mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-07 17:27:16 +02:00
Code Issues Releases Wiki Activity

Changed $board_config to $config, more posting "stuff", altered polling code in viewtopic and loads of new problems, poor coding, etc. created :)

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2983 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-10-30 00:57:27 +00:00
parent 9075298051
commit 691f50ada9
43 changed files with 1072 additions and 1044 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
phpBB/includes/bbcode.php
View File

@@ -26,7 +26,7 @@ if ( !defined('IN_PHPBB') )
define('BBCODE_UID_LEN', 10);
// global that holds loaded-and-prepared bbcode templates, so we only have to do
// global that holds loaded-and-prepared bbcode templates, so we only have to do
// that stuff once.
$bbcode_tpl = null;
@@ -45,21 +45,21 @@ function load_bbcode_template()
global $template;
$tpl_filename = $template->make_filename('bbcode.html');
$tpl = fread(fopen($tpl_filename, 'r'), filesize($tpl_filename));
// replace \ with \\ and then ' with \'.
$tpl = str_replace('\\', '\\\\', $tpl);
$tpl = str_replace('\'', '\\\'', $tpl);
// strip newlines.
$tpl = str_replace("\n", '', $tpl);
// Turn template blocks into PHP assignment statements for the values of $bbcode_tpls..
$tpl = preg_replace('#<!-- BEGIN (.*?) -->(.*?)<!-- END (.*?) -->#', "\n" . '$bbcode_tpls[\'\\1\'] = \'\\2\';', $tpl);
$bbcode_tpls = array();
eval($tpl);
return $bbcode_tpls;
}
@@ -68,7 +68,7 @@ function load_bbcode_template()
* Prepares the loaded bbcode templates for insertion into preg_replace()
* or str_replace() calls in the bbencode_second_pass functions. This
* means replacing template placeholders with the appropriate preg backrefs
* or with language vars. NOTE: If you change how the regexps work in
* or with language vars. NOTE: If you change how the regexps work in
* bbencode_second_pass(), you MUST change this function.
*
* Nathan Codding, Sept 26 2001
@@ -77,52 +77,52 @@ function load_bbcode_template()
function prepare_bbcode_template($bbcode_tpl)
{
global $lang;
$bbcode_tpl['olist_open'] = str_replace('{LIST_TYPE}', '\\1', $bbcode_tpl['olist_open']);
$bbcode_tpl['color_open'] = str_replace('{COLOR}', '\\1', $bbcode_tpl['color_open']);
$bbcode_tpl['size_open'] = str_replace('{SIZE}', '\\1', $bbcode_tpl['size_open']);
$bbcode_tpl['quote_open'] = str_replace('{L_QUOTE}', $lang['Quote'], $bbcode_tpl['quote_open']);
$bbcode_tpl['quote_username_open'] = str_replace('{L_QUOTE}', $lang['Quote'], $bbcode_tpl['quote_username_open']);
$bbcode_tpl['quote_username_open'] = str_replace('{L_WROTE}', $lang['wrote'], $bbcode_tpl['quote_username_open']);
$bbcode_tpl['quote_username_open'] = str_replace('{USERNAME}', '\\1', $bbcode_tpl['quote_username_open']);
$bbcode_tpl['code_open'] = str_replace('{L_CODE}', $lang['Code'], $bbcode_tpl['code_open']);
$bbcode_tpl['img'] = str_replace('{URL}', '\\1', $bbcode_tpl['img']);
// We do URLs in several different ways..
$bbcode_tpl['url1'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
$bbcode_tpl['url1'] = str_replace('{DESCRIPTION}', '\\1\\2', $bbcode_tpl['url1']);
$bbcode_tpl['url2'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
$bbcode_tpl['url2'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url2']);
$bbcode_tpl['url3'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
$bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\3', $bbcode_tpl['url3']);
$bbcode_tpl['url4'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
$bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\2', $bbcode_tpl['url4']);
$bbcode_tpl['email'] = str_replace('{EMAIL}', '\\1', $bbcode_tpl['email']);
define('BBCODE_TPL_READY', true);
return $bbcode_tpl;
}
/**
* Does second-pass bbencoding. This should be used before displaying the message in
* a thread. Assumes the message is already first-pass encoded, and we are given the
* a thread. Assumes the message is already first-pass encoded, and we are given the
* correct UID as used in first-pass encoding.
*/
function bbencode_second_pass($text, $uid, $enable_img = true)
{
global $acl, $board_config, $lang, $bbcode_tpl;
global $acl, $config, $lang, $bbcode_tpl;
// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
@@ -135,13 +135,13 @@ function bbencode_second_pass($text, $uid, $enable_img = true)
$text = substr($text, 1);
return $text;
}
// Only load the templates ONCE..
if (!defined('BBCODE_TPL_READY'))
{
// load templates from file into array.
$bbcode_tpl = load_bbcode_template();
// prepare array for use in regexps.
$bbcode_tpl = prepare_bbcode_template($bbcode_tpl);
}
@@ -171,7 +171,7 @@ function bbencode_second_pass($text, $uid, $enable_img = true)
// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
$text = str_replace("[quote:$uid]", $bbcode_tpl['quote_open'], $text);
$text = str_replace("[/quote:$uid]", $bbcode_tpl['quote_close'], $text);
// New one liner to deal with opening quotes with usernames...
// replaces the two line version that I had here before..
$text = preg_replace("/\[quote:$uid=(?:\"?([^\"]*)\"?)\]/si", $bbcode_tpl['quote_username_open'], $text);
@@ -199,7 +199,7 @@ function bbencode_second_pass($text, $uid, $enable_img = true)
$patterns[0] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
$replacements[0] = $bbcode_tpl['img'];
}
// [url]xxxx://www.phpbb.com[/url] code..
$patterns[1] = "#\[url\]([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/url\]#si";
$replacements[1] = $bbcode_tpl['url1'];
@@ -253,7 +253,7 @@ function bbencode_first_pass($text, $uid)
// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
$text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, '');
$text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\\"[^"]*?\\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]");
// [list] and [list=x] for (un)ordered lists.
@@ -351,9 +351,9 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
$open_tag[0] = $open_tag_temp;
$open_tag_count = 1;
}
$open_is_regexp = false;
if ($open_regexp_replace)
{
$open_is_regexp = true;
@@ -364,12 +364,12 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
$open_regexp_replace[0] = $open_regexp_temp;
}
}
if ($mark_lowest_level && $open_is_regexp)
{
message_die(GENERAL_ERROR, "Unsupported operation for bbcode_first_pass_pda().");
}
// Start at the 2nd char of the string, looking for opening tags.
$curr_pos = 1;
@@ -398,12 +398,12 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
//
// OK we are in a quote tag that probably contains a ] bracket.
// Grab a bit more of the string to hopefully get all of it..
//
//
$possible_start = substr($text, $curr_pos, strpos($text, "\"]", $curr_pos + 1) - $curr_pos + 2);
}
//
// Now compare, either using regexp or not.
if ($open_is_regexp)
{
$match_result = array();
@@ -441,7 +441,7 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
// Keeps error in nested tag from breaking out
// of table structure..
//
$curr_pos = $curr_pos + strlen($possible_start);
$curr_pos = $curr_pos + strlen($possible_start);
}
else
{
@@ -574,12 +574,12 @@ function bbencode_second_pass_code($text, $uid, $bbcode_tpl)
{
$before_replace = $matches[1][$i];
$after_replace = $matches[1][$i];
// Replace 2 spaces with "&nbsp; " so non-tabbed code indents without making huge long lines.
$after_replace = str_replace(" ", "&nbsp; ", $after_replace);
// now Replace 2 spaces with " &nbsp;" to catch odd #s of spaces.
$after_replace = str_replace(" ", " &nbsp;", $after_replace);
// Replace tabs with "&nbsp; &nbsp;" so tabbed code indents sorta right without making huge long lines.
$after_replace = str_replace("\t", "&nbsp; &nbsp;", $after_replace);
@@ -740,7 +740,7 @@ function bbcode_array_pop(&$stack)
//
function smilies_pass($message)
{
global $db, $board_config;
global $db, $config;
static $smilies;
if ( empty($smilies) )
@@ -749,7 +749,7 @@ function smilies_pass($message)
FROM " . SMILIES_TABLE;
$result = $db->sql_query($sql);
if ( !($smilies = $db->sql_fetchrowset($result)) )
if ( !($smilies = $db->sql_fetchrowset($result)) )
{
return $message;
}
@@ -760,7 +760,7 @@ function smilies_pass($message)
for($i = 0; $i < count($smilies); $i++)
{
$orig[] = '/(?<=.\\W|\\W.|^\\W)' . preg_quote($smilies[$i]['code'], '/') . '(?=.\\W|\\W.|\\W$)/';
$repl[] = '<img src="'. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" width="' . $smilies[$i]['smile_width'] . '" height="' . $smilies[$i]['smile_height'] . '" alt="' . $smilies[$i]['smile_url'] . '" title="' . $smilies[$i]['smile_url'] . '" border="0" />';
$repl[] = '<img src="'. $config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" width="' . $smilies[$i]['smile_width'] . '" height="' . $smilies[$i]['smile_height'] . '" alt="' . $smilies[$i]['smile_url'] . '" title="' . $smilies[$i]['smile_url'] . '" border="0" />';
}
if ( $i > 0 )

26
phpBB/includes/emailer.php
View File

@@ -81,11 +81,11 @@ class emailer
function use_template($template_file, $template_lang = '')
{
global $board_config, $phpbb_root_path;
global $config, $phpbb_root_path;
if ( $template_lang == '' )
{
$template_lang = $board_config['default_lang'];
$template_lang = $config['default_lang'];
}
$this->tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.txt';
@@ -324,10 +324,10 @@ function server_parse($socket, $response)
function smtpmail($mail_to, $subject, $message, $headers = '')
{
// For now I'm using an array based $smtp_vars to hold the smtp server
// info, but it should probably change to $board_config...
// then the relevant info would be $board_config['smtp_host'] and
// $board_config['smtp_port'].
global $board_config;
// info, but it should probably change to $config...
// then the relevant info would be $config['smtp_host'] and
// $config['smtp_port'].
global $config;
//
// Fix any bare linefeeds in the message to make it RFC821 Compliant.
@@ -396,37 +396,37 @@ function smtpmail($mail_to, $subject, $message, $headers = '')
// Ok we have error checked as much as we can to this point let's get on
// it already.
//
if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
if( !$socket = fsockopen($config['smtp_host'], 25, $errno, $errstr, 20) )
{
message_die(ERROR, "Could not connect to smtp host : $errno : $errstr");
}
server_parse($socket, "220");
if( !empty($board_config['smtp_username']) && !empty($board_config['smtp_password']) )
if( !empty($config['smtp_username']) && !empty($config['smtp_password']) )
{
// Send the RFC2554 specified EHLO.
// This improved as provided by SirSir to accomodate
// both SMTP AND ESMTP capable servers
fputs($socket, "EHLO " . $board_config['smtp_host'] . "\r\n");
fputs($socket, "EHLO " . $config['smtp_host'] . "\r\n");
server_parse($socket, "250");
fputs($socket, "AUTH LOGIN\r\n");
server_parse($socket, "334");
fputs($socket, base64_encode($board_config['smtp_username']) . "\r\n");
fputs($socket, base64_encode($config['smtp_username']) . "\r\n");
server_parse($socket, "334");
fputs($socket, base64_encode($board_config['smtp_password']) . "\r\n");
fputs($socket, base64_encode($config['smtp_password']) . "\r\n");
server_parse($socket, "235");
}
else
{
// Send the RFC821 specified HELO.
fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n");
fputs($socket, "HELO " . $config['smtp_host'] . "\r\n");
server_parse($socket, "250");
}
// From this point onward most server response codes should be 250
// Specify who the mail is from....
fputs($socket, "MAIL FROM: <" . $board_config['board_email'] . ">\r\n");
fputs($socket, "MAIL FROM: <" . $config['board_email'] . ">\r\n");
server_parse($socket, "250");
// Specify each user to send to and build to header.

162
phpBB/includes/functions.php
View File

@@ -37,7 +37,7 @@ function get_userdata($user)
return ( $row = $db->sql_fetchrow($result) ) ? $row : false;
}
function get_forum_branch($forum_id, $type='all', $order='descending', $include_forum=TRUE)
function get_forum_branch($forum_id, $type = 'all', $order = 'descending', $include_forum = TRUE)
{
global $db;
@@ -216,7 +216,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
//
function get_forum_rules($mode, &$rules, &$forum_id)
{
global $SID, $auth, $user, $phpEx;
global $SID, $auth, $user;
$rules .= ( ( $auth->acl_get('f_post', $forum_id) ) ? $user->lang['Rules_post_can'] : $user->lang['Rules_post_cannot'] ) . '<br />';
$rules .= ( ( $auth->acl_get('f_reply', $forum_id) ) ? $user->lang['Rules_reply_can'] : $user->lang['Rules_reply_cannot'] ) . '<br />';
@@ -326,7 +326,7 @@ function language_select($default, $select_name = "language", $dirname="language
{
global $phpEx;
$dir = opendir($dirname);
$dir = @opendir($dirname);
$user = array();
while ( $file = readdir($dir) )
@@ -338,10 +338,10 @@ function language_select($default, $select_name = "language", $dirname="language
}
}
closedir($dir);
@closedir($dir);
@asort($user);
@reset($user);
@asort($lang);
@reset($lang);
$user_select = '<select name="' . $select_name . '">';
foreach ( $lang as $displayname => $filename )
@@ -431,7 +431,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
);
$message = $user->lang['No_longer_watching_' . $mode] . '<br /><br />' . sprintf($user->lang['Click_return_' . $mode], '<a href="' . "view$mode.$phpEx$SID&amp;" . $u_url . "=$match_id&amp;start=$start" . '">', '</a>');
message_die(MESSAGE, $message);
trigger_error($message);
}
else
{
@@ -465,7 +465,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
);
$message = $user->lang['You_are_watching_' . $mode] . '<br /><br />' . sprintf($user->lang['Click_return_' . $mode], '<a href="' . "view$mode.$phpEx$SID&amp;" . $u_url . "=$match_id&amp;start=$start" . '">', '</a>');
message_die(MESSAGE, $message);
trigger_error($message);
}
else
{
@@ -594,6 +594,146 @@ function redirect($location)
exit;
}
// Check to see if the username has been taken, or if it is disallowed.
// Also checks if it includes the " character, which we don't allow in usernames.
// Used for registering, changing names, and posting anonymously with a username
function validate_username($username)
{
global $db, $user;
$username = sql_quote($username);
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
$result = $db->sql_query($sql);
if (($row = $db->sql_fetchrow($result)) && $row['username'] != $user->data['username'])
{
return $user->lang['Username_taken'];
}
$sql = "SELECT group_name
FROM " . GROUPS_TABLE . "
WHERE LOWER(group_name) = '" . strtolower($username) . "'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
return $user->lang['Username_taken'];
}
$sql = "SELECT disallow_username
FROM " . DISALLOW_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['disallow_username'])) . ')\b#i', $username))
{
return $user->lang['Username_disallowed'];
}
}
$sql = "SELECT word
FROM " . WORDS_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['word'])) . ')\b#i', $username))
{
return $user->lang['Username_disallowed'];
}
}
// Don't allow " in username.
if (strstr($username, '"'))
{
return $user->lang['Username_invalid'];
}
return false;
}
// Check to see if email address is banned or already present in the DB
function validate_email($email)
{
global $db, $user;
if ($email != '')
{
if (preg_match('/^[a-z0-9\.\-_\+]+@[a-z0-9\-_]+\.([a-z0-9\-_]+\.)*?[a-z]+$/is', $email))
{
$sql = "SELECT ban_email
FROM " . BANLIST_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
if (preg_match('/^' . str_replace('*', '.*?', $row['ban_email']) . '$/is', $email))
{
return $user->lang['Email_banned'];
}
}
$sql = "SELECT user_email
FROM " . USERS_TABLE . "
WHERE user_email = '" . sql_quote($email) . "'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
return $user->lang['Email_taken'];
}
return false;
}
}
return $user->lang['Email_invalid'];
}
// Does supplementary validation of optional profile fields. This
// expects common stuff like trim() and strip_tags() to have already
// been run. Params are passed by-ref, so we can set them to the empty
// string if they fail.
function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig)
{
$check_var_length = array('aim', 'msnm', 'yim', 'location', 'occupation', 'interests', 'sig');
for($i = 0; $i < count($check_var_length); $i++)
{
if ( strlen($$check_var_length[$i]) < 2 )
{
$$check_var_length[$i] = '';
}
}
// ICQ number has to be only numbers.
if ( !preg_match('/^[0-9]+$/', $icq) )
{
$icq = '';
}
// website has to start with http://, followed by something with length at least 3 that
// contains at least one dot.
if ( $website != '' )
{
if ( !preg_match('#^http:\/\/#i', $website) )
{
$website = 'http://' . $website;
}
if ( !preg_match('#^http\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $website) )
{
$website = '';
}
}
return;
}
// This is general replacement for die(), allows templated output in users (or default)
// language, etc. $msg_code can be one of these constants:
//
@@ -602,7 +742,7 @@ function redirect($location)
// -> ERROR : Use for any error, a simple page will be output
function message_die($msg_code, $msg_text = '', $msg_title = '')
{
global $db, $auth, $template, $board_config, $user, $nav_links;
global $db, $auth, $template, $config, $user, $nav_links;
global $phpEx, $phpbb_root_path, $starttime;
switch ( $msg_code )
@@ -667,7 +807,7 @@ function message_die($msg_code, $msg_text = '', $msg_title = '')
// Error and message handler, call with trigger_error if reqd
function msg_handler($errno, $msg_text, $errfile, $errline)
{
global $db, $auth, $template, $board_config, $user, $nav_links;
global $db, $auth, $template, $config, $user, $nav_links;
global $phpEx, $phpbb_root_path, $starttime;
switch ( $errno )
@@ -696,7 +836,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
echo 'th { background-image: url(\'' . $phpbb_root_path . 'admin/images/cellpic3.gif\') }' . "\n";
echo 'td.cat { background-image: url(\'' . $phpbb_root_path . 'admin/images/cellpic1.gif\') }' . "\n";
echo '</style><title>' . $msg_title . '</title></head><body>';
echo '<table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td><img src="' . $phpbb_root_path . 'admin/images/header_left.jpg" width="200" height="60" alt="phpBB Logo" title="phpBB Logo" border="0"/></td><td width="100%" background="' . $phpbb_root_path . 'admin/images/header_bg.jpg" height="60" align="right" nowrap="nowrap"><span class="maintitle">General Error</span> &nbsp; &nbsp; &nbsp;</td></tr></table><br clear="all" /><table width="85%" cellspacing="0" cellpadding="0" border="0" align="center"><tr><td><br clear="all" />' . $msg_text . '<hr />Please notify the board administrator or webmaster : <a href="mailto:' . $board_config['board_email'] . '">' . $board_config['board_email'] . '</a></td></tr></table><br clear="all" /></body></html>';
echo '<table width="100%" cellspacing="0" cellpadding="0" border="0"><tr><td><img src="' . $phpbb_root_path . 'admin/images/header_left.jpg" width="200" height="60" alt="phpBB Logo" title="phpBB Logo" border="0"/></td><td width="100%" background="' . $phpbb_root_path . 'admin/images/header_bg.jpg" height="60" align="right" nowrap="nowrap"><span class="maintitle">General Error</span> &nbsp; &nbsp; &nbsp;</td></tr></table><br clear="all" /><table width="85%" cellspacing="0" cellpadding="0" border="0" align="center"><tr><td><br clear="all" />' . $msg_text . '<hr />Please notify the board administrator or webmaster : <a href="mailto:' . $config['board_email'] . '">' . $config['board_email'] . '</a></td></tr></table><br clear="all" /></body></html>';
exit;
break;

4
phpBB/includes/functions_admin.php
View File

@@ -413,14 +413,14 @@ function config_config($config = false)
}
}
$cache_str = "\$board_config = array(\n";
$cache_str = "\$config = array(\n";
foreach ($config as $config_name => $config_value)
{
$cache_str .= "\t'$config_name' => " . ( ( is_numeric($config_value) ) ? $config_value : '"' . addslashes($config_value) . '"' ) . ",\n";
}
$cache_str .= ");";
config_cache_write('\$board_config = array\(.*?\);', $cache_str);
config_cache_write('\$config = array\(.*?\);', $cache_str);
return $config;
}

95
phpBB/includes/functions_posting.php
View File

@@ -27,7 +27,7 @@ class parse_message
function parse(&$message, $html, $bbcode, $uid, $url, $smilies)
{
global $board_config, $db, $lang;
global $config, $db, $lang;
$warn_msg = '';
@@ -44,13 +44,13 @@ class parse_message
$message = preg_replace($match, $replace, $message);
// Message length check
if ( !strlen($message) || ( $board_config['max_post_chars'] && strlen($message) > $board_config['max_post_chars'] ) )
if ( !strlen($message) || ( $config['max_post_chars'] && strlen($message) > $config['max_post_chars'] ) )
{
$warn_msg .= ( !strlen($message) ) ? $lang['Too_few_chars'] . '<br />' : $lang['Too_many_chars'] . '<br />';
}
// Smiley check
if ( $board_config['max_post_smilies'] && $smilies )
if ( $config['max_post_smilies'] && $smilies )
{
$sql = "SELECT code
FROM " . SMILIES_TABLE;
@@ -64,7 +64,7 @@ class parse_message
$match++;
}
if ( $match > $board_config['max_post_smilies'] )
if ( $match > $config['max_post_smilies'] )
{
$warn_msg .= $lang['Too_many_smilies'] . '<br />';
break;
@@ -92,13 +92,13 @@ class parse_message
function html(&$message, $html)
{
global $board_config, $lang;
global $config, $lang;
if ( $html )
{
// If $html is true then "allowed_tags" are converted back from entity
// form, others remain
$allowed_tags = split(',', str_replace(' ', '', $board_config['allow_html_tags']));
$allowed_tags = split(',', str_replace(' ', '', $config['allow_html_tags']));
$match = array();
$replace = array();
@@ -117,7 +117,7 @@ class parse_message
function bbcode(&$message, $bbcode, $uid)
{
global $board_config;
global $config;
}
@@ -126,18 +126,18 @@ class parse_message
// into relative versions when the server/script path matches the link
function magic_url(&$message, $url)
{
global $board_config;
global $config;
if ( $url )
{
$server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
$server_protocol = ( $config['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $config['server_port'] <> 80 ) ? ':' . trim($config['server_port']) . '/' : '/';
$match = array();
$replace = array();
// relative urls for this board
$match[] = '#' . $server_protocol . trim($board_config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($board_config['script_path'])) . '/([^\t <\n\r\"]+)#i';
$match[] = '#' . $server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($config['script_path'])) . '/([^\t <\n\r\"]+)#i';
$replace[] = '<a href="\1" target="_blank">\1</a>';
// matches a xxxx://aaaaa.bbb.cccc. ...
@@ -159,19 +159,9 @@ class parse_message
// Based off of Acyd Burns Mod
function attach($file_ary)
{
global $board_config;
$allowed_ext = explode(',', $board_config['attach_ext']);
}
}
// Will parse poll info ... probably
class parse_poll extends parse_message
{
function parse_poll()
{
global $board_config;
global $config;
$allowed_ext = explode(',', $config['attach_ext']);
}
}
@@ -182,7 +172,7 @@ class fulltext_search
{
function split_words(&$text)
{
global $user, $board_config;
global $user, $config;
static $drop_char_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!', '*');
static $drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ' , ' ', ' ', ' ', ' ', ' ', ' ', ' ');
@@ -202,7 +192,7 @@ class fulltext_search
$match[] = '#\[\/?url(=.*?)?\]#';
$match[] = '#\[\/?[a-z\*=\+\-]+(\:?[0-9a-z]+)?:[a-z0-9]{10,}(\:[a-z0-9]+)?=?.*?\]#';
// Sequences < min_search_chars & < max_search_chars
$match[] = '#\b([a-z0-9]{1,' . $board_config['min_search_chars'] . '}|[a-z0-9]{' . $board_config['max_search_chars'] . ',})\b#';
$match[] = '#\b([a-z0-9]{1,' . $config['min_search_chars'] . '}|[a-z0-9]{' . $config['max_search_chars'] . ',})\b#';
$text = preg_replace($match, ' ', ' ' . strtolower($text) . ' ');
@@ -237,33 +227,48 @@ class fulltext_search
return array_unique($split_entries[1]);
}
function add(&$post_id, &$new_msg, &$new_title, $old_msg = '', $old_title = '')
function add(&$mode, &$post_id, &$message, &$subject)
{
global $board_config, $db;
global $config, $db;
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
//
// Split old and new post/subject to obtain array of 'words'
//
$split_text_new = $this->split_words($new_msg);
$split_text_old = $this->split_words(addslashes($old_msg));
$split_title_new = ( $new_title ) ? $this->split_words($new_title) : array();
$split_title_old = ( $old_title ) ? $this->split_words(addslashes($old_title)) : array();
$split_text = $this->split_words($message);
$split_title = ($subject) ? $this->split_words($subject) : array();
//
// Define new words to be added and old words to be removed
//
$words = array();
$words['add']['text'] = array_diff($split_text_new, $split_text_old);
$words['del']['text'] = array_diff($split_text_old, $split_text_new);
$words['add']['title'] = array_diff($split_title_new, $split_title_old);
$words['del']['title'] = array_diff($split_title_old, $split_title_new);
if ($mode == 'edit')
{
$sql = "SELECT w.word_id, w.word_text, m.title_match
FROM " . SEARCH_WORD_TABLE . " w, " . SEARCH_MATCH_TABLE . " m
WHERE m.post_id = " . intval($post_id) . "
AND w.word_id = m.word_id";
$result = $db->sql_query($result);
$cur_words = array();
while ($row = $db->sql_fetchrow($result))
{
$which = ($row['title_match']) ? 'title' : 'post';
$cur_words[$which][$row['word_id']] = $row['word_text'];
}
$db->sql_freeresult($result);
$words['add']['post'] = array_diff($split_text, $cur_words['post']);
$words['add']['title'] = array_diff($split_title, $cur_words['title']);
$words['del']['post'] = array_diff($cur_words['post'], $split_text);
$words['del']['title'] = array_diff($cur_words['title'], $split_title);
}
else
{
$words['add']['post'] = $split_text;
$words['add']['title'] = $split_title;
}
unset($split_text);
unset($split_title);
//
// Get unique words from the above arrays
//
$unique_add_words = array_unique(array_merge($words['add']['text'], $words['add']['title']));
//
@@ -391,7 +396,7 @@ class fulltext_search
echo "<br /><br />";
// Run the cleanup infrequently, once per session cleanup
if ( $board_config['session_last_gc'] < time - ( $board_config['session_gc'] / 2 ) )
if ( $config['session_last_gc'] < time - ( $config['session_gc'] / 2 ) )
{
$this->search_tidy();
}
@@ -471,7 +476,7 @@ class fulltext_search
//
function generate_smilies($mode)
{
global $SID, $auth, $db, $session, $board_config, $template, $theme, $lang;
global $SID, $auth, $db, $session, $config, $template, $theme, $lang;
global $user_ip, $starttime;
global $phpEx, $phpbb_root_path;
global $user, $userdata;
@@ -505,7 +510,7 @@ function generate_smilies($mode)
{
$template->assign_block_vars('emoticon', array(
'SMILEY_CODE' => $row['code'],
'SMILEY_IMG' => $board_config['smilies_path'] . '/' . $row['smile_url'],
'SMILEY_IMG' => $config['smilies_path'] . '/' . $row['smile_url'],
'SMILEY_WIDTH' => $row['smile_width'],
'SMILEY_HEIGHT' => $row['smile_height'],
'SMILEY_DESC' => $row['emoticon'])

20
phpBB/includes/page_header.php
View File

@@ -27,7 +27,7 @@ if ( !defined('IN_PHPBB') )
define('HEADER_INC', TRUE);
// gzip_compression
if ( $board_config['gzip_compress'] )
if ( $config['gzip_compress'] )
{
if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() )
{
@@ -137,10 +137,10 @@ else
$total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online;
if ( $total_online_users > $board_config['record_online_users'])
if ( $total_online_users > $config['record_online_users'])
{
$board_config['record_online_users'] = $total_online_users;
$board_config['record_online_date'] = time();
$config['record_online_users'] = $total_online_users;
$config['record_online_date'] = time();
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$total_online_users'
@@ -148,7 +148,7 @@ if ( $total_online_users > $board_config['record_online_users'])
$db->sql_query($sql);
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '" . $board_config['record_online_date'] . "'
SET config_value = '" . $config['record_online_date'] . "'
WHERE config_name = 'record_online_date'";
$db->sql_query($sql);
}
@@ -279,14 +279,14 @@ foreach ( $nav_links as $nav_item => $nav_array )
// The following assigns all _common_ variables that may be used at any point
// in a template.
$template->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'SITE_DESCRIPTION' => $board_config['site_desc'],
'SITENAME' => $config['sitename'],
'SITE_DESCRIPTION' => $config['site_desc'],
'PAGE_TITLE' => $page_title,
'LAST_VISIT_DATE' => sprintf($user->lang['You_last_visit'], $s_last_visit),
'CURRENT_TIME' => sprintf($user->lang['Current_time'], $user->format_date(time())),
'TOTAL_USERS_ONLINE' => $l_online_users,
'LOGGED_IN_USER_LIST' => $online_userlist,
'RECORD_USERS' => sprintf($user->lang['Record_online_users'], $board_config['record_online_users'], $user->format_date($board_config['record_online_date'])),
'RECORD_USERS' => sprintf($user->lang['Record_online_users'], $config['record_online_users'], $user->format_date($config['record_online_date'])),
'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new,
'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
@@ -335,7 +335,7 @@ $template->assign_vars(array(
'S_CONTENT_DIR_LEFT' => $user->lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $user->lang['RIGHT'],
'S_LOGIN_ACTION' => 'login.'.$phpEx.$SID,
'S_TIMEZONE' => ( $user->data['user_dst'] ) ? sprintf($user->lang['All_times'], $user->lang[floatval($board_config['board_timezone'])], $user->lang['tz']['dst']) : sprintf($user->lang['All_times'], $user->lang[floatval($board_config['board_timezone'])], ''),
'S_TIMEZONE' => ( $user->data['user_dst'] ) ? sprintf($user->lang['All_times'], $user->lang[floatval($config['board_timezone'])], $user->lang['tz']['dst']) : sprintf($user->lang['All_times'], $user->lang[floatval($config['board_timezone'])], ''),
'T_STYLESHEET_DATA' => $user->theme['css_data'],
'T_STYLESHEET_LINK' => 'templates/' . $user->theme['css_external'],
@@ -343,7 +343,7 @@ $template->assign_vars(array(
'NAV_LINKS' => $nav_links_html)
);
/*if ( $board_config['send_encoding'] )
/*if ( $config['send_encoding'] )
{
header ('Content-type: text/html; charset: ' . $user->lang['ENCODING']);
}*/

4
phpBB/includes/page_tail.php
View File

@@ -36,7 +36,7 @@ if (defined('DEBUG'))
exit;
}
$debug_output = sprintf('<br /><br />[ Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $board_config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . (($session->load) ? $session->load : 'N/A'), $totaltime);
$debug_output = sprintf('<br /><br />[ Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . (($session->load) ? $session->load : 'N/A'), $totaltime);
if ($auth->acl_get('a_'))
{
@@ -46,7 +46,7 @@ if (defined('DEBUG'))
}
$template->assign_vars(array(
'PHPBB_VERSION' => $board_config['version'],
'PHPBB_VERSION' => $config['version'],
'ADMIN_LINK' => ( $auth->acl_get('a_') ) ? '<a href="' . "admin/index.$phpEx?sid=" . $user->data['session_id'] . '">' . $user->lang['Admin_panel'] . '</a><br /><br />' : '',
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : ''
));

61
phpBB/includes/session.php
View File

@@ -31,17 +31,17 @@ class session
// Called at each page start ... checks for, updates and/or creates a session
function start($update = true)
{
global $SID, $db, $board_config;
global $SID, $db, $config;
$current_time = time();
$this->browser = ( !empty($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT'];
$this->page = ( !empty($_SERVER['PHP_SELF']) ) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF'];
$this->page .= '&' . ( ( !empty($_SERVER['QUERY_STRING']) ) ? $_SERVER['QUERY_STRING'] : $_ENV['QUERY_STRING'] );
if ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) || isset($_COOKIE[$board_config['cookie_name'] . '_data']) )
if ( isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_data']) )
{
$sessiondata = ( isset($_COOKIE[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_data'])) : '';
$this->session_id = ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) ) ? $_COOKIE[$board_config['cookie_name'] . '_sid'] : '';
$sessiondata = ( isset($_COOKIE[$config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_data'])) : '';
$this->session_id = ( isset($_COOKIE[$config['cookie_name'] . '_sid']) ) ? $_COOKIE[$config['cookie_name'] . '_sid'] : '';
$SID = (defined('IN_ADMIN')) ? '?sid=' . $this->session_id : '?sid=';
}
else
@@ -64,13 +64,13 @@ class session
}
// Load limit check (if applicable)
if ( intval($board_config['limit_load']) && file_exists('/proc/loadavg') )
if ( intval($config['limit_load']) && file_exists('/proc/loadavg') )
{
if ( $load = @file('/proc/loadavg') )
{
list($this->load) = explode(' ', $load[0]);
if ( $this->load > intval($board_config['limit_load']) )
if ( $this->load > intval($config['limit_load']) )
{
trigger_error('Board_unavailable');
}
@@ -93,8 +93,8 @@ class session
if ( isset($this->data['user_id']) )
{
// Validate IP length according to admin ... has no effect on IPv6
$s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, $board_config['ip_check']));
$u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $board_config['ip_check']));
$s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, $config['ip_check']));
$u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check']));
if ( $u_ip == $s_ip )
{
@@ -123,12 +123,12 @@ class session
// Create a new session
function create(&$user_id, &$autologin)
{
global $SID, $db, $board_config;
global $SID, $db, $config;
$sessiondata = array();
$current_time = time();
if ( intval($board_config['active_sessions']) )
if ( intval($config['active_sessions']) )
{
// Limit sessions in 1 minute period
$sql = "SELECT COUNT(*) AS sessions
@@ -139,7 +139,7 @@ class session
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ( intval($row['sessions']) > intval($board_config['active_sessions']) )
if ( intval($row['sessions']) > intval($config['active_sessions']) )
{
trigger_error('Board_unavailable');
}
@@ -147,7 +147,7 @@ class session
// Garbage collection ... remove old sessions updating user information
// if necessary. It means (potentially) 22 queries but only infrequently
if ( $current_time - $board_config['session_gc'] > $board_config['session_last_gc'] )
if ( $current_time - $config['session_gc'] > $config['session_last_gc'] )
{
$this->gc($current_time);
}
@@ -236,7 +236,7 @@ class session
// Destroy a session
function destroy()
{
global $SID, $db, $board_config;
global $SID, $db, $config;
$current_time = time();
@@ -263,12 +263,12 @@ class session
// Garbage collection
function gc(&$current_time)
{
global $db, $board_config;
global $db, $config;
// Get expired sessions, only most recent for each user
$sql = "SELECT session_user_id, MAX(session_time) AS recent_time
FROM " . SESSIONS_TABLE . "
WHERE session_time < " . ( $current_time - $board_config['session_length'] ) . "
WHERE session_time < " . ( $current_time - $config['session_length'] ) . "
GROUP BY session_user_id
LIMIT 5";
$result = $db->sql_query($sql);
@@ -294,7 +294,7 @@ class session
// Delete expired sessions
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_user_id IN ($del_user_id)
AND session_time < " . ( $current_time - $board_config['session_length'] );
AND session_time < " . ( $current_time - $config['session_length'] );
$db->sql_query($sql);
}
@@ -314,9 +314,9 @@ class session
// Set a cookie
function set_cookie($name, $cookiedata, $cookietime)
{
global $board_config;
global $config;
setcookie($board_config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
}
}
@@ -336,11 +336,11 @@ class user extends session
function setup($lang_set = false, $style = false)
{
global $db, $template, $board_config, $phpEx, $phpbb_root_path;
global $db, $template, $config, $phpEx, $phpbb_root_path;
if ( $this->data['user_id'] != ANONYMOUS )
{
$this->lang_name = ( file_exists($phpbb_root_path . 'language/' . $this->data['user_lang']) ) ? $this->data['user_lang'] : $board_config['default_lang'];
$this->lang_name = ( file_exists($phpbb_root_path . 'language/' . $this->data['user_lang']) ) ? $this->data['user_lang'] : $config['default_lang'];
$this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/';
$this->date_format = $this->data['user_dateformat'];
@@ -349,10 +349,10 @@ class user extends session
}
else
{
$this->lang_name = $board_config['default_lang'];
$this->lang_name = $config['default_lang'];
$this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/';
$this->date_format = $board_config['default_dateformat'];
$this->timezone = $board_config['board_timezone'] * 3600;
$this->date_format = $config['default_dateformat'];
$this->timezone = $config['board_timezone'] * 3600;
$this->dst = 0;
if ( isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) )
@@ -409,7 +409,7 @@ class user extends session
}
*/
// Set up style
$style = ( $style ) ? $style : ( ( !$board_config['override_user_style'] && $this->data['user_id'] ) ? $this->data['user_style'] : $board_config['default_style'] );
$style = ( $style ) ? $style : ( ( !$config['override_user_style'] && $this->data['user_id'] ) ? $this->data['user_style'] : $config['default_style'] );
$sql = "SELECT t.template_path, t.poll_length, t.pm_box_length, c.css_data, c.css_external, i.*
FROM " . STYLES_TABLE . " s, " . STYLES_TPL_TABLE . " t, " . STYLES_CSS_TABLE . " c, " . STYLES_IMAGE_TABLE . " i
@@ -426,7 +426,7 @@ class user extends session
$template->set_template($this->theme['template_path']);
$this->img_lang = ( file_exists($phpbb_root_path . 'imagesets/' . $this->theme['imageset_path'] . '/' . $this->lang_name) ) ? $this->lang_name : $board_config['default_lang'];
$this->img_lang = ( file_exists($phpbb_root_path . 'imagesets/' . $this->theme['imageset_path'] . '/' . $this->lang_name) ) ? $this->lang_name : $config['default_lang'];
return;
}
@@ -447,13 +447,14 @@ class user extends session
return strtr(@gmdate($format, $gmepoch + $this->timezone + $this->dst), $lang_dates);
}
function img($img, $alt = '', $tag = false)
function img($img, $alt = '', $width = false, $no_cache = false)
{
static $imgs;
if (empty($imgs[$img]))
if (empty($imgs[$img]) || $no_cache)
{
$imgs[$img] = '<img src=' . str_replace('{LANG}', $this->img_lang, $this->theme[$img]) . '" alt="' . $this->lang[$alt] . '" title="' . $this->lang[$alt] . '" />';
$width = ( $width ) ? 'width="' . $width . '" ' : '';
$imgs[$img] = '<img src=' . str_replace('{LANG}', $this->img_lang, $this->theme[$img]) . '" ' . $width . 'alt="' . $this->lang[$alt] . '" title="' . $this->lang[$alt] . '" />';
}
return $imgs[$img];
@@ -657,9 +658,9 @@ class auth
// Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
function login($username, $password, $autologin = false)
{
global $board_config, $user, $phpEx;
global $config, $user, $phpEx;
$method = trim($board_config['auth_method']);
$method = trim($config['auth_method']);
if ( file_exists('includes/auth/auth_' . $method . '.' . $phpEx) )
{

34
phpBB/includes/topic_review.php
View File

@@ -23,7 +23,7 @@
function topic_review($topic_id, $is_inline_review)
{
global $SID, $session, $db, $board_config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path;
global $SID, $session, $db, $config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path;
global $userdata, $user_ip;
global $orig_word, $replacement_word;
global $starttime;
@@ -38,8 +38,8 @@ function topic_review($topic_id, $is_inline_review)
//
// Get topic info ...
//
$sql = "SELECT t.topic_title, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments
FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f
$sql = "SELECT t.topic_title, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments
FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f
WHERE t.topic_id = $topic_id
AND f.forum_id = t.forum_id";
if ( !($result = $db->sql_query($sql)) )
@@ -54,7 +54,7 @@ function topic_review($topic_id, $is_inline_review)
$forum_id = $forum_row['forum_id'];
$topic_title = $forum_row['topic_title'];
//
// Start session management
//
@@ -105,7 +105,7 @@ function topic_review($topic_id, $is_inline_review)
AND p.poster_id = u.user_id
AND p.post_id = pt.post_id
ORDER BY p.post_time DESC
LIMIT " . $board_config['posts_per_page'];
LIMIT " . $config['posts_per_page'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain post/user information', '', __LINE__, __FILE__, $sql);
@@ -126,7 +126,7 @@ function topic_review($topic_id, $is_inline_review)
$poster_id = $row['user_id'];
$poster = $row['username'];
$post_date = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']);
$post_date = create_date($config['default_dateformat'], $row['post_time'], $config['board_timezone']);
//
// Handle anon users posting with usernames
@@ -146,14 +146,14 @@ function topic_review($topic_id, $is_inline_review)
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
if ( !$board_config['allow_html'] && $row['enable_html'] )
if ( !$config['allow_html'] && $row['enable_html'] )
{
$message = preg_replace('#(<)([\/]?.*?)(>)#is', '&lt;\2&gt;', $message);
}
if ( $bbcode_uid != '' )
{
$message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
$message = ( $config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
}
$message = make_clickable($message);
@@ -164,7 +164,7 @@ function topic_review($topic_id, $is_inline_review)
$message = preg_replace($orig_word, $replacement_word, $message);
}
if ( $board_config['allow_smilies'] && $row['enable_smilies'] )
if ( $config['allow_smilies'] && $row['enable_smilies'] )
{
$message = smilies_pass($message);
}
@@ -179,15 +179,15 @@ function topic_review($topic_id, $is_inline_review)
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('postrow', array(
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'MINI_POST_IMG' => $mini_post_img,
'POSTER_NAME' => $poster,
'POST_DATE' => $post_date,
'POST_SUBJECT' => $post_subject,
'MINI_POST_IMG' => $mini_post_img,
'POSTER_NAME' => $poster,
'POST_DATE' => $post_date,
'POST_SUBJECT' => $post_subject,
'MESSAGE' => $message,
'L_MINI_POST_ALT' => $mini_post_alt)
);
@@ -204,7 +204,7 @@ function topic_review($topic_id, $is_inline_review)
'L_AUTHOR' => $lang['Author'],
'L_MESSAGE' => $lang['Message'],
'L_POSTED' => $lang['Posted'],
'L_POST_SUBJECT' => $lang['Post_subject'],
'L_POST_SUBJECT' => $lang['Post_subject'],
'L_TOPIC_REVIEW' => $lang['Topic_review'])
);

18
phpBB/includes/usercp_activate.php
View File

@@ -26,7 +26,7 @@ if ( !defined('IN_PHPBB') )
exit;
}
$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
FROM " . USERS_TABLE . "
WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
if ( !($result = $db->sql_query($sql)) )
@@ -49,19 +49,19 @@ if ( $row = $db->sql_fetchrow($result) )
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
WHERE user_id = " . $row['user_id'];
SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
WHERE user_id = " . $row['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
}
if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
if ( $config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
{
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\n";
$emailer->use_template('admin_welcome_activated', $row['user_lang']);
$emailer->email_address($row['user_email']);
@@ -69,10 +69,10 @@ if ( $row = $db->sql_fetchrow($result) )
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'SITENAME' => $config['sitename'],
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']))
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']))
);
$emailer->send();
$emailer->reset();
@@ -89,7 +89,7 @@ if ( $row = $db->sql_fetchrow($result) )
'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
);
$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
message_die(GENERAL_MESSAGE, $message);
}
}

44
phpBB/includes/usercp_avatar.php
View File

@@ -49,13 +49,13 @@ function check_image_type(&$type, &$error, &$error_msg)
function user_avatar_delete($avatar_type, $avatar_file)
{
global $board_config, $userdata;
global $config, $userdata;
if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
{
if ( @file_exists('./' . $board_config['avatar_path'] . '/' . $avatar_file) )
if ( @file_exists('./' . $config['avatar_path'] . '/' . $avatar_file) )
{
@unlink('./' . $board_config['avatar_path'] . '/' . $avatar_file);
@unlink('./' . $config['avatar_path'] . '/' . $avatar_file);
}
}
@@ -87,7 +87,7 @@ function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype)
{
global $board_config, $user_ip, $db, $lang;
global $config, $user_ip, $db, $lang;
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
@@ -117,7 +117,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
unset($avatar_data);
while( !@feof($fsock) )
{
$avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
$avatar_data .= @fread($fsock, $config['avatar_filesize']);
}
@fclose($fsock);
@@ -131,11 +131,11 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
$avatar_filesize = $file_data1[1];
$avatar_filetype = $file_data2[1];
if ( !$error && $avatar_filesize > 0 && $avatar_filesize < $board_config['avatar_filesize'] )
if ( !$error && $avatar_filesize > 0 && $avatar_filesize < $config['avatar_filesize'] )
{
$avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $board_config['avatar_path'] . '/tmp';
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $config['avatar_path'] . '/tmp';
$tmp_filename = tempnam($tmp_path, uniqid($user_ip) . '-');
$fptr = @fopen($tmp_filename, 'wb');
@@ -152,7 +152,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
}
else
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($config['avatar_filesize'] / 1024));
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
@@ -160,14 +160,14 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
}
else if ( $avatar_mode == 'local' && file_exists($avatar_filename) && preg_match('/\.(jpg|jpeg|gif|png)$/i', $avatar_realname) )
{
if ( $avatar_filesize <= $board_config['avatar_filesize'] && $avatar_filesize > 0 )
if ( $avatar_filesize <= $config['avatar_filesize'] && $avatar_filesize > 0 )
{
preg_match('#image\/[x\-]*([a-z]+)#', $avatar_filetype, $avatar_filetype);
$avatar_filetype = $avatar_filetype[1];
}
else
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($config['avatar_filesize'] / 1024));
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
@@ -182,21 +182,21 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
return;
}
if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
if ( $width <= $config['avatar_max_width'] && $height <= $config['avatar_max_height'] )
{
$new_filename = uniqid() . $imgtype;
if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' )
{
if ( file_exists('./' . $board_config['avatar_path'] . '/' . $current_avatar) )
if ( file_exists('./' . $config['avatar_path'] . '/' . $current_avatar) )
{
@unlink('./' . $board_config['avatar_path'] . '/' . $current_avatar);
@unlink('./' . $config['avatar_path'] . '/' . $current_avatar);
}
}
if( $avatar_mode == 'remote' )
{
@copy($tmp_filename, './' . $board_config['avatar_path'] . "/$new_filename");
@copy($tmp_filename, './' . $config['avatar_path'] . "/$new_filename");
@unlink($tmp_filename);
}
else
@@ -215,16 +215,16 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
$move_file = 'copy';
}
$move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");
$move_file($avatar_filename, './' . $config['avatar_path'] . "/$new_filename");
}
@chmod('./' . $board_config['avatar_path'] . "/$new_filename", 0777);
@chmod('./' . $config['avatar_path'] . "/$new_filename", 0777);
$avatar_sql = ( $mode == 'editprofile' ) ? ", user_avatar = '$new_filename', user_avatar_type = " . USER_AVATAR_UPLOAD : "'$new_filename', " . USER_AVATAR_UPLOAD;
}
else
{
$l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
$l_avatar_size = sprintf($lang['Avatar_imagesize'], $config['avatar_max_width'], $config['avatar_max_height']);
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
@@ -235,17 +235,17 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat)
{
global $board_config, $db, $template, $lang, $images, $theme;
global $config, $db, $template, $lang, $images, $theme;
global $phpbb_root_path, $phpEx;
$dir = @opendir($board_config['avatar_gallery_path']);
$dir = @opendir($config['avatar_gallery_path']);
$avatar_images = array();
while( $file = @readdir($dir) )
{
if( $file != '.' && $file != '..' && !is_file($board_config['avatar_gallery_path'] . '/' . $file) && !is_link($board_config['avatar_gallery_path'] . '/' . $file) )
if( $file != '.' && $file != '..' && !is_file($config['avatar_gallery_path'] . '/' . $file) && !is_link($config['avatar_gallery_path'] . '/' . $file) )
{
$sub_dir = @opendir($board_config['avatar_gallery_path'] . '/' . $file);
$sub_dir = @opendir($config['avatar_gallery_path'] . '/' . $file);
$avatar_row_count = 0;
$avatar_col_count = 0;
@@ -299,7 +299,7 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
{
$template->assign_block_vars('avatar_row.avatar_column', array(
"AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j],
"AVATAR_IMAGE" => $config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j],
"AVATAR_NAME" => $avatar_name[$category][$i][$j])
);

38
phpBB/includes/usercp_email.php
View File

@@ -1,6 +1,6 @@
<?php
/***************************************************************************
* usercp_email.php
* usercp_email.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
@@ -40,20 +40,20 @@ if ( $userdata['user_id'] == ANONYMOUS )
exit;
}
$sql = "SELECT username, user_email, user_viewemail, user_lang
FROM " . USERS_TABLE . "
$sql = "SELECT username, user_email, user_viewemail, user_lang
FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
$username = $row['username'];
$user_email = $row['user_email'];
$user_email = $row['user_email'];
$user_lang = $row['user_lang'];
if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
{
if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] )
if ( time() - $userdata['user_emailtime'] < $config['flood_interval'] )
{
message_die(MESSAGE, $lang['Flood_email_limit']);
}
@@ -84,13 +84,13 @@ if ( $row = $db->sql_fetchrow($result) )
if ( !$error )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_emailtime = " . time() . "
$sql = "UPDATE " . USERS_TABLE . "
SET user_emailtime = " . time() . "
WHERE user_id = " . $userdata['user_id'];
$result = $db->sql_query($sql);
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $userdata['user_email'] . "\n";
if ( !empty($HTTP_POST_VARS['cc_email']) )
@@ -109,10 +109,10 @@ if ( $row = $db->sql_fetchrow($result) )
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'BOARD_EMAIL' => $board_config['board_email'],
'FROM_USERNAME' => $userdata['username'],
'TO_USERNAME' => $username,
'SITENAME' => $config['sitename'],
'BOARD_EMAIL' => $config['board_email'],
'FROM_USERNAME' => $userdata['username'],
'TO_USERNAME' => $username,
'MESSAGE' => $message)
);
$emailer->send();
@@ -149,17 +149,17 @@ if ( $row = $db->sql_fetchrow($result) )
$template->assign_vars(array(
'USERNAME' => $username,
'S_POST_ACTION' => "profile.$phpEx$SID&amp;mode=email&amp;u=$user_id",
'S_POST_ACTION' => "profile.$phpEx$SID&amp;mode=email&amp;u=$user_id",
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],
'L_RECIPIENT' => $lang['Recipient'],
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],
'L_RECIPIENT' => $lang['Recipient'],
'L_SUBJECT' => $lang['Subject'],
'L_MESSAGE_BODY' => $lang['Message_body'],
'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'],
'L_MESSAGE_BODY' => $lang['Message_body'],
'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'],
'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
'L_OPTIONS' => $lang['Options'],
'L_CC_EMAIL' => $lang['CC_email'],
'L_CC_EMAIL' => $lang['CC_email'],
'L_SPELLCHECK' => $lang['Spellcheck'],
'L_SEND_EMAIL' => $lang['Send_email'])
);

486
phpBB/includes/usercp_register.php
View File

@@ -50,18 +50,26 @@ function show_coppa()
"U_AGREE_UNDER13" => "profile.$phpEx$SID&amp;mode=register&amp;agreed=true&amp;coppa=true")
);
}
function update_user($mode)
{
}
//
// ---------------------------------------
$error = FALSE;
$page_title = ( $mode == 'editprofile' ) ? $user->lang['Edit_profile'] : $user->lang['Register'];
if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) )
//
//
//
if ($mode == 'register' && $config['require_activation'] == USER_ACTIVATION_DISABLE)
{
trigger_error($user->lang['Cannot_register']);
}
//
//
//
$error = FALSE;
$page_title = ($mode == 'editprofile') ? $user->lang['Edit_profile'] : $user->lang['Register'];
if ($mode == 'register' && !isset($_POST['agreed']) && !isset($_GET['agreed']) && $config['enable_coppa'])
{
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
@@ -70,45 +78,36 @@ if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GE
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
$coppa = ( empty($HTTP_POST_VARS['coppa']) && empty($HTTP_GET_VARS['coppa']) ) ? 0 : TRUE;
$coppa = ( empty($_POST['coppa']) && empty($_GET['coppa']) ) ? 0 : TRUE;
//
// Check and initialize some variables if needed
//
if (
isset($HTTP_POST_VARS['submit']) ||
isset($HTTP_POST_VARS['avatargallery']) ||
isset($HTTP_POST_VARS['submitavatar']) ||
isset($HTTP_POST_VARS['cancelavatar']) ||
$mode == 'register' )
if (isset($_POST['submit']) || $mode == 'register')
{
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
if ( $mode == 'editprofile' )
if ($mode == 'editprofile')
{
$user_id = intval($HTTP_POST_VARS['user_id']);
$current_email = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['current_email'])));
$user_id = intval($_POST['user_id']);
$current_email = trim(strip_tags(htmlspecialchars($_POST['current_email'])));
}
$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
while( list($var, $param) = @each($strip_var_list) )
foreach ($strip_var_list as $var => $param)
{
if ( !empty($HTTP_POST_VARS[$param]) )
if ( !empty($_POST[$param]) )
{
$$var = trim(strip_tags($HTTP_POST_VARS[$param]));
$$var = trim(strip_tags($_POST[$param]));
}
}
$trim_var_list = array('password_current' => 'cur_password', 'password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');
while( list($var, $param) = @each($trim_var_list) )
foreach ($strip_var_list as $var => $param)
{
if ( !empty($HTTP_POST_VARS[$param]) )
if ( !empty($_POST[$param]) )
{
$$var = trim($HTTP_POST_VARS[$param]);
$$var = trim($_POST[$param]);
}
}
@@ -120,36 +119,36 @@ if (
// empty strings if they fail.
validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
$viewemail = ( isset($HTTP_POST_VARS['viewemail']) ) ? ( ($HTTP_POST_VARS['viewemail']) ? TRUE : 0 ) : 0;
$allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
$popuppm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
$viewemail = ( isset($_POST['viewemail']) ) ? ( ($_POST['viewemail']) ? TRUE : 0 ) : 0;
$allowviewonline = ( isset($_POST['hideonline']) ) ? ( ($_POST['hideonline']) ? 0 : TRUE ) : TRUE;
$notifyreply = ( isset($_POST['notifyreply']) ) ? ( ($_POST['notifyreply']) ? TRUE : 0 ) : 0;
$notifypm = ( isset($_POST['notifypm']) ) ? ( ($_POST['notifypm']) ? TRUE : 0 ) : TRUE;
$popuppm = ( isset($_POST['popup_pm']) ) ? ( ($_POST['popup_pm']) ? TRUE : 0 ) : TRUE;
if ( $mode == 'register' )
{
$attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $board_config['allow_sig'];
$attachsig = ( isset($_POST['attachsig']) ) ? ( ($_POST['attachsig']) ? TRUE : 0 ) : $config['allow_sig'];
$allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $board_config['allow_html'];
$allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $board_config['allow_bbcode'];
$allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $board_config['allow_smilies'];
$allowhtml = ( isset($_POST['allowhtml']) ) ? ( ($_POST['allowhtml']) ? TRUE : 0 ) : $config['allow_html'];
$allowbbcode = ( isset($_POST['allowbbcode']) ) ? ( ($_POST['allowbbcode']) ? TRUE : 0 ) : $config['allow_bbcode'];
$allowsmilies = ( isset($_POST['allowsmilies']) ) ? ( ($_POST['allowsmilies']) ? TRUE : 0 ) : $config['allow_smilies'];
}
else
{
$attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : 0;
$attachsig = ( isset($_POST['attachsig']) ) ? ( ($_POST['attachsig']) ? TRUE : 0 ) : 0;
$allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $userdata['user_allowhtml'];
$allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $userdata['user_allowbbcode'];
$allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $userdata['user_allowsmiles'];
$allowhtml = ( isset($_POST['allowhtml']) ) ? ( ($_POST['allowhtml']) ? TRUE : 0 ) : $user->data['user_allowhtml'];
$allowbbcode = ( isset($_POST['allowbbcode']) ) ? ( ($_POST['allowbbcode']) ? TRUE : 0 ) : $user->data['user_allowbbcode'];
$allowsmilies = ( isset($_POST['allowsmilies']) ) ? ( ($_POST['allowsmilies']) ? TRUE : 0 ) : $user->data['user_allowsmiles'];
}
$user_style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : $board_config['default_style'];
$user_style = ( isset($_POST['style']) ) ? intval($_POST['style']) : $config['default_style'];
if ( !empty($HTTP_POST_VARS['language']) )
if ( !empty($_POST['language']) )
{
if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) )
if ( preg_match('/^[a-z_]+$/i', $_POST['language']) )
{
$user_lang = $HTTP_POST_VARS['language'];
$user_lang = $_POST['language'];
}
else
{
@@ -159,63 +158,23 @@ if (
}
else
{
$user_lang = $board_config['default_lang'];
$user_lang = $config['default_lang'];
}
$user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim($HTTP_POST_VARS['dateformat']) : $board_config['default_dateformat'];
$user_timezone = ( isset($_POST['timezone']) ) ? doubleval($_POST['timezone']) : $config['board_timezone'];
$user_dateformat = ( !empty($_POST['dateformat']) ) ? trim($_POST['dateformat']) : $config['default_dateformat'];
$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim($HTTP_POST_VARS['avatarremoteurl']) : '';
$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
$user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
$user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
$user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
$user_avatar = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
$user_avatar_type = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';
if ( isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar']) )
{
$username = stripslashes($username);
$email = stripslashes($email);
$password = '';
$password_confirm = '';
$icq = stripslashes($icq);
$aim = stripslashes($aim);
$msn = stripslashes($msn);
$yim = stripslashes($yim);
$website = stripslashes($website);
$location = stripslashes($location);
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$signature = stripslashes($signature);
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
if ( !isset($HTTP_POST_VARS['cancelavatar']))
{
$user_avatar = $user_avatar_local;
$user_avatar_type = USER_AVATAR_GALLERY;
}
}
}
//
// Did the user submit? In this case build a query to update the users profile in the DB
//
if ( isset($HTTP_POST_VARS['submit']) )
if (isset($_POST['submit']))
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
$passwd_sql = '';
if ( $mode == 'editprofile' )
{
if ( $user_id != $userdata['user_id'] )
if ( $user_id != $user->data['user_id'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $user->lang['Wrong_Profile'];
@@ -251,10 +210,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$sql = "SELECT user_password
FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
@@ -279,21 +235,20 @@ if ( isset($HTTP_POST_VARS['submit']) )
}
else
{
$password = $userdata['user_password'];
$password = $user->data['user_password'];
}
//
// Do a ban check on this email address
//
if ( $email != $userdata['user_email'] || $mode == 'register' )
if ( $email != $user->data['user_email'] || $mode == 'register' )
{
$result = validate_email($email);
if ( $result['error'] )
if (($result = validate_email($email)) != false)
{
$email = $userdata['user_email'];
$email = $user->data['user_email'];
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result;
}
if ( $mode == 'editprofile' )
@@ -301,16 +256,13 @@ if ( isset($HTTP_POST_VARS['submit']) )
$sql = "SELECT user_password
FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
if ( $row['user_password'] != md5($password_current) )
{
$email = $userdata['user_email'];
$email = $user->data['user_email'];
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $user->lang['Current_password_mismatch'];
@@ -319,31 +271,30 @@ if ( isset($HTTP_POST_VARS['submit']) )
}
$username_sql = '';
if ( $board_config['allow_namechange'] || $mode == 'register' )
if ( $config['allow_namechange'] || $mode == 'register' )
{
if ( empty($username) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $user->lang['Username_disallowed'];
}
else if ( $username != $userdata['username'] || $mode == 'register' )
else if ( $username != $user->data['username'] || $mode == 'register' )
{
$result = validate_username($username);
if ( $result['error'] )
if (($result = validate_username($username)) != false)
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result;
}
else
{
$username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
$username_sql = "username = '" . sql_quote($username) . "', ";
}
}
}
if ( $signature != '' )
{
if ( strlen($signature) > $board_config['max_sig_chars'] )
if ( strlen($signature) > $config['max_sig_chars'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $user->lang['Signature_too_long'];
@@ -351,46 +302,14 @@ if ( isset($HTTP_POST_VARS['submit']) )
if ( $signature_bbcode_uid == '' )
{
$signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
// $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
}
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
}
if ( isset($HTTP_POST_VARS['avatardel']) && $mode == 'editprofile' )
{
$avatar_sql = user_avatar_delete($userdata['avatar_type'], $userdata['avatar_file']);
}
else if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
{
$l_avatar_size = sprintf($user->lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
$error = true;
$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $l_avatar_size;
}
}
else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] )
{
$avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
}
else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
{
$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);
}
else
{
$avatar_sql = array('data' => '', 'type' => USER_AVATAR_NONE);
// $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
}
if ( !$error )
{
if ( ( ( $mode == 'editprofile' && $userdata['user_level'] != ADMIN && $email != $current_email ) || ( $mode == 'register' || $coppa ) ) && ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) )
if ( ( ( $mode == 'editprofile' && $auth->acl_get('a_') && $email != $current_email ) || ( $mode == 'register' || $coppa ) ) && ( $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN ) )
{
$user_actkey = gen_rand_string(true);
$key_len = 54 - (strlen($server_url));
@@ -399,9 +318,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
$user_actkey = substr($user_actkey, 0, $key_len);
$user_active = 0;
if ( $userdata['user_id'] != ANONYMOUS )
if ( $user->data['user_id'] != ANONYMOUS )
{
session_end($userdata['session_id'], $userdata['user_id']);
$user->destroy();
}
}
else
@@ -446,12 +365,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
'user_actkey' => $user_actkey
);
if ( $mode == 'editprofile' )
if ($mode == 'editprofile')
{
if ( !($result = $db->sql_query_array('UPDATE ' . USERS_TABLE . ' SET WHERE user_id = ' . $user_id, &$sql_ary, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
}
$db->sql_query_array('UPDATE ' . USERS_TABLE . ' SET WHERE user_id = ' . $user_id, &$sql_ary);
if ( !$user_active )
{
@@ -459,9 +375,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
// The users account has been deactivated, send them an email with a new activation key
//
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = "From: " . $board_config['board_email'] . "\r\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$email_headers = "From: " . $config['board_email'] . "\r\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template('user_activate', stripslashes($user_lang));
$emailer->email_address($email);
@@ -469,9 +385,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'SITENAME' => $config['sitename'],
'USERNAME' => $username,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
@@ -488,61 +404,51 @@ if ( isset($HTTP_POST_VARS['submit']) )
$template->assign_vars(array(
"META" => '<meta http-equiv="refresh" content="5;url=' . "index.$phpEx$SID" . '">')
);
message_die(GENERAL_MESSAGE, $message);
trigger_error($message);
}
else
{
if ( !($result = $db->sql_query_array('INSERT INTO ' . USERS_TABLE, &$sql_ary, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
}
$db->sql_transaction();
$db->sql_query_array('INSERT INTO ' . USERS_TABLE, &$sql_ary);
$user_id = $db->sql_nextid();
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
VALUES ('', 'Personal User', 1, 0)";
if ( !($result = $db->sql_query($sql)) )
// Place into appropriate group, either REGISTERED or INACTIVE depending on config
$group_name = ( $config['require_activation'] == USER_ACTIVATION_NONE ) ? 'REGISTERED' : 'REGISTERED_INACTIVE';
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) SELECT $user_id, group_id, 0 FROM " . GROUPS_TABLE . " WHERE group_name = '$group_name'";
$result = $db->sql_query($sql);
if ($config['require_activation'] == USER_ACTIVATION_NONE)
{
message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
// Sync config
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = $user_id
WHERE config_name = 'newest_user_id'";
$db->sql_query($sql);
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$username'
WHERE config_name = 'newest_username'";
$db->sql_query($sql);
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = " . ($config['num_users'] + 1) . "
WHERE config_name = 'num_users'";
$db->sql_query($sql);
}
$group_id = $db->sql_nextid();
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
VALUES ($user_id, $group_id, 0)";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
}
$user_update_id = "UPDATE " . CONFIG_TABLE . "
SET config_value = $user_id
WHERE config_name = 'newest_user_id'";
$user_update_name = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$username'
WHERE config_name = 'newest_username'";
$user_update_count = "UPDATE " . CONFIG_TABLE . "
SET config_value = " . ($board_config['num_users'] + 1) . "
WHERE config_name = 'num_users'";
if( !$db->sql_query($user_update_id) ||
!$db->sql_query($user_update_name) ||
!$db->sql_query($user_update_count, END_TRANSACTION) )
{
message_die(GENERAL_ERROR, 'Could not update user count information!', '', __LINE__, __FILE__);
}
$db->sql_transaction('commit');
if ( $coppa )
{
$message = $user->lang['COPPA'];
$email_template = 'coppa_welcome_inactive';
}
else if ( $board_config['require_activation'] == USER_ACTIVATION_SELF )
else if ( $config['require_activation'] == USER_ACTIVATION_SELF )
{
$message = $user->lang['Account_inactive'];
$email_template = 'user_welcome_inactive';
}
else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
else if ( $config['require_activation'] == USER_ACTIVATION_ADMIN )
{
$message = $user->lang['Account_inactive_admin'];
$email_template = 'admin_welcome_inactive';
@@ -554,28 +460,28 @@ if ( isset($HTTP_POST_VARS['submit']) )
}
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$email_headers = "From: " . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template($email_template, stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject();//sprintf($user->lang['Welcome_subject'], $board_config['sitename'])
$emailer->set_subject();//sprintf($user->lang['Welcome_subject'], $config['sitename'])
$emailer->extra_headers($email_headers);
if( $coppa )
if ($coppa)
{
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $board_config['sitename']),
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']),
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey,
'FAX_INFO' => $board_config['coppa_fax'],
'MAIL_INFO' => $board_config['coppa_mail'],
'FAX_INFO' => $config['coppa_fax'],
'MAIL_INFO' => $config['coppa_mail'],
'EMAIL_ADDRESS' => $email,
'ICQ' => $icq,
'AIM' => $aim,
@@ -585,16 +491,16 @@ if ( isset($HTTP_POST_VARS['submit']) )
'FROM' => $location,
'OCC' => $occupation,
'INTERESTS' => $interests,
'SITENAME' => $board_config['sitename']));
'SITENAME' => $config['sitename']));
}
else
{
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $board_config['sitename']),
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']),
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
@@ -603,16 +509,16 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->send();
$emailer->reset();
if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
if ( $config['require_activation'] == USER_ACTIVATION_ADMIN )
{
$emailer->use_template("admin_activate", stripslashes($user_lang));
$emailer->email_address($board_config['board_email']);
$emailer->email_address($config['board_email']);
$emailer->set_subject(); //$user->lang['New_account_subject']
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'USERNAME' => $username,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
@@ -651,79 +557,57 @@ if ( $error )
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
}
else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
else if ( $mode == 'editprofile' )
{
$user_id = $userdata['user_id'];
$username = htmlspecialchars($userdata['username']);
$email = $userdata['user_email'];
$user_id = $user->data['user_id'];
$username = htmlspecialchars($user->data['username']);
$email = $user->data['user_email'];
$password = '';
$password_confirm = '';
$icq = $userdata['user_icq'];
$aim = htmlspecialchars(str_replace('+', ' ', $userdata['user_aim']));
$msn = htmlspecialchars($userdata['user_msnm']);
$yim = htmlspecialchars($userdata['user_yim']);
$icq = $user->data['user_icq'];
$aim = htmlspecialchars(str_replace('+', ' ', $user->data['user_aim']));
$msn = htmlspecialchars($user->data['user_msnm']);
$yim = htmlspecialchars($user->data['user_yim']);
$website = htmlspecialchars($userdata['user_website']);
$location = htmlspecialchars($userdata['user_from']);
$occupation = htmlspecialchars($userdata['user_occ']);
$interests = htmlspecialchars($userdata['user_interests']);
$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
$signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/\:(([a-z0-9]:)?)$signature_bbcode_uid/si", '', $userdata['user_sig']) : $userdata['user_sig'];
$website = htmlspecialchars($user->data['user_website']);
$location = htmlspecialchars($user->data['user_from']);
$occupation = htmlspecialchars($user->data['user_occ']);
$interests = htmlspecialchars($user->data['user_interests']);
$signature_bbcode_uid = $user->data['user_sig_bbcode_uid'];
$signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/\:(([a-z0-9]:)?)$signature_bbcode_uid/si", '', $user->data['user_sig']) : $user->data['user_sig'];
$viewemail = $userdata['user_viewemail'];
$notifypm = $userdata['user_notify_pm'];
$popuppm = $userdata['user_popup_pm'];
$notifyreply = $userdata['user_notify'];
$attachsig = $userdata['user_attachsig'];
$allowhtml = $userdata['user_allowhtml'];
$allowbbcode = $userdata['user_allowbbcode'];
$allowsmilies = $userdata['user_allowsmile'];
$allowviewonline = $userdata['user_allow_viewonline'];
$viewemail = $user->data['user_viewemail'];
$notifypm = $user->data['user_notify_pm'];
$popuppm = $user->data['user_popup_pm'];
$notifyreply = $user->data['user_notify'];
$attachsig = $user->data['user_attachsig'];
$allowhtml = $user->data['user_allowhtml'];
$allowbbcode = $user->data['user_allowbbcode'];
$allowsmilies = $user->data['user_allowsmile'];
$allowviewonline = $user->data['user_allow_viewonline'];
$user_avatar = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar'] : '';
$user_avatar_type = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar_type'] : USER_AVATAR_NONE;
$user_style = $userdata['user_style'];
$user_lang = $userdata['user_lang'];
$user_timezone = $userdata['user_timezone'];
$user_dateformat = $userdata['user_dateformat'];
$user_style = $user->data['user_style'];
$user_lang = $user->data['user_lang'];
$user_timezone = $user->data['user_timezone'];
$user_dateformat = $user->data['user_dateformat'];
}
//
// Default pages
//
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
make_jumpbox('viewforum.'.$phpEx);
if ( $mode == 'editprofile' )
{
if ( $user_id != $userdata['user_id'] )
if ( $user_id != $user->data['user_id'] )
{
$error = TRUE;
$error_msg = $user->lang['Wrong_Profile'];
}
}
if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? $HTTP_POST_VARS['avatarcategory'] : '';
$template->set_filenames(array(
'body' => 'profile_avatar_gallery.html')
);
$allowviewonline = !$allowviewonline;
display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popuppm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat);
}
else
{
if ( !isset($coppa) )
{
$coppa = FALSE;
@@ -731,37 +615,20 @@ else
if ( !isset($user_template) )
{
$selected_template = $board_config['system_template'];
$selected_template = $config['system_template'];
}
$signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature);
$avatar_img = '';
if ( $user_avatar_type )
{
switch( $user_avatar_type )
{
case USER_AVATAR_UPLOAD:
$avatar_img = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />' : '';
break;
case USER_AVATAR_REMOTE:
$avatar_img = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $user_avatar . '" alt="" />' : '';
break;
case USER_AVATAR_GALLERY:
$avatar_img = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />' : '';
break;
}
}
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
if( $mode == 'editprofile' )
{
$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';
$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $user->data['user_id'] . '" />';
//
// Send the users current email address. If they change it, and account activation is turned on
// the user account will be disabled and the user will have to reactivate their account.
//
$s_hidden_fields .= '<input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />';
$s_hidden_fields .= '<input type="hidden" name="current_email" value="' . $user->data['user_email'] . '" />';
}
if ( !empty($user_avatar_local) )
@@ -769,30 +636,15 @@ else
$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
}
$html_status = ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $user->lang['HTML_is_ON'] : $user->lang['HTML_is_OFF'];
$bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode'] ) ? $user->lang['BBCode_is_ON'] : $user->lang['BBCode_is_OFF'];
$smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $user->lang['Smilies_are_ON'] : $user->lang['Smilies_are_OFF'];
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.html')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
$template->set_filenames(array(
'body' => 'profile_add_body.html')
);
$html_status = ( $user->data['user_allowhtml'] && $config['allow_html'] ) ? $user->lang['HTML_is_ON'] : $user->lang['HTML_is_OFF'];
$bbcode_status = ( $user->data['user_allowbbcode'] && $config['allow_bbcode'] ) ? $user->lang['BBCode_is_ON'] : $user->lang['BBCode_is_OFF'];
$smilies_status = ( $user->data['user_allowsmile'] && $config['allow_smilies'] ) ? $user->lang['Smilies_are_ON'] : $user->lang['Smilies_are_OFF'];
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
//
$form_enctype = ( @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @ini_get('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off'|| !$config['allow_avatar_upload']) ? '' : 'enctype="multipart/form-data"';
$template->assign_vars(array(
'USERNAME' => $username,
@@ -824,9 +676,6 @@ else
'ALWAYS_ALLOW_HTML_NO' => ( !$allowhtml ) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_SMILIES_YES' => ( $allowsmilies ) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_SMILIES_NO' => ( !$allowsmilies ) ? 'checked="checked"' : '',
'ALLOW_AVATAR' => $board_config['allow_avatar_upload'],
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $board_config['avatar_filesize'],
'LANGUAGE_SELECT' => language_select($user_lang, 'language'),
'STYLE_SELECT' => style_select($user_style, 'style'),
'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'),
@@ -864,20 +713,8 @@ else
'L_HIDE_USER' => $user->lang['Hide_user'],
'L_ALWAYS_ADD_SIGNATURE' => $user->lang['Always_add_sig'],
'L_AVATAR_PANEL' => $user->lang['Avatar_panel'],
'L_AVATAR_EXPLAIN' => sprintf($user->lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], (round($board_config['avatar_filesize'] / 1024))),
'L_UPLOAD_AVATAR_FILE' => $user->lang['Upload_Avatar_file'],
'L_UPLOAD_AVATAR_URL' => $user->lang['Upload_Avatar_URL'],
'L_UPLOAD_AVATAR_URL_EXPLAIN' => $user->lang['Upload_Avatar_URL_explain'],
'L_AVATAR_GALLERY' => $user->lang['Select_from_gallery'],
'L_SHOW_GALLERY' => $user->lang['View_avatar_gallery'],
'L_LINK_REMOTE_AVATAR' => $user->lang['Link_remote_Avatar'],
'L_LINK_REMOTE_AVATAR_EXPLAIN' => $user->lang['Link_remote_Avatar_explain'],
'L_DELETE_AVATAR' => $user->lang['Delete_Image'],
'L_CURRENT_IMAGE' => $user->lang['Current_Image'],
'L_SIGNATURE' => $user->lang['Signature'],
'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['Signature_explain'], $board_config['max_sig_chars']),
'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['Signature_explain'], $config['max_sig_chars']),
'L_NOTIFY_ON_REPLY' => $user->lang['Always_notify'],
'L_NOTIFY_ON_REPLY_EXPLAIN' => $user->lang['Always_notify_explain'],
'L_NOTIFY_ON_PRIVMSG' => $user->lang['Notify_on_privmsg'],
@@ -892,22 +729,19 @@ else
'L_EMAIL_ADDRESS' => $user->lang['Email_address'],
'S_PROFILE_EDIT' => ( $mode == 'editprofile' ) ? true : false,
'S_DISPLAY_AVATAR_BLOCK' => ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) ) ? true : false,
'S_DISPLAY_AVATAR_UPLOAD' => ( $board_config['allow_avatar_upload'] && file_exists('./' . $board_config['avatar_path']) && $form_enctype != '' ) ? true : false,
'S_DISPLAY_AVATAR_URL' => ( $board_config['allow_avatar_upload'] && file_exists('./' . $board_config['avatar_path']) ) ? true : false,
'S_DISPLAY_AVATAR_REMOTE' => ( $board_config['allow_avatar_remote'] ) ? true : false,
'S_DISPLAY_AVATAR_GALLERY' => ( $board_config['allow_avatar_local'] && file_exists('./' . $board_config['avatar_gallery_path']) ) ? true : false,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_FORM_ENCTYPE' => $form_enctype,
'S_PROFILE_ACTION' => "profile.$phpEx$SID")
);
//
// This is another cheat using the block_var capability
// of the templates to 'fake' an IF...ELSE...ENDIF solution
// it works well :)
//
}
//
//
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'profile_add_body.html')
);
make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

22
phpBB/includes/usercp_sendpasswd.php
View File

@@ -32,9 +32,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
$sql = "SELECT user_id, username, user_email, user_active, user_lang
FROM " . USERS_TABLE . "
WHERE user_email = '" . str_replace("\'", "''", $email) . "'
$sql = "SELECT user_id, username, user_email, user_active, user_lang
FROM " . USERS_TABLE . "
WHERE user_email = '" . str_replace("\'", "''", $email) . "'
AND username = '" . str_replace("\'", "''", $username) . "'";
if ( $result = $db->sql_query($sql) )
{
@@ -52,9 +52,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
$key_len = ( $str_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_password = gen_rand_string(false);
$sql = "UPDATE " . USERS_TABLE . "
SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'
$sql = "UPDATE " . USERS_TABLE . "
SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'
WHERE user_id = " . $row['user_id'];
if ( !$db->sql_query($sql) )
{
@@ -62,9 +62,9 @@ if ( isset($HTTP_POST_VARS['submit']) )
}
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template('user_activate_passwd', $row['user_lang']);
$emailer->email_address($row['user_email']);
@@ -72,10 +72,10 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'SITENAME' => $config['sitename'],
'USERNAME' => $username,
'PASSWORD' => $user_password,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey")
);
@@ -120,7 +120,7 @@ $template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
'L_SEND_PASSWORD' => $lang['Send_password'],
'L_SEND_PASSWORD' => $lang['Send_password'],
'L_ITEMS_REQUIRED' => $lang['Items_required'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'L_SUBMIT' => $lang['Submit'],

8
phpBB/includes/usercp_viewprofile.php
View File

@@ -83,13 +83,13 @@ if ( $profiledata['user_avatar_type'] && $profiledata['user_allowavatar'] )
switch( $profiledata['user_avatar_type'] )
{
case USER_AVATAR_UPLOAD:
$avatar_img = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
$avatar_img = ( $config['allow_avatar_upload'] ) ? '<img src="' . $config['avatar_path'] . '/' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
break;
case USER_AVATAR_REMOTE:
$avatar_img = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
$avatar_img = ( $config['allow_avatar_remote'] ) ? '<img src="' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
break;
case USER_AVATAR_GALLERY:
$avatar_img = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
$avatar_img = ( $config['allow_avatar_local'] ) ? '<img src="' . $config['avatar_gallery_path'] . '/' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
break;
}
}
@@ -121,7 +121,7 @@ else
if ( $profiledata['user_viewemail'] || $auth->acl_get('a_') )
{
$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $profiledata['user_id'] : 'mailto:' . $profiledata['user_email'];
$email_uri = ( $config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $profiledata['user_id'] : 'mailto:' . $profiledata['user_email'];
$email_img = '<a href="' . $email_uri . '">' . $user->img('icon_email', $user->lang['Send_email']) . '</a>';
$email = '<a href="' . $email_uri . '">' . $user->lang['Send_email'] . '</a>';