mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-04 14:47:52 +02:00
Code Issues Releases Wiki Activity

fixed problems with usernames using html special chars, added GMT + 13 to english lang_main (yes, again. ;)), paul will slap me again... i see the trout coming, but this var has to be added.

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3616 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2003-03-09 02:03:15 +00:00
parent 3bb8fffb70
commit 72fc5decbe
4 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/admin/admin_users.php
View File

@ -216,7 +216,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
message_die(GENERAL_MESSAGE, $message);
}
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : '';
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
@ -736,7 +736,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
// Now parse and display it as a template
//
$user_id = $this_userdata['user_id'];
$username = htmlspecialchars($this_userdata['username']);
$username = $this_userdata['username'];
$email = $this_userdata['user_email'];
$password = '';
$password_confirm = '';

2
phpBB/groupcp.php
View File

@ -471,7 +471,7 @@ else if ( $group_id )
if ( isset($HTTP_POST_VARS['add']) )
{
$username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : "";
$username = ( isset($HTTP_POST_VARS['username']) ) ? htmlspecialchars($HTTP_POST_VARS['username']) : '';
$sql = "SELECT user_id, user_email, user_lang, user_level
FROM " . USERS_TABLE . "

1
phpBB/language/lang_english/lang_main.php
View File

@ -923,6 +923,7 @@ $lang['9.5'] = 'GMT + 9.5 Hours';
$lang['10'] = 'GMT + 10 Hours';
$lang['11'] = 'GMT + 11 Hours';
$lang['12'] = 'GMT + 12 Hours';
$lang['13'] = 'GMT + 13 Hours';
// These are displayed in the timezone select box
$lang['tz']['-12'] = 'GMT - 12 Hours';

2
phpBB/login.php
View File

@ -54,7 +54,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
{
if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
{
$username = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
$username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level