some bugfixes... cvs does not work very well at the moment. hope the change within the mssql schema do the job, i will test this tonight (i have to be at work in a few minutes).

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@4157 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-05-03 06:08:05 +02:00 · 2003-06-20 07:40:27 +00:00 · 2003-06-20 07:40:27 +00:00 · 692030f51f
commit 692030f51f
parent 5177807da1
8 changed files with 20 additions and 9 deletions
--- a/phpBB/admin/admin_users.php
+++ b/phpBB/admin/admin_users.php
@ -316,7 +316,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 					$error = TRUE;
 					$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
 				}
-				else if ( strtolower(str_replace("\'", "''", $username)) == strtolower($userdata['username']) )
+				else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) )
 				{
 					$error = TRUE;
 					$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_taken'];
@ -325,7 +325,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])

 			if (!$error)
 			{
-				$username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
+				$username_sql = "username = '" . str_replace("\\'", "''", $username) . "', ";
 				$rename_user = $username; // Used for renaming usergroup
 			}
 		}
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -84,7 +84,8 @@ function get_userdata($user, $force_str = false)
 	if (intval($user) == 0 || $force_str)
 	{
 		$user = trim(htmlspecialchars($user));
-		$user = substr(str_replace("\'", "'", $user), 0, 25);
+		$user = substr(str_replace("\\'", "'", $user), 0, 25);
+		$user = str_replace("'", "\\'", $user);
 	}
 	else
 	{
--- a/phpBB/includes/functions_search.php
+++ b/phpBB/includes/functions_search.php
@ -131,6 +131,8 @@ function add_search_words($mode, $post_id, $post_text, $post_title = '')
 	$search_raw_words['text'] = split_words(clean_words('post', $post_text, $stopword_array, $synonym_array));
 	$search_raw_words['title'] = split_words(clean_words('post', $post_title, $stopword_array, $synonym_array));

+	@set_time_limit(0);
+
 	$word = array();
 	$word_insert_sql = array();
 	while ( list($word_in, $search_matches) = @each($search_raw_words) )
@ -256,7 +258,7 @@ function add_search_words($mode, $post_id, $post_text, $post_title = '')

 		if ( $match_sql != '' )
 		{
-			$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) 
+			$sql = "INSERT IGNORE INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) 
 				SELECT $post_id, word_id, $title_match  
 					FROM " . SEARCH_WORD_TABLE . " 
 					WHERE word_text IN ($match_sql)"; 
--- a/phpBB/includes/usercp_register.php
+++ b/phpBB/includes/usercp_register.php
@ -627,7 +627,6 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				}

 				$emailer->use_template("admin_activate", $board_config['default_lang']);
-				$emailer->email_address($lang['New_account_subject'] . ':;');
 				$emailer->set_subject($lang['New_account_subject']);

 				$emailer->assign_vars(array(
--- a/phpBB/install/schemas/mssql_schema.sql
+++ b/phpBB/install/schemas/mssql_schema.sql
@ -412,7 +412,7 @@ GO
 ALTER TABLE [phpbb_confirm] WITH NOCHECK ADD
 	CONSTRAINT [PK_phpbb_confirm] PRIMARY KEY  CLUSTERED
 	(
-		[session_id,confirm_id]
+		[session_id, confirm_id]
 	)  ON [PRIMARY]
 GO

--- a/phpBB/install/update_to_205.php
+++ b/phpBB/install/update_to_205.php
@ -499,7 +499,7 @@ switch ($row['config_value'])
 			case 'mssql':
 			case 'mssql-odbc':
 				$sql[] = 'CREATE TABLE [' . $table_prefix . 'confirm] ([confirm_id] [char] (32) NOT NULL , [session_id] [char] (32) NOT NULL , [code] [char] (6) NOT NULL ) ON [PRIMARY]';
-				$sql[] = 'ALTER TABLE [' . $table_prefix . 'confirm] WITH NOCHECK ADD CONSTRAINT [PK_' . $table_prefix . 'confirm] PRIMARY KEY  CLUSTERED ( [session_id,confirm_id])  ON [PRIMARY]';
+				$sql[] = 'ALTER TABLE [' . $table_prefix . 'confirm] WITH NOCHECK ADD CONSTRAINT [PK_' . $table_prefix . 'confirm] PRIMARY KEY  CLUSTERED ( [session_id, confirm_id])  ON [PRIMARY]';
 				$sql[] = 'ALTER TABLE [' . $table_prefix . 'confirm] WITH NOCHECK ADD CONSTRAINT [DF_' . $table_prefix . 'confirm_confirm_id] DEFAULT (\'\') FOR [confirm_id], CONSTRAINT [DF_' . $table_prefix . 'confirm_session_id] DEFAULT (\'\') FOR [session_id], CONSTRAINT [DF_' . $table_prefix . 'confirm_code] DEFAULT (\'\') FOR [code]';
 				break;

--- a/phpBB/login.php
+++ b/phpBB/login.php
@ -55,12 +55,13 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 	if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
 	{
 		$username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : '';
-		$username = substr(str_replace("\'", "'", $username), 0, 25);
+		$username = substr(str_replace("\\'", "'", $username), 0, 25);
+		$username = str_replace("'", "\\'", $username);
 		$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';

 		$sql = "SELECT user_id, username, user_password, user_active, user_level
 			FROM " . USERS_TABLE . "
-			WHERE username = '" . str_replace("\'", "''", $username) . "'";
+			WHERE username = '" . str_replace("\\'", "''", $username) . "'";
 		if ( !($result = $db->sql_query($sql)) )
 		{
 			message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -37,11 +37,19 @@ else if ( isset($HTTP_GET_VARS['topic']) )
 {
 	$topic_id = intval($HTTP_GET_VARS['topic']);
 }
+else
+{
+	$topic_id = 0;
+}

 if ( isset($HTTP_GET_VARS[POST_POST_URL]))
 {
 	$post_id = intval($HTTP_GET_VARS[POST_POST_URL]);
 }
+else
+{
+	$post_id = 0;
+}

 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;