mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-03 14:17:56 +02:00
Code Issues Releases Wiki Activity

Merge commit 'release-3.0-RC4'

Browse Source
This commit is contained in:
Nils Adermann 2010-03-02 01:05:36 +01:00
commit 75e7ffc317
217 changed files with 5009 additions and 1576 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
phpBB/adm/index.php
View File

@ -15,7 +15,7 @@ define('ADMIN_START', true);
define('NEED_SID', true);
// Include files
$phpbb_root_path = './../';
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
require($phpbb_root_path . 'common.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
@ -27,12 +27,6 @@ $auth->acl($user->data);
$user->setup('acp/common');
// End session management
// Did user forget to login? Give 'em a chance to here ...
if ($user->data['user_id'] == ANONYMOUS)
{
login_box('', $user->lang['LOGIN_ADMIN'], $user->lang['LOGIN_ADMIN_SUCCESS'], true);
}
// Have they authenticated (again) as an admin for this session?
if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
{
@ -43,7 +37,7 @@ if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
// check specific permissions but this is a catchall
if (!$auth->acl_get('a_'))
{
trigger_error($user->lang['NO_ADMIN']);
trigger_error('NO_ADMIN');
}
// We define the admin variables now, because the user is now able to use the admin related features...
@ -147,6 +141,8 @@ function adm_page_header($page_title)
'S_USER_LANG' => $user->lang['USER_LANG'],
'S_CONTENT_DIRECTION' => $user->lang['DIRECTION'],
'S_CONTENT_ENCODING' => 'UTF-8',
'S_CONTENT_FLOW_BEGIN' => ($user->lang['DIRECTION'] == 'ltr') ? 'left' : 'right',
'S_CONTENT_FLOW_END' => ($user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
));
// application/xhtml+xml not used because of IE

2
phpBB/adm/style/acp_attachments.html
View File

@ -3,7 +3,7 @@
<a name="maincontent"></a>
<!-- IF U_BACK -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<!-- ENDIF -->
<h1>{L_TITLE}</h1>

5
phpBB/adm/style/acp_ban.html
View File

@ -71,14 +71,19 @@
<input class="button1" type="submit" id="bansubmit" name="bansubmit" value="{L_SUBMIT}" />&nbsp;
<input class="button2" type="reset" id="banreset" name="banreset" value="{L_RESET}" />
</p>
</fieldset>
</form>
<br /><br />
<h1>{L_UNBAN_TITLE}</h1>
<p>{L_UNBAN_EXPLAIN}</p>
<form id="acp_unban" method="post" action="{U_ACTION}">
<fieldset>
<legend>{L_UNBAN_TITLE}</legend>

2
phpBB/adm/style/acp_bbcodes.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT_BBCODE -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_ACP_BBCODES}</h1>

10
phpBB/adm/style/acp_board.html
View File

@ -37,12 +37,12 @@
{auth_tpl.TPL}
<!-- END auth_tpl -->
<!-- ENDIF -->
</fieldset>
<fieldset class="submit-buttons">
<legend>{L_SUBMIT}</legend>
<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
<p class="submit-buttons">
<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
</p>
</fieldset>
</form>

6
phpBB/adm/style/acp_bots.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT_BOT -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -85,11 +85,11 @@
</tbody>
</table>
<fieldset class="quick" style="float: left;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
<input class="button2" name="add" type="submit" value="{L_BOT_ADD}" />
</fieldset>
<fieldset class="quick" style="float: right;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
<select name="action">{S_BOT_OPTIONS}</select>
<input class="button2" name="submit" type="submit" value="{L_SUBMIT}" />
<p class="small"><a href="#" onclick="marklist('acp_bots', 'mark', true);">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('acp_bots', 'mark', false);">{L_UNMARK_ALL}</a></p>

10
phpBB/adm/style/acp_forums.html
View File

@ -95,7 +95,7 @@
//-->
</script>
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE} :: {FORUM_NAME}</h1>
@ -120,8 +120,8 @@
<div id="type_actions">
<dl>
<dt><label for="type_action">{L_DECIDE_MOVE_DELETE_CONTENT}:</label></dt>
<dd><label><input type="radio" class="radio" id="type_action" name="type_action" value="delete" checked="checked" /> {L_DELETE_ALL_POSTS}</label></dd>
<!-- IF S_MOVE_FORUM_OPTIONS --><dd><label><input type="radio" class="radio" name="type_action" value="move" /> {L_MOVE_POSTS_TO}</label> <select name="to_forum_id">{S_MOVE_FORUM_OPTIONS}</select></dd><!-- ENDIF -->
<dd><label><input type="radio" class="radio" name="type_action" value="delete"<!-- IF not S_MOVE_FORUM_OPTIONS --> checked="checked" id="type_action"<!-- ENDIF --> /> {L_DELETE_ALL_POSTS}</label></dd>
<!-- IF S_MOVE_FORUM_OPTIONS --><dd><label><input type="radio" class="radio" name="type_action" id="type_action" value="move" checked="checked" /> {L_MOVE_POSTS_TO}</label> <select name="to_forum_id">{S_MOVE_FORUM_OPTIONS}</select></dd><!-- ENDIF -->
</dl>
</div>
<!-- ENDIF -->
@ -316,7 +316,7 @@
<!-- ELSEIF S_DELETE_FORUM -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_FORUM_DELETE}</h1>
@ -431,7 +431,7 @@
<tr>
<td style="width: 5%; text-align: center;">{forums.FOLDER_IMAGE}</td>
<td>
<!-- IF forums.FORUM_IMAGE --><div style="float: left; margin-right: 5px;">{forums.FORUM_IMAGE}</div><!-- ENDIF -->
<!-- IF forums.FORUM_IMAGE --><div style="float: {S_CONTENT_FLOW_BEGIN}; margin-right: 5px;">{forums.FORUM_IMAGE}</div><!-- ENDIF -->
<strong><!-- IF forums.S_FORUM_LINK -->{forums.FORUM_NAME}<!-- ELSE --><a href="{forums.U_FORUM}">{forums.FORUM_NAME}</a><!-- ENDIF --></strong>
<!-- IF forums.FORUM_DESCRIPTION --><br /><span>{forums.FORUM_DESCRIPTION}</span><!-- ENDIF -->
<!-- IF forums.S_FORUM_POST --><br /><br /><span>{L_TOPICS}: <strong>{forums.FORUM_TOPICS}</strong> / {L_POSTS}: <b>{forums.FORUM_POSTS}</b></span><!-- ENDIF -->

4
phpBB/adm/style/acp_groups.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_ACP_GROUPS_MANAGE}</h1>
@ -160,7 +160,7 @@
<!-- ELSEIF S_LIST -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_GROUP_MEMBERS} :: {GROUP_NAME}</h1>

4
phpBB/adm/style/acp_icons.html
View File

@ -41,7 +41,7 @@
</script>
<!-- ENDIF -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -137,7 +137,7 @@
<!-- ELSEIF S_CHOOSE_PAK -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>

10
phpBB/adm/style/acp_language.html
View File

@ -4,7 +4,7 @@
<!-- IF S_SELECT_METHOD -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_SELECT_DOWNLOAD_FORMAT}</h1>
@ -26,7 +26,7 @@
<!-- ELSEIF S_DETAILS -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_LANGUAGE_PACK_DETAILS}</h1>
@ -107,12 +107,12 @@
<form id="lang_entries" method="post" action="{U_ENTRY_ACTION}">
<!-- IF S_FROM_STORE -->
<fieldset class="quick" style="float: left;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
<input type="submit" name="remove_store" value="{L_REMOVE_FROM_STORAGE_FOLDER}" class="button2" />
</fieldset>
<!-- ENDIF -->
<fieldset class="quick" style="float: right;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
<select name="language_file">{S_LANG_OPTIONS}</select>&nbsp;<input type="submit" class="button2" name="change" value="{L_SELECT}" />
</fieldset>
@ -166,7 +166,7 @@
<!-- ELSEIF S_UPLOAD -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_UPLOAD_SETTINGS}</h1>

4
phpBB/adm/style/acp_logs.html
View File

@ -72,8 +72,8 @@
<!-- IF S_CLEARLOGS -->
<fieldset class="quick">
<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />&nbsp;
<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" /><br />
<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />&nbsp;
<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" /><br />
<p class="small"><a href="#" onclick="marklist('list', 'mark', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('list', 'mark', false); return false;">{L_UNMARK_ALL}</a></p>
</fieldset>
<!-- ENDIF -->

11
phpBB/adm/style/acp_main.html
View File

@ -77,14 +77,17 @@
<td>{L_GZIP_COMPRESSION}: </td>
<td><strong>{GZIP_COMPRESSION}</strong></td>
</tr>
<!-- IF S_TOTAL_ORPHAN -->
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td>{L_BOARD_VERSION}: </td>
<td><strong>{BOARD_VERSION}</strong></td>
<!-- IF S_TOTAL_ORPHAN -->
<td>{L_NUMBER_ORPHAN}: </td>
<td><strong>{TOTAL_ORPHAN}</strong></td>
</tr>
<!-- ELSE -->
<td>&nbsp;</td>
<td>&nbsp;</td>
<!-- ENDIF -->
</tr>
</tbody>
</table>

8
phpBB/adm/style/acp_modules.html
View File

@ -55,7 +55,7 @@
//-->
</script>
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE} :: {MODULENAME}</h1>
@ -177,7 +177,7 @@
<form id="quick" method="post" action="{U_ACTION}">
<fieldset class="quick" style="float: right;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
<input type="hidden" name="action" value="quickadd" />
<select name="quick_install">{S_INSTALL_OPTIONS}</select>
@ -188,7 +188,7 @@
<form id="module" method="post" action="{U_ACTION}">
<fieldset class="quick" style="float: left;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
<input type="hidden" name="action" value="add" />
<input type="hidden" name="module_parent_id" value="{PARENT_ID}" />
@ -198,7 +198,7 @@
</form>
<div class="clearfix">&nbsp;</div>
<div class="clearfix">&nbsp;</div><br style="clear: both;" />
<form id="mselect" method="post" action="{U_SEL_ACTION}">
<fieldset class="quick">

2
phpBB/adm/style/acp_permission_roles.html
View File

@ -22,7 +22,7 @@
<script type="text/javascript" src="style/permissions.js"></script>
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>

16
phpBB/adm/style/acp_permissions.html
View File

@ -108,7 +108,7 @@
<!-- ELSEIF S_SELECT_USERGROUP -->
<div style="float: left; width: 48%;">
<div style="float: {S_CONTENT_FLOW_BEGIN}; width: 48%;">
<!-- IF S_CAN_SELECT_USER -->
@ -138,7 +138,7 @@
<p>{L_USERNAMES_EXPLAIN}</p>
<dl>
<dd class="full"><textarea id="username" name="usernames" rows="5" cols="5" style="width: 100%; height: 60px;"></textarea></dd>
<dd class="full" style="text-align: left;"><div style="float: right;">[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</div><label><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
<dd class="full" style="text-align: left;"><div style="float: {S_CONTENT_FLOW_END};">[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</div><label><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
</dl>
</fieldset>
@ -153,7 +153,7 @@
</div>
<div style="float: right; width: 48%">
<div style="float: {S_CONTENT_FLOW_END}; width: 48%">
<!-- IF S_CAN_SELECT_GROUP -->
@ -198,7 +198,7 @@
<!-- ELSEIF S_SELECT_USERGROUP_VIEW -->
<div style="float: left; width: 48%;">
<div style="float: {S_CONTENT_FLOW_BEGIN}; width: 48%;">
<h1>{L_USERS}</h1>
@ -239,7 +239,7 @@
</div>
<div style="float: right; width: 48%">
<div style="float: {S_CONTENT_FLOW_END}; width: 48%">
<h1>{L_USERGROUPS}</h1>
@ -305,14 +305,14 @@
<br />
<fieldset class="quick" style="float: right;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
<strong>&raquo; {L_PERMISSION_TYPE}</strong>
</fieldset>
<!-- IF S_PERMISSION_DROPDOWN -->
<form id="pselect" method="post" action="{U_ACTION}">
<fieldset class="quick" style="float: left;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
{S_HIDDEN_FIELDS}
{L_SELECT_TYPE}: <select name="type">{S_PERMISSION_DROPDOWN}</select>
@ -340,7 +340,7 @@
<br /><br />
<fieldset class="quick" style="float: right;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
<input class="button1" type="submit" name="action[apply_all_permissions]" value="{L_APPLY_ALL_PERMISSIONS}" />
<input class="button2" type="button" name="cancel" value="{L_RESET}" onclick="document.forms['set-permissions'].reset(); init_colours(active_pmask + active_fmask);" />
</fieldset>

2
phpBB/adm/style/acp_php_info.html
View File

@ -6,7 +6,7 @@
<p>{L_ACP_PHP_INFO_EXPLAIN}</p>
<div style="overflow: auto; width: 99%;">
<div class="phpinfo">
{PHPINFO}
</div>

10
phpBB/adm/style/acp_profile.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -123,11 +123,11 @@
<!-- END option -->
</fieldset>
<fieldset class="quick" style="float: left;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
<input class="button1" type="submit" name="prev" value="{L_PROFILE_BASIC_OPTIONS}" />
</fieldset>
<fieldset class="quick" style="float: right">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
{S_HIDDEN_FIELDS}
<input class="button1" type="submit" name="next" value="{L_NEXT_STEP}" />
</fieldset>
@ -146,11 +146,11 @@
</fieldset>
<!-- END options -->
<fieldset class="quick" style="float: left;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
<input class="button1" type="submit" name="prev" value="{L_PROFILE_TYPE_OPTIONS}" />
</fieldset>
<fieldset class="quick" style="float: right;">
<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
{S_HIDDEN_FIELDS}
<input class="button1" type="submit" name="save" value="{L_SAVE}" />
</fieldset>

4
phpBB/adm/style/acp_prune_forums.html
View File

@ -44,7 +44,7 @@
<p>{L_LOOK_UP_FORUMS_EXPLAIN}</p>
<dl>
<dt><label for="forum">{L_LOOK_UP_FORUM}:</label></dt>
<dd><select name="f[]" multiple="multiple" size="5">{S_FORUM_OPTIONS}</select></dd>
<dd><select name="f[]" multiple="multiple" size="10">{S_FORUM_OPTIONS}</select></dd>
<dd><label><input type="checkbox" class="radio" name="all_forums" value="1" /> {L_ALL_FORUMS}</label></dd>
</dl>
@ -57,7 +57,7 @@
<!-- ELSE -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_ACP_PRUNE_FORUMS}</h1>

2
phpBB/adm/style/acp_ranks.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<script type="text/javascript">
<!--

6
phpBB/adm/style/acp_reasons.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT_REASON -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -40,7 +40,7 @@
<!-- ENDIF -->
<dl>
<dt><label for="reason_description">{L_REASON_DESCRIPTION}:</label></dt>
<dd><textarea name="reason_description" id="reason_description" rows="8">{REASON_DESCRIPTION}</textarea></dd>
<dd><textarea name="reason_description" id="reason_description" rows="8" cols="80">{REASON_DESCRIPTION}</textarea></dd>
</dl>
<!-- IF S_TRANSLATED -->
<dl>
@ -81,7 +81,7 @@
<!-- BEGIN reasons -->
<tr>
<td>
<i style="float: right; font-size: .9em;"><!-- IF reasons.S_TRANSLATED -->{L_IS_TRANSLATED}<!-- ELSE -->{L_IS_NOT_TRANSLATED}<!-- ENDIF --></i>
<i style="float: {S_CONTENT_FLOW_END}; font-size: .9em;"><!-- IF reasons.S_TRANSLATED -->{L_IS_TRANSLATED}<!-- ELSE -->{L_IS_NOT_TRANSLATED}<!-- ENDIF --></i>
<strong>{reasons.REASON_TITLE}<!-- IF reasons.S_OTHER_REASON --> *<!-- ENDIF --></strong>
<br /><span>{reasons.REASON_DESCRIPTION}</span>
</td>

12
phpBB/adm/style/acp_styles.html
View File

@ -4,7 +4,7 @@
<!-- IF S_DELETE -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -32,7 +32,7 @@
<!-- ELSEIF S_EDIT_IMAGESET -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -180,7 +180,7 @@
//-->
</script>
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_EDIT}</h1>
@ -280,7 +280,7 @@
//-->
</script>
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TEMPLATE_CACHE}</h1>
@ -328,7 +328,7 @@
<!-- ELSEIF S_EXPORT -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>
@ -455,7 +455,7 @@
<!-- ELSEIF S_DETAILS -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_TITLE}</h1>

6
phpBB/adm/style/acp_users.html
View File

@ -28,7 +28,7 @@
<!-- ELSEIF S_SELECT_FORUM -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_USER_ADMIN}</h1>
@ -52,7 +52,7 @@
<!-- ELSE -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_USER_ADMIN} :: {MANAGED_USERNAME}</h1>
@ -207,7 +207,7 @@
<!-- ELSEIF S_PERMISSIONS -->
<div style="float: right;">
<div style="float: {S_CONTENT_FLOW_END};">
<a href="{U_USER_PERMISSIONS}">&raquo; {L_SET_USERS_PERMISSIONS}</a><br />
<a href="{U_USER_FORUM_PERMISSIONS}">&raquo; {L_SET_USERS_FORUM_PERMISSIONS}</a>
</div>

4
phpBB/adm/style/acp_users_feedback.html
View File

@ -52,8 +52,8 @@
<!-- IF S_CLEARLOGS -->
<fieldset class="quick">
<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />&nbsp;
<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />
<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />&nbsp;
<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />
<p class="small"><a href="#" onclick="marklist('list', 'mark', true);">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('list', 'mark', false);">{L_UNMARK_ALL}</a></p>
</fieldset>
<!-- ENDIF -->

2
phpBB/adm/style/acp_words.html
View File

@ -4,7 +4,7 @@
<!-- IF S_EDIT_WORD -->
<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
<h1>{L_ACP_WORDS}</h1>

25
phpBB/adm/style/admin.css
View File

@ -1322,11 +1322,23 @@ fieldset.permissions .permissions-switch {
float: left;
}
fieldset.permissions .padding {
}
.permissions-switch a {
text-decoration: underline;
font-size: 0.90em;
}
.permissions-reset {
margin-top: -6px;
padding-bottom: 10px;
}
.permissions-reset a {
font-size: .8em;
}
/* Tabbed menu */
.permissions-category {
line-height: normal;
@ -1602,3 +1614,16 @@ fieldset.permissions .permissions-switch {
margin: 0;
padding: 0;
}
/* Classes for additional tasks
---------------------------------------- */
.phpinfo {
overflow: auto;
width: 99%;
direction: ltr;
}
.phpinfo td, .phpinfo th, .phpinfo h2, .phpinfo h1 {
text-align: left;
}

2
phpBB/adm/style/install_footer.html
View File

@ -18,7 +18,7 @@
// -->
<div id="page-footer">
Powered by phpBB {VERSION} &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
</div>
</div>

60
phpBB/adm/style/install_update.html
View File

@ -2,20 +2,30 @@
<script type="text/javascript">
<!--
function popup(url, width, height)
function diff_popup(url)
{
window.open(url.replace(/&amp;/g, '&'), 'diff', 'height=' + height + ',resizable=yes,scrollbars=yes,width=' + width);
window.open(url.replace(/&amp;/g, '&'), 'diff', 'height=600,resizable=yes,scrollbars=yes,width=950');
return false;
}
//-->
</script>
<!-- IF S_ERROR -->
<h1>{L_NOTICE}</h1>
<p style="color: red;">{ERROR_MSG}</p>
<div class="errorbox" style="margin-top: 0;">
<h3>{L_NOTICE}</h3>
<p>{ERROR_MSG}</p>
</div>
<!-- ENDIF -->
<!-- IF S_INTRO -->
<!-- IF S_WARNING -->
<div class="successbox" style="margin-top: 0;">
<h3>{L_NOTICE}</h3>
<p>{WARNING_MSG}</p>
</div>
<!-- ENDIF -->
<form id="install_update" method="post" action="{U_ACTION}">
<h1>{L_UPDATE_INSTALLATION}</h1>
@ -68,6 +78,12 @@
<dt><label>{L_LATEST_VERSION}</label></dt>
<dd><strong>{LATEST_VERSION}</strong></dd>
</dl>
<!-- IF PACKAGE_VERSION and not S_UP_TO_DATE -->
<dl>
<dt><label>{L_PACKAGE_UPDATES_TO}</label></dt>
<dd><strong>{PACKAGE_VERSION}</strong></dd>
</dl>
<!-- ENDIF -->
</fieldset>
<!-- IF not S_UP_TO_DATE -->
@ -185,28 +201,52 @@
<br /><span>{L_NUM_CONFLICTS}: {files.NUM_CONFLICTS}</span>
<!-- ENDIF -->
</dt>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[ <a href="{files.U_SHOW_DIFF}" onclick="popup('{files.U_SHOW_DIFF}', 700, 500); return false;">{files.L_SHOW_DIFF}</a> ]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --></dd>
<dd style="margin-left: 60%;"><!-- IF files.STATUS eq 'modified' -->&nbsp;<!-- ELSE --><!-- IF not files.S_BINARY -->[ <a href="{files.U_SHOW_DIFF}" onclick="diff_popup('{files.U_SHOW_DIFF}'); return false;">{files.L_SHOW_DIFF}</a> ]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --><!-- ENDIF --></dd>
<!-- IF files.S_CUSTOM -->
<dd style="margin-left: 60%;"><label><input type="checkbox" name="no_update[]" value="{files.FILENAME}" class="radio" /> {L_DO_NOT_UPDATE}</label></dd>
<!-- ENDIF -->
<!-- IF files.STATUS eq 'modified' -->
</dl>
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="modified[{files.FILENAME}]" value="0" checked="checked" /> {L_MERGE_MODIFICATIONS_OPTION}</label></dt>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[ <a href="{files.U_SHOW_DIFF}" onclick="diff_popup('{files.U_SHOW_DIFF}'); return false;">{files.L_SHOW_DIFF}</a> ]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --></dd>
</dl>
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="modified[{files.FILENAME}]" value="1" /> {L_MERGE_NO_MERGE_NEW_OPTION}</label></dt>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_NEW}" onclick="diff_popup('{files.U_VIEW_NO_MERGE_NEW}'); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
</dl>
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="modified[{files.FILENAME}]" value="2" /> {L_MERGE_NO_MERGE_MOD_OPTION}</label></dt>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_MOD}" onclick="diff_popup('{files.U_VIEW_NO_MERGE_MOD}'); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
</dl>
<!-- IF not files.S_LAST_ROW -->
</fieldset>
<fieldset>
<legend><img src="{T_IMAGE_PATH}file_{files.STATUS}.gif" alt="{files.L_STATUS}" /></legend>
<!-- ENDIF -->
<!-- ENDIF -->
<!-- IF files.STATUS eq 'conflict' -->
</dl>
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="1" checked="checked" /> {L_MERGE_NO_MERGE_NEW_OPTION}</label></dt>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_NEW}" onclick="popup('{files.U_VIEW_NO_MERGE_NEW}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_NEW}" onclick="diff_popup('{files.U_VIEW_NO_MERGE_NEW}'); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
</dl>
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="2" /> {L_MERGE_NO_MERGE_MOD_OPTION}</label></dt>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_MOD}" onclick="popup('{files.U_VIEW_NO_MERGE_MOD}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_MOD}" onclick="diff_popup('{files.U_VIEW_NO_MERGE_MOD}'); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
</dl>
<!-- IF not files.S_BINARY -->
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="3" /> {L_MERGE_NEW_FILE_OPTION}</label></dt>
<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_NEW_FILE}" onclick="popup('{files.U_VIEW_NEW_FILE}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_NEW_FILE}" onclick="diff_popup('{files.U_VIEW_NEW_FILE}'); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
</dl>
<dl>
<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="4" /> {L_MERGE_MOD_FILE_OPTION}</label></dt>
<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_MOD_FILE}" onclick="popup('{files.U_VIEW_MOD_FILE}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_MOD_FILE}" onclick="diff_popup('{files.U_VIEW_MOD_FILE}'); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
</dl>
<!-- ENDIF -->
<!-- IF not files.S_LAST_ROW -->
@ -218,7 +258,7 @@
<!-- ENDIF -->
<!-- ENDIF -->
<!-- IF files.STATUS neq 'conflict' --></dl><!-- ENDIF -->
<!-- IF files.STATUS neq 'conflict' and files.STATUS neq 'modified' --></dl><!-- ENDIF -->
<!-- ENDIF -->
<!-- END files -->

9
phpBB/adm/style/install_update_diff.html
View File

@ -42,11 +42,16 @@ function resize_panel()
width: 99%;
}
#diff_content {
padding: 30px 10px 10px;
}
<!-- IF DIFF_MODE neq 'side_by_side' and DIFF_MODE neq 'raw' -->
div#codepanel {
overflow: auto;
width: 100%;
height: 350px;
display: inline-block;
}
<!-- ELSE -->
div#codepanel {
@ -230,11 +235,11 @@ table.hrdiff caption span {
<div id="acp">
<div class="panel" id="codepanel">
<span class="corners-top"><span></span></span>
<div id="content">
<div id="diff_content">
<div id="main">
<!-- IF S_DIFF_CONFLICT_FILE -->
<div style="float: right;"><strong>{L_NUM_CONFLICTS}: {NUM_CONFLICTS}</strong></div>
<div style="float: {S_CONTENT_FLOW_END};"><strong>{L_NUM_CONFLICTS}: {NUM_CONFLICTS}</strong></div>
<!-- ENDIF -->
{DIFF_CONTENT}
</div>

2
phpBB/adm/style/overall_footer.html
View File

@ -19,7 +19,7 @@
<div id="page-footer">
<!-- IF S_COPYRIGHT_HTML -->
Powered by phpBB {VERSION} &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
<!-- IF TRANSLATION_INFO --><br />{TRANSLATION_INFO}<!-- ENDIF -->
<!-- ENDIF -->

2
phpBB/adm/style/overall_header.html
View File

@ -193,7 +193,7 @@ function switch_menu()
<a id="toggle-handle" accesskey="m" title="{L_MENU_TOGGLE}" onclick="switch_menu(); return false;" href="#"></a></div>
<!-- ENDIF -->
<div id="menu">
<p>{L_LOGGED_IN_AS}<br /><strong>{USERNAME}</strong> [&nbsp;<a href="{U_LOGOUT}">{L_LOGOUT}</a>&nbsp;]</p>
<p>{L_LOGGED_IN_AS}<br /><strong>{USERNAME}</strong> [&nbsp;<a href="{U_LOGOUT}">{L_LOGOUT}</a>&nbsp;]</p>
<ul>
<!-- BEGIN l_block1 -->
<!-- IF l_block1.S_SELECTED -->

15
phpBB/adm/style/permission_mask.html
View File

@ -18,7 +18,7 @@
<!-- BEGIN p_mask -->
<div class="clearfix"></div>
<h3>{p_mask.PADDING}{p_mask.NAME}<!-- IF p_mask.S_LOCAL --> <span class="small"> [{p_mask.L_ACL_TYPE}]</span><!-- ENDIF --></h3>
<h3>{p_mask.NAME}<!-- IF p_mask.S_LOCAL --> <span class="small"> [{p_mask.L_ACL_TYPE}]</span><!-- ENDIF --></h3>
<!-- BEGIN f_mask -->
<div class="clearfix"></div>
@ -28,11 +28,14 @@
<input type="checkbox" style="display: none;" class="permissions-checkbox" name="inherit[{p_mask.f_mask.UG_ID}][{p_mask.f_mask.FORUM_ID}]" id="checkbox{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}" value="1" onclick="toggle_opacity('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}')" />
<!-- ELSE -->
<!-- ENDIF -->
<!-- {p_mask.f_mask.PADDING} -->{p_mask.f_mask.NAME}
<!-- IF p_mask.f_mask.PADDING --><span class="padding">{p_mask.f_mask.PADDING}{p_mask.f_mask.PADDING}</span><!-- ENDIF -->{p_mask.f_mask.NAME}
</legend>
<!-- IF not p_mask.S_VIEW -->
<div class="permissions-switch">
<a href="#" onclick="swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '0', true); return false;">{L_ADVANCED_PERMISSIONS}</a>
<div class="permissions-reset">
<a href="#" onclick="mark_options('perm{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'y'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); init_colours('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_YES}</a> &middot; <a href="#" onclick="mark_options('perm{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'u'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); init_colours('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_NO}</a> &middot; <a href="#" onclick="mark_options('perm{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'n'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); init_colours('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_NEVER}</a>
</div>
<a href="#" onclick="swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '0', true); return false;">{L_ADVANCED_PERMISSIONS}</a><!-- IF not p_mask.S_VIEW and p_mask.f_mask.S_CUSTOM --> *<!-- ENDIF -->
</div>
<dl class="permissions-simple">
<dt style="width: 20%"><label for="role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}">{L_ROLE}:</label></dt>
@ -46,7 +49,11 @@
<!-- BEGIN category -->
<!-- IF p_mask.f_mask.category.S_FIRST_ROW -->
<div class="permissions-advanced" id="advanced{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}"<!-- IF not p_mask.S_VIEW --> style="display: none;"<!-- ENDIF -->>
<!-- IF not p_mask.S_VIEW -->
<div class="permissions-advanced" id="advanced{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}" style="display: none;">
<!-- ELSE -->
<div class="permissions-advanced" id="advanced{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}">
<!-- ENDIF -->
<div class="permissions-category">
<ul>

9
phpBB/adm/style/permission_trace.html
View File

@ -2,7 +2,7 @@
<div style="background-color: #fff; padding: 10px; margin-top: 10px;" class="permissions">
<!-- IF U_BACK --><a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a><!-- ENDIF -->
<!-- IF U_BACK --><a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a><!-- ENDIF -->
<h3>{L_TRACE_FOR}: {PERMISSION_USERNAME} / <!-- IF FORUM_NAME -->{FORUM_NAME} / <!-- ENDIF -->{PERMISSION} </h3>
@ -41,6 +41,13 @@
<td>{trace.INFORMATION}</td>
</tr>
<!-- END trace -->
<tr class="row2">
<td style="white-space: nowrap;"><strong>{L_TRACE_RESULT}</strong></td>
<td colspan="2" style="text-align: center;" class="<!-- IF S_RESULT_NEVER -->never<!-- ELSEIF S_RESULT_YES -->yes<!-- ELSE -->no<!-- ENDIF -->">
<!-- IF S_RESULT_NEVER -->{L_ACL_NEVER}<!-- ELSEIF S_RESULT_YES -->{L_ACL_YES}<!-- ELSE -->{L_ACL_NO}<!-- ENDIF -->
</td>
<td>{L_RESULTING_PERMISSION}</td>
</tr>
</tbody>
</table>

2
phpBB/adm/style/simple_footer.html
View File

@ -16,7 +16,7 @@
<div id="page-footer">
<!-- IF S_COPYRIGHT_HTML -->
<br />Powered by phpBB {VERSION} &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
<br />Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
<!-- IF TRANSLATION_INFO --><br />{TRANSLATION_INFO}<!-- ENDIF -->
<!-- ENDIF -->

2
phpBB/adm/swatch.php
View File

@ -12,7 +12,7 @@
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = './../';
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

37
phpBB/cron.php
View File

@ -12,7 +12,7 @@
*/
define('IN_PHPBB', true);
define('IN_CRON', true);
$phpbb_root_path = './';
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
@ -30,7 +30,35 @@ header('Content-length: 43');
echo base64_decode('R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==');
flush();
// test without flush ;)
// flush();
// make sure cron doesn't run multiple times in parallel
if ($config['cron_lock'])
{
// if the other process is running more than an hour already we have to assume it
// aborted without cleaning the lock
$time = explode(' ', $config['cron_lock']);
$time = $time[0];
if ($time + 3600 >= time())
{
exit;
}
}
define('CRON_ID', time() . ' ' . unique_id());
$sql = 'UPDATE ' . CONFIG_TABLE . "
SET config_value = '" . $db->sql_escape(CRON_ID) . "'
WHERE config_name = 'cron_lock' AND config_value = '" . $db->sql_escape($config['cron_lock']) . "'";
$db->sql_query($sql);
// another cron process altered the table between script start and UPDATE query so exit
if ($db->sql_affectedrows() != 1)
{
exit;
}
/**
* Run cron-like action
@ -226,6 +254,11 @@ else
garbage_collection();
}
$sql = 'UPDATE ' . CONFIG_TABLE . "
SET config_value = '0'
WHERE config_name = 'cron_lock' AND config_value = '" . $db->sql_escape(CRON_ID) . "'";
$db->sql_query($sql);
exit;
?>

30
phpBB/develop/create_schema_files.php
View File

@ -14,7 +14,7 @@
die("Please read the first lines of this script for instructions on how to enable it");
set_time_limit(0);
@set_time_limit(0);
$schema_path = './../install/schemas/';
@ -1028,7 +1028,7 @@ function get_schema_struct()
'forum_desc_uid' => array('VCHAR:5', ''),
'forum_link' => array('VCHAR_UNI', ''),
'forum_password' => array('VCHAR_UNI:40', ''),
'forum_style' => array('TINT:4', 0),
'forum_style' => array('USINT', 0),
'forum_image' => array('VCHAR', ''),
'forum_rules' => array('TEXT_UNI', ''),
'forum_rules_link' => array('VCHAR_UNI', ''),
@ -1107,9 +1107,9 @@ function get_schema_struct()
'group_desc_uid' => array('VCHAR:5', ''),
'group_display' => array('BOOL', 0),
'group_avatar' => array('VCHAR', ''),
'group_avatar_type' => array('TINT:4', 0),
'group_avatar_width' => array('TINT:4', 0),
'group_avatar_height' => array('TINT:4', 0),
'group_avatar_type' => array('TINT:2', 0),
'group_avatar_width' => array('USINT', 0),
'group_avatar_height' => array('USINT', 0),
'group_rank' => array('UINT', 0),
'group_colour' => array('VCHAR:6', ''),
'group_sig_chars' => array('UINT', 0),
@ -1556,13 +1556,13 @@ function get_schema_struct()
$schema_data['phpbb_styles'] = array(
'COLUMNS' => array(
'style_id' => array('TINT:4', NULL, 'auto_increment'),
'style_id' => array('USINT', NULL, 'auto_increment'),
'style_name' => array('VCHAR_UNI:255', ''),
'style_copyright' => array('VCHAR_UNI', ''),
'style_active' => array('BOOL', 1),
'template_id' => array('TINT:4', 0),
'theme_id' => array('TINT:4', 0),
'imageset_id' => array('TINT:4', 0),
'template_id' => array('USINT', 0),
'theme_id' => array('USINT', 0),
'imageset_id' => array('USINT', 0),
),
'PRIMARY_KEY' => 'style_id',
'KEYS' => array(
@ -1575,7 +1575,7 @@ function get_schema_struct()
$schema_data['phpbb_styles_template'] = array(
'COLUMNS' => array(
'template_id' => array('TINT:4', NULL, 'auto_increment'),
'template_id' => array('USINT', NULL, 'auto_increment'),
'template_name' => array('VCHAR_UNI:255', ''),
'template_copyright' => array('VCHAR_UNI', ''),
'template_path' => array('VCHAR:100', ''),
@ -1590,7 +1590,7 @@ function get_schema_struct()
$schema_data['phpbb_styles_template_data'] = array(
'COLUMNS' => array(
'template_id' => array('TINT:4', NULL, 'auto_increment'),
'template_id' => array('USINT', NULL, 'auto_increment'),
'template_filename' => array('VCHAR:100', ''),
'template_included' => array('TEXT', ''),
'template_mtime' => array('TIMESTAMP', 0),
@ -1604,7 +1604,7 @@ function get_schema_struct()
$schema_data['phpbb_styles_theme'] = array(
'COLUMNS' => array(
'theme_id' => array('TINT:4', NULL, 'auto_increment'),
'theme_id' => array('USINT', NULL, 'auto_increment'),
'theme_name' => array('VCHAR_UNI:255', ''),
'theme_copyright' => array('VCHAR_UNI', ''),
'theme_path' => array('VCHAR:100', ''),
@ -1620,7 +1620,7 @@ function get_schema_struct()
$schema_data['phpbb_styles_imageset'] = array(
'COLUMNS' => array(
'imageset_id' => array('TINT:4', NULL, 'auto_increment'),
'imageset_id' => array('USINT', NULL, 'auto_increment'),
'imageset_name' => array('VCHAR_UNI:255', ''),
'imageset_copyright' => array('VCHAR_UNI', ''),
'imageset_path' => array('VCHAR:100', ''),
@ -1639,7 +1639,7 @@ function get_schema_struct()
'image_lang' => array('VCHAR:30', ''),
'image_height' => array('USINT', 0),
'image_width' => array('USINT', 0),
'imageset_id' => array('TINT:4', 0),
'imageset_id' => array('USINT', 0),
),
'PRIMARY_KEY' => 'image_id',
'KEYS' => array(
@ -1777,7 +1777,7 @@ function get_schema_struct()
'user_timezone' => array('DECIMAL', 0),
'user_dst' => array('BOOL', 0),
'user_dateformat' => array('VCHAR_UNI:30', 'd M Y H:i'),
'user_style' => array('TINT:4', 0),
'user_style' => array('USINT', 0),
'user_rank' => array('UINT', 0),
'user_colour' => array('VCHAR:6', ''),
'user_new_privmsg' => array('TINT:4', 0),

240
phpBB/develop/generate_utf_confusables.php Normal file
View File

@ -0,0 +1,240 @@
<?php
/**
*
* @package phpBB3
* @version $Id$
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
if (php_sapi_name() != 'cli')
{
die("This program must be run from the command line.\n");
}
//
// Security message:
//
// This script is potentially dangerous.
// Remove or comment the next line (die(".... ) to enable this script.
// Do NOT FORGET to either remove this script or disable it after you have used it.
//
die("Please read the first lines of this script for instructions on how to enable it");
set_time_limit(0);
define('IN_PHPBB', true);
$phpbb_root_path = '../';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
echo "Checking for required files\n";
download('http://unicode.org/reports/tr39/data/confusables.txt');
download('http://unicode.org/Public/UNIDATA/CaseFolding.txt');
echo "\n";
/**
* Load the confusables table
*/
echo "Loading confusables\n";
$unidata = file_get_contents('confusables.txt');
/**
* Load the CaseFolding table
*/
echo "Loading CaseFolding\n";
$casefolds = file_get_contents('CaseFolding.txt');
function utf8_chr($cp)
{
if ($cp > 0xFFFF)
{
return chr(0xF0 | ($cp >> 18)) . chr(0x80 | (($cp >> 12) & 0x3F)) . chr(0x80 | (($cp >> 6) & 0x3F)) . chr(0x80 | ($cp & 0x3F));
}
else if ($cp > 0x7FF)
{
return chr(0xE0 | ($cp >> 12)) . chr(0x80 | (($cp >> 6) & 0x3F)) . chr(0x80 | ($cp & 0x3F));
}
else if ($cp > 0x7F)
{
return chr(0xC0 | ($cp >> 6)) . chr(0x80 | ($cp & 0x3F));
}
else
{
return chr($cp);
}
}
preg_match_all('/^([0-9A-F]+) ;\s((?:[0-9A-F]+ )*);.*?$/im', $unidata, $array, PREG_SET_ORDER);
preg_match_all('/^([0-9A-F]+); ([CFS]); ([0-9A-F]+(?: [0-9A-F]+)*);/im', $casefolds, $casefold_array);
// some that we defined ourselves
$uniarray = array(
"\xC2\xA1" => "\x69", // EXCLAMATION MARK, INVERTED => LATIN SMALL LETTER I
"\xC7\x83" => "\x21", // LATIN LETTER RETROFLEX CLICK => EXCLAMATION MARK
"\xCE\xB1" => "\x61", // GREEK SMALL LETTER ALPHA => LATIN SMALL LETTER A
"\xE1\x9A\x80" => "\x20", // OGHAM SPACE MARK
"\xC2\xAD" => '', // HYPHEN, SOFT => empty string
"\xDB\x9D" => '', // ARABIC END OF AYAH
"\xDC\x8F" => '', // SYRIAC ABBREVIATION MARK
"\xE1\xA0\x86" => '', // MONGOLIAN TODO SOFT HYPHEN
"\xE1\xA0\x8E" => '', // MONGOLIAN VOWEL SEPARATOR
"\xE2\x80\x8B" => '', // ZERO WIDTH SPACE
"\xE2\x80\x8C" => '', // ZERO WIDTH NON-JOINER
"\xE2\x80\x8D" => '', // ZERO WIDTH JOINER
"\xE2\x80\xA8" => '', // LINE SEPARATOR
"\xE2\x80\xA9" => '', // PARAGRAPH SEPARATOR
"\xE2\x81\xA0" => '', // WORD JOINER
"\xE2\x81\xA1" => '', // FUNCTION APPLICATION
"\xE2\x81\xA2" => '', // INVISIBLE TIMES
"\xE2\x81\xA3" => '', // INVISIBLE SEPARATOR
"\xE2\x81\xAA" => '', // [CONTROL CHARACTERS]
"\xE2\x81\xAB" => '', // [CONTROL CHARACTERS]
"\xE2\x81\xAC" => '', // [CONTROL CHARACTERS]
"\xE2\x81\xAD" => '', // [CONTROL CHARACTERS]
"\xE2\x81\xAE" => '', // [CONTROL CHARACTERS]
"\xE2\x81\xAF" => '', // [CONTROL CHARACTERS]
"\xEF\xBB\xBF" => '', // ZERO WIDTH NO-BREAK SPACE
"\xEF\xBF\xB9" => '', // [CONTROL CHARACTERS]
"\xEF\xBF\xBA" => '', // [CONTROL CHARACTERS]
"\xEF\xBF\xBB" => '', // [CONTROL CHARACTERS]
"\xEF\xBF\xBC" => '', // [CONTROL CHARACTERS]
"\xF0\x9D\x85\xB3" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xB4" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xB5" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xB6" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xB7" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xB8" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xB9" => '', // [MUSICAL CONTROL CHARACTERS]
"\xF0\x9D\x85\xBA" => '', // [MUSICAL CONTROL CHARACTERS]
);
$copy = $uniarray;
foreach ($array as $value)
{
$temp_hold = implode(array_map('utf8_chr', array_map('hexdec', explode(' ', trim($value[2])))));
if (isset($copy[utf8_chr(hexdec((string)$value[1]))]))
{
$num = '';
$string = utf8_chr(hexdec((string)$value[1]));
for ($i = 0; $i < strlen($string); $i++)
{
$num .= '\x' . str_pad(base_convert(ord($string[$i]), 10, 16), 2, '0', STR_PAD_LEFT);
}
echo $num . "\n";
if ($uniarray[$string] != $temp_hold)
{
echo " --> $string\n";
echo " --> " . $temp_hold . "\n";
}
}
// do some tests for things that transform into something with the number one
if (strpos($temp_hold, utf8_chr(0x0031)) !== false)
{
// any kind of letter L?
if (strpos($value[0], 'LETTER L') !== false || strpos($value[0], 'IOTA') !== false || strpos($value[0], 'SMALL L ') !== false || preg_match('/SMALL LIGATURE [^L]*L /', $value[0]))
{
// replace all of the mappings that transform some sort of letter l to number one instead to some sort of letter l to latin small letter l
$temp_hold = str_replace(utf8_chr(0x0031), utf8_chr(0x006C), $temp_hold);
}
}
// uppercased chars that were folded do not exist in this universe,
// no amount of normalization could ever "trick" this into not working
if (in_array($value[1], $casefold_array[1]))
{
continue;
}
$uniarray[utf8_chr(hexdec((string)$value[1]))] = $temp_hold;
}
echo "Writing to confusables.$phpEx\n";
$fp = fopen($phpbb_root_path . 'includes/utf/data/confusables.' . $phpEx, 'wb');
fwrite($fp, '<?php return ' . my_var_export($uniarray) . ';');
fclose($fp);
/**
* Return a parsable string representation of a variable
*
* This is function is limited to array/strings/integers
*
* @param mixed $var Variable
* @return string PHP code representing the variable
*/
function my_var_export($var)
{
if (is_array($var))
{
$lines = array();
foreach ($var as $k => $v)
{
$lines[] = my_var_export($k) . '=>' . my_var_export($v);
}
return 'array(' . implode(',', $lines) . ')';
}
else if (is_string($var))
{
return "'" . str_replace(array('\\', "'"), array('\\\\', "\\'"), $var) . "'";
}
else
{
return $var;
}
}
/**
* Download a file to the develop/ dir
*
* @param string $url URL of the file to download
* @return void
*/
function download($url)
{
global $phpbb_root_path;
if (file_exists($phpbb_root_path . 'develop/' . basename($url)))
{
return;
}
echo 'Downloading from ', $url, ' ';
if (!$fpr = fopen($url, 'rb'))
{
die("Can't download from $url\nPlease download it yourself and put it in the develop/ dir, kthxbai");
}
if (!$fpw = fopen($phpbb_root_path . 'develop/' . basename($url), 'wb'))
{
die("Can't open develop/" . basename($url) . " for output... please check your permissions or something");
}
$i = 0;
$chunk = 32768;
$done = '';
while (!feof($fpr))
{
$i += fwrite($fpw, fread($fpr, $chunk));
echo str_repeat("\x08", strlen($done));
$done = ($i >> 10) . ' KiB';
echo $done;
}
fclose($fpr);
fclose($fpw);
echo "\n";
}
?>

120
phpBB/develop/unicode_testing.php Normal file
View File

@ -0,0 +1,120 @@
<?php
//
// This file provides some useful functions for debugging the unicode/UTF-8 library
// It requires utf_tools.php to be loaded
//
die("Please read the first lines of this script for instructions on how to enable it");
if (!headers_sent())
{
header('Content-type: text/html; charset=UTF-8');
}
/**
* Converts unicode escape sequences (\u0123) into UTF-8 characters
*
* @param string A unicode sequence
* @return string UTF-8 representation of the given unicode sequence
*/
function unicode_to_utf8($string)
{
$utf8 = '';
$chars = array();
for ($i = 0; $i < strlen($string); $i++)
{
if (isset($string[$i + 5]) && substr($string, $i, 2) == '\\u' && ctype_xdigit(substr($string, $i + 2, 4)))
{
$utf8 .= utf8_from_unicode(array(base_convert(substr($string, $i + 2, 4), 16, 10)));
$i += 5;
}
else
{
$utf8 .= $string[$i];
}
}
return $utf8;
}
/**
* Takes an array of ints representing the Unicode characters and returns
* a UTF-8 string.
*
* @param array $array array of unicode code points representing a string
* @return string UTF-8 character string
*/
function utf8_from_unicode($array)
{
$str = '';
foreach ($array as $value)
{
$str .= utf8_chr($value);
}
return $str;
}
/**
* Converts a UTF-8 string to unicode code points
*
* @param string $text UTF-8 string
* @return string Unicode code points
*/
function utf8_to_unicode($text)
{
return preg_replace_callback(
'#[\\xC2-\\xF4][\\x80-\\xBF]?[\\x80-\\xBF]?[\\x80-\\xBF]#',
'utf8_to_unicode_callback',
preg_replace_callback(
'#[\\x00-\\x7f]#',
'utf8_to_unicode_callback',
$text
)
);
}
/**
* Takes a UTF-8 char and replaces it with its unicode escape sequence. Attention, $m is an array
*
* @param array $m 0-based numerically indexed array passed by preg_replace_callback()
* @return string A unicode escape sequence
*/
function utf8_to_unicode_callback($m)
{
return '\u' . str_pad(base_convert(utf8_ord($m[0]), 10, 16), 4, '0', STR_PAD_LEFT) . '';
}
/**
* A wrapper function for the normalizer which takes care of including the class if required and modifies the passed strings
* to be in NFKC
*
* @param mixed $strings a string or an array of strings to normalize
* @return mixed the normalized content, preserving array keys if array given.
*/
function utf8_normalize_nfkc($strings)
{
if (empty($strings))
{
return $strings;
}
if (!class_exists('utf_normalizer'))
{
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx);
}
if (!is_array($strings))
{
utf_normalizer::nfkc($strings);
}
else if (is_array($strings))
{
foreach ($strings as $key => $string)
{
utf_normalizer::nfkc($strings[$key]);
}
}
return $strings;
}
?>

126
phpBB/docs/CHANGELOG.html
View File

@ -169,6 +169,7 @@ p a {
<ol class="menu">
<li><a href="#changelog">Changelog</a>
<ol type="i">
<li><a href="#v30rc3">Changes since RC-3</a></li>
<li><a href="#v30rc2">Changes since RC-2</a></li>
<li><a href="#v30rc1">Changes since RC-1</a></li>
</ol>
@ -180,7 +181,126 @@ p a {
<a name="changelog"></a><h1>1. Changelog</h1>
<a name="v30rc2"></a><b>1.i. Changes since 3.0.RC2</b>
<a name="v30rc3"></a><b>1.i. Changes since 3.0.RC3</b>
<br /><br />
<div class="paragraph">
<p>These fixes/changes are currently only present within CVS and will appear within the next phpBB3 version.</p>
<ul class="menu">
<li>[Fix] Fixing some subsilver2 and prosilver style issues</li>
<li>[Fix] Parse error in MCP ban (Bug #13109)</li>
<li>[Fix] Correctly hide online status in the profile (Bug #13059)</li>
<li>[Feature] Let the user choose how to update modified files (merging, using new file or using old file) within automatic updater</li>
<li>[Fix] An extra \ in an Oracle SQL regex was corrected (Bug #13151)</li>
<li>[Fix] Added a missing global to get_file() (Bug #13149)</li>
<li>[Fix] Hide autologin box when autologin is disabled (Bug #13093)</li>
<li>[Fix] Account for the forum id not being part of the request uri in prosilver (Bug #13121)</li>
<li>[Fix] Properly alter PostgreSQL tables</li>
<li>[Fix] Properly cache template files that were stored in the database (Bug #12675)</li>
<li>[Fix] Do not count the deletion of an unapproved topic as a decrease in normally viewable posts (Bug #13167)</li>
<li>[Fix] Allow column_exists() to return true if the column exists but no data is in the table</li>
<li>[Fix] Allow setting the smiley order via the select. Also allow to add smileys at the top. (Bug #13199)</li>
<li>[Fix] Fix php notice on sending jabber messages (Bug #13201)</li>
<li>[Fix] Make the window showing file differences a little wider (Bug #13157)</li>
<li>[Fix] Preserve preview style on search form (Bug #13205)</li>
<li>[Fix] Place attachment filename in new line in posting editor (Bug #9726)</li>
<li>[Fix] Don't allow caching to occur in the update sequence (Bug #13207)</li>
<li>[Fix] Enforce the max password length for automatically generated password created by the password sender (Bug #13181)</li>
<li>[Fix] Handle phpinfo() when expose_php is false (Bug #12777)</li>
<li>[Fix] Allow managing of forum roles without global users (Bug #13249)</li>
<li>[Change] Do not run cron script if board is disabled</li>
<li>[Fix] Correctly destroy sql cache for some query combinations (Bug #13237)</li>
<li>[Fix] Allow link forums being password protected (Bug #12967)</li>
<li>[Fix] Allow wrapping topic/post icons in posting editor (Bug #12843)</li>
<li>[Fix] Display L_RANK only once in template if rank title and image defined (Bug #13231)</li>
<li>[Fix] Make sure selected transfer method exists before calling (Bug #13265)</li>
<li>[Fix] Correctly escape language keys in language editor (Bug #13279)</li>
<li>[Fix] Correctly hide post/reply buttons if permissions are not given (related to Bug #12809)</li>
<li>[Fix] Remove orphan/wrong permission entries for non-existent forums - self-repairing permissions if conversions went &quot;crazy&quot;</li>
<li>[Feature] Allow &quot;older&quot; updates applied with the automatic updater. This allows people using it for updating, say, from 3.0.0 to 3.0.1 (with the correct package of course) and then from 3.0.1 to 3.0.2 if the latest version at this time is 3.0.2. These changes take effect beginning with RC4 or people replacing install/install_update.php manually prior doing the updates.</li>
<li>[Fix] Present correct error message if user tries to edit already read private message (Bug #13271)</li>
<li>[Fix] Also display board disabled notice for admins/mods if board got disabled due to exceeding the load limit (Bug #13267)</li>
<li>[Fix] Correctly deliver avatar if readfile function has been disabled (Bug #13309)</li>
<li>[Fix] Display php information page with the correct direction (Bug #12557)</li>
<li>[Fix] Increased the number of style objects (styles, templates, themes and imagesets) possible from 127 to 65535 for MySQL (Bug #13179)</li>
<li>[Fix] Although theoretically impossible in our code, removed the chance of trying to open a file that does not exist (Bug #13327)</li>
<li>[Fix] Although theoretically impossible in our code, changed the handling of non-existent language files (Bug #13329, #13331)</li>
<li>[Fix] Removed extra ampersand from ACP link (Bug #13315)</li>
<li>[Fix] used cleaned up version of given field identification for pre-filling a new custom profile field (Bug #13319)</li>
<li>[Fix] Correctly convert 2.0 website profile fields. (Bug #13379)</li>
<li>[Fix] Fixed the "Alphanumeric" and "Alphanumeric and spacers" username selection limitations (Bug #13391)</li>
<li>[Fix] Make sure filelist() is only returning array types (Bug #13385)</li>
<li>[Fix] Correctly mark forums read if using cookie based topic tracking (Bug #13245)</li>
<li>[Change] Put custom profile fields into top box and signature into separate box in members profile view (Bug #13357)</li>
<li>[Fix] Only show moderator log entries for forums the user is having moderation rights in (Bug #12481)</li>
<li>[Feature] Show resulting permission alone in trace window (Bug #10952) - thanks to dark/rain for the proposal</li>
<li>[Fix] Fixed bug in realpath replacement letting it actually work again</li>
<li>[Change] Try to be a bit more specific regarding global/local permission trace (Bug #11032)</li>
<li>[Fix] Fixed some strangeness in password validation due to mb_ereg()</li>
<li>[Fix] Subforums of a forum would overwrite the latest post information even if they did not contain the latest post (Bug #11931)</li>
<li>[Fix] Use global username display function on several places (Bug #11080, #11098) - patch by HoL</li>
<li>[Fix] Several viewonline fixes and feature changes. Also displaying the users browser in viewonline list to let the admin easier spot additional search bots, connected to a_user permission (Bug #11088) - patch and suggestions provided by HoL</li>
<li>[Change] u_viewprofile permission also affecting viewonline list now</li>
<li>[Fix] Do not display return to search link in prosilver if search is not allowed (Bug #11393)</li>
<li>[Fix] Use global url validation for img bbcode tag (Bug #11935)</li>
<li>[Fix] Added proper unicode support to style names (Bug #12165)</li>
<li>[Fix] Search result extract should not end in the middle of a multibyte character (Bug #11863)</li>
<li>[Fix] Missing localisation for an imageset no longer triggers a lot of "imageset refreshed" log messages (Bug #12027)</li>
<li>[Fix] Explain that themes which need parsing cannot be stored on the filesystem (Bug #11134)</li>
<li>[Fix] Normalize usernames</li>
<li>[Change] Improved utf8_clean_string with a more complete list of homographs and NFKC normalization</li>
<li>[Fix] Fixed error messages that ACP Database can give (Bug #13463)</li>
<li>[Fix] Fixed potential issues with databases that use tables names is uppercase</li>
<li>[Fix] Handle forum links/redirects within viewforum if no read permission given (to display login box or error message) (Bug #13467)</li>
<li>[Fix] Prevent changing postable forum having subforums to link forum without moving subforums out first</li>
<li>[Fix] Do not display version in admin template (Bug #13495)</li>
<li>[Fix] Allow manual specification of remote avatar dimensions if getimagesize is disabled (Bug #13531)</li>
<li>[Fix] Make viewonline use the session page's added forum parameter (Bug #13597)</li>
<li>[Fix] Correcting BBCode FAQ (Bug #11180)</li>
<li>[Fix] Make to/bcc line in view private message display consistent with other username displays in prosilver (Bug #11989)</li>
<li>[Fix] Send out activation email if admin activation is enabled and user activated through inactive users panel upon registration (Bug #12065)</li>
<li>[Change] Re-implemented All Yes/No/Never links in permission panels for easier changing all categories at once</li>
<li>[Change] Advanced permission link now &quot;marked&quot; if no role is assigned and custom permissions set. With this an admin can instantly see if the object is not set at all or having custom permissions, something you only saw if advanced permissions were viewed before.</li>
<li>[Fix] Change misleading custom BBCodes explanation, regarding tokens and useable template variables (Bug #12403, #5660)</li>
<li>[Feature] Ability to disable birthdays completely with new board features setting</li>
<li>[Fix] Fix disallowed username check (Bug #13511)</li>
<li>[Fix] Allow for unicode usernames to be pruned (Bug #13643)</li>
<li>[Fix] Do not copy forum permissions from self (Bug #13663)</li>
<li>[Fix] Allow for polls to work during preview (Bug #13657) - thanks to Thatbitextra</li>
<li>[Fix] Finer error conditions for sending IM messages (Bugs #13681, #13683)</li>
<li>[Fix] Add a confirmation for log deletion in the MCP (Bug #13693)</li>
<li>[Fix] Do not erase ranks and avatars when changing default groups (Bugs #13701, #13697)</li>
<li>[Fix] Limit author searches to firstpost, if selected (Bug #13579)</li>
<li>[Fix] Properly resync user post counts for users that have no posts (Bug #13581)</li>
<li>[Fix] Do not require space after , in smiley pak files (Bug #13647)</li>
<li>[Fix] Properly display the subscribe link in topic and forum display for Oracle (Bug #13583)</li>
<li>[Change] Add version number to ACP index (Bug #13703)</li>
<li>[Fix] Several fixes for custom profile fields on multi-lingual boards (Bugs #13763, #13527, #13525, #11515)</li>
<li>[Fix] Return to the mode previously selected after disaproving a post (Bug #13796)</li>
<li>[Fix] Cron now uses a locking variable to make sure it does not spawn too many webserver processes (Bug #12741)</li>
<li>[Fix] Cached stylesheet now supporting gzip compression</li>
<li>[Fix] Added link to inbox for deleted PMs (Bug #13813)</li>
<li>[Fix] Re-syncing the board stats also refreshes the newest user (Bug #13831)</li>
<li>[Feature] Ability to externally set $phpbb_root_path if wrapping phpBB3 by defining constant PHPBB_ROOT_PATH</li>
<li>[Fix] Implemented correct left/right floating within ACP in regard to RTL languages (Bug #13777)</li>
<li>[Fix] Fixing session problems when using MySQL strict mode in conjunction with very long browser agent string (Bug #13827)</li>
<li>[Fix] Disallow post/pm subjects entirely made up from non-printable chars and whitespaces (Bug #13800)</li>
<li>[Fix] Allow moving private messages from the sentbox (Bug #13791)</li>
<li>[Fix] Properly export localized imagesets</li>
<li>[Feature] Show the size of Firebird databases</li>
<li>[Fix] Show error when moving topic into a category via quickmod (Bug #11611)</li>
<li>[Fix] Allow Oracle to install on a database without specify the database name</li>
</ul>
</div>
<a href="#top">Top</a>
<br /><br />
<hr />
<a name="v30rc2"></a><b>1.ii. Changes since 3.0.RC2</b>
<br /><br />
<div class="paragraph">
@ -192,7 +312,7 @@ p a {
<li>[Fix] Correct approval of posts in global announcements (Bug #12699)</li>
<li>[Sec] Do not allow setup spiders/robots to post, even if permissions are given. We see no reason why this should be possible. (Thanks to Frank Rizzo for convincing us regarding this)</li>
<li>[Sec] Do not display the last active column within the memberlist if u_viewonline permission is not given (Bug #12797)</li>
<li>[Fix] Display custom profile field &quotdate&quot; based on users language (Bug #12787)</li>
<li>[Fix] Display custom profile field &quot;date&quot; based on users language (Bug #12787)</li>
<li>[Fix] Allow adding of help language files within subdirectories (Bug #12783)</li>
<li>[Fix] Correctly apply smileys on posting having # within their emotion code</li>
<li>[Fix] Correctly convert smileys having double quotes within their emotion code (Bug #12731)</li>
@ -234,7 +354,7 @@ p a {
<hr />
<a name="v30rc1"></a><b>1.ii. Changes since 3.0.RC1</b>
<a name="v30rc1"></a><b>1.iii. Changes since 3.0.RC1</b>
<br /><br />
<div class="paragraph">

4
phpBB/docs/FAQ.html
View File

@ -298,7 +298,7 @@ p a {
<div class="paragraph">
<p>phpBB categorises gallery avatars and it does this by reading through folders contained in the location you specified as being the gallery path. For example, if you set the gallery path to <samp>images/avatars/gallery</samp> phpBB will expect to find a series of folders within that path, eg. <samp>images/avatars/gallery/moviestars</samp>, <samp>images/avatars/gallery/cartoons</samp>, <samp>images/avatars/gallery/misc</samp>, etc. Placing images directly in <samp>images/avatars/gallery/</samp> will result in nothing being listed in your gallery.</p>
<p>phpBB categorises gallery avatars and it does this by reading through folders contained in the location you specified as being the gallery path. For example, if you set the gallery path to <samp>images/avatars/gallery</samp> phpBB will expect to find a series of folders within that path, e.g. <samp>images/avatars/gallery/moviestars</samp>, <samp>images/avatars/gallery/cartoons</samp>, <samp>images/avatars/gallery/misc</samp>, etc. Placing images directly in <samp>images/avatars/gallery/</samp> will result in nothing being listed in your gallery.</p>
</div>
<a href="#top">Top</a>
@ -324,7 +324,7 @@ p a {
<p>If you (or your users) are, after attempting a login, being returned to the index (or other page) without appearing to be logged in the most likely problem is incorrect cookie settings. phpBB uses cookies to store a session id and a small amount of user data. For this data to be stored correctly the cookie domain, name, path and secure settings must be correct. You can check this in <code>Admin-&gt;General-&gt;Server Configuration-&gt;Cookie Settings</code>. Typically the cookie domain can be left blank and the cookie path set to <samp>/</samp> (a single forward slash). Do <strong>not</strong> set the cookie as being secure unless your board is running over a secure sockets layer connection, ie. https://</p>
<p>If you still have problems try setting the cookie domain to your full domain name, eg. <samp>www.mysystem.tld</samp>, <samp>www.something.mydomain.tld</samp>. You <strong>must</strong> ensure the domain name contains at least two dots or browsers will be unlikely to recognise the cookie, eg. <samp>.mydomain.com</samp>, <samp>mydomain.com</samp>. Do <strong>not</strong> add http:// or anything else to the domain name!</p>
<p>If you still have problems try setting the cookie domain to your full domain name, e.g. <samp>www.mysystem.tld</samp>, <samp>www.something.mydomain.tld</samp>. You <strong>must</strong> ensure the domain name contains at least two dots or browsers will be unlikely to recognise the cookie, e.g. <samp>.mydomain.com</samp>, <samp>mydomain.com</samp>. Do <strong>not</strong> add http:// or anything else to the domain name!</p>
</div>
<a href="#top">Top</a>

6
phpBB/docs/README.html
View File

@ -360,9 +360,9 @@ p a {
<p>If you do post a new bug (i.e. one that isn't already listed in the bug tracker) firstly make sure you have logged in (your username and password are the same as for the community forums) then please include the following details:</p>
<ul class="menu">
<li>Your server type/version, eg. Apache 1.3.28, IIS 4, Sambar, etc.</li>
<li>PHP version and mode of operation, eg. PHP 5.1.1 as a module, PHP 4.4.4 running as CGI, etc.</li>
<li>DB type/version, eg. MySQL 4.0.1, PostgreSQL 7.3.2, MSSQL Server 2000 SP1, etc.</li>
<li>Your server type/version, e.g. Apache 1.3.28, IIS 4, Sambar, etc.</li>
<li>PHP version and mode of operation, e.g. PHP 5.1.1 as a module, PHP 4.4.4 running as CGI, etc.</li>
<li>DB type/version, e.g. MySQL 4.0.1, PostgreSQL 7.3.2, MSSQL Server 2000 SP1, etc.</li>
</ul>
<p>The relevant database type/version is listed within the administration control panel</p>

21
phpBB/download.php
View File

@ -12,7 +12,7 @@
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = './';
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
if (isset($_GET['avatar']))
@ -322,7 +322,20 @@ function send_avatar_to_browser($file)
header("Content-Length: $size");
}
readfile($file_path);
if (@readfile($file_path) === false)
{
$fp = @fopen($file_path, 'rb');
if ($fp !== false)
{
while (!feof($fp))
{
echo fread($fp, 8192);
}
fclose($fp);
}
}
flush();
}
else
@ -447,6 +460,10 @@ function send_file_to_browser($attachment, $upload_dir, $category)
}
fclose($fp);
}
else
{
@readfile($filename);
}
flush();
exit;

2
phpBB/faq.php
View File

@ -12,7 +12,7 @@
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = './';
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

14
phpBB/includes/acm/acm_file.php
View File

@ -39,7 +39,7 @@ class acm
global $phpEx;
if (file_exists($this->cache_dir . 'data_global.' . $phpEx))
{
include($this->cache_dir . 'data_global.' . $phpEx);
@include($this->cache_dir . 'data_global.' . $phpEx);
}
else
{
@ -159,7 +159,7 @@ class acm
return false;
}
include($this->cache_dir . "data{$var_name}.$phpEx");
@include($this->cache_dir . "data{$var_name}.$phpEx");
return (isset($data)) ? $data : false;
}
else
@ -256,7 +256,12 @@ class acm
}
// The following method is more failproof than simply assuming the query is on line 3 (which it should be)
$check_line = file_get_contents($this->cache_dir . $entry);
$check_line = @file_get_contents($this->cache_dir . $entry);
if (empty($check_line))
{
continue;
}
// Now get the contents between /* and */
$check_line = substr($check_line, strpos($check_line, '/* ') + 3, strpos($check_line, ' */') - strpos($check_line, '/* ') - 3);
@ -264,7 +269,8 @@ class acm
$found = false;
foreach ($table as $check_table)
{
if (strpos($check_line, $check_table . ' ') !== false)
// Better catch partial table names than no table names. ;)
if (strpos($check_line, $check_table) !== false)
{
$found = true;
break;

4
phpBB/includes/acp/acp_attachments.php
View File

@ -441,7 +441,7 @@ class acp_attachments
$ext_row = array();
}
$group_name = request_var('group_name', '', true);
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');
if (!$group_name)
@ -618,7 +618,7 @@ class acp_attachments
if ($action == 'add')
{
$ext_group_row = array(
'group_name' => request_var('group_name', '', true),
'group_name' => utf8_normalize_nfc(request_var('group_name', '', true)),
'cat_id' => 0,
'allow_group' => 1,
'allow_in_pm' => 1,

6
phpBB/includes/acp/acp_ban.php
View File

@ -33,12 +33,12 @@ class acp_ban
if ($bansubmit)
{
// Grab the list of entries
$ban = request_var('ban', '', true);
$ban = utf8_normalize_nfc(request_var('ban', '', true));
$ban_len = request_var('banlength', 0);
$ban_len_other = request_var('banlengthother', '');
$ban_exclude = request_var('banexclude', 0);
$ban_reason = request_var('banreason', '', true);
$ban_give_reason = request_var('bangivereason', '', true);
$ban_reason = utf8_normalize_nfc(request_var('banreason', '', true));
$ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true));
if ($ban)
{

4
phpBB/includes/acp/acp_bbcodes.php
View File

@ -75,8 +75,8 @@ class acp_bbcodes
$display_on_posting = request_var('display_on_posting', 0);
$bbcode_match = request_var('bbcode_match', '');
$bbcode_tpl = htmlspecialchars_decode(request_var('bbcode_tpl', '', true));
$bbcode_helpline = request_var('bbcode_helpline', '', true);
$bbcode_tpl = htmlspecialchars_decode(utf8_normalize_nfc(request_var('bbcode_tpl', '', true)));
$bbcode_helpline = utf8_normalize_nfc(request_var('bbcode_helpline', '', true));
break;
}

5
phpBB/includes/acp/acp_board.php
View File

@ -73,9 +73,10 @@ class acp_board
'allow_sig' => array('lang' => 'ALLOW_SIG', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'allow_nocensors' => array('lang' => 'ALLOW_NO_CENSORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'allow_bookmarks' => array('lang' => 'ALLOW_BOOKMARKS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'allow_birthdays' => array('lang' => 'ALLOW_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'legend2' => 'ACP_LOAD_SETTINGS',
'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'load_moderators' => array('lang' => 'YES_MODERATORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_cpf_memberlist' => array('lang' => 'LOAD_CPF_MEMBERLIST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
@ -250,7 +251,7 @@ class acp_board
'load_online' => array('lang' => 'YES_ONLINE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'load_online_guests' => array('lang' => 'YES_ONLINE_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'load_onlinetrack' => array('lang' => 'YES_ONLINE_TRACK', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'load_moderators' => array('lang' => 'YES_MODERATORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false),
'load_user_activity' => array('lang' => 'LOAD_USER_ACTIVITY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),

2
phpBB/includes/acp/acp_bots.php
View File

@ -129,7 +129,7 @@ class acp_bots
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$bot_row = array(
'bot_name' => request_var('bot_name', '', true),
'bot_name' => utf8_normalize_nfc(request_var('bot_name', '', true)),
'bot_agent' => request_var('bot_agent', ''),
'bot_ip' => request_var('bot_ip', ''),
'bot_active' => request_var('bot_active', true),

6
phpBB/includes/acp/acp_database.php
View File

@ -48,7 +48,7 @@ class acp_database
if (!sizeof($table))
{
trigger_error($user->lang['TABLE_SELECT_ERROR'] . adm_back_link($this->u_action));
trigger_error($user->lang['TABLE_SELECT_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$store = $download = $structure = $schema_data = false;
@ -165,7 +165,7 @@ class acp_database
$tables = get_tables($db);
foreach ($tables as $table_name)
{
if (strlen($table_prefix) === 0 || strpos($table_name, $table_prefix) === 0)
if (strlen($table_prefix) === 0 || stripos($table_name, $table_prefix) === 0)
{
$template->assign_block_vars('tables', array(
'TABLE' => $table_name
@ -343,7 +343,7 @@ class acp_database
{
if ($sub === false)
{
trigger_error($user->lang['RESTORE_FAILURE'] . adm_back_link($this->u_action));
trigger_error($user->lang['RESTORE_FAILURE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
pg_put_line($db->db_connect_id, $sub . "\n");
}

2
phpBB/includes/acp/acp_disallow.php
View File

@ -33,7 +33,7 @@ class acp_disallow
if ($disallow)
{
$disallowed_user = str_replace('*', '%', request_var('disallowed_user', '', true));
$disallowed_user = str_replace('*', '%', utf8_normalize_nfc(request_var('disallowed_user', '', true)));
if (!$disallowed_user)
{

6
phpBB/includes/acp/acp_email.php
View File

@ -30,8 +30,8 @@ class acp_email
$usernames = request_var('usernames', '', true);
$group_id = request_var('g', 0);
$subject = request_var('subject', '', true);
$message = request_var('message', '', true);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$message = utf8_normalize_nfc(request_var('message', '', true));
// Do the job ...
if ($submit)
@ -178,7 +178,7 @@ class acp_email
if ($usernames)
{
$usernames = explode("\n", $usernames);
add_log('admin', 'LOG_MASS_EMAIL', implode(', ', $usernames));
add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames)));
}
else
{

19
phpBB/includes/acp/acp_forums.php
View File

@ -103,14 +103,14 @@ class acp_forums
'type_action' => request_var('type_action', ''),
'forum_status' => request_var('forum_status', ITEM_UNLOCKED),
'forum_parents' => '',
'forum_name' => request_var('forum_name', '', true),
'forum_name' => utf8_normalize_nfc(request_var('forum_name', '', true)),
'forum_link' => request_var('forum_link', ''),
'forum_link_track' => request_var('forum_link_track', false),
'forum_desc' => request_var('forum_desc', '', true),
'forum_desc' => utf8_normalize_nfc(request_var('forum_desc', '', true)),
'forum_desc_uid' => '',
'forum_desc_options' => 7,
'forum_desc_bitfield' => '',
'forum_rules' => request_var('forum_rules', '', true),
'forum_rules' => utf8_normalize_nfc(request_var('forum_rules', '', true)),
'forum_rules_uid' => '',
'forum_rules_options' => 7,
'forum_rules_bitfield' => '',
@ -163,7 +163,7 @@ class acp_forums
$forum_perm_from = request_var('forum_perm_from', 0);
// Copy permissions?
if ($forum_perm_from)
if ($forum_perm_from && !empty($forum_perm_from) && $forum_perm_from != $forum_data['forum_id'])
{
// if we edit a forum delete current permissions first
if ($action == 'edit')
@ -445,7 +445,7 @@ class acp_forums
'parent_id' => $this->parent_id,
'forum_type' => FORUM_POST,
'forum_status' => ITEM_UNLOCKED,
'forum_name' => request_var('forum_name', '', true),
'forum_name' => utf8_normalize_nfc(request_var('forum_name', '', true)),
'forum_link' => '',
'forum_link_track' => false,
'forum_desc' => '',
@ -638,7 +638,7 @@ class acp_forums
'S_STATUS_OPTIONS' => $statuslist,
'S_PARENT_OPTIONS' => $parents_list,
'S_STYLES_OPTIONS' => $styles_list,
'S_FORUM_OPTIONS' => make_forum_select(($action == 'add') ? $forum_data['parent_id'] : false, false, false, false, false),
'S_FORUM_OPTIONS' => make_forum_select(($action == 'add') ? $forum_data['parent_id'] : false, ($action == 'edit') ? $forum_data['forum_id'] : false, false, false, false),
'S_SHOW_DISPLAY_ON_INDEX' => $s_show_display_on_index,
'S_FORUM_POST' => ($forum_data['forum_type'] == FORUM_POST) ? true : false,
'S_FORUM_ORIG_POST' => (isset($old_forum_type) && $old_forum_type == FORUM_POST) ? true : false,
@ -991,6 +991,13 @@ class acp_forums
if ($row['forum_type'] == FORUM_POST && $row['forum_type'] != $forum_data_sql['forum_type'])
{
// Has subforums and want to change into a link?
if ($row['right_id'] - $row['left_id'] > 1 && $forum_data_sql['forum_type'] == FORUM_LINK)
{
$errors[] = $user->lang['FORUM_WITH_SUBFORUMS_NOT_TO_LINK'];
return $errors;
}
// we're turning a postable forum into a non-postable forum
if ($forum_data_sql['type_action'] == 'move')
{

6
phpBB/includes/acp/acp_groups.php
View File

@ -258,8 +258,8 @@ class acp_groups
// Did we submit?
if ($update)
{
$group_name = request_var('group_name', '', true);
$group_desc = request_var('group_desc', '', true);
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
$group_type = request_var('group_type', GROUP_FREE);
$allow_desc_bbcode = request_var('desc_parse_bbcode', false);
@ -450,7 +450,7 @@ class acp_groups
}
else if (!$group_id)
{
$group_name = request_var('group_name', '', true);
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc_data = array(
'text' => '',
'allow_bbcode' => true,

21
phpBB/includes/acp/acp_icons.php
View File

@ -189,6 +189,7 @@ class acp_icons
$db->sql_freeresult($result);
$order_list = '<option value="1"' . ((!isset($after)) ? ' selected="selected"' : '') . '>' . $user->lang['FIRST'] . '</option>' . $order_list;
$add_order_list = '<option value="1">' . $user->lang['FIRST'] . '</option>' . $add_order_list;
if ($action == 'add')
{
@ -275,16 +276,16 @@ class acp_icons
$image_width = (isset($_POST['width'])) ? request_var('width', array('' => 0)) : array();
$image_height = (isset($_POST['height'])) ? request_var('height', array('' => 0)) : array();
$image_add = (isset($_POST['add_img'])) ? request_var('add_img', array('' => 0)) : array();
$image_emotion = request_var('emotion', array('' => ''), true);
$image_code = request_var('code', array('' => ''), true);
$image_emotion = utf8_normalize_nfc(request_var('emotion', array('' => ''), true));
$image_code = utf8_normalize_nfc(request_var('code', array('' => ''), true));
$image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array('' => 0)) : array();
// Ok, add the relevant bits if we are adding new codes to existing emoticons...
if (!empty($_POST['add_additional_code']))
{
$add_image = request_var('add_image', '');
$add_code = request_var('add_code', '', true);
$add_emotion = request_var('add_emotion', '', true);
$add_code = utf8_normalize_nfc(request_var('add_code', '', true));
$add_emotion = utf8_normalize_nfc(request_var('add_emotion', '', true));
if ($add_image && $add_emotion && $add_code)
{
@ -336,7 +337,7 @@ class acp_icons
}
// Image_order holds the 'new' order value
if (!empty($image_order[$image]) && !empty($$image_id[$image]))
if (!empty($image_order[$image]))
{
$img_sql = array_merge($img_sql, array(
$fields . '_order' => $image_order[$image])
@ -363,19 +364,19 @@ class acp_icons
}
}
if ($action == 'modify')
if ($action == 'modify' && !empty($image_id[$image]))
{
$sql = "UPDATE $table
SET " . $db->sql_build_array('UPDATE', $img_sql) . "
WHERE {$fields}_id = " . $image_id[$image];
$db->sql_query($sql);
}
else
else if ($action !== 'modify')
{
$sql = "INSERT INTO $table " . $db->sql_build_array('INSERT', $img_sql);
$db->sql_query($sql);
}
}
}
}
$cache->destroy('_icons');
@ -409,7 +410,7 @@ class acp_icons
// Make sure the pak_ary is valid
foreach ($pak_ary as $pak_entry)
{
if (preg_match_all("#'(.*?)', #", $pak_entry, $data))
if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data))
{
if ((sizeof($data[1]) != 4 && $mode == 'icons') ||
(sizeof($data[1]) != 6 && $mode == 'smilies'))
@ -472,7 +473,7 @@ class acp_icons
foreach ($pak_ary as $pak_entry)
{
$data = array();
if (preg_match_all("#'(.*?)', #", $pak_entry, $data))
if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data))
{
if ((sizeof($data[1]) != 4 && $mode == 'icons') ||
(sizeof($data[1]) != 6 && $mode == 'smilies'))

43
phpBB/includes/acp/acp_inactive.php
View File

@ -60,7 +60,50 @@ class acp_inactive
if ($action == 'activate')
{
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
// Get those 'being activated'...
$sql = 'SELECT user_id, username, user_email, user_lang
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', $mark) . '
AND user_type = ' . USER_INACTIVE;
$result = $db->sql_query($sql);
$inactive_users = array();
while ($row = $db->sql_fetchrow($result))
{
$inactive_users[] = $row;
}
$db->sql_freeresult($result);
}
user_active_flip('activate', $mark);
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !empty($inactive_users))
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
$messenger = new messenger();
foreach ($inactive_users as $row)
{
$messenger->template('admin_welcome_activated', $row['user_lang']);
$messenger->to($row['user_email'], $row['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($row['username']))
);
$messenger->send(NOTIFY_EMAIL);
}
$messenger->save_queue();
}
}
else if ($action == 'delete')
{

40
phpBB/includes/acp/acp_language.php
View File

@ -93,6 +93,11 @@ class acp_language
$method = request_var('method', '');
if (!class_exists($method))
{
trigger_error('Method does not exist.', E_USER_ERROR);
}
$requested_data = call_user_func(array($method, 'data'));
foreach ($requested_data as $data => $default)
{
@ -141,8 +146,8 @@ class acp_language
$sql_ary = array(
'lang_english_name' => request_var('lang_english_name', $row['lang_english_name']),
'lang_local_name' => request_var('lang_local_name', $row['lang_local_name'], true),
'lang_author' => request_var('lang_author', $row['lang_author'], true),
'lang_local_name' => utf8_normalize_nfc(request_var('lang_local_name', $row['lang_local_name'], true)),
'lang_author' => utf8_normalize_nfc(request_var('lang_author', $row['lang_author'], true)),
);
$db->sql_query('UPDATE ' . LANG_TABLE . '
@ -201,7 +206,7 @@ class acp_language
// Get target filename for storage folder
$filename = $this->get_filename($row['lang_iso'], $this->language_directory, $this->language_file, true, true);
$fp = fopen($phpbb_root_path . $filename, 'wb');
$fp = @fopen($phpbb_root_path . $filename, 'wb');
if (!$fp)
{
@ -271,7 +276,7 @@ class acp_language
header('Content-Type: application/octetstream; name="' . $this->language_file . '"');
header('Content-disposition: attachment; filename=' . $this->language_file);
$fp = fopen($phpbb_root_path . $filename, 'rb');
$fp = @fopen($phpbb_root_path . $filename, 'rb');
while ($buffer = fread($fp, 1024))
{
echo $buffer;
@ -329,7 +334,10 @@ class acp_language
$transfer->close_session();
// Remove from storage folder
@unlink($phpbb_root_path . 'store/' . $lang_path . $file);
if (file_exists($phpbb_root_path . 'store/' . $lang_path . $file))
{
@unlink($phpbb_root_path . 'store/' . $lang_path . $file);
}
add_log('admin', 'LOG_LANGUAGE_FILE_REPLACED', $file);
@ -406,7 +414,11 @@ class acp_language
if (isset($_POST['remove_store']))
{
$store_filename = $this->get_filename($lang_iso, $this->language_directory, $this->language_file, true, true);
@unlink($phpbb_root_path . $store_filename);
if (file_exists($phpbb_root_path . $store_filename))
{
@unlink($phpbb_root_path . $store_filename);
}
}
include_once($phpbb_root_path . 'includes/functions_transfer.' . $phpEx);
@ -788,12 +800,12 @@ class acp_language
if (in_array($image_name, $valid_localized))
{
$sql_ary[] = array(
'image_name' => $image_name,
'image_filename' => $image_filename,
'image_height' => $image_height,
'image_width' => $image_width,
'imageset_id' => $imageset_row['imageset_id'],
'image_lang' => $lang_pack['iso'],
'image_name' => (string) $image_name,
'image_filename' => (string) $image_filename,
'image_height' => (int) $image_height,
'image_width' => (int) $image_width,
'imageset_id' => (int) $imageset_row['imageset_id'],
'image_lang' => (string) $lang_pack['iso'],
);
}
}
@ -1323,12 +1335,12 @@ $lang = array_merge($lang, array(
if (!is_array($value))
{
$entry .= "{$tabs}'{$key}'\t=> '" . $this->prepare_lang_entry($value) . "',\n";
$entry .= "{$tabs}'" . $this->prepare_lang_entry($key) . "'\t=> '" . $this->prepare_lang_entry($value) . "',\n";
}
else
{
$_tabs = $tabs . "\t";
$entry .= "\n{$tabs}'{$key}'\t=> array(\n";
$entry .= "\n{$tabs}'" . $this->prepare_lang_entry($key) . "'\t=> array(\n";
foreach ($value as $_key => $_value)
{

23
phpBB/includes/acp/acp_main.php
View File

@ -18,7 +18,7 @@ class acp_main
function main($id, $mode)
{
global $config, $db, $user, $auth, $template;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
global $phpbb_root_path, $phpbb_admin_path, $phpEx;
// Show restore permissions notice
if ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm'))
@ -151,6 +151,12 @@ class acp_main
$result = $db->sql_query($sql);
set_config('upload_dir_size', (int) $db->sql_fetchfield('stat'), true);
$db->sql_freeresult($result);
if (!function_exists('update_last_username'))
{
include($phpbb_root_path . "includes/functions_user.$phpEx");
}
update_last_username();
add_log('admin', 'LOG_RESYNC_STATS');
break;
@ -161,15 +167,15 @@ class acp_main
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'SELECT COUNT(post_id) AS num_posts, poster_id
FROM ' . POSTS_TABLE . '
WHERE post_postcount = 1
GROUP BY poster_id';
$sql = 'SELECT COUNT(p.post_id) AS num_posts, u.user_id
FROM ' . USERS_TABLE . ' u
LEFT JOIN ' . POSTS_TABLE . ' p ON (u.user_id = p.poster_id AND p.post_postcount = 1)
GROUP BY u.user_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$db->sql_query('UPDATE ' . USERS_TABLE . " SET user_posts = {$row['num_posts']} WHERE user_id = {$row['poster_id']}");
$db->sql_query('UPDATE ' . USERS_TABLE . " SET user_posts = {$row['num_posts']} WHERE user_id = {$row['user_id']}");
}
$db->sql_freeresult($result);
@ -245,8 +251,8 @@ class acp_main
foreach ($topic_row as $topic_id)
{
$sql_ary[] = array(
'user_id' => $user_id,
'topic_id' => $topic_id,
'user_id' => (int) $user_id,
'topic_id' => (int) $topic_id,
'topic_posted' => 1,
);
}
@ -375,6 +381,7 @@ class acp_main
'S_TOTAL_ORPHAN' => ($total_orphan === false) ? false : true,
'GZIP_COMPRESSION' => ($config['gzip_compress']) ? $user->lang['ON'] : $user->lang['OFF'],
'DATABASE_INFO' => $db->sql_server_info(),
'BOARD_VERSION' => $config['version'],
'U_ACTION' => append_sid("{$phpbb_admin_path}index.$phpEx"),
'U_ADMIN_LOG' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=logs&amp;mode=admin'),

58
phpBB/includes/acp/acp_modules.php
View File

@ -29,7 +29,7 @@ class acp_modules
function main($id, $mode)
{
global $db, $user, $auth, $template;
global $db, $user, $auth, $template, $module;
global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx;
// Set a global define for modules we might include (the author is able to prevent execution of code by checking this constant)
@ -50,6 +50,11 @@ class acp_modules
$user->add_lang('mcp');
}
if ($module->p_class != $this->module_class)
{
$module->add_mod_info($this->module_class);
}
$this->page_title = strtoupper($this->module_class);
$this->parent_id = request_var('parent_id', 0);
@ -232,7 +237,7 @@ class acp_modules
'module_enabled' => 0,
'module_display' => 1,
'parent_id' => 0,
'module_langname' => request_var('module_langname', '', true),
'module_langname' => utf8_normalize_nfc(request_var('module_langname', '', true)),
'module_mode' => '',
'module_auth' => '',
);
@ -245,7 +250,7 @@ class acp_modules
$module_data['module_display'] = request_var('module_display', (int) $module_row['module_display']);
$module_data['parent_id'] = request_var('module_parent_id', (int) $module_row['parent_id']);
$module_data['module_class'] = $this->module_class;
$module_data['module_langname'] = request_var('module_langname', (string) $module_row['module_langname'], true);
$module_data['module_langname'] = utf8_normalize_nfc(request_var('module_langname', (string) $module_row['module_langname'], true));
$module_data['module_mode'] = request_var('module_mode', (string) $module_row['module_mode']);
$submit = (isset($_POST['submit'])) ? true : false;
@ -740,7 +745,7 @@ class acp_modules
$sql = 'SELECT left_id, right_id
FROM ' . MODULES_TABLE . "
WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "'
AND module_id = {$module_data['parent_id']}";
AND module_id = " . (int) $module_data['parent_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
@ -823,7 +828,7 @@ class acp_modules
$sql = 'UPDATE ' . MODULES_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $update_ary) . "
WHERE module_class = '" . $db->sql_escape($module_data['module_class']) . "'
AND module_id = {$module_data['module_id']}";
AND module_id = " . (int) $module_data['module_id'];
$db->sql_query($sql);
if (!$run_inline)
@ -856,15 +861,15 @@ class acp_modules
$sql = 'UPDATE ' . MODULES_TABLE . "
SET right_id = right_id - $diff
WHERE module_class = '" . $db->sql_escape($this->module_class) . "'
AND left_id < " . $from_data['right_id'] . "
AND right_id > " . $from_data['right_id'];
AND left_id < " . (int) $from_data['right_id'] . '
AND right_id > ' . (int) $from_data['right_id'];
$db->sql_query($sql);
// Resync righthand side of tree
$sql = 'UPDATE ' . MODULES_TABLE . "
SET left_id = left_id - $diff, right_id = right_id - $diff
WHERE module_class = '" . $db->sql_escape($this->module_class) . "'
AND left_id > " . $from_data['right_id'];
AND left_id > " . (int) $from_data['right_id'];
$db->sql_query($sql);
if ($to_parent_id > 0)
@ -875,7 +880,7 @@ class acp_modules
$sql = 'UPDATE ' . MODULES_TABLE . "
SET right_id = right_id + $diff
WHERE module_class = '" . $db->sql_escape($this->module_class) . "'
AND " . $to_data['right_id'] . ' BETWEEN left_id AND right_id
AND " . (int) $to_data['right_id'] . ' BETWEEN left_id AND right_id
AND ' . $db->sql_in_set('module_id', $moved_ids, true);
$db->sql_query($sql);
@ -883,7 +888,7 @@ class acp_modules
$sql = 'UPDATE ' . MODULES_TABLE . "
SET left_id = left_id + $diff, right_id = right_id + $diff
WHERE module_class = '" . $db->sql_escape($this->module_class) . "'
AND left_id > " . $to_data['right_id'] . '
AND left_id > " . (int) $to_data['right_id'] . '
AND ' . $db->sql_in_set('module_id', $moved_ids, true);
$db->sql_query($sql);
@ -908,7 +913,7 @@ class acp_modules
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$diff = '+ ' . ($row['right_id'] - $from_data['left_id'] + 1);
$diff = '+ ' . (int) ($row['right_id'] - $from_data['left_id'] + 1);
}
$sql = 'UPDATE ' . MODULES_TABLE . "
@ -941,6 +946,9 @@ class acp_modules
AND module_id = $module_id";
$db->sql_query($sql);
$row['right_id'] = (int) $row['right_id'];
$row['left_id'] = (int) $row['left_id'];
// Resync tree
$sql = 'UPDATE ' . MODULES_TABLE . "
SET right_id = right_id - $diff
@ -976,8 +984,8 @@ class acp_modules
$sql = 'SELECT module_id, left_id, right_id, module_langname
FROM ' . MODULES_TABLE . "
WHERE module_class = '" . $db->sql_escape($this->module_class) . "'
AND parent_id = {$module_row['parent_id']}
AND " . (($action == 'move_up') ? "right_id < {$module_row['right_id']} ORDER BY right_id DESC" : "left_id > {$module_row['left_id']} ORDER BY left_id ASC");
AND parent_id = " . (int) $module_row['parent_id'] . '
AND ' . (($action == 'move_up') ? 'right_id < ' . (int) $module_row['right_id'] . ' ORDER BY right_id DESC' : 'left_id > ' . (int) $module_row['left_id'] . ' ORDER BY left_id ASC');
$result = $db->sql_query_limit($sql, $steps);
$target = array();
@ -1002,25 +1010,25 @@ class acp_modules
*/
if ($action == 'move_up')
{
$left_id = $target['left_id'];
$right_id = $module_row['right_id'];
$left_id = (int) $target['left_id'];
$right_id = (int) $module_row['right_id'];
$diff_up = $module_row['left_id'] - $target['left_id'];
$diff_down = $module_row['right_id'] + 1 - $module_row['left_id'];
$diff_up = (int) ($module_row['left_id'] - $target['left_id']);
$diff_down = (int) ($module_row['right_id'] + 1 - $module_row['left_id']);
$move_up_left = $module_row['left_id'];
$move_up_right = $module_row['right_id'];
$move_up_left = (int) $module_row['left_id'];
$move_up_right = (int) $module_row['right_id'];
}
else
{
$left_id = $module_row['left_id'];
$right_id = $target['right_id'];
$left_id = (int) $module_row['left_id'];
$right_id = (int) $target['right_id'];
$diff_up = $module_row['right_id'] + 1 - $module_row['left_id'];
$diff_down = $target['right_id'] - $module_row['right_id'];
$diff_up = (int) ($module_row['right_id'] + 1 - $module_row['left_id']);
$diff_down = (int) ($target['right_id'] - $module_row['right_id']);
$move_up_left = $module_row['right_id'] + 1;
$move_up_right = $target['right_id'];
$move_up_left = (int) ($module_row['right_id'] + 1);
$move_up_right = (int) $target['right_id'];
}
// Now do the dirty job

8
phpBB/includes/acp/acp_permission_roles.php
View File

@ -134,8 +134,8 @@ class acp_permission_roles
case 'add':
$role_name = request_var('role_name', '', true);
$role_description = request_var('role_description', '', true);
$role_name = utf8_normalize_nfc(request_var('role_name', '', true));
$role_description = utf8_normalize_nfc(request_var('role_description', '', true));
$auth_settings = request_var('setting', array('' => 0));
if (!$role_name)
@ -214,8 +214,8 @@ class acp_permission_roles
$options_from = request_var('options_from', 0);
$role_row = array(
'role_name' => request_var('role_name', '', true),
'role_description' => request_var('role_description', '', true),
'role_name' => utf8_normalize_nfc(request_var('role_name', '', true)),
'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)),
'role_type' => $permission_type,
);

65
phpBB/includes/acp/acp_permissions.php
View File

@ -448,7 +448,7 @@ class acp_permissions
}
$template->assign_vars(array(
'S_PERMISSION_DROPDOWN' => (sizeof($this->permission_dropdown) > 1) ? $this->build_permission_dropdown($this->permission_dropdown, $permission_type) : false,
'S_PERMISSION_DROPDOWN' => (sizeof($this->permission_dropdown) > 1) ? $this->build_permission_dropdown($this->permission_dropdown, $permission_type, $permission_scope) : false,
'L_PERMISSION_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)],
'U_ACTION' => $this->u_action,
@ -522,7 +522,7 @@ class acp_permissions
/**
* Build dropdown field for changing permission types
*/
function build_permission_dropdown($options, $default_option)
function build_permission_dropdown($options, $default_option, $permission_scope)
{
global $user, $auth;
@ -533,8 +533,10 @@ class acp_permissions
{
continue;
}
$selected = ($setting == $default_option) ? ' selected="selected"' : '';
$s_dropdown_options .= '<option value="' . $setting . '"' . $selected . '>' . $user->lang['permission_type'][$setting] . '</option>';
$l_setting = (isset($user->lang['permission_type'][$permission_scope][$setting])) ? $user->lang['permission_type'][$permission_scope][$setting] : $user->lang['permission_type'][$setting];
$s_dropdown_options .= '<option value="' . $setting . '"' . $selected . '>' . $l_setting . '</option>';
}
return $s_dropdown_options;
@ -899,7 +901,10 @@ class acp_permissions
'PERMISSION' => $user->lang['acl_' . $permission]['lang'],
'PERMISSION_USERNAME' => $userdata['username'],
'FORUM_NAME' => $forum_name,
'U_BACK' => ($back) ? build_url(array('f', 'back')) . "&amp;f=$back" : '')
'S_GLOBAL_TRACE' => ($forum_id) ? false : true,
'U_BACK' => ($back) ? build_url(array('f', 'back')) . "&amp;f=$back" : '')
);
$template->assign_block_vars('trace', array(
@ -929,6 +934,8 @@ class acp_permissions
$db->sql_freeresult($result);
$total = ACL_NO;
$add_key = (($forum_id) ? '_LOCAL' : '');
if (sizeof($groups))
{
// Get group auth settings
@ -945,16 +952,16 @@ class acp_permissions
switch ($row['auth_setting'])
{
case ACL_NO:
$information = $user->lang['TRACE_GROUP_NO'];
$information = $user->lang['TRACE_GROUP_NO' . $add_key];
break;
case ACL_YES:
$information = ($total == ACL_YES) ? $user->lang['TRACE_GROUP_YES_TOTAL_YES'] : (($total == ACL_NEVER) ? $user->lang['TRACE_GROUP_YES_TOTAL_NEVER'] : $user->lang['TRACE_GROUP_YES_TOTAL_NO']);
$information = ($total == ACL_YES) ? $user->lang['TRACE_GROUP_YES_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_GROUP_YES_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_GROUP_YES_TOTAL_NO' . $add_key]);
$total = ($total == ACL_NO) ? ACL_YES : $total;
break;
case ACL_NEVER:
$information = ($total == ACL_YES) ? $user->lang['TRACE_GROUP_NEVER_TOTAL_YES'] : (($total == ACL_NEVER) ? $user->lang['TRACE_GROUP_NEVER_TOTAL_NEVER'] : $user->lang['TRACE_GROUP_NEVER_TOTAL_NO']);
$information = ($total == ACL_YES) ? $user->lang['TRACE_GROUP_NEVER_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_GROUP_NEVER_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_GROUP_NEVER_TOTAL_NO' . $add_key]);
$total = ACL_NEVER;
break;
}
@ -973,24 +980,24 @@ class acp_permissions
}
}
// Get user specific permission...
// Get user specific permission... globally or for this forum
$hold_ary = $auth->acl_user_raw_data($user_id, $permission, $forum_id);
$auth_setting = (!sizeof($hold_ary)) ? ACL_NO : $hold_ary[$user_id][$forum_id][$permission];
switch ($auth_setting)
{
case ACL_NO:
$information = ($total == ACL_NO) ? $user->lang['TRACE_USER_NO_TOTAL_NO'] : $user->lang['TRACE_USER_KEPT'];
$information = ($total == ACL_NO) ? $user->lang['TRACE_USER_NO_TOTAL_NO' . $add_key] : $user->lang['TRACE_USER_KEPT' . $add_key];
$total = ($total == ACL_NO) ? ACL_NEVER : $total;
break;
case ACL_YES:
$information = ($total == ACL_YES) ? $user->lang['TRACE_USER_YES_TOTAL_YES'] : (($total == ACL_NEVER) ? $user->lang['TRACE_USER_YES_TOTAL_NEVER'] : $user->lang['TRACE_USER_YES_TOTAL_NO']);
$information = ($total == ACL_YES) ? $user->lang['TRACE_USER_YES_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_USER_YES_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_USER_YES_TOTAL_NO' . $add_key]);
$total = ($total == ACL_NO) ? ACL_YES : $total;
break;
case ACL_NEVER:
$information = ($total == ACL_YES) ? $user->lang['TRACE_USER_NEVER_TOTAL_YES'] : (($total == ACL_NEVER) ? $user->lang['TRACE_USER_NEVER_TOTAL_NEVER'] : $user->lang['TRACE_USER_NEVER_TOTAL_NO']);
$information = ($total == ACL_YES) ? $user->lang['TRACE_USER_NEVER_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_USER_NEVER_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_USER_NEVER_TOTAL_NO' . $add_key]);
$total = ACL_NEVER;
break;
}
@ -1007,8 +1014,7 @@ class acp_permissions
'S_TOTAL_NEVER' => ($total == ACL_NEVER) ? true : false)
);
// global permission might overwrite local permission
if (($forum_id != 0) && isset($auth->acl_options['global'][$permission]))
if ($forum_id != 0 && isset($auth->acl_options['global'][$permission]))
{
if ($user_id != $user->data['user_id'])
{
@ -1031,17 +1037,21 @@ class acp_permissions
$information = $user->lang['TRACE_USER_GLOBAL_NEVER_TOTAL_KEPT'];
}
$template->assign_block_vars('trace', array(
'WHO' => sprintf($user->lang['TRACE_GLOBAL_SETTING'], $userdata['username']),
'INFORMATION' => sprintf($information, '<a href="' . $this->u_action . "&amp;u=$user_id&amp;f=0&amp;auth=$permission&amp;back=$forum_id\">", '</a>'),
// If there is no auth information we do not need to worry the user by showing non-relevant data.
if ($auth_setting)
{
$template->assign_block_vars('trace', array(
'WHO' => sprintf($user->lang['TRACE_GLOBAL_SETTING'], $userdata['username']),
'INFORMATION' => sprintf($information, '<a href="' . $this->u_action . "&amp;u=$user_id&amp;f=0&amp;auth=$permission&amp;back=$forum_id\">", '</a>'),
'S_SETTING_NO' => false,
'S_SETTING_YES' => $auth_setting,
'S_SETTING_NEVER' => !$auth_setting,
'S_TOTAL_NO' => false,
'S_TOTAL_YES' => ($total == ACL_YES) ? true : false,
'S_TOTAL_NEVER' => ($total == ACL_NEVER) ? true : false)
);
'S_SETTING_NO' => false,
'S_SETTING_YES' => $auth_setting,
'S_SETTING_NEVER' => !$auth_setting,
'S_TOTAL_NO' => false,
'S_TOTAL_YES' => ($total == ACL_YES) ? true : false,
'S_TOTAL_NEVER' => ($total == ACL_NEVER) ? true : false)
);
}
}
// Take founder status into account, overwriting the default values
@ -1058,7 +1068,16 @@ class acp_permissions
'S_TOTAL_YES' => true,
'S_TOTAL_NEVER' => false)
);
$total = ACL_YES;
}
// Total value...
$template->assign_vars(array(
'S_RESULT_NO' => ($total == ACL_NO) ? true : false,
'S_RESULT_YES' => ($total == ACL_YES) ? true : false,
'S_RESULT_NEVER' => ($total == ACL_NEVER) ? true : false,
));
}
/**

11
phpBB/includes/acp/acp_php_info.php
View File

@ -45,7 +45,16 @@ class acp_php_info
}
$output = $output[1][0];
$output = preg_replace('#<tr class="v"><td>(.*?<a[^>]*><img[^>]*></a>)(.*?)</td></tr>#s', '<tr class="row1"><td><table class="type2"><tr><td>\2</td><td>\1</td></tr></table></td></tr>', $output);
// expose_php can make the image not exist
if (preg_match('#<a[^>]*><img[^>]*></a>#', $output))
{
$output = preg_replace('#<tr class="v"><td>(.*?<a[^>]*><img[^>]*></a>)(.*?)</td></tr>#s', '<tr class="row1"><td><table class="type2"><tr><td>\2</td><td>\1</td></tr></table></td></tr>', $output);
}
else
{
$output = preg_replace('#<tr class="v"><td>(.*?)</td></tr>#s', '<tr class="row1"><td><table class="type2"><tr><td>\1</td></tr></table></td></tr>', $output);
}
$output = preg_replace('#<table[^>]+>#i', '<table>', $output);
$output = preg_replace('#<img border="0"#i', '<img', $output);
$output = str_replace(array('class="e"', 'class="v"', 'class="h"', '<hr />', '<font', '</font>'), array('class="row1"', 'class="row2"', '', '', '<span', '</span>'), $output);

75
phpBB/includes/acp/acp_profile.php
View File

@ -349,12 +349,12 @@ class acp_profile
}
$field_row = array_merge($default_values[$field_type], array(
'field_ident' => request_var('field_ident', ''),
'field_ident' => utf8_clean_string(request_var('field_ident', '', true)),
'field_required' => 0,
'field_hide' => 0,
'field_no_view' => 0,
'field_show_on_reg' => 0,
'lang_name' => '',
'lang_name' => utf8_normalize_nfc(request_var('field_ident', '', true)),
'lang_explain' => '',
'lang_default_value'=> '')
);
@ -381,10 +381,10 @@ class acp_profile
$exclude[1][] = 'lang_options';
}
$cp->vars['field_ident'] = request_var('field_ident', $field_row['field_ident']);
$cp->vars['lang_name'] = request_var('lang_name', $field_row['lang_name'], true);
$cp->vars['lang_explain'] = request_var('lang_explain', $field_row['lang_explain'], true);
$cp->vars['lang_default_value'] = request_var('lang_default_value', $field_row['lang_default_value'], true);
$cp->vars['field_ident'] = ($action == 'create' && $step == 1) ? utf8_clean_string(request_var('field_ident', $field_row['field_ident'], true)) : request_var('field_ident', $field_row['field_ident']);
$cp->vars['lang_name'] = utf8_normalize_nfc(request_var('lang_name', $field_row['lang_name'], true));
$cp->vars['lang_explain'] = utf8_normalize_nfc(request_var('lang_explain', $field_row['lang_explain'], true));
$cp->vars['lang_default_value'] = utf8_normalize_nfc(request_var('lang_default_value', $field_row['lang_default_value'], true));
// Field option...
if (isset($_REQUEST['field_option']))
@ -409,11 +409,11 @@ class acp_profile
// A boolean field expects an array as the lang options
if ($field_type == FIELD_BOOL)
{
$options = request_var('lang_options', array(''), true);
$options = utf8_normalize_nfc(request_var('lang_options', array(''), true));
}
else
{
$options = request_var('lang_options', '', true);
$options = utf8_normalize_nfc(request_var('lang_options', '', true));
}
// If the user has submitted a form with options (i.e. dropdown field)
@ -441,13 +441,13 @@ class acp_profile
// step 2
foreach ($exclude[2] as $key)
{
$var = request_var($key, $field_row[$key], true);
$var = utf8_normalize_nfc(request_var($key, $field_row[$key], true));
// Manipulate the intended variables a little bit if needed
if ($field_type == FIELD_DROPDOWN && $key == 'field_maxlen')
{
// Get the number of options if this key is 'field_maxlen'
$var = sizeof(explode("\n", request_var('lang_options', '', true)));
$var = sizeof(explode("\n", utf8_normalize_nfc(request_var('lang_options', '', true))));
}
else if ($field_type == FIELD_TEXT && $key == 'field_length')
{
@ -491,6 +491,11 @@ class acp_profile
list($cp->vars['field_default_value_day'], $cp->vars['field_default_value_month'], $cp->vars['field_default_value_year']) = explode('-', $var);
}
}
}
else if ($field_type == FIELD_BOOL && $key == 'field_default_value')
{
// Get the number of options if this key is 'field_maxlen'
$var = request_var('field_default_value', 0);
}
$cp->vars[$key] = $var;
@ -534,7 +539,7 @@ class acp_profile
foreach ($exclude[3] as $key)
{
$cp->vars[$key] = request_var($key, array(0 => ''), true);
$cp->vars[$key] = utf8_normalize_nfc(request_var($key, array(0 => ''), true));
if (!$cp->vars[$key] && $action == 'edit')
{
@ -542,7 +547,7 @@ class acp_profile
}
else if ($key == 'l_lang_options' && $field_type == FIELD_BOOL)
{
$cp->vars[$key] = request_var($key, array(0 => array('')), true);
$cp->vars[$key] = utf8_normalize_nfc(request_var($key, array(0 => array('')), true));
}
else if ($key == 'l_lang_options' && is_array($cp->vars[$key]))
{
@ -631,10 +636,25 @@ class acp_profile
$cp->vars['columns'] = request_var('columns', 0);
$_new_key_ary[$key] = $cp->vars['rows'] . '|' . $cp->vars['columns'];
}
if ($field_type == FIELD_BOOL && $key == 'l_lang_options' && isset($_REQUEST['l_lang_options']))
else if ($field_type == FIELD_DATE && $key == 'field_default_value')
{
$_new_key_ary[$key] = request_var($key, array(array('')), true);
$always_now = request_var('always_now', 0);
if ($always_now)
{
$_new_key_ary[$key] = 'now';
}
else if (isset($_REQUEST['field_default_value_day']))
{
$cp->vars['field_default_value_day'] = request_var('field_default_value_day', 0);
$cp->vars['field_default_value_month'] = request_var('field_default_value_month', 0);
$cp->vars['field_default_value_year'] = request_var('field_default_value_year', 0);
$_new_key_ary[$key] = sprintf('%2d-%2d-%4d', $cp->vars['field_default_value_day'], $cp->vars['field_default_value_month'], $cp->vars['field_default_value_year']);
}
}
else if ($field_type == FIELD_BOOL && $key == 'l_lang_options' && isset($_REQUEST['l_lang_options']))
{
$_new_key_ary[$key] = utf8_normalize_nfc(request_var($key, array(array('')), true));
}
else
{
@ -644,7 +664,7 @@ class acp_profile
}
else
{
$_new_key_ary[$key] = (is_array($_REQUEST[$key])) ? request_var($key, array(''), true) : request_var($key, '', true);
$_new_key_ary[$key] = (is_array($_REQUEST[$key])) ? utf8_normalize_nfc(request_var($key, array(''), true)) : utf8_normalize_nfc(request_var($key, '', true));
}
}
}
@ -744,7 +764,7 @@ class acp_profile
$template->assign_vars(array(
'S_STEP_TWO' => true,
'L_NEXT' => (sizeof($this->lang_defs['iso']) == 1) ? $user->lang['SAVE'] : $user->lang['PROFILE_LANG_OPTIONS'])
'L_NEXT_STEP' => (sizeof($this->lang_defs['iso']) == 1) ? $user->lang['SAVE'] : $user->lang['PROFILE_LANG_OPTIONS'])
);
// Build options based on profile type
@ -915,11 +935,10 @@ class acp_profile
$lang_options[$lang_id]['lang_iso'] = $lang_iso;
foreach ($options as $field => $field_type)
{
$value = ($action == 'create') ? request_var('l_' . $field, array(0 => ''), true) : $cp->vars['l_' . $field];
$value = ($action == 'create') ? utf8_normalize_nfc(request_var('l_' . $field, array(0 => ''), true)) : $cp->vars['l_' . $field];
if ($field == 'lang_options')
{
$var = ($action == 'create' || !is_array($cp->vars['l_lang_options'][$lang_id])) ? $cp->vars['lang_options'] : $cp->vars['lang_options'][$lang_id];
$var = (!isset($cp->vars['l_lang_options'][$lang_id]) || !is_array($cp->vars['l_lang_options'][$lang_id])) ? $cp->vars['lang_options'] : $cp->vars['l_lang_options'][$lang_id];
switch ($field_type)
{
@ -934,10 +953,10 @@ class acp_profile
break;
case 'optionfield':
$value = ((isset($value[$lang_id])) ? ((is_array($value[$lang_id])) ? implode("\n", $value[$lang_id]) : $value[$lang_id]) : implode("\n", $var));
$lang_options[$lang_id]['fields'][$field] = array(
'TITLE' => $user->lang['CP_' . strtoupper($field)],
'FIELD' => '<dd><textarea name="l_' . $field . '[' . $lang_id . ']" rows="7" cols="80">' . ((isset($value[$lang_id])) ? implode("\n", $value[$lang_id]) : implode("\n", $var)) . '</textarea></dd>'
'FIELD' => '<dd><textarea name="l_' . $field . '[' . $lang_id . ']" rows="7" cols="80">' . $value . '</textarea></dd>'
);
break;
}
@ -1087,17 +1106,23 @@ class acp_profile
}
// These are always arrays because the key is the language id...
$cp->vars['l_lang_name'] = request_var('l_lang_name', array(0 => ''), true);
$cp->vars['l_lang_explain'] = request_var('l_lang_explain', array(0 => ''), true);
$cp->vars['l_lang_default_value'] = request_var('l_lang_default_value', array(0 => ''), true);
$cp->vars['l_lang_name'] = utf8_normalize_nfc(request_var('l_lang_name', array(0 => ''), true));
$cp->vars['l_lang_explain'] = utf8_normalize_nfc(request_var('l_lang_explain', array(0 => ''), true));
$cp->vars['l_lang_default_value'] = utf8_normalize_nfc(request_var('l_lang_default_value', array(0 => ''), true));
if ($field_type != FIELD_BOOL)
{
$cp->vars['l_lang_options'] = request_var('l_lang_options', array(0 => ''), true);
$cp->vars['l_lang_options'] = utf8_normalize_nfc(request_var('l_lang_options', array(0 => ''), true));
}
else
{
/**
* @todo check if this line is correct...
$cp->vars['l_lang_default_value'] = request_var('l_lang_default_value', array(0 => array('')), true);
*/
$cp->vars['l_lang_options'] = utf8_normalize_nfc(request_var('l_lang_options', array(0 => array('')), true));
}
if ($cp->vars['lang_options'])
{
if (!is_array($cp->vars['lang_options']))

2
phpBB/includes/acp/acp_prune.php
View File

@ -307,7 +307,7 @@ class acp_prune
'mode' => $mode,
'prune' => 1,
'users' => request_var('users', ''),
'users' => request_var('users', '', true),
'username' => request_var('username', '', true),
'email' => request_var('email', ''),
'joined_select' => request_var('joined_select', ''),

7
phpBB/includes/acp/acp_ranks.php
View File

@ -35,7 +35,7 @@ class acp_ranks
{
case 'save':
$rank_title = request_var('title', '', true);
$rank_title = utf8_normalize_nfc(request_var('title', '', true));
$special_rank = request_var('special_rank', 0);
$min_posts = ($special_rank) ? 0 : request_var('min_posts', 0);
$rank_image = request_var('rank_image', '');
@ -143,11 +143,12 @@ class acp_ranks
$db->sql_freeresult($result);
$imglist = filelist($phpbb_root_path . $config['ranks_path'], '');
$edit_img = $filename_list = '';
foreach ($imglist as $path => $img_ary)
{
sort($img_ary);
foreach ($img_ary as $img)
{
$img = $path . $img;
@ -202,7 +203,7 @@ class acp_ranks
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
ORDER BY rank_min ASC, rank_special ASC, rank_title ASC';
ORDER BY rank_special DESC, rank_min ASC, rank_title ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))

4
phpBB/includes/acp/acp_reasons.php
View File

@ -38,8 +38,8 @@ class acp_reasons
case 'edit':
$reason_row = array(
'reason_title' => request_var('reason_title', '', true),
'reason_description' => request_var('reason_description', '', true)
'reason_title' => utf8_normalize_nfc(request_var('reason_title', '', true)),
'reason_description' => utf8_normalize_nfc(request_var('reason_description', '', true)),
);
if ($submit)

103
phpBB/includes/acp/acp_styles.php
View File

@ -412,11 +412,11 @@ parse_css_file = {PARSE_CSS_FILE}
if (in_array($image_name, $imageset_definitions))
{
$sql_ary[] = array(
'image_name' => $image_name,
'image_filename' => $image_filename,
'image_name' => (string) $image_name,
'image_filename' => (string) $image_filename,
'image_height' => (int) $image_height,
'image_width' => (int) $image_width,
'imageset_id' => $style_id,
'imageset_id' => (int) $style_id,
'image_lang' => '',
);
}
@ -458,12 +458,12 @@ parse_css_file = {PARSE_CSS_FILE}
if (in_array($image_name, $imageset_definitions))
{
$sql_ary[] = array(
'image_name' => $image_name,
'image_filename' => $image_filename,
'image_height' => $image_height,
'image_width' => $image_width,
'imageset_id' => $style_id,
'image_lang' => $row['lang_dir'],
'image_name' => (string) $image_name,
'image_filename' => (string) $image_filename,
'image_height' => (int) $image_height,
'image_width' => (int) $image_width,
'imageset_id' => (int) $style_id,
'image_lang' => (string) $row['lang_dir'],
);
}
}
@ -670,7 +670,7 @@ parse_css_file = {PARSE_CSS_FILE}
$_POST['template_data'] = (isset($_POST['template_data']) && !empty($_POST['template_data'])) ? str_replace(array("\r\n", "\r"), array("\n", "\n"), $_POST['template_data']) : '';
$template_data = (STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data'];
$template_file = request_var('template_file', '', true);
$template_file = utf8_normalize_nfc(request_var('template_file', '', true));
$text_rows = max(5, min(999, request_var('text_rows', 20)));
$save_changes = (isset($_POST['save'])) ? true : false;
@ -700,7 +700,7 @@ parse_css_file = {PARSE_CSS_FILE}
// If the template is stored on the filesystem try to write the file else store it in the database
if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && @is_writable($file))
{
if (!($fp = fopen($file, 'wb')))
if (!($fp = @fopen($file, 'wb')))
{
trigger_error($user->lang['NO_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@ -1025,7 +1025,7 @@ parse_css_file = {PARSE_CSS_FILE}
$_POST['template_data'] = (isset($_POST['template_data']) && !empty($_POST['template_data'])) ? str_replace(array("\r\n", "\r"), array("\n", "\n"), $_POST['template_data']) : '';
$theme_data = (STRIP) ? stripslashes($_POST['template_data']) : $_POST['template_data'];
$theme_file = request_var('template_file', '', true);
$theme_file = utf8_normalize_nfc(request_var('template_file', '', true));
$text_rows = max(5, min(999, request_var('text_rows', 20)));
$save_changes = (isset($_POST['save'])) ? true : false;
@ -1055,7 +1055,7 @@ parse_css_file = {PARSE_CSS_FILE}
// If the theme is stored on the filesystem try to write the file else store it in the database
if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && @is_writable($file))
{
if (!($fp = fopen($file, 'wb')))
if (!($fp = @fopen($file, 'wb')))
{
trigger_error($user->lang['NO_THEME'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@ -1351,7 +1351,7 @@ parse_css_file = {PARSE_CSS_FILE}
{
while (($file = readdir($dp)) !== false)
{
if (!is_file($dir . '/' . $file) && !is_link($dir . '/' . $file) && $file[0] != '.' && strtoupper($file) != 'CVS')
if ($file[0] != '.' && strtoupper($file) != 'CVS' && !is_file($dir . '/' . $file) && !is_link($dir . '/' . $file))
{
$langs[] = $file;
}
@ -1847,6 +1847,54 @@ parse_css_file = {PARSE_CSS_FILE}
'prefix' => 'imageset/imageset.cfg'
);
end($data);
$imageset_root = "{$phpbb_root_path}styles/{$style_row['imageset_path']}/imageset/";
$dh = @opendir($imageset_root);
while (($fname = readdir($dh)) !== false)
{
if ($fname[0] != '.' && $fname != 'CVS' && is_dir("$imageset_root$fname"))
{
$files[key($files)]['exclude'] .= ',' . $fname . '/imageset.cfg';
}
}
@closedir($dh);
$imageset_lang = array();
$sql = 'SELECT image_filename, image_name, image_height, image_width, image_lang
FROM ' . STYLES_IMAGESET_DATA_TABLE . "
WHERE imageset_id = $style_id
AND image_lang <> ''";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$imageset_lang[$row['image_lang']][$row['image_name']] = $row['image_filename'] . ($row['image_height'] ? '*' . $row['image_height']: '') . ($row['image_width'] ? '*' . $row['image_width']: '');
}
$db->sql_freeresult($result);
foreach ($imageset_lang as $lang => $imageset_localized)
{
$imageset_cfg = str_replace(array('{MODE}', '{NAME}', '{COPYRIGHT}', '{VERSION}'), array($mode, $style_row['imageset_name'], $style_row['imageset_copyright'], $config['version']), $this->imageset_cfg);
foreach ($this->imageset_keys as $topic => $key_array)
{
foreach ($key_array as $key)
{
if (isset($imageset_localized[$key]))
{
$imageset_cfg .= "\nimg_" . $key . ' = ' . str_replace("styles/{$style_row['imageset_path']}/imageset/", '{PATH}', $imageset_localized[$key]);
}
}
}
$data[] = array(
'src' => trim($imageset_cfg),
'prefix' => 'imageset/' . $lang . '/imageset.cfg'
);
}
unset($imageset_cfg);
}
@ -2016,8 +2064,8 @@ parse_css_file = {PARSE_CSS_FILE}
if ($update)
{
$name = request_var('name', '');
$copyright = request_var('copyright', '', true);
$name = utf8_normalize_nfc(request_var('name', '', true));
$copyright = utf8_normalize_nfc(request_var('copyright', '', true));
$template_id = request_var('template_id', 0);
$theme_id = request_var('theme_id', 0);
@ -2051,6 +2099,18 @@ parse_css_file = {PARSE_CSS_FILE}
$error[] = $user->lang['EDIT_' . strtoupper($mode) . '_STORED_DB'];
$store_db = 1;
}
// themes which have to be parsed have to go into db
if ($mode == 'theme')
{
$cfg = parse_cfg_file("{$phpbb_root_path}styles/" . $style_row["{$mode}_path"] . "/theme/theme.cfg");
if (isset($cfg['parse_css_file']) && $cfg['parse_css_file'])
{
$error[] = $user->lang['EDIT_THEME_STORE_PARSED'];
$store_db = 1;
}
}
}
if (!sizeof($error))
@ -2344,7 +2404,7 @@ parse_css_file = {PARSE_CSS_FILE}
{
foreach ($file_ary as $file)
{
if (!($fp = fopen("{$phpbb_root_path}styles/$template_path$pathfile$file", 'r')))
if (!($fp = @fopen("{$phpbb_root_path}styles/$template_path$pathfile$file", 'r')))
{
trigger_error("Could not open {$phpbb_root_path}styles/$template_path$pathfile$file", E_USER_ERROR);
}
@ -2417,6 +2477,11 @@ parse_css_file = {PARSE_CSS_FILE}
$file_ary = array();
while ($file = readdir($dp))
{
if ($file[0] == '.')
{
continue;
}
if (is_file($phpbb_root_path . 'cache/' . $file) && (strpos($file, $cache_prefix) === 0))
{
$file_ary[] = str_replace('.', '/', preg_replace('#^' . preg_quote($cache_prefix, '#') . '_(.*?)\.html\.' . $phpEx . '$#i', '\1', $file));
@ -2635,8 +2700,8 @@ parse_css_file = {PARSE_CSS_FILE}
$error = array();
$style_row = array(
$mode . '_name' => request_var('name', ''),
$mode . '_copyright' => request_var('copyright', '', true),
$mode . '_name' => utf8_normalize_nfc(request_var('name', '', true)),
$mode . '_copyright' => utf8_normalize_nfc(request_var('copyright', '', true)),
'template_id' => 0,
'theme_id' => 0,
'imageset_id' => 0,

30
phpBB/includes/acp/acp_users.php
View File

@ -30,11 +30,8 @@ class acp_users
$this->tpl_name = 'acp_users';
$this->page_title = 'ACP_USER_' . strtoupper($mode);
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
$error = array();
$username = request_var('username', '', true);
$username = utf8_normalize_nfc(request_var('username', '', true));
$user_id = request_var('u', 0);
$action = request_var('action', '');
@ -43,6 +40,8 @@ class acp_users
// Whois (special case)
if ($action == 'whois')
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$this->page_title = 'WHOIS';
$this->tpl_name = 'simple_body';
@ -148,6 +147,8 @@ class acp_users
{
case 'overview':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$user->add_lang('acp/ban');
$delete = request_var('delete', 0);
@ -248,8 +249,8 @@ class acp_users
break;
}
$ban_reason = request_var('ban_reason', $user->lang[$reason], true);
$ban_give_reason = request_var('ban_give_reason', '', true);
$ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
$ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
// Log not used at the moment, we simply utilize the ban function.
$result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
@ -598,7 +599,7 @@ class acp_users
// Handle registration info updates
$data = array(
'username' => request_var('user', $user_row['username'], true),
'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
'email' => strtolower(request_var('user_email', $user_row['user_email'])),
'email_confirm' => strtolower(request_var('email_confirm', '')),
@ -867,7 +868,7 @@ class acp_users
$deletemark = (isset($_POST['delmarked'])) ? true : false;
$deleteall = (isset($_POST['delall'])) ? true : false;
$marked = request_var('mark', array(0));
$message = request_var('message', '', true);
$message = utf8_normalize_nfc(request_var('message', '', true));
// Sort keys
$sort_days = request_var('st', 0);
@ -952,6 +953,9 @@ class acp_users
case 'profile':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
$cp = new custom_profile();
$cp_data = $cp_error = array();
@ -1147,8 +1151,10 @@ class acp_users
case 'prefs':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$data = array(
'dateformat' => request_var('dateformat', $user_row['user_dateformat'], true),
'dateformat' => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
'lang' => basename(request_var('lang', $user_row['user_lang'])),
'tz' => request_var('tz', (float) $user_row['user_timezone']),
'style' => request_var('style', $user_row['user_style']),
@ -1352,6 +1358,7 @@ class acp_users
case 'avatar':
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
@ -1546,10 +1553,9 @@ class acp_users
delete_attachments('attach', $marked);
$log = (sizeof($log_attachments) == 1) ? 'ATTACHMENT_DELETED' : 'ATTACHMENTS_DELETED';
$message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
add_log('admin', $log, implode(', ', $log_attachments));
add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $log_attachments));
trigger_error($message . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
else
@ -1653,6 +1659,8 @@ class acp_users
case 'groups':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$user->add_lang(array('groups', 'acp/groups'));
$group_id = request_var('g', 0);

60
phpBB/includes/acp/auth.php
View File

@ -469,13 +469,16 @@ class auth_admin extends auth
'S_GROUP_MODE' => ($user_mode == 'group') ? true : false)
);
foreach ($content_array as $ug_id => $ug_array)
@reset($content_array);
while (list($ug_id, $ug_array) = each($content_array))
{
// Build role dropdown options
$current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
$s_role_options = '';
foreach ($roles as $role_id => $role_row)
@reset($roles);
while (list($role_id, $role_row) = each($roles))
{
$role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
$role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
@ -489,10 +492,29 @@ class auth_admin extends auth
$s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;
}
if (!$current_role_id && $mode != 'view')
{
$s_custom_permissions = false;
foreach ($ug_array as $key => $value)
{
if ($value['S_NEVER'] || $value['S_YES'])
{
$s_custom_permissions = true;
break;
}
}
}
else
{
$s_custom_permissions = false;
}
$template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(
'NAME' => $ug_names_ary[$ug_id],
'S_ROLE_OPTIONS' => $s_role_options,
'UG_ID' => $ug_id,
'S_CUSTOM' => $s_custom_permissions,
'FORUM_ID' => $forum_id)
);
@ -556,10 +578,29 @@ class auth_admin extends auth
$s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;
}
if (!$current_role_id && $mode != 'view')
{
$s_custom_permissions = false;
foreach ($forum_array as $key => $value)
{
if ($value['S_NEVER'] || $value['S_YES'])
{
$s_custom_permissions = true;
break;
}
}
}
else
{
$s_custom_permissions = false;
}
$template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(
'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
'S_ROLE_OPTIONS' => $s_role_options,
'S_CUSTOM' => $s_custom_permissions,
'UG_ID' => $ug_id,
'FORUM_ID' => $forum_id)
);
@ -591,13 +632,14 @@ class auth_admin extends auth
ORDER BY left_id';
$result = $db->sql_query($sql);
$forum_names = array(0 => '');
// If the role is used globally, then reflect that
$forum_names = (isset($hold_ary[0])) ? array(0 => '') : array();
while ($row = $db->sql_fetchrow($result))
{
$forum_names[$row['forum_id']] = $row['forum_name'];
}
$db->sql_freeresult($result);
foreach ($forum_names as $forum_id => $forum_name)
{
$auth_ary = $hold_ary[$forum_id];
@ -723,7 +765,7 @@ class auth_admin extends auth
foreach ($option_ary as $option)
{
$sql_ary[] = array(
'auth_option' => $option,
'auth_option' => (string) $option,
'is_global' => ($type == 'global' || $type == 'local_global') ? 1 : 0,
'is_local' => ($type == 'local' || $type == 'local_global') ? 1 : 0
);
@ -779,7 +821,7 @@ class auth_admin extends auth
}
// Remove current auth options...
$auth_option_ids = array();
$auth_option_ids = array((int)$any_option_id);
foreach ($auth as $auth_option => $auth_setting)
{
$auth_option_ids[] = (int) $this->option_ids[$auth_option];
@ -788,7 +830,7 @@ class auth_admin extends auth
$sql = "DELETE FROM $table
WHERE $forum_sql
AND $ug_id_sql
AND auth_option_id IN ($any_option_id, " . implode(', ', $auth_option_ids) . ')';
AND " . $db->sql_in_set('auth_option_id', $auth_option_ids);
$db->sql_query($sql);
// Remove those having a role assigned... the correct type of course...
@ -837,7 +879,7 @@ class auth_admin extends auth
'forum_id' => (int) $forum,
'auth_option_id' => 0,
'auth_setting' => 0,
'auth_role_id' => $role_id
'auth_role_id' => (int) $role_id,
);
}
}
@ -918,7 +960,7 @@ class auth_admin extends auth
{
$sql_ary[] = array(
'role_id' => (int) $role_id,
'auth_option_id' => $this->option_ids[$flag],
'auth_option_id' => (int) $this->option_ids[$flag],
'auth_setting' => ACL_NEVER
);
}

31
phpBB/includes/auth.php
View File

@ -345,6 +345,37 @@ class auth
}
}
// Sometimes, it can happen $hold_ary holding forums which do not exist.
// Since this function is not called that often (we are caching the data) we check for this inconsistency.
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . '
WHERE ' . $db->sql_in_set('forum_id', array_keys($hold_ary));
$result = $db->sql_query($sql);
$forum_ids = (isset($hold_ary[0])) ? array(0) : array();
while ($row = $db->sql_fetchrow($result))
{
$forum_ids[] = $row['forum_id'];
}
$db->sql_freeresult($result);
// Now determine forums which do not exist and remove the unneeded information (for modding purposes it is clearly the wrong place. ;))
$missing_forums = array_diff(array_keys($hold_ary), $forum_ids);
if (sizeof($missing_forums))
{
foreach ($missing_forums as $forum_id)
{
unset($hold_ary[$forum_id]);
}
$sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $missing_forums);
$db->sql_query($sql);
$sql = 'DELETE FROM ' . ACL_USERS_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $missing_forums);
$db->sql_query($sql);
}
$hold_str = $this->build_bitstring($hold_ary);
if ($hold_str)

2
phpBB/includes/db/dbal.php
View File

@ -534,7 +534,7 @@ class dbal
// Show complete SQL error and path to administrators only
// Additionally show complete error on installation or if extended debug mode is enabled
// The DEBUG_EXTRA constant is for development only!
if (isset($auth) && ($auth->acl_get('a_') || defined('IN_INSTALL') || defined('DEBUG_EXTRA')))
if ((isset($auth) && $auth->acl_get('a_')) || defined('IN_INSTALL') || defined('DEBUG_EXTRA'))
{
// Print out a nice backtrace...
$backtrace = get_backtrace();

2
phpBB/includes/db/oracle.php
View File

@ -239,7 +239,7 @@ class dbal_oracle extends dbal
if (strlen($regs[3]) > 4000)
{
$cols = explode(', ', $regs[2]);
preg_match_all('/\'(?:[^\']++|\'\')*+\'|\[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER);
preg_match_all('/\'(?:[^\']++|\'\')*+\'|[\d-.]+/', $regs[3], $vals, PREG_PATTERN_ORDER);
$inserts = $vals[0];
unset($vals);

131
phpBB/includes/functions.php
View File

@ -577,7 +577,7 @@ if (!function_exists('realpath'))
$bits = explode('/', $path);
// Remove any . in the path, renumber array for the loop below
$bits = array_keys(array_diff($bits, array('.')));
$bits = array_values(array_diff($bits, array('.')));
// Lets get looping, run over and resolve any .. (up directory)
for ($i = 0, $max = sizeof($bits); $i < $max; $i++)
@ -789,6 +789,8 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36);
$user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000);
$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking_topics)) : tracking_serialize($tracking_topics);
unset($tracking_topics);
if ($user->data['is_registered'])
@ -846,8 +848,8 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
foreach ($sql_insert as $f_id)
{
$sql_ary[] = array(
'user_id' => $user->data['user_id'],
'forum_id' => $f_id,
'user_id' => (int) $user->data['user_id'],
'forum_id' => (int) $f_id,
'mark_time' => time()
);
}
@ -882,7 +884,14 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$tracking['f'][$f_id] = base_convert(time() - $config['board_startdate'], 10, 36);
}
if (isset($tracking['tf']) && empty($tracking['tf']))
{
unset($tracking['tf']);
}
$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking);
unset($tracking);
}
@ -909,10 +918,10 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$db->sql_return_on_error(true);
$sql_ary = array(
'user_id' => $user->data['user_id'],
'topic_id' => $topic_id,
'user_id' => (int) $user->data['user_id'],
'topic_id' => (int) $topic_id,
'forum_id' => (int) $forum_id,
'mark_time' => ($post_time) ? $post_time : time(),
'mark_time' => ($post_time) ? (int) $post_time : time(),
);
$db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
@ -977,6 +986,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
}
$user->set_cookie('track', tracking_serialize($tracking), time() + 31536000);
$_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking);
}
return;
@ -995,8 +1005,8 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $
$db->sql_return_on_error(true);
$sql_ary = array(
'user_id' => $use_user_id,
'topic_id' => $topic_id,
'user_id' => (int) $use_user_id,
'topic_id' => (int) $topic_id,
'topic_posted' => 1
);
@ -1241,11 +1251,8 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti
}
else if ($config['load_anon_lastread'] || $user->data['is_registered'])
{
if (!isset($tracking_topics) || !sizeof($tracking_topics))
{
$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
}
$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : '';
$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
if (!$user->data['is_registered'])
{
@ -1300,6 +1307,7 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti
$check_forum = $tracking_topics['tf'][$forum_id];
$unread = false;
while ($row = $db->sql_fetchrow($result))
{
if (!in_array(base_convert($row['topic_id'], 10, 36), array_keys($check_forum)))
@ -2235,7 +2243,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
'U_PRIVACY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'),
'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false,
'S_AUTOLOGIN_ENABLED' => ($config['allow_autologin']) ? true : false,
'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory
'S_HIDDEN_FIELDS' => $s_hidden_fields,
@ -2387,7 +2394,7 @@ function get_context($text, $words, $length = 400)
{
if (preg_match('#(?:[^\w]|^)(' . $word . ')(?:[^\w]|$)#i', $text, $match))
{
$pos = strpos($text, $match[1]);
$pos = utf8_strpos($text, $match[1]);
if ($pos !== false)
{
$word_indizes[] = $pos;
@ -2410,21 +2417,21 @@ function get_context($text, $words, $length = 400)
$final_text_index = -1;
// cycle through every character in the original text
for ($i = $word_indizes[$word], $n = strlen($text); $i < $n; $i++)
for ($i = $word_indizes[$word], $n = utf8_strlen($text); $i < $n; $i++)
{
// if the current position is the start of one of the words then append $sequence_length characters to the final text
if (isset($word_indizes[$word]) && ($i == $word_indizes[$word]))
{
if ($final_text_index < $i - $sequence_length - 1)
{
$final_text .= '... ' . preg_replace('#^([^ ]*)#', '', substr($text, $i - $sequence_length, $sequence_length));
$final_text .= '... ' . preg_replace('#^([^ ]*)#', '', utf8_substr($text, $i - $sequence_length, $sequence_length));
}
else
{
// if the final text is already nearer to the current word than $sequence_length we only append the text
// from its current index on and distribute the unused length to all other sequenes
$sequence_length += (int) (($final_text_index - $i + $sequence_length + 1) / (2 * $wordnum));
$final_text .= substr($text, $final_text_index + 1, $i - $final_text_index - 1);
$final_text .= utf8_substr($text, $final_text_index + 1, $i - $final_text_index - 1);
}
$final_text_index = $i - 1;
@ -2436,17 +2443,17 @@ function get_context($text, $words, $length = 400)
if ($j > 0)
{
// add the character to the final text and increment the sequence counter
$final_text .= $text[$i];
$final_text .= utf8_substr($text, $i, 1);
$final_text_index++;
$j++;
// if this is a whitespace then check whether we are done with this sequence
if ($text[$i] == ' ')
if (utf8_substr($text, $i, 1) == ' ')
{
// only check whether we have to exit the context generation completely if we haven't already reached the end anyway
if ($i + 4 < $n)
{
if (($j > $sequence_length && $word >= $wordnum) || strlen($final_text) > $length)
if (($j > $sequence_length && $word >= $wordnum) || utf8_strlen($final_text) > $length)
{
$final_text .= ' ...';
break;
@ -2472,7 +2479,7 @@ function get_context($text, $words, $length = 400)
if (!sizeof($words) || !sizeof($word_indizes))
{
return (strlen($text) >= $length + 3) ? substr($text, 0, $length) . '...' : $text;
return (utf8_strlen($text) >= $length + 3) ? utf8_substr($text, 0, $length) . '...' : $text;
}
}
@ -4117,7 +4124,7 @@ function page_header($page_title = '', $display_online_list = true)
'UA_POPUP_PM' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=popup', false),
'U_MEMBERLIST' => append_sid("{$phpbb_root_path}memberlist.$phpEx"),
'U_MEMBERSLIST' => append_sid("{$phpbb_root_path}memberlist.$phpEx"),
'U_VIEWONLINE' => append_sid("{$phpbb_root_path}viewonline.$phpEx"),
'U_VIEWONLINE' => ($auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) ? append_sid("{$phpbb_root_path}viewonline.$phpEx") : '',
'U_LOGIN_LOGOUT' => $u_login_logout,
'U_INDEX' => append_sid("{$phpbb_root_path}index.$phpEx"),
'U_SEARCH' => append_sid("{$phpbb_root_path}search.$phpEx"),
@ -4134,6 +4141,7 @@ function page_header($page_title = '', $display_online_list = true)
'U_RESTORE_PERMISSIONS' => ($user->data['user_perm_from'] && $auth->acl_get('a_switchperm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=restore_perm') : '',
'S_USER_LOGGED_IN' => ($user->data['user_id'] != ANONYMOUS) ? true : false,
'S_AUTOLOGIN_ENABLED' => ($config['allow_autologin']) ? true : false,
'S_BOARD_DISABLED' => ($config['board_disable']) ? true : false,
'S_REGISTERED_USER' => $user->data['is_registered'],
'S_IS_BOT' => $user->data['is_bot'],
@ -4169,79 +4177,6 @@ function page_header($page_title = '', $display_online_list = true)
'SITE_LOGO_IMG' => $user->img('site_logo'))
);
// Once used, we do not want to have the whole theme data twice in memory...
if ($user->theme['theme_storedb'])
{
// Parse Theme Data
$replace = array(
'{T_THEME_PATH}' => "{$phpbb_root_path}styles/" . $user->theme['theme_path'] . '/theme',
'{T_TEMPLATE_PATH}' => "{$phpbb_root_path}styles/" . $user->theme['template_path'] . '/template',
'{T_IMAGESET_PATH}' => "{$phpbb_root_path}styles/" . $user->theme['imageset_path'] . '/imageset',
'{T_IMAGESET_LANG_PATH}' => "{$phpbb_root_path}styles/" . $user->theme['imageset_path'] . '/imageset/' . $user->data['user_lang'],
'{T_STYLESHEET_NAME}' => $user->theme['theme_name'],
'{S_USER_LANG}' => $user->data['user_lang']
);
$user->theme['theme_data'] = str_replace(array_keys($replace), array_values($replace), $user->theme['theme_data']);
$matches = array();
if (strpos($user->theme['theme_data'], '{IMG_') !== false)
{
preg_match_all('#\{IMG_([A-Za-z0-9_]*?)_(WIDTH|HEIGHT|SRC)\}#', $user->theme['theme_data'], $matches);
$imgs = $find = $replace = array();
if (isset($matches[0]) && sizeof($matches[0]))
{
foreach ($matches[1] as $i => $img)
{
$img = strtolower($img);
if (!isset($img_array[$img]))
{
continue;
}
if (!isset($imgs[$img]))
{
$img_data = &$img_array[$img];
$imgsrc = ($img_data['image_lang'] ? $img_data['image_lang'] . '/' : '') . $img_data['image_filename'];
$imgs[$img] = array(
'src' => $phpbb_root_path . 'styles/' . $user->theme['imageset_path'] . '/imageset/' . $imgsrc,
'width' => $img_data['image_width'],
'height' => $img_data['image_height'],
);
}
switch ($matches[2][$i])
{
case 'SRC':
$replace[] = $imgs[$img]['src'];
break;
case 'WIDTH':
$replace[] = $imgs[$img]['width'];
break;
case 'HEIGHT':
$replace[] = $imgs[$img]['height'];
break;
default:
continue;
}
$find[] = $matches[0][$i];
}
if (sizeof($find))
{
$user->theme['theme_data'] = str_replace($find, $replace, $user->theme['theme_data']);
}
}
}
$template->assign_var('T_THEME_DATA', $user->theme['theme_data']);
$user->theme['theme_data'] = '';
}
// application/xhtml+xml not used because of IE
header('Content-type: text/html; charset=UTF-8');
@ -4294,11 +4229,11 @@ function page_footer($run_cron = true)
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
'U_ACP' => ($auth->acl_get('a_') && $user->data['is_registered']) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", '', true, $user->session_id) : '')
'U_ACP' => ($auth->acl_get('a_') && $user->data['is_registered']) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", false, true, $user->session_id) : '')
);
// Call cron-type script
if (!defined('IN_CRON') && $run_cron)
if (!defined('IN_CRON') && $run_cron && !$config['board_disable'])
{
$cron_type = '';

34
phpBB/includes/functions_admin.php
View File

@ -365,14 +365,14 @@ function filelist($rootdir, $dir = '', $type = 'gif|jpg|jpeg|png')
if (!is_dir($rootdir . $dir))
{
return false;
return $matches;
}
$dh = @opendir($rootdir . $dir);
if (!$dh)
{
return false;
return $matches;
}
while (($fname = readdir($dh)) !== false)
@ -1079,8 +1079,8 @@ function update_posted_info(&$topic_ids)
foreach ($topic_row as $topic_id)
{
$sql_ary[] = array(
'user_id' => $user_id,
'topic_id' => $topic_id,
'user_id' => (int) $user_id,
'topic_id' => (int) $topic_id,
'topic_posted' => 1,
);
}
@ -2244,9 +2244,9 @@ function cache_moderators()
foreach ($forum_id_ary as $forum_id => $auth_ary)
{
$sql_ary[] = array(
'forum_id' => $forum_id,
'user_id' => $user_id,
'username' => $usernames_ary[$user_id],
'forum_id' => (int) $forum_id,
'user_id' => (int) $user_id,
'username' => (string) $usernames_ary[$user_id],
'group_id' => 0,
'group_name' => ''
);
@ -2307,11 +2307,11 @@ function cache_moderators()
}
$sql_ary[] = array(
'forum_id' => $forum_id,
'forum_id' => (int) $forum_id,
'user_id' => 0,
'username' => '',
'group_id' => $group_id,
'group_name' => $groupnames_ary[$group_id]
'group_id' => (int) $group_id,
'group_name' => (string) $groupnames_ary[$group_id]
);
}
}
@ -2423,7 +2423,8 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
if (isset($user->lang[$row['log_operation']]))
{
$log[$i]['action'] = vsprintf($log[$i]['action'], $log_data_ary);
// We supress the warning about inappropiate number of passed parameters here due to possible changes within LOG strings from one version to another.
$log[$i]['action'] = @vsprintf($log[$i]['action'], $log_data_ary);
// If within the admin panel we do not censor text out
if (defined('IN_ADMIN'))
@ -2791,6 +2792,17 @@ function get_database_size()
}
break;
case 'firebird':
global $dbname;
// if it on the local machine, we can get lucky
if (file_exists($dbname))
{
$database_size = filesize($dbname);
}
break;
case 'sqlite':
global $dbhost;

28
phpBB/includes/functions_compress.php
View File

@ -12,7 +12,7 @@
* Class for handling archives (compression/decompression)
* @package phpBB3
*/
class compress
class compress
{
var $fp = 0;
@ -434,12 +434,15 @@ class compress_zip extends compress
header("Content-Type: $mimetype; name=\"$download_name.zip\"");
header("Content-disposition: attachment; filename=$download_name.zip");
$fp = fopen("{$phpbb_root_path}store/$filename.zip", 'rb');
while ($buffer = fread($fp, 1024))
$fp = @fopen("{$phpbb_root_path}store/$filename.zip", 'rb');
if ($fp)
{
echo $buffer;
while ($buffer = fread($fp, 1024))
{
echo $buffer;
}
fclose($fp);
}
fclose($fp);
}
}
@ -546,8 +549,8 @@ class compress_tar extends compress
{
$fzwrite = ($this->isbz && function_exists('bzwrite')) ? 'bzwrite' : (($this->isgz && @extension_loaded('zlib')) ? 'gzwrite' : 'fwrite');
// Symbolizes that there are no more files
$fzwrite($this->fp, str_repeat("\0", 512));
// The end of a tar archive ends in two records of all NULLs (1024 bytes of \0)
$fzwrite($this->fp, str_repeat("\0", 1024));
}
$fzclose($this->fp);
@ -648,12 +651,15 @@ class compress_tar extends compress
header("Content-Type: $mimetype; name=\"$download_name$this->type\"");
header("Content-disposition: attachment; filename=$download_name$this->type");
$fp = fopen("{$phpbb_root_path}store/$filename$this->type", 'rb');
while ($buffer = fread($fp, 1024))
$fp = @fopen("{$phpbb_root_path}store/$filename$this->type", 'rb');
if ($fp)
{
echo $buffer;
while ($buffer = fread($fp, 1024))
{
echo $buffer;
}
fclose($fp);
}
fclose($fp);
}
}

45
phpBB/includes/functions_convert.php
View File

@ -224,13 +224,15 @@ function make_uid($timestamp)
*/
function validate_website($url)
{
if ($url === 'http://'){
if ($url === 'http://')
{
return '';
}
else if (strpos(strtolower($url), 'http://') !== 0)
{
return 'http://' . $url;
}
return $url;
}
/**
@ -1479,18 +1481,21 @@ function mass_auth($ug_type, $forum_id, $ug_id, $acl_list, $setting = ACL_NO)
// Role based permissions are the simplest to handle so check for them first
if ($ug_type == 'user_role' || $ug_type == 'group_role')
{
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "
WHERE role_name = 'ROLE_" . $db->sql_escape($acl_list) . "'";
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// If we have no role id there is something wrong here
if ($row)
if (is_numeric($forum_id))
{
$sql = "INSERT INTO $table ($id_field, forum_id, auth_role_id) VALUES ($ug_id, $forum_id, " . $row['role_id'] . ')';
$db->sql_query($sql);
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "
WHERE role_name = 'ROLE_" . $db->sql_escape($acl_list) . "'";
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// If we have no role id there is something wrong here
if ($row)
{
$sql = "INSERT INTO $table ($id_field, forum_id, auth_role_id) VALUES ($ug_id, $forum_id, " . $row['role_id'] . ')';
$db->sql_query($sql);
}
}
return;
@ -1540,7 +1545,7 @@ function mass_auth($ug_type, $forum_id, $ug_id, $acl_list, $setting = ACL_NO)
$db->sql_freeresult($result);
}
$sql_forum = 'AND a.forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')';
$sql_forum = 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id), false, true);
$sql = ($ug_type == 'user') ? 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $sql_forum AND a.user_id = $ug_id" : 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $sql_forum AND a.group_id = $ug_id";
$result = $db->sql_query($sql);
@ -1682,8 +1687,8 @@ function add_default_groups()
);
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . "
WHERE group_name IN ('" . implode("', '", array_keys($default_groups)) . "')";
FROM ' . GROUPS_TABLE . '
WHERE ' . $db->sql_in_set('group_name', array_keys($default_groups));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@ -1702,9 +1707,9 @@ function add_default_groups()
'group_desc_uid' => '',
'group_desc_bitfield' => '',
'group_type' => GROUP_SPECIAL,
'group_colour' => $data[0],
'group_legend' => $data[1],
'group_founder_manage' => $data[2]
'group_colour' => (string) $data[0],
'group_legend' => (int) $data[1],
'group_founder_manage' => (int) $data[2]
);
}
@ -2060,7 +2065,7 @@ function fix_empty_primary_groups()
if (sizeof($user_ids))
{
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET group_id = ' . get_group_id('administrators') . '
WHERE group_id = 0 AND user_id IN (' . implode(', ', $user_ids) . ')');
WHERE group_id = 0 AND ' . $db->sql_in_set('user_id', $user_ids));
}
$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . ' WHERE group_id = ' . get_group_id('global_moderators');
@ -2075,7 +2080,7 @@ function fix_empty_primary_groups()
if (sizeof($user_ids))
{
$db->sql_query('UPDATE ' . USERS_TABLE . ' SET group_id = ' . get_group_id('global_moderators') . '
WHERE group_id = 0 AND user_id IN (' . implode(', ', $user_ids) . ')');
WHERE group_id = 0 AND ' . $db->sql_in_set('user_id', $user_ids));
}
// Set user colour

26
phpBB/includes/functions_display.php
View File

@ -216,10 +216,6 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
$forum_rows[$parent_id]['forum_last_poster_colour'] = $row['forum_last_poster_colour'];
$forum_rows[$parent_id]['forum_id_last_post'] = $forum_id;
}
else
{
$forum_rows[$parent_id]['forum_id_last_post'] = $forum_id;
}
}
}
$db->sql_freeresult($result);
@ -372,6 +368,24 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
$s_subforums_list = (string) implode(', ', $s_subforums_list);
$catless = ($row['parent_id'] == $root_data['forum_id']) ? true : false;
if ($row['forum_type'] != FORUM_LINK)
{
$u_viewforum = append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']);
}
else
{
// If the forum is a link and we count redirects we need to visit it
// If the forum is having a password or no read access we do not expose the link, but instead handle it in viewforum
if (($row['forum_flags'] & FORUM_FLAG_LINK_TRACK) || $row['forum_password'] || !$auth->acl_get('f_read', $forum_id))
{
$u_viewforum = append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']);
}
else
{
$u_viewforum = $row['forum_link'];
}
}
$template->assign_block_vars('forumrow', array(
'S_IS_CAT' => false,
'S_NO_CAT' => $catless && !$last_catless,
@ -401,7 +415,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
'L_FORUM_FOLDER_ALT' => $folder_alt,
'L_MODERATOR_STR' => $l_moderator,
'U_VIEWFORUM' => ($row['forum_type'] != FORUM_LINK || ($row['forum_flags'] & FORUM_FLAG_LINK_TRACK)) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : $row['forum_link'],
'U_VIEWFORUM' => $u_viewforum,
'U_LAST_POSTER' => get_username_string('profile', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']),
'U_LAST_POST' => $last_post_url)
);
@ -665,7 +679,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
}
else
{
$forum_moderators[$row['forum_id']][] = '<a' . (($row['group_colour']) ? ' style="color:#' . $row['group_colour'] . ';font-weight:bold;"' : '') . ' href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']) . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</a>';
$forum_moderators[$row['forum_id']][] = '<a' . (($row['group_colour']) ? ' style="color:#' . $row['group_colour'] . ';"' : '') . ' href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']) . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</a>';
}
}
$db->sql_freeresult($result);

3
phpBB/includes/functions_install.php
View File

@ -258,7 +258,7 @@ function connect_check_db($error_connect, &$error, $dbms, $table_prefix, $dbhost
$db->sql_return_on_error(true);
// Check that we actually have a database name before going any further.....
if ($dbms['DRIVER'] != 'sqlite' && $dbname === '')
if ($dbms['DRIVER'] != 'sqlite' && $dbms['DRIVER'] != 'oracle' && $dbname === '')
{
$error[] = $lang['INST_ERR_DB_NO_NAME'];
return false;
@ -324,6 +324,7 @@ function connect_check_db($error_connect, &$error, $dbms, $table_prefix, $dbhost
$table_ary = array($temp_prefix . 'attachments', $temp_prefix . 'config', $temp_prefix . 'sessions', $temp_prefix . 'topics', $temp_prefix . 'users');
$tables = get_tables($db);
$tables = array_map('strtolower', $tables);
$table_intersect = array_intersect($tables, $table_ary);
if (sizeof($table_intersect))

2
phpBB/includes/functions_jabber.php
View File

@ -394,7 +394,7 @@ class jabber
}
// go on with authentication?
if (isset($this->features['stream:features'][0]['#']['bind']) || $this->session['tls'])
if (isset($this->features['stream:features'][0]['#']['bind']) || !empty($this->session['tls']))
{
return $this->response($this->features);
}

12
phpBB/includes/functions_messenger.php
View File

@ -26,7 +26,9 @@ class messenger
*/
function messenger($use_queue = true)
{
$this->use_queue = $use_queue;
global $config;
$this->use_queue = (!$config['email_package_size']) ? false : $use_queue;
$this->subject = '';
}
@ -287,6 +289,7 @@ class messenger
if ($config['email_package_size'] && $this->use_queue && !empty($this->queue))
{
$this->queue->save();
return;
}
}
@ -819,7 +822,11 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = '')
$smtp->add_backtrace('Connecting to ' . $config['smtp_host'] . ':' . $config['smtp_port']);
// Ok we have error checked as much as we can to this point let's get on it already.
if (!$smtp->socket = @fsockopen($config['smtp_host'], $config['smtp_port'], $errno, $errstr, 20))
ob_start();
$smtp->socket = fsockopen($config['smtp_host'], $config['smtp_port'], $errno, $errstr, 20);
$error_contents = ob_get_clean();
if (!$smtp->socket)
{
if ($errstr)
{
@ -827,6 +834,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = '')
}
$err_msg = (isset($user->lang['NO_CONNECT_TO_SMTP_HOST'])) ? sprintf($user->lang['NO_CONNECT_TO_SMTP_HOST'], $errno, $errstr) : "Could not connect to smtp host : $errno : $errstr";
$err_msg .= ($error_contents) ? '<br /><br />' . htmlspecialchars($error_contents) : '';
return false;
}

47
phpBB/includes/functions_module.php
View File

@ -124,20 +124,7 @@ class p_master
$this->module_cache['modules'] = array_merge($this->module_cache['modules']);
// Include MOD _info files for populating language entries within the menus
if (file_exists($user->lang_path . 'mods'))
{
$add_files = array();
foreach (glob($user->lang_path . 'mods/info_' . strtolower($this->p_class) . '_*.' . $phpEx, GLOB_NOSORT) as $file)
{
$add_files[] = 'mods/' . substr(basename($file), 0, -(strlen($phpEx) + 1));
}
if (sizeof($add_files))
{
$user->add_lang($add_files);
}
}
$this->add_mod_info($this->p_class);
// Now build the module array, but exclude completely empty categories...
$right_id = false;
@ -815,6 +802,38 @@ class p_master
}
}
}
/**
* Add custom MOD info language file
*/
function add_mod_info($module_class)
{
global $user, $phpEx;
if (file_exists($user->lang_path . 'mods'))
{
$add_files = array();
$dir = @opendir($user->lang_path . 'mods');
if ($dir)
{
while (($entry = readdir($dir)) !== false)
{
if (strpos($entry, 'info_' . strtolower($module_class) . '_') === 0 && substr(strrchr($entry, '.'), 1) == $phpEx)
{
$add_files[] = 'mods/' . substr(basename($entry), 0, -(strlen($phpEx) + 1));
}
}
closedir($dir);
}
if (sizeof($add_files))
{
$user->add_lang($add_files);
}
}
}
}
?>

39
phpBB/includes/functions_posting.php
View File

@ -757,7 +757,7 @@ function posting_gen_attachment_entry($attachment_data, &$filename_data)
$hidden .= '<input type="hidden" name="attachment_data[' . $count . '][' . $key . ']" value="' . $value . '" />';
}
$download_link = append_sid("{$phpbb_root_path}download.$phpEx", 'mode=view&amp;id=' . (int) $attach_row['attach_id'], false, ($attach_row['is_orphan']) ? $user->session_id : false);
$download_link = append_sid("{$phpbb_root_path}download.$phpEx", 'mode=view&amp;id=' . (int) $attach_row['attach_id'], true, ($attach_row['is_orphan']) ? $user->session_id : false);
$template->assign_block_vars('attach_row', array(
'FILENAME' => basename($attach_row['real_filename']),
@ -1368,8 +1368,8 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data[FORUMS_TABLE] .= 'forum_posts = forum_posts - 1, forum_topics_real = forum_topics_real - 1';
$sql_data[FORUMS_TABLE] .= ($data['topic_approved']) ? ', forum_topics = forum_topics - 1' : '';
$sql_data[FORUMS_TABLE] .= 'forum_topics_real = forum_topics_real - 1';
$sql_data[FORUMS_TABLE] .= ($data['topic_approved']) ? ', forum_posts = forum_posts - 1, forum_topics = forum_topics - 1' : '';
}
$update_sql = update_post_information('forum', $forum_id, true);
@ -1392,7 +1392,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
$sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : '';
}
$sql_data[TOPICS_TABLE] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
@ -1406,7 +1406,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
case 'delete_last_post':
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
$sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : '';
}
$update_sql = update_post_information('forum', $forum_id, true);
@ -1451,7 +1451,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
if ($data['topic_type'] != POST_GLOBAL)
{
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
$sql_data[FORUMS_TABLE] = ($data['post_approved']) ? 'forum_posts = forum_posts - 1' : '';
}
$sql_data[TOPICS_TABLE] = 'topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
@ -2231,7 +2231,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// salvation, a post is found! jam it into the forums table
// salvation, a post is found! jam it into the topics table
$sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_id = ' . (int) $row['post_id'];
$sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($row['post_subject']) . "'";
$sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_post_time = ' . (int) $row['post_time'];
@ -2276,6 +2276,19 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
$db->sql_query($sql);
}
// Committing the transaction before updating search index
$db->sql_transaction('commit');
// Delete draft if post was loaded...
$draft_id = request_var('draft_loaded', 0);
if ($draft_id)
{
$sql = 'DELETE FROM ' . DRAFTS_TABLE . "
WHERE draft_id = $draft_id
AND user_id = {$user->data['user_id']}";
$db->sql_query($sql);
}
// Index message contents
if ($update_message && $data['enable_indexing'])
{
@ -2303,16 +2316,6 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
$search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, ($topic_type == POST_GLOBAL) ? 0 : $data['forum_id']);
}
// Delete draft if post was loaded...
$draft_id = request_var('draft_loaded', 0);
if ($draft_id)
{
$sql = 'DELETE FROM ' . DRAFTS_TABLE . "
WHERE draft_id = $draft_id
AND user_id = {$user->data['user_id']}";
$db->sql_query($sql);
}
// Topic Notification, do not change if moderator is changing other users posts...
if ($user->data['user_id'] == $poster_id)
{
@ -2331,8 +2334,6 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
}
}
$db->sql_transaction('commit');
if ($mode == 'post' || $mode == 'reply' || $mode == 'quote')
{
// Mark this topic as posted to

17
phpBB/includes/functions_privmsgs.php
View File

@ -760,7 +760,7 @@ function move_pm($user_id, $message_limit, $move_msg_ids, $dest_folder, $cur_fol
}
if (sizeof($move_msg_ids) && !in_array($dest_folder, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX)) &&
!in_array($cur_folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX)) && $cur_folder_id != $dest_folder)
!in_array($cur_folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)) && $cur_folder_id != $dest_folder)
{
// We have to check the destination folder ;)
if ($dest_folder != PRIVMSGS_INBOX)
@ -832,6 +832,10 @@ function move_pm($user_id, $message_limit, $move_msg_ids, $dest_folder, $cur_fol
$db->sql_query($sql);
}
}
}
else if (in_array($cur_folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)))
{
trigger_error('CANNOT_MOVE_SPECIAL');
}
return $num_moved;
@ -864,6 +868,17 @@ function update_unread_status($unread, $msg_id, $user_id, $folder_id)
if ($user->data['user_id'] == $user_id)
{
$user->data['user_unread_privmsg']--;
// Try to cope with previous wrong conversions...
if ($user->data['user_unread_privmsg'] < 0)
{
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_unread_privmsg = 0
WHERE user_id = $user_id";
$db->sql_query($sql);
$user->data['user_unread_privmsg'] = 0;
}
}
}

13
phpBB/includes/functions_profile_fields.php
View File

@ -14,7 +14,7 @@
*/
class custom_profile
{
var $profile_types = array(1 => 'int', 2 => 'string', 3 => 'text', 4 => 'bool', 5 => 'dropdown', 6 => 'date');
var $profile_types = array(FIELD_INT => 'int', FIELD_STRING => 'string', FIELD_TEXT => 'text', FIELD_BOOL => 'bool', FIELD_DROPDOWN => 'dropdown', FIELD_DATE => 'date');
var $profile_cache = array();
var $options_lang = array();
@ -69,7 +69,7 @@ class custom_profile
'LANG_NAME' => $row['lang_name'],
'LANG_EXPLAIN' => $row['lang_explain'],
'FIELD' => $tpl_snippet,
'FIELD_ID' => ($type == 6 || ($type == 4 && $row['field_length'] == '1')) ? '' : 'pf_' . $row['field_ident'],
'FIELD_ID' => ($type == FIELD_DATE || ($type == FIELD_BOOL && $row['field_length'] == '1')) ? '' : 'pf_' . $row['field_ident'],
'S_REQUIRED' => ($row['field_required']) ? true : false)
);
}
@ -528,7 +528,7 @@ class custom_profile
}
else
{
return $this->options_lang[$field_id][$lang_id][(int) ($value + 1)];
return $this->options_lang[$field_id][$lang_id][(int) ($value) + 1];
}
break;
@ -547,8 +547,7 @@ class custom_profile
global $user;
$profile_row['field_ident'] = (isset($profile_row['var_name'])) ? $profile_row['var_name'] : 'pf_' . $profile_row['field_ident'];
$user_ident = 'pf_' . str_replace('pf_', '', $profile_row['field_ident']);
$user_ident = $profile_row['field_ident'];
// checkbox - only testing for isset
if ($profile_row['field_type'] == FIELD_BOOL && $profile_row['field_length'] == 2)
{
@ -619,7 +618,7 @@ class custom_profile
global $user, $template;
$profile_row['field_ident'] = (isset($profile_row['var_name'])) ? $profile_row['var_name'] : 'pf_' . $profile_row['field_ident'];
$user_ident = 'pf_' . str_replace('pf_', '', $profile_row['field_ident']);
$user_ident = $profile_row['field_ident'];
$now = getdate();
@ -994,7 +993,7 @@ class custom_profile_admin extends custom_profile
);
$options = array(
0 => array('TITLE' => $user->lang['FIELD_TYPE'], 'EXPLAIN' => $user->lang['BOOL_TYPE_EXPLAIN'], 'FIELD' => '<label><input type="radio" class="radio" name="field_length" value="1"' . (($this->vars['field_length'] == 1) ? ' checked="checked"' : '') . ' />' . $user->lang['RADIO_BUTTONS'] . '</label><label><input type="radio" class="radio" name="field_length" value="2"' . (($this->vars['field_length'] == 2) ? ' checked="checked"' : '') . ' />' . $user->lang['CHECKBOX'] . '</label>'),
0 => array('TITLE' => $user->lang['FIELD_TYPE'], 'EXPLAIN' => $user->lang['BOOL_TYPE_EXPLAIN'], 'FIELD' => '<label><input type="radio" class="radio" name="field_length" value="1"' . (($this->vars['field_length'] == 1) ? ' checked="checked"' : '') . ' onchange="document.getElementById(\'add_profile_field\').submit();" /> ' . $user->lang['RADIO_BUTTONS'] . '</label><label><input type="radio" class="radio" name="field_length" value="2"' . (($this->vars['field_length'] == 2) ? ' checked="checked"' : '') . ' onchange="document.getElementById(\'add_profile_field\').submit();" /> ' . $user->lang['CHECKBOX'] . '</label>'),
1 => array('TITLE' => $user->lang['DEFAULT_VALUE'], 'FIELD' => $this->process_field_row('preview', $profile_row))
);

129
phpBB/includes/functions_user.php
View File

@ -368,40 +368,47 @@ function user_delete($mode, $user_id, $post_username = false)
$post_username = $user->lang['GUEST'];
}
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = ''
WHERE forum_last_poster_id = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . POSTS_TABLE . '
SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "'
WHERE poster_id = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . POSTS_TABLE . '
SET post_edit_user = ' . ANONYMOUS . "
WHERE post_edit_user = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = ''
WHERE topic_poster = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = ''
WHERE topic_last_poster_id = $user_id";
$db->sql_query($sql);
// Since we change every post by this author, we need to count this amount towards the anonymous user
// Update the post count for the anonymous user
if ($user_row['user_posts'])
// If the user is inactive and newly registered we assume no posts from this user being there...
if ($user_row['user_type'] == USER_INACTIVE && $user_row['user_inactive_reason'] == INACTIVE_REGISTER && !$user_row['user_posts'])
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_posts = user_posts + ' . $user_row['user_posts'] . '
WHERE user_id = ' . ANONYMOUS;
}
else
{
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = ''
WHERE forum_last_poster_id = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . POSTS_TABLE . '
SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "'
WHERE poster_id = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . POSTS_TABLE . '
SET post_edit_user = ' . ANONYMOUS . "
WHERE post_edit_user = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = ''
WHERE topic_poster = $user_id";
$db->sql_query($sql);
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = ''
WHERE topic_last_poster_id = $user_id";
$db->sql_query($sql);
// Since we change every post by this author, we need to count this amount towards the anonymous user
// Update the post count for the anonymous user
if ($user_row['user_posts'])
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_posts = user_posts + ' . $user_row['user_posts'] . '
WHERE user_id = ' . ANONYMOUS;
$db->sql_query($sql);
}
}
break;
@ -671,7 +678,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
}
else
{
trigger_error($user->lang['LENGTH_BAN_INVALID']);
trigger_error('LENGTH_BAN_INVALID');
}
}
}
@ -723,11 +730,11 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
$clean_name = utf8_clean_string($username);
if ($clean_name == $user->data['username_clean'])
{
trigger_error($user->lang['CANNOT_BAN_YOURSELF']);
trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING);
}
if (in_array($clean_name, $founder_names))
{
trigger_error($user->lang['CANNOT_BAN_FOUNDER']);
trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING);
}
$sql_usernames[] = $clean_name;
}
@ -736,7 +743,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
// Make sure we have been given someone to ban
if (!sizeof($sql_usernames))
{
trigger_error($user->lang['NO_USER_SPECIFIED']);
trigger_error('NO_USER_SPECIFIED');
}
$sql = 'SELECT user_id
@ -759,13 +766,13 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
{
do
{
$banlist_ary[] = $row['user_id'];
$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
}
else
{
trigger_error($user->lang['NO_USERS']);
trigger_error('NO_USERS');
}
$db->sql_freeresult($result);
}
@ -842,7 +849,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
else if (preg_match('#^\*$#', trim($ban_item)))
{
// Ban all IPs
$banlist_ary[] = "*";
$banlist_ary[] = '*';
}
else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($ban_item)))
{
@ -952,11 +959,11 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
{
$sql_ary[] = array(
$type => $ban_entry,
'ban_start' => $current_time,
'ban_end' => $ban_end,
'ban_exclude' => $ban_exclude,
'ban_reason' => $ban_reason,
'ban_give_reason' => $ban_give_reason,
'ban_start' => (int) $current_time,
'ban_end' => (int) $ban_end,
'ban_exclude' => (int) $ban_exclude,
'ban_reason' => (string) $ban_reason,
'ban_give_reason' => (string) $ban_give_reason,
);
}
@ -1277,7 +1284,7 @@ function validate_username($username, $allowed_username = false)
$mbstring = $pcre = false;
// generic UTF-8 character types supported?
if (version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>=')))
if ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false)
{
$pcre = true;
}
@ -1296,12 +1303,12 @@ function validate_username($username, $allowed_username = false)
case 'USERNAME_ALPHA_ONLY':
$pcre = true;
$regex = '[A-Za-z]+';
$regex = '[A-Za-z0-9]+';
break;
case 'USERNAME_ALPHA_SPACERS':
$pcre = true;
$regex = '[A-Za-z-\]_+ ]+';
$regex = '[A-Za-z0-9-[\]_+ ]+';
break;
case 'USERNAME_LETTER_NUM':
@ -1388,7 +1395,7 @@ function validate_username($username, $allowed_username = false)
foreach ($bad_usernames as $bad_username)
{
if (preg_match('#^' . $bad_username . '#', $clean_username))
if (preg_match('#^' . $bad_username . '$#', $clean_username))
{
return 'USERNAME_DISALLOWED';
}
@ -1428,7 +1435,7 @@ function validate_password($password)
$pcre = $mbstring = false;
// generic UTF-8 character types supported?
if (version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>=')))
if ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false)
{
$upp = '\p{Lu}';
$low = '\p{Ll}';
@ -1493,7 +1500,7 @@ function validate_password($password)
{
foreach ($chars as $char)
{
if (!mb_ereg_match($char, $password))
if (mb_ereg($char, $password) === false)
{
return 'INVALID_CHARS';
}
@ -1813,13 +1820,13 @@ function avatar_remote($data, &$error)
}
// Make sure getimagesize works...
if (($image_data = @getimagesize($data['remotelink'])) === false)
if (($image_data = @getimagesize($data['remotelink'])) === false && (empty($data['width']) || empty($data['height'])))
{
$error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
return false;
}
if ($image_data[0] < 2 || $image_data[1] < 2)
if (!empty($image_data) && ($image_data[0] < 2 || $image_data[1] < 2))
{
$error[] = $user->lang['AVATAR_NO_SIZE'];
return false;
@ -1839,7 +1846,7 @@ function avatar_remote($data, &$error)
$types = fileupload::image_types();
$extension = strtolower(filespec::get_extension($data['remotelink']));
if (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]]))
if (!empty($image_data) && (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]])))
{
if (!isset($types[$image_data[2]]))
{
@ -2389,7 +2396,7 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow
if (sizeof($user_ary))
{
group_set_user_default($group_id, $user_ary, $sql_ary);
group_set_user_default($group_id, $user_ary, $sql_ary, false, true);
}
}
@ -2567,10 +2574,10 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false,
foreach ($add_id_ary as $user_id)
{
$sql_ary[] = array(
'user_id' => $user_id,
'group_id' => $group_id,
'group_leader' => $leader,
'user_pending' => $pending,
'user_id' => (int) $user_id,
'group_id' => (int) $group_id,
'group_leader' => (int) $leader,
'user_pending' => (int) $pending,
);
}
@ -2886,7 +2893,7 @@ function group_validate_groupname($group_id, $group_name)
*
* @private
*/
function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false)
function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false, $same_group = false)
{
global $db;
@ -2923,8 +2930,8 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
{
if (isset($group_attributes[$attribute]))
{
// If we are about to set an avatar, we will not overwrite user avatars if no group avatar is set...
if (strpos($attribute, 'group_avatar') === 0 && !$group_attributes[$attribute])
// If we are about to set an avatar or rank, we will not overwrite with empty, unless we are not actually changing the default group
if (!$same_group && (strpos($attribute, 'group_avatar') === 0 || strpos($attribute, 'group_rank') === 0) && !$group_attributes[$attribute])
{
continue;
}

12
phpBB/includes/mcp/mcp_ban.php
View File

@ -37,12 +37,18 @@ class mcp_ban
{
// Grab the list of entries
$ban = request_var('ban', '', ($mode === 'user') true ? false);
$ban = request_var('ban', '', ($mode === 'user') ? true : false);
if ($mode === 'user')
{
$ban = utf8_normalize_nfc($ban);
}
$ban_len = request_var('banlength', 0);
$ban_len_other = request_var('banlengthother', '');
$ban_exclude = request_var('banexclude', 0);
$ban_reason = request_var('banreason', '', true);
$ban_give_reason = request_var('bangivereason', '', true);
$ban_reason = utf8_normalize_nfc(request_var('banreason', '', true));
$ban_give_reason = utf8_normalize_nfc(request_var('bangivereason', '', true));
if ($ban)

4
phpBB/includes/mcp/mcp_forum.php
View File

@ -276,7 +276,7 @@ function mcp_resync_topics($topic_ids)
if (!sizeof($topic_ids))
{
trigger_error($user->lang['NO_TOPIC_SELECTED']);
trigger_error('NO_TOPIC_SELECTED');
}
if (!check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_')))
@ -396,7 +396,7 @@ function merge_topics($forum_id, $topic_ids, $to_topic_id)
// If the topic no longer exist, we will update the topic watch table.
// To not let it error out on users watching both topics, we just return on an error...
$db->sql_return_on_error(true);
$db->sql_query('UPDATE ' . TOPICS_WATCH_TABLE . ' SET topic_id = ' . $to_topic_id . ' WHERE ' . $db->sql_in_set('topic_id', $topic_ids));
$db->sql_query('UPDATE ' . TOPICS_WATCH_TABLE . ' SET topic_id = ' . (int) $to_topic_id . ' WHERE ' . $db->sql_in_set('topic_id', $topic_ids));
$db->sql_return_on_error(false);
$db->sql_query('DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', $topic_ids));

2
phpBB/includes/mcp/mcp_front.php
View File

@ -227,7 +227,7 @@ function mcp_front_view($id, $mode, $action)
// Latest 5 logs
if ($module->loaded('logs'))
{
$forum_list = get_forum_list(array('m_', 'a_'));
$forum_list = get_forum_list('m_');
if (!empty($forum_list))
{

88
phpBB/includes/mcp/mcp_logs.php
View File

@ -55,54 +55,92 @@ class mcp_logs
$this->tpl_name = 'mcp_logs';
$this->page_title = 'MCP_LOGS';
$forum_list = get_forum_list('m_');
$forum_list[] = 0;
$forum_id = $topic_id = 0;
switch ($mode)
{
case 'front':
$where_sql = '';
break;
case 'forum_logs':
$forum_id = request_var('f', 0);
$where_sql = " AND forum_id = $forum_id";
if (!in_array($forum_id, $forum_list))
{
trigger_error('NOT_AUTHORISED');
}
$forum_list = array($forum_id);
break;
case 'topic_logs':
$topic_id = request_var('t', 0);
$where_sql = " AND topic_id = $topic_id";
$sql = 'SELECT forum_id
FROM ' . TOPICS_TABLE . '
WHERE topic_id = ' . $topic_id;
$result = $db->sql_query($sql);
$forum_id = (int) $db->sql_fetchfield('forum_id');
$db->sql_freeresult($result);
if (!in_array($forum_id, $forum_list))
{
trigger_error('NOT_AUTHORISED');
}
$forum_list = array($forum_id);
break;
}
// Delete entries if requested and able
if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
{
if ($deletemark)
if (confirm_box(true))
{
if (!sizeof($marked))
if ($deletemark && sizeof($marked))
{
$where_sql = '';
}
else
{
$sql_in = array();
foreach ($marked as $mark)
{
$sql_in[] = $mark;
}
$sql = 'DELETE FROM ' . LOG_TABLE . '
WHERE log_type = ' . LOG_MOD . '
AND ' . $db->sql_in_set('forum_id', $forum_list) . '
AND ' . $db->sql_in_set('log_id', $marked);
$db->sql_query($sql);
$where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
unset($sql_in);
add_log('admin', 'LOG_CLEAR_MOD');
}
else if ($deleteall)
{
$sql = 'DELETE FROM ' . LOG_TABLE . '
WHERE log_type = ' . LOG_MOD . '
AND ' . $db->sql_in_set('forum_id', $forum_list);
if ($mode == 'topic_logs')
{
$sql .= ' AND topic_id = ' . $topic_id;
}
$db->sql_query($sql);
add_log('admin', 'LOG_CLEAR_MOD');
}
}
if ($where_sql || $deleteall)
else
{
$sql = 'DELETE FROM ' . LOG_TABLE . '
WHERE log_type = ' . LOG_MOD . "
$where_sql";
$db->sql_query($sql);
add_log('admin', 'LOG_CLEAR_MOD');
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
'f' => $forum_id,
't' => $topic_id,
'start' => $start,
'delmarked' => $deletemark,
'delall' => $deleteall,
'mark' => $marked,
'st' => $sort_days,
'sk' => $sort_key,
'sd' => $sort_dir,
'i' => $id,
'mode' => $mode,
'action' => request_var('action', array('' => ''))))
);
}
}
@ -121,7 +159,7 @@ class mcp_logs
// Grab log data
$log_data = array();
$log_count = 0;
view_log('mod', $log_data, $log_count, $config['topics_per_page'], $start, $forum_id, $topic_id, 0, $sql_where, $sql_sort);
view_log('mod', $log_data, $log_count, $config['topics_per_page'], $start, $forum_list, $topic_id, 0, $sql_where, $sql_sort);
$template->assign_vars(array(
'PAGE_NUMBER' => on_page($log_count, $config['topics_per_page'], $start),

18
phpBB/includes/mcp/mcp_main.php
View File

@ -570,10 +570,15 @@ function mcp_move_topic($topic_ids)
}
}
}
else if (isset($_POST['confirm']))
{
$additional_msg = $user->lang['FORUM_NOT_EXIST'];
}
if (!$to_forum_id || $additional_msg)
{
unset($_POST['confirm']);
unset($_REQUEST['confirm_key']);
}
if (confirm_box(true))
@ -964,10 +969,15 @@ function mcp_fork_topic($topic_ids)
}
}
}
else if (isset($_POST['confirm']))
{
$additional_msg = $user->lang['FORUM_NOT_EXIST'];
}
if (!$to_forum_id || $additional_msg)
if ($additional_msg)
{
unset($_POST['confirm']);
unset($_REQUEST['confirm_key']);
}
if (confirm_box(true))
@ -1132,9 +1142,9 @@ function mcp_fork_topic($topic_ids)
while ($row = $db->sql_fetchrow($result))
{
$sql_ary[] = array(
'topic_id' => $new_topic_id,
'user_id' => $row['user_id'],
'notify_status' => $row['notify_status'],
'topic_id' => (int) $new_topic_id,
'user_id' => (int) $row['user_id'],
'notify_status' => (int) $row['notify_status'],
);
}
$db->sql_freeresult($result);

4
phpBB/includes/mcp/mcp_notes.php
View File

@ -86,7 +86,7 @@ class mcp_notes
if (!$userrow)
{
trigger_error($user->lang['NO_USER']);
trigger_error('NO_USER');
}
$user_id = $userrow['user_id'];
@ -103,7 +103,7 @@ class mcp_notes
$deletemark = ($action == 'del_marked') ? true : false;
$deleteall = ($action == 'del_all') ? true : false;
$marked = request_var('marknote', array(0));
$usernote = request_var('usernote', '', true);
$usernote = utf8_normalize_nfc(request_var('usernote', '', true));
// Handle any actions
if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))

6
phpBB/includes/mcp/mcp_post.php
View File

@ -26,7 +26,7 @@ function mcp_post_details($id, $mode, $action)
if (!sizeof($post_info))
{
trigger_error($user->lang['POST_NOT_EXIST']);
trigger_error('POST_NOT_EXIST');
}
$post_info = $post_info[$post_id];
@ -79,7 +79,7 @@ function mcp_post_details($id, $mode, $action)
if (!$row)
{
trigger_error($user->lang['NO_USER']);
trigger_error('NO_USER');
}
if ($auth->acl_get('m_chgposter', $post_info['forum_id']))
@ -473,7 +473,7 @@ function change_poster(&$post_info, $userdata)
if (!sizeof($post_info))
{
trigger_error($user->lang['POST_NOT_EXIST']);
trigger_error('POST_NOT_EXIST');
}
$post_info = $post_info[$post_id];

6
phpBB/includes/mcp/mcp_queue.php
View File

@ -224,7 +224,7 @@ class mcp_queue
if (!sizeof($topic_info))
{
trigger_error($user->lang['TOPIC_NOT_EXIST']);
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
@ -733,8 +733,8 @@ function disapprove_post($post_id_list, $id, $mode)
trigger_error('NOT_AUTHORISED');
}
$redirect = request_var('redirect', build_url(array('t', 'mode', '_f_', 'quickmod')) . '&amp;mode=unapproved_topics');
$reason = request_var('reason', '', true);
$redirect = request_var('redirect', build_url(array('t', 'mode', '_f_', 'quickmod')) . "&amp;mode=$mode");
$reason = utf8_normalize_nfc(request_var('reason', '', true));
$reason_id = request_var('reason_id', 0);
$success_msg = $additional_msg = '';

2
phpBB/includes/mcp/mcp_reports.php
View File

@ -242,7 +242,7 @@ class mcp_reports
if (!sizeof($topic_info))
{
trigger_error($user->lang['TOPIC_NOT_EXIST']);
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];

11
phpBB/includes/mcp/mcp_topic.php
View File

@ -25,7 +25,7 @@ function mcp_topic_view($id, $mode, $action)
if (!sizeof($topic_info))
{
trigger_error($user->lang['TOPIC_NOT_EXIST']);
trigger_error('TOPIC_NOT_EXIST');
}
$topic_info = $topic_info[$topic_id];
@ -34,6 +34,7 @@ function mcp_topic_view($id, $mode, $action)
$icon_id = request_var('icon', 0);
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$start = request_var('start', 0);
$forum_id = request_var('f', 0);
$to_topic_id = request_var('to_topic_id', 0);
$to_forum_id = request_var('to_forum_id', 0);
$post_id_list = request_var('post_id_list', array(0));
@ -215,7 +216,7 @@ function mcp_topic_view($id, $mode, $action)
'S_CHECKED' => ($post_id_list && in_array(intval($row['post_id']), $post_id_list)) ? true : false,
'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? true : false,
'U_POST_DETAILS' => "$url&amp;i=$id&amp;p={$row['post_id']}&amp;mode=post_details",
'U_POST_DETAILS' => "$url&amp;i=$id&amp;p={$row['post_id']}&amp;mode=post_details" . (($forum_id) ? "&amp;f=$forum_id" : ''),
'U_MCP_APPROVE' => ($auth->acl_get('m_approve', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&amp;mode=approve_details&amp;f=' . $topic_info['forum_id'] . '&amp;p=' . $row['post_id']) : '',
'U_MCP_REPORT' => ($auth->acl_get('m_report', $topic_info['forum_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&amp;mode=report_details&amp;f=' . $topic_info['forum_id'] . '&amp;p=' . $row['post_id']) : '')
);
@ -439,7 +440,7 @@ function split_topic($action, $topic_id, $to_forum_id, $subject)
if (!sizeof($post_id_list))
{
trigger_error($user->lang['NO_POST_SELECTED']);
trigger_error('NO_POST_SELECTED');
}
$icon_id = request_var('icon', 0);
@ -571,10 +572,10 @@ function merge_posts($topic_id, $to_topic_id)
// If the topic no longer exist, we will update the topic watch table.
// To not let it error out on users watching both topics, we just return on an error...
$db->sql_return_on_error(true);
$db->sql_query('UPDATE ' . TOPICS_WATCH_TABLE . ' SET topic_id = ' . $to_topic_id . ' WHERE topic_id = ' . $topic_id);
$db->sql_query('UPDATE ' . TOPICS_WATCH_TABLE . ' SET topic_id = ' . (int) $to_topic_id . ' WHERE topic_id = ' . (int) $topic_id);
$db->sql_return_on_error(false);
$db->sql_query('DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . $topic_id);
$db->sql_query('DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . (int) $topic_id);
}
// Link to the new topic

14
phpBB/includes/mcp/mcp_warn.php
View File

@ -191,7 +191,7 @@ class mcp_warn
$post_id = request_var('p', 0);
$forum_id = request_var('f', 0);
$notify = (isset($_REQUEST['notify_user'])) ? true : false;
$warning = request_var('warning', '', true);
$warning = utf8_normalize_nfc(request_var('warning', '', true));
$sql = 'SELECT u.*, p.*
FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u
@ -203,19 +203,19 @@ class mcp_warn
if (!$user_row)
{
trigger_error($user->lang['NO_POST']);
trigger_error('NO_POST');
}
// There is no point issuing a warning to ignored users (ie anonymous and bots)
if ($user_row['user_type'] == USER_IGNORE)
{
trigger_error($user->lang['CANNOT_WARN_ANONYMOUS']);
trigger_error('CANNOT_WARN_ANONYMOUS');
}
// Prevent someone from warning themselves
if ($user_row['user_id'] == $user->data['user_id'])
{
trigger_error($user->lang['CANNOT_WARN_SELF']);
trigger_error('CANNOT_WARN_SELF');
}
// Check if there is already a warning for this post to prevent multiple
@ -229,7 +229,7 @@ class mcp_warn
if ($row)
{
trigger_error($user->lang['ALREADY_WARNED']);
trigger_error('ALREADY_WARNED');
}
$user_id = $user_row['user_id'];
@ -306,7 +306,7 @@ class mcp_warn
$user_id = request_var('u', 0);
$username = request_var('username', '', true);
$notify = (isset($_REQUEST['notify_user'])) ? true : false;
$warning = request_var('warning', '', true);
$warning = utf8_normalize_nfc(request_var('warning', '', true));
$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
@ -325,7 +325,7 @@ class mcp_warn
// Prevent someone from warning themselves
if ($user_row['user_id'] == $user->data['user_id'])
{
trigger_error($user->lang['CANNOT_WARN_SELF']);
trigger_error('CANNOT_WARN_SELF');
}
$user_id = $user_row['user_id'];

25
phpBB/includes/message_parser.php
View File

@ -116,7 +116,7 @@ class bbcode_firstpass extends bbcode
'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")),
'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")),
'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")),
'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](https?://)([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)\[/img\]#ie' => "\$this->bbcode_img('\$1\$2')")),
'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")),
'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")),
'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")),
'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")),
@ -278,6 +278,20 @@ class bbcode_firstpass extends bbcode
$in = trim($in);
$error = false;
$in = str_replace(' ', '%20', $in);
// Checking urls
if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))
{
return '[img]' . $in . '[/img]';
}
// Try to cope with a common user error... not specifying a protocol but only a subdomain
if (!preg_match('#^[a-z0-9]+://#i', $in))
{
$in = 'http://' . $in;
}
if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width'])
{
$stats = @getimagesize($in);
@ -1228,6 +1242,11 @@ class parse_message extends bbcode_firstpass
while ($row = $db->sql_fetchrow($result))
{
if (empty($row['code']))
{
continue;
}
// (assertion)
$match[] = '(?<=^|[\n .])' . preg_quote($row['code'], '#') . '(?![^<>]*>)';
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" alt="' . $row['code'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
@ -1496,7 +1515,7 @@ class parse_message extends bbcode_firstpass
if (sizeof($not_orphan))
{
trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
}
// Regenerate newly uploaded attachments
@ -1522,7 +1541,7 @@ class parse_message extends bbcode_firstpass
if (sizeof($orphan))
{
trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
}
ksort($this->attachment_data);

14
phpBB/includes/search/fulltext_mysql.php
View File

@ -43,7 +43,11 @@ class fulltext_mysql extends search_backend
if (version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>=')))
{
$this->pcre_properties = true;
// While this is the proper range of PHP versions, PHP may not be linked with the bundled PCRE lib and instead with an older version
if (@preg_match('/\p{L}/u', 'a') !== false)
{
$this->pcre_properties = true;
}
}
if (function_exists('mb_ereg'))
@ -490,7 +494,7 @@ class fulltext_mysql extends search_backend
* @param int $per_page number of ids each page is supposed to contain
* @return total number of results
*/
function author_search($type, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
function author_search($type, $firstpost_only, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
{
global $config, $db;
@ -504,6 +508,7 @@ class fulltext_mysql extends search_backend
$search_key = md5(implode('#', array(
'',
$type,
($firstpost_only) ? 'firstpost' : '',
'',
'',
$sort_days,
@ -528,6 +533,7 @@ class fulltext_mysql extends search_backend
$sql_fora = (sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '';
$sql_topic_id = ($topic_id) ? ' AND p.topic_id = ' . (int) $topic_id : '';
$sql_time = ($sort_days) ? ' AND p.post_time >= ' . (time() - ($sort_days * 86400)) : '';
$sql_firstpost = ($firstpost_only) ? ' AND p.post_id = t.topic_first_post_id' : '';
// Build sql strings for sorting
$sql_sort = $sort_by_sql[$sort_key] . (($sort_dir == 'a') ? ' ASC' : ' DESC');
@ -570,9 +576,10 @@ class fulltext_mysql extends search_backend
if ($type == 'posts')
{
$sql = "SELECT {$calc_results}p.post_id
FROM " . $sql_sort_table . POSTS_TABLE . " p
FROM " . $sql_sort_table . POSTS_TABLE . ' p' . (($firstpost_only) ? ', ' . TOPICS_TABLE . ' t ' : ' ') . "
WHERE $sql_author
$sql_topic_id
$sql_firstpost
$m_approve_fid_sql
$sql_fora
$sql_sort_join
@ -586,6 +593,7 @@ class fulltext_mysql extends search_backend
FROM " . $sql_sort_table . TOPICS_TABLE . ' t, ' . POSTS_TABLE . " p
WHERE $sql_author
$sql_topic_id
$sql_firstpost
$m_approve_fid_sql
$sql_fora
AND t.topic_id = p.topic_id

21
phpBB/includes/search/fulltext_native.php
View File

@ -744,6 +744,7 @@ class fulltext_native extends search_backend
* Performs a search on an author's posts without caring about message contents. Depends on display specific params
*
* @param string $type contains either posts or topics depending on what should be searched for
* @param boolean $firstpost_only if true, only topic starting posts will be considered
* @param array &$sort_by_sql contains SQL code for the ORDER BY part of a query
* @param string &$sort_key is the key of $sort_by_sql for the selected sorting
* @param string &$sort_dir is either a or d representing ASC and DESC
@ -759,7 +760,7 @@ class fulltext_native extends search_backend
*
* @access public
*/
function author_search($type, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
function author_search($type, $firstpost_only, &$sort_by_sql, &$sort_key, &$sort_dir, &$sort_days, &$ex_fid_ary, &$m_approve_fid_ary, &$topic_id, &$author_ary, &$id_ary, $start, $per_page)
{
global $config, $db;
@ -773,6 +774,7 @@ class fulltext_native extends search_backend
$search_key = md5(implode('#', array(
'',
$type,
($firstpost_only) ? 'firstpost' : '',
'',
'',
$sort_days,
@ -797,6 +799,7 @@ class fulltext_native extends search_backend
$sql_fora = (sizeof($ex_fid_ary)) ? ' AND ' . $db->sql_in_set('p.forum_id', $ex_fid_ary, true) : '';
$sql_time = ($sort_days) ? ' AND p.post_time >= ' . (time() - ($sort_days * 86400)) : '';
$sql_topic_id = ($topic_id) ? ' AND p.topic_id = ' . (int) $topic_id : '';
$sql_firstpost = ($firstpost_only) ? ' AND p.post_id = t.topic_first_post_id' : '';
// Build sql strings for sorting
$sql_sort = $sort_by_sql[$sort_key] . (($sort_dir == 'a') ? ' ASC' : ' DESC');
@ -850,9 +853,10 @@ class fulltext_native extends search_backend
if ($type == 'posts')
{
$sql = 'SELECT COUNT(p.post_id) as total_results
FROM ' . POSTS_TABLE . " p
FROM ' . POSTS_TABLE . ' p' . (($firstpost_only) ? ', ' . TOPICS_TABLE . ' t ' : ' ') . "
WHERE $sql_author
$sql_topic_id
$sql_firstpost
$m_approve_fid_sql
$sql_fora
$sql_time";
@ -872,6 +876,7 @@ class fulltext_native extends search_backend
$sql .= ' FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . " p
WHERE $sql_author
$sql_topic_id
$sql_firstpost
$m_approve_fid_sql
$sql_fora
AND t.topic_id = p.topic_id
@ -894,9 +899,10 @@ class fulltext_native extends search_backend
if ($type == 'posts')
{
$sql = "SELECT $select
FROM " . $sql_sort_table . POSTS_TABLE . ' p' . (($topic_id) ? ', ' . TOPICS_TABLE . ' t' : '') . "
FROM " . $sql_sort_table . POSTS_TABLE . ' p' . (($topic_id || $firstpost_only) ? ', ' . TOPICS_TABLE . ' t' : '') . "
WHERE $sql_author
$sql_topic_id
$sql_firstpost
$m_approve_fid_sql
$sql_fora
$sql_sort_join
@ -910,6 +916,7 @@ class fulltext_native extends search_backend
FROM " . $sql_sort_table . TOPICS_TABLE . ' t, ' . POSTS_TABLE . " p
WHERE $sql_author
$sql_topic_id
$sql_firstpost
$m_approve_fid_sql
$sql_fora
AND t.topic_id = p.topic_id
@ -1127,7 +1134,7 @@ class fulltext_native extends search_backend
foreach ($new_words as $word)
{
$sql_ary[] = array('word_text' => $word, 'word_count' => 0);
$sql_ary[] = array('word_text' => (string) $word, 'word_count' => 0);
}
$db->sql_return_on_error(true);
$db->sql_multi_insert(SEARCH_WORDLIST_TABLE, $sql_ary);
@ -1176,9 +1183,9 @@ class fulltext_native extends search_backend
if (sizeof($word_ary))
{
$sql = 'INSERT INTO ' . SEARCH_WORDMATCH_TABLE . " (post_id, word_id, title_match)
SELECT $post_id, word_id, $title_match
FROM " . SEARCH_WORDLIST_TABLE . '
$sql = 'INSERT INTO ' . SEARCH_WORDMATCH_TABLE . ' (post_id, word_id, title_match)
SELECT ' . (int) $post_id . ', word_id, ' . (int) $title_match . '
FROM ' . SEARCH_WORDLIST_TABLE . '
WHERE ' . $db->sql_in_set('word_text', $word_ary);
$db->sql_query($sql);

117
phpBB/includes/session.php
View File

@ -43,7 +43,7 @@ class session
if (!$script_name)
{
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, strpos($script_name, '?')) : $script_name;
$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
$page_array['failover'] = 1;
}
@ -122,7 +122,7 @@ class session
*
* This is where all session activity begins. We gather various pieces of
* information from the client and server. We test to see if a session already
* exists. If it does, fine and dandy. If it doesn't we'll go on to create a
* exists. If it does, fine and dandy. If it doesn't we'll go on to create a
* new one ... pretty logical heh? We also examine the system load (if we're
* running on a system which makes such information readily available) and
* halt if it's above an admin definable limit.
@ -132,7 +132,7 @@ class session
*/
function session_begin($update_session_page = true)
{
global $phpEx, $SID, $_SID, $db, $config, $phpbb_root_path;
global $phpEx, $SID, $_SID, $_EXTRA_URL, $db, $config, $phpbb_root_path;
// Give us some basic information
$this->time_now = time();
@ -193,6 +193,8 @@ class session
$SID = '?sid=' . $this->session_id;
}
$_EXTRA_URL = array();
// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.
$this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : '';
@ -301,6 +303,7 @@ class session
$this->data['is_registered'] = ($this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false;
$this->data['is_bot'] = (!$this->data['is_registered'] && $this->data['user_id'] != ANONYMOUS) ? true : false;
$this->data['user_lang'] = basename($this->data['user_lang']);
return true;
}
@ -308,7 +311,7 @@ class session
else
{
// Added logging temporarly to help debug bugs...
if (defined('DEBUG_EXTRA'))
if (defined('DEBUG_EXTRA') && $this->data['user_id'] != ANONYMOUS)
{
add_log('critical', 'LOG_IP_BROWSER_FORWARDED_CHECK', $u_ip, $s_ip, $u_browser, $s_browser, htmlspecialchars($u_forwarded_for), htmlspecialchars($s_forwarded_for));
}
@ -319,7 +322,7 @@ class session
// If we reach here then no (valid) session exists. So we'll create a new one
return $this->session_create();
}
/**
* Create a new session
*
@ -354,7 +357,7 @@ class session
* check. We loop through the list of bots defined by the admin and
* see if we have any useragent and/or IP matches. If we do, this is a
* bot, act accordingly
*/
*/
$bot = false;
$active_bots = $cache->obtain_bots();
@ -406,7 +409,7 @@ class session
// Else if we've been passed a user_id we'll grab data based on that
if (isset($this->cookie_data['k']) && $this->cookie_data['k'] && $this->cookie_data['u'] && !sizeof($this->data))
{
$sql = 'SELECT u.*
$sql = 'SELECT u.*
FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
@ -431,7 +434,7 @@ class session
$db->sql_freeresult($result);
$bot = false;
}
// If no data was returned one or more of the following occurred:
// Key didn't match one in the DB
// User does not exist
@ -564,7 +567,7 @@ class session
'session_start' => (int) $this->time_now,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $this->time_now,
'session_browser' => (string) $this->browser,
'session_browser' => (string) substr($this->browser, 0, 149),
'session_forwarded_for' => (string) $this->forwarded_for,
'session_ip' => (string) $this->ip,
'session_autologin' => ($session_autologin) ? 1 : 0,
@ -587,7 +590,7 @@ class session
if (!defined('IN_ERROR_HANDLER') && (!$this->session_id || !$db->sql_query($sql) || !$db->sql_affectedrows()))
{
// Limit new sessions in 1 minute period (if required)
if ((!isset($this->data['session_time']) || !$this->data['session_time']) && $config['active_sessions'])
if (empty($this->data['session_time']) && $config['active_sessions'])
{
$sql = 'SELECT COUNT(session_id) AS sessions
FROM ' . SESSIONS_TABLE . '
@ -648,7 +651,7 @@ class session
$SID = '?sid=';
$_SID = '';
}
return true;
}
@ -676,7 +679,7 @@ class session
$method = 'logout_' . $method;
if (function_exists($method))
{
$method($this->data);
$method($this->data, $new_session);
}
if ($this->data['user_id'] != ANONYMOUS)
@ -823,7 +826,7 @@ class session
*
* Checks whether the supplied user is banned by id, ip or email. If no parameters
* are passed to the method pre-existing session data is used. If $return is false
* this routine does not return on finding a banned user, it outputs a relevant
* this routine does not return on finding a banned user, it outputs a relevant
* message and stops execution.
*
* @param string|array $user_ips Can contain a string with one IP or an array of multiple IPs
@ -976,8 +979,6 @@ class session
$this->session_create(ANONYMOUS);
}
// Because we never have a fully working session we need to embed the style
$template->assign_var('S_FORCE_EMBED_STYLE', true);
// Determine which message to output
$till_date = ($ban_row['ban_end']) ? $this->format_date($ban_row['ban_end']) : '';
@ -1157,7 +1158,7 @@ class session
$sql_where = 'session_user_id = ' . (int) $user_id;
$sql_where .= ($user_id === $this->data['user_id']) ? " AND session_id <> '" . $db->sql_escape($this->session_id) . "'" : '';
$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
WHERE $sql_where";
$db->sql_query($sql);
@ -1206,8 +1207,8 @@ class user extends session
if ($this->data['user_id'] != ANONYMOUS)
{
$this->lang_name = (file_exists($phpbb_root_path . 'language/' . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : $config['default_lang'];
$this->lang_path = $phpbb_root_path . 'language/' . basename($this->lang_name) . '/';
$this->lang_name = (file_exists($phpbb_root_path . 'language/' . $this->data['user_lang'] . "/common.$phpEx")) ? $this->data['user_lang'] : basename($config['default_lang']);
$this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/';
$this->date_format = $this->data['user_dateformat'];
$this->timezone = $this->data['user_timezone'] * 3600;
@ -1215,8 +1216,8 @@ class user extends session
}
else
{
$this->lang_name = $config['default_lang'];
$this->lang_path = $phpbb_root_path . 'language/' . basename($this->lang_name) . '/';
$this->lang_name = basename($config['default_lang']);
$this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name . '/';
$this->date_format = $config['default_dateformat'];
$this->timezone = $config['board_timezone'] * 3600;
$this->dst = $config['board_dst'] * 3600;
@ -1262,9 +1263,10 @@ class user extends session
// We include common language file here to not load it every time a custom language file is included
$lang = &$this->lang;
if ((include $this->lang_path . "common.$phpEx") === false)
if ((@include $this->lang_path . "common.$phpEx") === false)
{
die("Language file " . $this->lang_path . "common.$phpEx" . " couldn't be opened.");
die('Language file ' . $this->lang_name . "/common.$phpEx" . " couldn't be opened.");
}
$this->add_lang($lang_set);
@ -1284,7 +1286,7 @@ class user extends session
$style = ($style) ? $style : ((!$config['override_user_style'] && $this->data['user_id'] != ANONYMOUS) ? $this->data['user_style'] : $config['default_style']);
}
$sql = 'SELECT s.style_id, t.*, c.*, i.*
$sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id, i.imageset_path, i.imageset_id, i.imageset_name
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . " i
WHERE s.style_id = $style
AND t.template_id = s.template_id
@ -1299,12 +1301,12 @@ class user extends session
{
$style = $this->data['user_style'] = $config['default_style'];
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_style = $style
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_style = $style
WHERE user_id = {$this->data['user_id']}";
$db->sql_query($sql);
$sql = 'SELECT s.style_id, t.*, c.*, i.*
$sql = 'SELECT s.style_id, t.template_storedb, t.template_path, t.template_id, t.bbcode_bitfield, c.theme_path, c.theme_name, c.theme_storedb, c.theme_id, i.imageset_path, i.imageset_id, i.imageset_name
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . " i
WHERE s.style_id = $style
AND t.template_id = s.template_id
@ -1353,7 +1355,7 @@ class user extends session
// Match CSS imports
$matches = array();
preg_match_all('/@import url\(["\'](.*)["\']\);/i', $stylesheet, $matches);
if (sizeof($matches))
{
$content = '';
@ -1392,7 +1394,7 @@ class user extends session
$this->img_lang = (file_exists($phpbb_root_path . 'styles/' . $this->theme['imageset_path'] . '/imageset/' . $this->lang_name)) ? $this->lang_name : $config['default_lang'];
$sql = 'SELECT *
$sql = 'SELECT image_name, image_filename, image_lang, image_height, image_width
FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $this->theme['imageset_id'] . "
AND image_lang IN('" . $db->sql_escape($this->img_lang) . "', '')";
@ -1405,6 +1407,7 @@ class user extends session
{
$localised_images = true;
}
$this->img_array[$row['image_name']] = $row;
}
$db->sql_freeresult($result);
@ -1415,9 +1418,9 @@ class user extends session
// Attention: this code ignores the image definition list from acp_styles and just takes everything
// that the config file contains
$sql_ary = array();
$db->sql_transaction('begin');
$sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $this->theme['imageset_id'] . '
AND image_lang = \'' . $db->sql_escape($this->img_lang) . '\'';
@ -1450,24 +1453,30 @@ class user extends session
{
$image_name = substr($image_name, 4);
$sql_ary[] = array(
'image_name' => $image_name,
'image_filename' => $image_filename,
'image_height' => $image_height,
'image_width' => $image_width,
'imageset_id' => $this->theme['imageset_id'],
'image_lang' => $this->img_lang,
'image_name' => (string) $image_name,
'image_filename' => (string) $image_filename,
'image_height' => (int) $image_height,
'image_width' => (int) $image_width,
'imageset_id' => (int) $this->theme['imageset_id'],
'image_lang' => (string) $this->img_lang,
);
}
}
}
$db->sql_multi_insert(STYLES_IMAGESET_DATA_TABLE, $sql_ary);
$db->sql_transaction('commit');
$cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE);
add_log('admin', 'LOG_IMAGESET_REFRESHED', $this->theme['imageset_name'], $this->img_lang);
if (sizeof($sql_ary))
{
$db->sql_multi_insert(STYLES_IMAGESET_DATA_TABLE, $sql_ary);
$db->sql_transaction('commit');
$cache->destroy('sql', STYLES_IMAGESET_DATA_TABLE);
add_log('admin', 'LOG_IMAGESET_LANG_REFRESHED', $this->theme['imageset_name'], $this->img_lang);
}
else
{
$db->sql_transaction('commit');
add_log('admin', 'LOG_IMAGESET_LANG_MISSING', $this->theme['imageset_name'], $this->img_lang);
}
}
// If this function got called from the error handler we are finished here.
@ -1504,13 +1513,19 @@ class user extends session
// Is load exceeded?
if ($config['limit_load'] && $this->load !== false)
{
if ($this->load > floatval($config['limit_load']) && !defined('IN_LOGIN') && !$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_'))
if ($this->load > floatval($config['limit_load']) && !defined('IN_LOGIN'))
{
header('HTTP/1.1 503 Service Unavailable');
trigger_error('BOARD_UNAVAILABLE');
// Set board disabled to true to let the admins/mods get the proper notification
$config['board_disable'] = '1';
if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_'))
{
header('HTTP/1.1 503 Service Unavailable');
trigger_error('BOARD_UNAVAILABLE');
}
}
}
if (isset($this->data['session_viewonline']))
{
// Make sure the user is able to hide his session
@ -1637,9 +1652,9 @@ class user extends session
$language_filename = $this->lang_path . (($use_help) ? 'help_' : '') . $lang_file . '.' . $phpEx;
}
if ((include($language_filename)) === false)
if ((@include $language_filename) === false)
{
trigger_error("Language file $language_filename couldn't be opened.", E_USER_ERROR);
trigger_error('Language file ' . basename($language_filename) . ' couldn\'t be opened.', E_USER_ERROR);
}
}
else if ($use_db)
@ -1776,7 +1791,7 @@ class user extends session
case 'src':
return $img_data['src'];
break;
case 'width':
return ($width === false) ? $img_data['width'] : $width;
break;

Some files were not shown because too many files have changed in this diff Show More