']) : sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])], ''); @@ -64,7 +64,7 @@ $online_userlist = ''; $prev_user_id = 0; $prev_user_ip = ''; -// && $auth->get_acl('forum', 'read', $_GET['f']) +// && $auth->acl_get('forum', 'read', $_GET['f']) $user_forum_sql = ( empty($_GET['f'])) ? '' : "AND s.session_page LIKE '%f=" . intval($_GET['f']) . "%'"; $sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_colour, s.session_ip FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE ." s @@ -98,7 +98,7 @@ while( $row = $db->sql_fetchrow($result) ) $logged_hidden_online++; } - if ( $row['user_allow_viewonline'] || $auth->get_acl_admin() ) + if ( $row['user_allow_viewonline'] || $auth->acl_get('a_') ) { $online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link; } @@ -292,10 +292,10 @@ $template->assign_vars(array( 'SITE_DESCRIPTION' => $board_config['site_desc'], 'PAGE_TITLE' => $page_title, 'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit), - 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])), + 'CURRENT_TIME' => sprintf($lang['Current_time'], $user->format_date(time())), 'TOTAL_USERS_ONLINE' => $l_online_users, 'LOGGED_IN_USER_LIST' => $online_userlist, - 'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], create_date($board_config['default_dateformat'], $board_config['record_online_date'], $board_config['board_timezone'])), + 'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], $user->format_date($$board_config['record_online_date'])), 'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text, 'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread, 'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new, diff --git a/phpBB/includes/page_tail.php b/phpBB/includes/page_tail.php index 80742d05f7..58706a2cc6 100644 --- a/phpBB/includes/page_tail.php +++ b/phpBB/includes/page_tail.php @@ -45,7 +45,7 @@ if (defined('DEBUG')) $template->assign_vars(array( 'PHPBB_VERSION' => $board_config['version'], - 'ADMIN_LINK' => ( $auth->get_acl_admin() ) ? '' . $lang['Admin_panel'] . '

' : '', + 'ADMIN_LINK' => ( $auth->acl_get('a_') ) ? '' . $lang['Admin_panel'] . '

' : '', 'DEBUG_OUTPUT' => ( defined('DEBUG') ) ? $debug_output : '') ); diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 59216d0c5e..ed2bc840a8 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -205,10 +205,10 @@ class session { $this->set_cookie('sid', $this->session_id, 0); $SID = '?sid=' . $this->session_id; - // Events ... + // Events ... ? if ( $userdata['user_id'] ) { -// do_events(); +// do_events('days'); } return $userdata; @@ -299,55 +299,6 @@ class session { setcookie($board_config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); } - - // Taken over by user class ... for now at least - function configure($userdata, $lang_set = false) - { - global $db, $template, $lang, $board_config, $theme, $images; - global $phpEx, $phpbb_root_path; - - if ( $userdata['user_id'] ) - { - $board_config['default_lang'] = ( file_exists($phpbb_root_path . 'language/lang_' . $userdata['user_lang']) ) ? $userdata['user_lang'] : $board_config['default_lang']; - $board_config['default_dateformat'] = $userdata['user_dateformat']; - $board_config['board_timezone'] = $userdata['user_timezone']; - } - - include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx); - if ( defined('IN_ADMIN') ) - { - include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx); - } - - // Set up style - $style = ( !$board_config['override_user_style'] && $userdata['user_id'] ) ? $userdata['user_style'] : $board_config['default_style']; - - $sql = "SELECT t.template_path, t.poll_length, t.pm_box_length, c.css_data, c.css_external, i.* - FROM " . STYLES_TABLE . " s, " . STYLES_TPL_TABLE . " t, " . STYLES_CSS_TABLE . " c, " . STYLES_IMAGE_TABLE . " i - WHERE s.style_id = $style - AND t.template_id = s.template_id - AND c.theme_id = s.style_id - AND i.imageset_id = s.imageset_id"; - $result = $db->sql_query($sql); - - if ( !($theme = $db->sql_fetchrow($result)) ) - { - message_die(ERROR, 'Could not get style data'); - } - - $template->set_template($theme['template_path']); - - $img_lang = ( file_exists('imageset/' . $theme['imageset_path'] . '/lang_' . $board_config['default_lang']) ) ? $board_config['default_lang'] : 'english'; - - $i10n = array('post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_quote', 'icon_edit', 'icon_search', 'icon_profile', 'icon_pm', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_delete', 'icon_ip', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm'); - - foreach ( $i10n as $icon ) - { - $theme[$icon] = str_replace('{LANG}', 'lang_' . $img_lang, $theme[$icon]); - } - - return; - } } // Contains (at present) basic user methods such as configuration @@ -356,7 +307,6 @@ class user { var $lang_name; var $lang_path; - var $date_format; var $timezone; var $dst; @@ -369,14 +319,17 @@ class user if ( $userdata['user_id'] ) { $this->lang_name = ( file_exists($phpbb_root_path . 'language/' . $userdata['user_lang']) ) ? $userdata['user_lang'] : $board_config['default_lang']; - $this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name; + $this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/'; $this->date_format = $userdata['user_dateformat']; - $this->timezone = $userdata['user_timezone']; + $this->timezone = $userdata['user_timezone'] * 3600; $this->dst = $userdata['user_dst'] * 3600; } else if ( isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ) { + $this->lang_name = $board_config['default_lang']; + $this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/'; + $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); foreach ( $accept_lang_ary as $accept_lang ) { @@ -385,7 +338,7 @@ class user if ( file_exists($phpbb_root_path . 'language/' . $accept_lang) ) { $this->lang_name = $accept_lang; - $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang; + $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang . '/'; break; } else @@ -395,21 +348,21 @@ class user if ( file_exists($phpbb_root_path . 'language/' . $accept_lang) ) { $this->lang_name = $accept_lang; - $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang; + $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang . '/'; break; } } } $this->date_format = $board_config['default_dateformat']; - $this->timezone = $board_config['board_timezone']; + $this->timezone = $board_config['board_timezone'] * 3600; $this->dst = 0; } - include($this->lang_path . '/lang_main.' . $phpEx); + include($this->lang_path . 'lang_main.' . $phpEx); if ( defined('IN_ADMIN') ) { - include($this->lang_path . '/lang_admin.' . $phpEx); + include($this->lang_path . 'lang_admin.' . $phpEx); } /* if ( is_array($lang_set) ) @@ -447,7 +400,7 @@ class user $template->set_template($theme['template_path']); - $img_lang = ( file_exists('imageset/' . $theme['imageset_path'] . '/' . $this->lang_name) ) ? $this->lang_name : $board_config['default_lang']; + $img_lang = ( file_exists('imagesets/' . $theme['imageset_path'] . '/' . $this->lang_name) ) ? $this->lang_name : $board_config['default_lang']; $i10n = array('post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_quote', 'icon_edit', 'icon_search', 'icon_profile', 'icon_pm', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_delete', 'icon_ip', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm'); @@ -459,7 +412,7 @@ class user return; } - function format_date($gmepoch) + function format_date($gmepoch, $format = false) { global $lang; static $lang_dates; @@ -472,7 +425,8 @@ class user } } - return strtr(@gmdate($this->date_format, $gmepoch + (3600 * $this->timezone) + $this->dst), $lang_dates); + $format = ( !$format ) ? $this->date_format : $format; + return strtr(@gmdate($format, $gmepoch + $this->timezone + $this->dst), $lang_dates); } } @@ -482,74 +436,114 @@ class auth { var $founder = false; var $acl = false; + var $options = array(); - function acl(&$userdata, $forum_id = false, $extra_options = false) + function acl(&$userdata, $forum_id = false, $options = false) { global $db; if ( !($this->founder = $userdata['user_founder']) ) { - $and_sql = "ao.auth_value LIKE 'forum_list'"; + $in_sql = '\'a_\', \'f_list\''; - if ( $extra_options ) + if ( $options ) { - $tmp_ary = explode(',', $extra_options); - foreach ( $tmp_ary as $option ) + if ( is_array($options) ) { - $and_sql .= " OR ao.auth_value LIKE '" . trim($option) . "'"; + foreach ( $options as $option ) + { + $in_sql .= ', \'' . $option . '\''; + } + } + else + { + $or_sql = " OR auth_value LIKE '$option%'"; } } - $and_sql = ( !$forum_id ) ? $and_sql : "( a.forum_id = $forum_id ) OR ( a.forum_id <> $forum_id AND ( ao.auth_value LIKE 'forum_list' OR ao.auth_value LIKE 'mod_%' ) )"; - $and_sql .= " OR ao.auth_value LIKE 'admin_%'"; +// $in_sql = ( !$forum_id ) ? "ao.auth_value IN ($in_sql)" : "( a.forum_id = $forum_id OR ao.auth_value IN ('a_', 'f_list') )"; +// $mtime = explode(' ', microtime()); +// $starttime = $mtime[1] + $mtime[0]; + + // The possible alternative here is to store the options in a file + // (perhaps with the other config data) and do away with this query. + $sql = "SELECT auth_option_id, auth_value + FROM " . ACL_OPTIONS_TABLE . " + WHERE auth_value IN ($in_sql) $or_sql"; + $result = $db->sql_query($sql); + + while ( $row = $db->sql_fetchrow($result) ) + { + $this->options[$row['auth_value']] = $row['auth_option_id']; + } + $db->sql_freeresult($result); + + // This is preliminary and can no doubt be improved. The 12 in + // the chunk_split relates to the current 96bits (12 bytes) per forum + if ( !empty($userdata['user_permissions']) ) + { + $permissions = explode("\r\n", chunk_split($userdata['user_permissions'], 12)); + + foreach ( $permissions as $data ) + { + $temp = explode("\r\n", chunk_split($data, 1)); + + $forum_id = bindec(str_pad(decbin(ord(array_shift($temp))), 8, 0, STR_PAD_LEFT) . str_pad(decbin(ord(array_shift($temp))), 8, 0, STR_PAD_LEFT)); + + foreach ( $temp as $char ) + { + $this->acl[$forum_id] .= str_pad(decbin(ord($char)), 8, 0, STR_PAD_LEFT); + } + } + } + else + { + $this->acl_cache($userdata); + } + +// $mtime = explode(' ', microtime()); +// echo $mtime[1] + $mtime[0] - $starttime . " :: "; + +/* $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_value FROM " . ACL_PREFETCH_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao WHERE a.user_id = " . $userdata['user_id'] . " - AND ao.auth_option_id = a.auth_option_id - AND ( $and_sql )"; + AND $in_sql + AND ao.auth_option_id = a.auth_option_id"; $result = $db->sql_query($sql); if ( $row = $db->sql_fetchrow($result) ) { do { - // Why do we explode this? Because there are places we want to see - // whether any forum option is set rather than a specifc one - // by breaking apart the type from what it applies to we can easily determine - // this ... is there a better soln? - list($auth_main, $auth_type) = explode('_', $row['auth_value']); - $this->acl[$row['forum_id']][$auth_main][$auth_type] = $row['auth_allow_deny']; + $this->acl[$row['forum_id']][$row['auth_value']] = $row['auth_allow_deny']; } while ( $row = $db->sql_fetchrow($result) ); } else { - $this->cache_acl($userdata); + $this->acl_cache($userdata); } +*/ } return; } // Look up an option - function get_acl($forum_id, $auth_main, $auth_type = false) + function acl_get($option, $forum_id = 0) { - return ( $auth_main && $auth_type ) ? ( ( $this->founder || $this->acl[0]['admin'] ) ? true : $this->acl[$forum_id][$auth_main][$auth_type] ) : $this->acl[$forum_id][$auth_main]; - } - - // Is this needed? - function get_acl_admin($auth_type = false) - { - return ( $this->founder ) ? true : $this->get_acl(0, 'admin', $auth_type); + return ( $this->founder ) ? true : substr($this->acl[$forum_id], $this->options[$option], 1); +// return ( $this->founder ) ? true : $this->acl[$forum_id][$option]; } // Cache data - function cache_acl(&$userdata) + function acl_cache(&$userdata) { global $db; - $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_value + $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_option_id, ao.auth_value FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao, " . USER_GROUP_TABLE . " ug WHERE ug.user_id = " . $userdata['user_id'] . " AND a.group_id = ug.group_id @@ -560,23 +554,21 @@ class auth { do { - list($type, $option) = explode('_', $row['auth_value']); - - switch ( $this->acl[$row['forum_id']][$type][$option] ) + switch ( $this->acl[$row['forum_id']][$row['auth_option_id']] ) { case ACL_PERMIT: case ACL_DENY: case ACL_PREVENT: break; default: - $this->acl[$row['forum_id']][$type][$option] = $row['auth_allow_deny']; + $this->acl[$row['forum_id']][$row['auth_option_id']] = $row['auth_allow_deny']; } } while ( $row = $db->sql_fetchrow($result) ); } $db->sql_freeresult($result); - $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_value + $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_option_id, ao.auth_value FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao WHERE a.user_id = " . $userdata['user_id'] . " AND ao.auth_option_id = a.auth_option_id"; @@ -586,15 +578,13 @@ class auth { do { - list($type, $option) = explode('_', $row['auth_value']); - - switch ( $this->acl[$row['forum_id']][$type][$option] ) + switch ( $this->acl[$row['forum_id']][$row['auth_option_id']] ) { case ACL_PERMIT: case ACL_PREVENT: break; default: - $this->acl[$row['forum_id']][$type][$option] = $row['auth_allow_deny']; + $this->acl[$row['forum_id']][$row['auth_option_id']] = $row['auth_allow_deny']; break; } } @@ -606,161 +596,60 @@ class auth { foreach ( $this->acl as $forum_id => $auth_ary ) { - foreach ( $auth_ary as $type => $option_ary ) + foreach ( $auth_ary as $type => $value ) { - foreach ( $option_ary as $option => $value ) + if ( $value == ACL_ALLOW || $value == ACL_PERMIT ) { - switch ( $value ) - { - case ACL_ALLOW: - case ACL_PERMIT: - $this->acl[$forum_id][$type][$option] = 1; - break; - case ACL_DENY: - case ACL_PREVENT: - $this->acl[$forum_id][$type][$option] = 0; - break; - } + $this->acl[$forum_id][$type] = 1; + $insert_sql[$forum_id][1][] = $type; + } + else + { + $this->acl[$forum_id][$type] = 0; + $insert_sql[$forum_id][0][] = $type; } } } } - // Insert pre-calculated results ... - - } - - // Could these go into an admin only extends since this is only used for the admin - // panel (and perhaps the MCP in future)? Would need to instantiate that class rather - // than (or in addition to) auth if we do (which is done in common ...) - function set_acl_user(&$forum_id, &$user_id, &$auth, $dependencies = false) - { - global $db; - - $forum_sql = ( $forum_id ) ? "AND a.forum_id IN ($forum_id, 0)" : ''; - - $sql = "SELECT o.auth_option_id, a.auth_allow_deny FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o, " . USERS_TABLE . " u WHERE a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND a.user_id = $user_id"; - $result = $db->sql_query($sql); - - $user_auth = array(); - if ( $row = $db->sql_fetchrow($result) ) + $userdata['user_permissions'] = ''; + foreach ( $insert_sql as $forum_id => $insert_ary ) { - do + $temp = array(); + + for($i = 0; $i < 80; $i++) { - $user_auth[$user_id][$row['auth_option_id']] = $row['auth_allow_deny']; + $temp[] = ( isset($this->acl[$forum_id][$i]) ) ? $this->acl[$forum_id][$i] : 0; } - while ( $row = $db->sql_fetchrow($result) ); - } - $db->sql_freeresult($result); - - foreach ( $auth as $auth_option_id => $allow ) - { - if ( !empty($user_auth) ) +/* + foreach ( $insert_ary as $allow => $option_ary ) { - foreach ( $user_auth as $user => $user_auth_ary ) + $sql = ''; + + foreach ( $option_ary as $option ) { - $sql_ary[] = ( !isset($user_auth_ary[$auth_option_id]) ) ? "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option_id, $allow)" : ( ( $user_auth_ary[$auth_option_id] != $allow ) ? "UPDATE " . ACL_USERS_TABLE . " SET auth_allow_deny = $allow WHERE user_id = $user_id AND forum_id = $forum_id AND auth_option_id = $auth_option_id" : '' ); + $sql .= ( ( $sql != '' ) ? ', ' : '' ) . '\'' . $option . '\''; } + + $sql = "INSERT INTO " . ACL_PREFETCH_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT " . $userdata['user_id'] . ", $forum_id, auth_option_id, $allow FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value IN ($sql)"; + $db->sql_query($sql); } - else +*/ + $bitstring = explode("\r\n", chunk_split(str_pad(decbin($forum_id), 16, 0, STR_PAD_LEFT) . implode('', $temp), 8)); + array_pop($bitstring); + + foreach ( $bitstring as $byte ) { - $sql_ary[] = "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option_id, $allow)"; + $userdata['user_permissions'] .= chr(bindec($byte)); } } - foreach ( $sql_ary as $sql ) - { - $db->sql_query($sql); - } - - unset($user_auth); - unset($sql_ary); - } - - function set_acl_group(&$forum_id, &$group_id, &$auth, $dependencies = false) - { - global $db; - - $forum_sql = "AND a.forum_id IN ($forum_id, 0)"; - - $sql = "SELECT o.auth_option_id, a.auth_allow_deny FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.group_id = $group_id"; - $result = $db->sql_query($sql); - - $group_auth = array(); - if ( $row = $db->sql_fetchrow($result) ) - { - do - { - $group_auth[$group_id][$row['auth_option_id']] = $row['auth_allow_deny']; - } - while ( $row = $db->sql_fetchrow($result) ); - } - $db->sql_freeresult($result); - - foreach ( $auth as $auth_option_id => $allow ) - { - if ( !empty($group_auth) ) - { - foreach ( $group_auth as $group => $group_auth_ary ) - { - $sql_ary[] = ( !isset($group_auth_ary[$auth_option_id]) ) ? "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option_id, $allow)" : ( ( $group_auth_ary[$auth_option_id] != $allow ) ? "UPDATE " . ACL_GROUPS_TABLE . " SET auth_allow_deny = $allow WHERE group_id = $group_id AND forum_id = $forum_id and auth_option_id = $auth_option_id" : '' ); - } - } - else - { - $sql_ary[] = "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option_id, $allow)"; - } - } - - foreach ( $sql_ary as $sql ) - { - $db->sql_query($sql); - } - - unset($group_auth); - unset($sql_ary); - } - - function delete_acl_user($forum_id, $user_id, $auth_ids = false) - { - global $db; - - $auth_sql = ''; - if ( $auth_ids ) - { - for($i = 0; $i < count($auth_ids); $i++) - { - $auth_sql .= ( ( $auth_sql != '' ) ? ', ' : '' ) . $auth_ids[$i]; - } - $auth_sql = " AND auth_option_id IN ($auth_sql)"; - } - - $sql = "DELETE FROM " . ACL_USERS_TABLE . " - WHERE user_id = $user_id - AND forum_id = $forum_id - $auth_sql"; + $sql = "UPDATE " . USERS_TABLE . " + SET user_permissions = '" . addslashes($userdata['user_permissions']) . "' + WHERE user_id = " . $userdata['user_id']; $db->sql_query($sql); - } - function delete_acl_group($forum_id, $group_id, $auth_type = false) - { - global $db; - - $auth_sql = ''; - if ( $auth_ids ) - { - for($i = 0; $i < count($auth_ids); $i++) - { - $auth_sql .= ( ( $auth_sql != '' ) ? ', ' : '' ) . $auth_ids[$i]; - } - $auth_sql = " AND auth_option_id IN ($auth_sql)"; - } - - $sql = "DELETE FROM " . ACL_GROUPS_TABLE . " - WHERE group_id = $group_id - AND forum_id = $forum_id - $auth_sql"; - $db->sql_query($sql); + return; } // Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. @@ -784,7 +673,7 @@ class auth $autologin = ( isset($autologin) ) ? md5($password) : ''; - return ( $user['user_active'] ) ? $session->create($user['user_id'], $autologin) : false; + return ( $user['user_active'] ) ? $session->create($user['user_id'], $autologin) : false; } } diff --git a/phpBB/includes/usercp_viewprofile.php b/phpBB/includes/usercp_viewprofile.php index 05e899da00..37290f37c7 100644 --- a/phpBB/includes/usercp_viewprofile.php +++ b/phpBB/includes/usercp_viewprofile.php @@ -172,7 +172,7 @@ include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->assign_vars(array( 'USERNAME' => $profiledata['username'], - 'JOINED' => create_date($lang['DATE_FORMAT'], $profiledata['user_regdate'], $board_config['board_timezone']), + 'JOINED' => $user->format_date($profiledata['user_regdate'], $lang['DATE_FORMAT']), 'POSTER_RANK' => $poster_rank, 'RANK_IMAGE' => $rank_image, 'POSTS_PER_DAY' => $posts_per_day,