From 8bf310b6b240b8525037b6719e99e513f26716f3 Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Thu, 15 Aug 2002 15:45:22 +0000 Subject: [PATCH] More session changes to accomodate ACL_PERMIT/PREVENT ... git-svn-id: file:///svn/phpbb/trunk@2853 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/common.php | 14 +- phpBB/faq.php | 2 +- phpBB/groupcp.php | 2 +- phpBB/includes/session.php | 256 ++++++++++++++++++++++++------------- phpBB/index.php | 217 ++----------------------------- phpBB/login.php | 2 +- phpBB/memberlist.php | 2 +- phpBB/modcp.php | 2 +- phpBB/posting.php | 2 +- phpBB/privmsg.php | 2 +- phpBB/profile.php | 2 +- phpBB/search.php | 2 +- phpBB/viewforum.php | 168 ++++++++++++------------ phpBB/viewonline.php | 2 +- phpBB/viewtopic.php | 132 +++++++++---------- 15 files changed, 343 insertions(+), 464 deletions(-) diff --git a/phpBB/common.php b/phpBB/common.php index fc8c2198df..c1f019c34d 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -38,8 +38,6 @@ if ( !defined('PHPBB_INSTALLED') ) // // Define some constants/variables // - -// User Levels <- Do not change the values of USER or ADMIN define('ANONYMOUS', -1); // User related @@ -54,10 +52,10 @@ define('USER_AVATAR_REMOTE', 2); define('USER_AVATAR_GALLERY', 3); // ACL -define('ACL_PREVENT', 0); -define('ACL_DENY', 1); -define('ACL_ALLOW', 2); -define('ACL_PERMIT', 3); +define('ACL_PREVENT', 1); +define('ACL_DENY', 2); +define('ACL_ALLOW', 4); +define('ACL_PERMIT', 8); // Group settings define('GROUP_OPEN', 0); @@ -196,12 +194,10 @@ function slash_input_data(&$data) { if ( is_array($data) ) { - while ( list($k, $v) = each($data) ) + foreach ( $data as $k => $v ) { $data[$k] = ( is_array($v) ) ? slash_input_data($v) : addslashes($v); } - - @reset($data); } return $data; } diff --git a/phpBB/faq.php b/phpBB/faq.php index a3d1eea28f..c34d71fdc3 100644 --- a/phpBB/faq.php +++ b/phpBB/faq.php @@ -28,7 +28,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); // // End session management // diff --git a/phpBB/groupcp.php b/phpBB/groupcp.php index 8752bf1147..8df2172db3 100644 --- a/phpBB/groupcp.php +++ b/phpBB/groupcp.php @@ -112,7 +112,7 @@ function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$ // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); // // End session management // diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 9d0e157be6..1e2b0bccba 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -377,101 +377,138 @@ class session { // class acl { - function acl($mode, $userdata, $forum_id = false) + var $founder = false; + var $acl = array(); + + function acl(&$userdata, $forum_id = false, $extra_options = false) { global $db; - switch( $mode ) - { - case 'admin': - $and_sql = "ao.auth_type LIKE 'admin'"; - break; - case 'list': - $and_sql = "ao.auth_option LIKE 'list' OR ao.auth_type LIKE 'admin'"; - break; - case 'read': - $and_sql = "ao.auth_option LIKE 'read' OR ao.auth_type LIKE 'admin'"; - break; - case 'forum': - $and_sql = "( a.forum_id = $forum_id ) OR ( a.forum_id <> $forum_id AND ( ao.auth_option LIKE 'list' OR ao.auth_type LIKE 'mod' OR ao.auth_type LIKE 'admin' ) )"; - break; - case 'listmod': - $and_sql = "ao.auth_option LIKE 'list' OR ao.auth_type LIKE 'mod' OR ao.auth_type LIKE 'admin'"; - break; - } + $this->founder = $userdata['user_founder']; - $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_type, ao.auth_option - FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao, " . USER_GROUP_TABLE . " ug - WHERE ug.user_id = " . $userdata['user_id'] . " - AND a.group_id = ug.group_id - AND ao.auth_option_id = a.auth_option_id - AND ($and_sql)"; - $result = $db->sql_query($sql); - - if ( $row = $db->sql_fetchrow($result) ) + if ( !($this->founder = $userdata['user_founder']) ) { - do + $and_sql = "ao.auth_option LIKE 'list'"; + + if ( $extra_options ) { - $this->acl[$row['forum_id']][$row['auth_type']][$row['auth_option']] = $row['auth_allow_deny']; + $tmp_ary = explode(',', $extra_options); + foreach ( $tmp_ary as $option ) + { + $and_sql .= " OR ao.auth_option LIKE '" . trim($option) . "'"; + } } - while ( $row = $db->sql_fetchrow($result) ); - } - $db->sql_freeresult($result); - $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_type, ao.auth_option - FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao - WHERE a.user_id = " . $userdata['user_id'] . " - AND ao.auth_option_id = a.auth_option_id - AND ($and_sql)"; - $result = $db->sql_query($sql); + $and_sql = ( !$forum_id ) ? $and_sql : "( a.forum_id = $forum_id ) OR ( a.forum_id <> $forum_id AND ( ao.auth_option LIKE 'list' OR ao.auth_type LIKE 'mod' ) )"; + $and_sql .= " OR ao.auth_type LIKE 'admin'"; - if ( $row = $db->sql_fetchrow($result) ) - { - do + $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_type, ao.auth_option + FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao, " . USER_GROUP_TABLE . " ug + WHERE ug.user_id = " . $userdata['user_id'] . " + AND a.group_id = ug.group_id + AND ao.auth_option_id = a.auth_option_id + AND ( $and_sql )"; + $result = $db->sql_query($sql); + + if ( $row = $db->sql_fetchrow($result) ) { - $this->acl[$row['forum_id']][$row['auth_type']][$row['auth_option']] = $row['auth_allow_deny']; + do + { + switch ( $this->acl[$row['forum_id']][$row['auth_type']][$row['auth_option']] ) + { + case ACL_PERMIT: + case ACL_DENY: + case ACL_PREVENT: + break; + default: + $this->acl[$row['forum_id']][$row['auth_type']][$row['auth_option']] = $row['auth_allow_deny']; + } + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + + $sql = "SELECT a.forum_id, a.auth_allow_deny, ao.auth_type, ao.auth_option + FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " ao + WHERE a.user_id = " . $userdata['user_id'] . " + AND ao.auth_option_id = a.auth_option_id + AND ( $and_sql )"; + $result = $db->sql_query($sql); + + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + switch ( $this->acl[$row['forum_id']][$row['auth_type']][$row['auth_option']] ) + { + case ACL_PERMIT: + case ACL_PREVENT: + break; + default: + $this->acl[$row['forum_id']][$row['auth_type']][$row['auth_option']] = $row['auth_allow_deny']; + break; + } + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + + if ( is_array($this->acl) ) + { + foreach ( $this->acl as $forum_id => $auth_ary ) + { + foreach ( $auth_ary as $type => $option_ary ) + { + foreach ( $option_ary as $option => $value ) + { + switch ( $value ) + { + case ACL_ALLOW: + case ACL_PERMIT: + $this->acl[$forum_id][$type][$option] = 1; + break; + case ACL_DENY: + case ACL_PREVENT: + $this->acl[$forum_id][$type][$option] = 0; + break; + } + } + } + } } - while ( $row = $db->sql_fetchrow($result) ); } - $db->sql_freeresult($result); return; } - function get_acl($forum_id, $auth_main = false, $auth_type = false) + function get_acl($forum_id, $auth_main, $auth_type = false) { - if ( $auth_main && $auth_type ) + if ( $this->founder ) { - return $this->acl[$forum_id][$auth_main][$auth_type]; + return true; + } + else if ( $auth_main && $auth_type ) + { + return ( $this->get_acl(0, 'admin') ) ? true : ( ( $this->acl[$forum_id][$auth_main][$auth_type] ) ? true : false ); } else if ( !$auth_type && is_array($this->acl[$forum_id][$auth_main]) ) { - return ( array_sum($this->acl[$forum_id][$auth_main]) ) ? true : false; + return ( $this->get_acl(0, 'admin') ) ? true : ( ( array_sum($this->acl[$forum_id][$auth_main]) ) ? true : false ); } - - return $this->acl[$forum_id]; } function get_acl_admin($auth_type = false) { - return $this->get_acl(0, 'admin', $auth_type); + return ( $this->founder ) ? true : $this->get_acl(0, 'admin', $auth_type); } - function set_acl($forum_id, $user_id = false, $group_id = false, $auth = false, $dependencies = array()) + function set_acl_user(&$forum_id, &$user_id, &$auth, $dependencies = array()) { global $db; - if ( !$auth || ( $user_id && $group_id ) ) - { - return; - } - $forum_sql = ( $forum_id ) ? "AND a.forum_id IN ($forum_id, 0)" : ''; - // - // - // - $sql = ( $user_id !== false ) ? "SELECT a.user_id, o.auth_type, o.auth_option_id, o.auth_option, a.auth_allow_deny FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o, " . USERS_TABLE . " u WHERE a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND a.user_id = $user_id" : "SELECT ug.user_id, o.auth_type, o.auth_option, a.auth_allow_deny FROM " . USER_GROUP_TABLE . " ug, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o, " . USERS_TABLE . " u WHERE a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND a.user_id = ug.user_id AND ug.group_id = $group_id"; + $sql = "SELECT a.user_id, o.auth_type, o.auth_option_id, o.auth_option, a.auth_allow_deny FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o, " . USERS_TABLE . " u WHERE a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND a.user_id = $user_id"; $result = $db->sql_query($sql); $user_auth = array(); @@ -485,7 +522,42 @@ class acl } $db->sql_freeresult($result); - $sql = ( $group_id !== false ) ? "SELECT a.group_id, o.auth_type, o.auth_option_id, o.auth_option, a.auth_allow_deny FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.group_id = $group_id" : "SELECT ug.group_id, o.auth_type, o.auth_option, a.auth_allow_deny FROM " . USER_GROUP_TABLE . " ug, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.group_id = ug.group_id AND ug.user_id = $user_id"; + foreach ( $auth as $auth_type => $auth_option_ary ) + { + foreach ( $auth_option_ary as $auth_option => $allow ) + { + if ( !empty($user_auth) ) + { + foreach ( $user_auth as $user => $user_auth_ary ) + { + $user_auth[$user][$auth_type][$auth_option] = $allow; + $sql_ary[] = ( !isset($user_auth_ary[$auth_type][$auth_option]) ) ? "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option, $allow)" : ( ( $user_auth_ary[$auth_type][$auth_option] != $allow ) ? "UPDATE " . ACL_USERS_TABLE . " SET auth_allow_deny = $allow WHERE user_id = $user_id AND forum_id = $forum_id and auth_option_id = $auth_option" : '' ); + } + } + else + { + $user_auth[$user_id][$auth_type][$auth_option] = $allow; + $sql_ary[] = "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option, $allow)"; + } + } + } + + foreach ( $sql_ary as $sql ) + { + $db->sql_query($sql); + } + + unset($user_auth); + unset($sql_ary); + } + + function set_acl_group(&$forum_id, &$group_id, &$auth, $dependencies = array()) + { + global $db; + + $forum_sql = ( $forum_id ) ? "AND a.forum_id IN ($forum_id, 0)" : ''; + + $sql = "SELECT a.group_id, o.auth_type, o.auth_option_id, o.auth_option, a.auth_allow_deny FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.group_id = $group_id"; $result = $db->sql_query($sql); $group_auth = array(); @@ -503,38 +575,16 @@ class acl { foreach ( $auth_option_ary as $auth_option => $allow ) { - if ( $user_id !== false ) + if ( !empty($group_auth) ) { - if ( !empty($user_auth) ) + foreach ( $group_auth as $group => $group_auth_ary ) { - foreach ( $user_auth as $user => $user_auth_ary ) - { - $user_auth[$user][$auth_type][$auth_option] = $allow; - $sql_ary[] = ( !isset($user_auth_ary[$auth_type][$auth_option]) ) ? "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option, $allow)" : ( ( $user_auth_ary[$auth_type][$auth_option] != $allow ) ? "UPDATE " . ACL_USERS_TABLE . " SET auth_allow_deny = $allow WHERE user_id = $user_id AND forum_id = $forum_id and auth_option_id = $auth_option" : '' ); - } - } - else - { - $user_auth[$user_id][$auth_type][$auth_option] = $allow; - $sql_ary[] = "INSERT INTO " . ACL_USERS_TABLE . " (user_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($user_id, $forum_id, $auth_option, $allow)"; + $sql_ary[] = ( !isset($group_auth_ary[$auth_type][$auth_option]) ) ? "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option, $allow)" : ( ( $group_auth_ary[$auth_type][$auth_option] != $allow ) ? "UPDATE " . ACL_GROUPS_TABLE . " SET auth_allow_deny = $allow WHERE group_id = $group_id AND forum_id = $forum_id and auth_option_id = $auth_option" : '' ); } } - - if ( $group_id !== false ) + else { - if ( !empty($group_auth) ) - { - foreach ( $group_auth as $group => $group_auth_ary ) - { - $group_auth[$group][$auth_type][$auth_option] = $allow; - $sql_ary[] = ( !isset($group_auth_ary[$auth_type][$auth_option]) ) ? "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option, $allow)" : ( ( $group_auth_ary[$auth_type][$auth_option] != $allow ) ? "UPDATE " . ACL_GROUPS_TABLE . " SET auth_allow_deny = $allow WHERE group_id = $group_id AND forum_id = $forum_id and auth_option_id = $auth_option" : '' ); - } - } - else - { - $group_auth[$group_id][$auth_type][$auth_option] = $allow; - $sql_ary[] = "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option, $allow)"; - } + $sql_ary[] = "INSERT INTO " . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_allow_deny) VALUES ($group_id, $forum_id, $auth_option, $allow)"; } } } @@ -545,7 +595,31 @@ class acl } unset($group_auth); - unset($user_auth); + unset($sql_ary); + } + + function delete_acl_user($forum_id, $user_id, $auth_type = false) + { + global $db; + + $auth_sql = ( $auth_type != '' ) ? " AND auth_option_id IN ()" : ""; + + $sql = "DELETE FROM " . ACL_USERS_TABLE . " + WHERE user_id = $user_id + AND forum_id = $forum_id"; + $db->sql_query($sql); + } + + function delete_acl_group($forum_id, $group_id, $auth_type = false) + { + global $db; + + $auth_sql = ( $auth_type != '' ) ? " AND auth_option_id IN ()" : ""; + + $sql = "DELETE FROM " . ACL_GROUPS_TABLE . " + WHERE group_id = $group_id + AND forum_id = $forum_id"; + $db->sql_query($sql); } } diff --git a/phpBB/index.php b/phpBB/index.php index d9cb919f34..ae0a133b88 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -24,20 +24,6 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -// -// Start session management -// -$userdata = $session->start(); -$acl = new acl('list', $userdata); -// -// End session management -// - -// -// Configure style, language, etc. -// -$session->configure($userdata); - $viewcat = ( !empty($HTTP_GET_VARS['c']) ) ? intval($HTTP_GET_VARS['c']) : -1; $forum_id = ( !empty($HTTP_GET_VARS['f']) ) ? intval($HTTP_GET_VARS['f']) : 0; @@ -50,6 +36,20 @@ else $mark_read = ''; } +// +// Start session management +// +$userdata = $session->start(); +$acl = new acl($userdata); +// +// End session management +// + +// +// Configure style, language, etc. +// +$session->configure($userdata); + // // Handle marking posts // @@ -109,175 +109,6 @@ else $l_total_user_s = $lang['Registered_users_total']; } - -/* -switch ( SQL_LAYER ) -{ - case 'oracle': - break; - - default: - $sql = "SELECT f1.*, p.post_time, p.post_username, u.username, u.user_id - FROM ((( " . FORUMS_TABLE . " f1 - LEFT JOIN " . FORUMS_TABLE . " f2 - LEFT JOIN " . POSTS_TABLE . " p ON p.post_id = f2.forum_last_post_id ) - LEFT JOIN " . USERS_TABLE . " u ON u.user_id = p.poster_id ) - WHERE f1.forum_left_id BETWEEN f2.forum_left_id AND f2.forum_right_id - ORDER BY f2.forum_id"; - break; -} -$result = $db->sql_query($sql); - -$forum_data = array(); -if ( $row = $db->sql_fetchrow($result) ) -{ - do - { - $forum_data[] = $row; - } - while ( $row = $db->sql_fetchrow($result) ); - - $total_forums = sizeof($forum_data); -} - -if ( $total_forums > 1 ) -{ - $last_forum_right_id = 0; - for( $i = 0; $i < $total_forums; $i++) - { - $row_forum_id = $forum_data[$i]['forum_id']; - - // - // A non-postable forum on the index is treated as a category - // - if ( $forum_data[$i]['forum_status'] == 2 || $row_forum_id == $forum_id ) - { - $template->assign_block_vars('catrow', array( - 'CAT_ID' => $forum_id, - 'CAT_DESC' => $forum_data[$i]['forum_name'], - 'U_VIEWCAT' => "index.$phpEx?$SID&" . POST_FORUM_URL . "=$forum_id") - ); - - $current_parent = $row_forum_id; - } - else - { - if ( $forum_data[$i]['parent_id'] == $current_parent ) - { - if ( $acl->get_acl($row_forum_id, 'forum', 'list') ) - { - if ( $forum_data[$i]['forum_status'] == FORUM_LOCKED ) - { - $folder_image = $theme['forum_locked']; - $folder_alt = $lang['Forum_locked']; - } - else - { - $unread_topics = false; - if ( $userdata['user_id'] != ANONYMOUS ) - { - if ( !empty($new_topic_data[$row_forum_id]) ) - { - $forum_last_post_time = 0; - - while( list($check_topic_id, $check_post_time) = @each($new_topic_data[$row_forum_id]) ) - { - if ( empty($tracking_topics[$check_topic_id]) ) - { - $unread_topics = true; - $forum_last_post_time = max($check_post_time, $forum_last_post_time); - - } - else - { - if ( $tracking_topics[$check_topic_id] < $check_post_time ) - { - $unread_topics = true; - $forum_last_post_time = max($check_post_time, $forum_last_post_time); - } - } - } - - if ( !empty($tracking_forums[$row_forum_id]) ) - { - if ( $tracking_forums[$row_forum_id] > $forum_last_post_time ) - { - $unread_topics = false; - } - } - - if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all']) ) - { - if ( $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all'] > $forum_last_post_time ) - { - $unread_topics = false; - } - } - - } - } - - $folder_image = ( $unread_topics ) ? $theme['forum_new'] : $theme['forum']; - $folder_alt = ( $unread_topics ) ? $lang['New_posts'] : $lang['No_new_posts']; - } - - $posts = $forum_data[$i]['forum_posts']; - $topics = $forum_data[$i]['forum_topics']; - - if ( $forum_data[$i]['forum_last_post_id'] ) - { - $last_post_time = create_date($board_config['default_dateformat'], $forum_data[$i]['post_time'], $board_config['board_timezone']); - - $last_post = $last_post_time . '
'; - - $last_post .= ( $forum_data[$i]['user_id'] == ANONYMOUS ) ? ( ($forum_data[$i]['post_username'] != '' ) ? $forum_data[$i]['post_username'] . ' ' : $lang['Guest'] . ' ' ) : '' . $forum_data[$i]['username'] . ' '; - - $last_post .= '' . $lang['View_latest_post'] . ''; - } - else - { - $last_post = $lang['No_Posts']; - } - - if ( count($forum_moderators[$row_forum_id]) > 0 ) - { - $l_moderators = ( count($forum_moderators[$row_forum_id]) == 1 ) ? $lang['Moderator'] : $lang['Moderators']; - $moderator_list = implode(', ', $forum_moderators[$row_forum_id]); - } - else - { - $l_moderators = ' '; - $moderator_list = ' '; - } - - $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; - $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; - - $template->assign_block_vars('catrow.forumrow', array( - 'ROW_COLOR' => '#' . $row_color, - 'ROW_CLASS' => $row_class, - 'FORUM_FOLDER_IMG' => $folder_image, - 'FORUM_NAME' => $forum_data[$i]['forum_name'], - 'FORUM_DESC' => $forum_data[$i]['forum_desc'], - 'POSTS' => $forum_data[$i]['forum_posts'], - 'TOPICS' => $forum_data[$i]['forum_topics'], - 'LAST_POST' => $last_post, - 'MODERATORS' => $moderator_list, - - 'L_MODERATOR' => $l_moderators, - 'L_FORUM_FOLDER_ALT' => $folder_alt, - - 'U_VIEWFORUM' => "viewforum.$phpEx$SID&" . POST_FORUM_URL . "=$row_forum_id") - ); - } - } - } - } - - $template->assign_var_from_handle('SUB_FORUM', 'forum'); -} -*/ - // // Start page proper // @@ -319,26 +150,6 @@ if ( ( $total_categories = count($category_rows) ) ) $forum_data[] = $row; } - // - // Obtain a list of topic ids which contain - // posts made since user last visited - // -/* if ( $userdata['user_id'] != ANONYMOUS ) - { - $sql = "SELECT t.forum_id, t.topic_id, p.post_time - FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p - WHERE p.post_id = t.topic_last_post_id - AND p.post_time > " . $userdata['user_lastvisit'] . " - AND t.topic_moved_id = 0"; - $result = $db->sql_query($sql); - - $new_topic_data = array(); - while( $topic_data = $db->sql_fetchrow($result) ) - { - $new_topic_data[$topic_data['forum_id']][$topic_data['topic_id']] = $topic_data['post_time']; - } - } -*/ // // Obtain list of moderators of each forum // First users, then groups ... broken into two queries diff --git a/phpBB/login.php b/phpBB/login.php index 132721c171..30a460d70c 100644 --- a/phpBB/login.php +++ b/phpBB/login.php @@ -30,7 +30,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Set page ID for session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); $session->configure($userdata); // diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 64ecffa9b0..b4833be052 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -28,7 +28,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); $session->configure($userdata); // diff --git a/phpBB/modcp.php b/phpBB/modcp.php index ef8080f4d4..cc264708d5 100644 --- a/phpBB/modcp.php +++ b/phpBB/modcp.php @@ -124,7 +124,7 @@ else // Start session management // $userdata = $session->start(); -$acl = new acl('forum', $userdata, $forum_id); +$acl = new acl($userdata, $forum_id); // // End session management // diff --git a/phpBB/posting.php b/phpBB/posting.php index 445a3ea6bc..3b21718326 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -104,7 +104,7 @@ if ( isset($HTTP_POST_VARS['cancel']) ) // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); // // End session management // diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php index 834b3a7dc3..830fea47e3 100644 --- a/phpBB/privmsg.php +++ b/phpBB/privmsg.php @@ -82,7 +82,7 @@ if ( $cancel ) // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); // // End session management // diff --git a/phpBB/profile.php b/phpBB/profile.php index e371fd1823..3c82036e64 100644 --- a/phpBB/profile.php +++ b/phpBB/profile.php @@ -29,7 +29,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); // // End session management // diff --git a/phpBB/search.php b/phpBB/search.php index 4d2c135177..0ff128a37e 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -30,7 +30,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); // Start session management // $userdata = $session->start(); -$acl = new acl('read', $userdata); +$acl = new acl($userdata, false, 'read'); // // End session management // diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index c2cc347323..476d06ff71 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -24,14 +24,6 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -// -// Start session management -// -$userdata = $session->start(); -// -// End session management -// - // // Start initial var setup // @@ -58,6 +50,15 @@ $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : // End initial var setup // +// +// Start session management +// +$userdata = $session->start(); +$acl = new acl($userdata, $forum_id); +// +// End session management +// + // // Check if the user has actually sent a forum ID with his/her request // If not give them a nice error page. @@ -82,14 +83,13 @@ if ( !($forum_data = $db->sql_fetchrow($result)) ) // // Configure style, language, etc. // -$acl = new acl('forum', $userdata, $forum_id); $userdata['user_style'] = ( $forum_data['forum_style'] ) ? $forum_data['user_style'] : $userdata['user_style']; $session->configure($userdata); // // Auth check // -if ( !$acl->get_acl($forum_id, 'forum', 'list') || !$acl->get_acl($forum_id, 'forum', 'read') ) +if ( !$acl->get_acl($forum_id, 'forum', 'read') ) { if ( $userdata['user_id'] == ANONYMOUS ) { @@ -102,9 +102,7 @@ if ( !$acl->get_acl($forum_id, 'forum', 'list') || !$acl->get_acl($forum_id, 'fo // // The user is not authed to read this forum ... // - $message = ( !$acl->get_acl($forum_id, 'forum', 'list') ) ? $lang['Forum_not_exist'] : sprintf($lang['Sorry_auth_read'], $is_auth[$forum_id]['auth_read_type']); - - message_die(MESSAGE, $message); + message_die(MESSAGE, $lang['Sorry_auth_read']); } // // End of auth check @@ -123,8 +121,8 @@ if ( $mark_read == 'topics' ) { if ( $userdata['user_id'] != ANONYMOUS ) { - $sql = "SELECT MAX(post_time) AS last_post - FROM " . POSTS_TABLE . " + $sql = "SELECT MAX(post_time) AS last_post + FROM " . POSTS_TABLE . " WHERE forum_id = $forum_id"; $result = $db->sql_query($sql); @@ -199,11 +197,11 @@ if ( isset($HTTP_POST_VARS['sort']) ) $sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']); $min_topic_time = time() - ($sort_days * 86400); - $sql = "SELECT COUNT(t.topic_id) AS forum_topics - FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p - WHERE t.forum_id = $forum_id - AND p.post_id = t.topic_last_post_id - AND p.post_time >= $min_topic_time"; + $sql = "SELECT COUNT(t.topic_id) AS forum_topics + FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p + WHERE t.forum_id = $forum_id + AND p.post_id = t.topic_last_post_id + AND p.post_time >= $min_topic_time"; $result = $db->sql_query($sql); $start = 0; @@ -256,14 +254,14 @@ $post_img = 'assign_vars(array( 'FORUM_ID' => $forum_id, 'FORUM_NAME' => $forum_data['forum_name'], - 'POST_IMG' => $post_img, + 'POST_IMG' => $post_img, 'PAGINATION' => generate_pagination("viewforum.$phpEx$SID&f=$forum_id&topicdays=$topic_days", $topics_count, $board_config['topics_per_page'], $start), - 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $topics_count / $board_config['topics_per_page'] )), + 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $topics_count / $board_config['topics_per_page'] )), - 'FOLDER_IMG' => create_img($theme['folder'], $lang['No_new_posts']), - 'FOLDER_NEW_IMG' => create_img($theme['folder_new'], $lang['New_posts']), - 'FOLDER_HOT_IMG' => create_img($theme['folder_hot'], $lang['No_new_posts_hot']), - 'FOLDER_HOT_NEW_IMG' => create_img($theme['folder_hot_new'], $lang['New_posts_hot']), + 'FOLDER_IMG' => create_img($theme['folder'], $lang['No_new_posts']), + 'FOLDER_NEW_IMG' => create_img($theme['folder_new'], $lang['New_posts']), + 'FOLDER_HOT_IMG' => create_img($theme['folder_hot'], $lang['No_new_posts_hot']), + 'FOLDER_HOT_NEW_IMG' => create_img($theme['folder_hot_new'], $lang['New_posts_hot']), 'FOLDER_LOCKED_IMG' => create_img($theme['folder_locked'], $lang['No_new_posts_locked']), 'FOLDER_LOCKED_NEW_IMG' => create_img($theme['folder_locked_new'], $lang['New_posts_locked']), 'FOLDER_STICKY_IMG' => create_img($theme['folder_sticky'], $lang['Post_Sticky']), @@ -271,39 +269,39 @@ $template->assign_vars(array( 'FOLDER_ANNOUNCE_IMG' => create_img($theme['folder_announce'], $lang['Post_Announcement']), 'FOLDER_ANNOUNCE_NEW_IMG' => create_img($theme['folder_announce_new'], $lang['Post_Announcement']), - 'L_TOPICS' => $lang['Topics'], - 'L_REPLIES' => $lang['Replies'], - 'L_VIEWS' => $lang['Views'], - 'L_POSTS' => $lang['Posts'], - 'L_LASTPOST' => $lang['Last_Post'], - 'L_VIEW_MODERATORS' => $lang['View_moderators'], - 'L_DISPLAY_TOPICS' => $lang['Display_topics'], - 'L_SORT_BY' => $lang['Sort_by'], - 'L_MARK_TOPICS_READ' => $lang['Mark_all_topics'], - 'L_NO_NEW_POSTS' => $lang['No_new_posts'], - 'L_NEW_POSTS' => $lang['New_posts'], - 'L_NO_NEW_POSTS_LOCKED' => $lang['No_new_posts_locked'], - 'L_NEW_POSTS_LOCKED' => $lang['New_posts_locked'], - 'L_NO_NEW_POSTS_HOT' => $lang['No_new_posts_hot'], - 'L_NEW_POSTS_HOT' => $lang['New_posts_hot'], - 'L_ANNOUNCEMENT' => $lang['Post_Announcement'], - 'L_STICKY' => $lang['Post_Sticky'], - 'L_POSTED' => $lang['Posted'], - 'L_JOINED' => $lang['Joined'], - 'L_AUTHOR' => $lang['Author'], - 'L_NO_TOPICS' => ( $forum_data['forum_status'] == FORUM_LOCKED ) ? $lang['Forum_locked'] : $lang['No_topics_post_one'], - 'L_GOTO_PAGE' => $lang['Goto_page'], + 'L_TOPICS' => $lang['Topics'], + 'L_REPLIES' => $lang['Replies'], + 'L_VIEWS' => $lang['Views'], + 'L_POSTS' => $lang['Posts'], + 'L_LASTPOST' => $lang['Last_Post'], + 'L_VIEW_MODERATORS' => $lang['View_moderators'], + 'L_DISPLAY_TOPICS' => $lang['Display_topics'], + 'L_SORT_BY' => $lang['Sort_by'], + 'L_MARK_TOPICS_READ' => $lang['Mark_all_topics'], + 'L_NO_NEW_POSTS' => $lang['No_new_posts'], + 'L_NEW_POSTS' => $lang['New_posts'], + 'L_NO_NEW_POSTS_LOCKED' => $lang['No_new_posts_locked'], + 'L_NEW_POSTS_LOCKED' => $lang['New_posts_locked'], + 'L_NO_NEW_POSTS_HOT' => $lang['No_new_posts_hot'], + 'L_NEW_POSTS_HOT' => $lang['New_posts_hot'], + 'L_ANNOUNCEMENT' => $lang['Post_Announcement'], + 'L_STICKY' => $lang['Post_Sticky'], + 'L_POSTED' => $lang['Posted'], + 'L_JOINED' => $lang['Joined'], + 'L_AUTHOR' => $lang['Author'], + 'L_NO_TOPICS' => ( $forum_data['forum_status'] == FORUM_LOCKED ) ? $lang['Forum_locked'] : $lang['No_topics_post_one'], + 'L_GOTO_PAGE' => $lang['Goto_page'], - 'S_SELECT_SORT_DIR' => $select_sort_dir, - 'S_SELECT_SORT_KEY' => $select_sort, + 'S_SELECT_SORT_DIR' => $select_sort_dir, + 'S_SELECT_SORT_KEY' => $select_sort, 'S_SELECT_SORT_DAYS' => $select_sort_days, - 'S_AUTH_LIST' => $s_forum_rules, + 'S_AUTH_LIST' => $s_forum_rules, 'S_WATCH_FORUM' => $s_watching_forum, - 'S_FORUM_ACTION' => 'viewforum.' . $phpEx . $SID . '&f=' . $forum_id . "&start=$start", + 'S_FORUM_ACTION' => 'viewforum.' . $phpEx . $SID . '&f=' . $forum_id . "&start=$start", 'U_POST_NEW_TOPIC' => 'posting.' . $phpEx . $SID . '&mode=newtopic&f=' . $forum_id, 'U_VIEW_FORUM' => 'viewforum.' . $phpEx . $SID . '&f=' . $forum_id, - 'U_VIEW_MODERATORS' => 'memberslist.' . $phpEx . $SID . '&mode=moderators&f=' . $forum_id, + 'U_VIEW_MODERATORS' => 'memberslist.' . $phpEx . $SID . '&mode=moderators&f=' . $forum_id, 'U_MARK_READ' => 'viewforum.' . $phpEx . $SID . '&f=' . $forum_id . '&mark=topics') ); @@ -316,15 +314,15 @@ $topic_rowset = array(); if ( $start ) { - $sql = "SELECT t.*, i.icons_url, i.icons_width, i.icons_height, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_time, p.post_username AS post_username2 - FROM " . TOPICS_TABLE . " t, " . ICONS_TABLE . " i, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . USERS_TABLE . " u2 - WHERE t.forum_id = $forum_id - AND t.topic_type = " . POST_ANNOUNCE . " - AND i.icons_id = t.topic_icon - AND u.user_id = t.topic_poster - AND p.post_id = t.topic_last_post_id - AND u2.user_id = p.poster_id - ORDER BY $sort_order + $sql = "SELECT t.*, i.icons_url, i.icons_width, i.icons_height, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_time, p.post_username AS post_username2 + FROM " . TOPICS_TABLE . " t, " . ICONS_TABLE . " i, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . USERS_TABLE . " u2 + WHERE t.forum_id = $forum_id + AND t.topic_type = " . POST_ANNOUNCE . " + AND i.icons_id = t.topic_icon + AND u.user_id = t.topic_poster + AND p.post_id = t.topic_last_post_id + AND u2.user_id = p.poster_id + ORDER BY $sort_order LIMIT " . $board_config['topics_per_page']; $result = $db->sql_query($sql); @@ -335,16 +333,16 @@ if ( $start ) } } -$sql = "SELECT t.*, i.icons_url, i.icons_width, i.icons_height, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_username, p2.post_username AS post_username2, p2.post_time - FROM " . TOPICS_TABLE . " t, " . ICONS_TABLE . " i, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2, " . USERS_TABLE . " u2 - WHERE t.forum_id = $forum_id - AND i.icons_id = t.topic_icon - AND u.user_id = t.topic_poster - AND p.post_id = t.topic_first_post_id - AND p2.post_id = t.topic_last_post_id - AND u2.user_id = p2.poster_id - $limit_topics_time - ORDER BY t.topic_type DESC, $sort_order +$sql = "SELECT t.*, i.icons_url, i.icons_width, i.icons_height, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_username, p2.post_username AS post_username2, p2.post_time + FROM " . TOPICS_TABLE . " t, " . ICONS_TABLE . " i, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2, " . USERS_TABLE . " u2 + WHERE t.forum_id = $forum_id + AND i.icons_id = t.topic_icon + AND u.user_id = t.topic_poster + AND p.post_id = t.topic_first_post_id + AND p2.post_id = t.topic_last_post_id + AND u2.user_id = p2.poster_id + $limit_topics_time + ORDER BY t.topic_type DESC, $sort_order LIMIT $start, " . $board_config['topics_per_page']; $result = $db->sql_query($sql); @@ -416,7 +414,7 @@ if ( $total_topics ) $newest_post_img = ''; if ( $userdata['user_id'] != ANONYMOUS ) { - if ( $topic_rowset[$i]['post_time'] > $userdata['user_lastvisit'] ) + if ( $topic_rowset[$i]['post_time'] > $userdata['user_lastvisit'] ) { if ( !empty($tracking_topics) || !empty($tracking_forums) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all']) ) { @@ -469,7 +467,7 @@ if ( $total_topics ) $newest_post_img = '' . create_img($theme['goto_post_newest'], $lang['View_newest_post']) . ' '; } } - else + else { $folder_image = $folder; $folder_alt = ( $topic_rowset[$i]['topic_status'] == TOPIC_LOCKED ) ? $lang['Topic_locked'] : $lang['No_new_posts']; @@ -518,7 +516,7 @@ if ( $total_topics ) { $goto_page = ''; } - + $view_topic_url = 'viewtopic.' . $phpEx . $SID . '&f=' . $forum_id . '&t=' . $topic_id; $topic_author = ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? '' : ''; @@ -544,22 +542,22 @@ if ( $total_topics ) $template->assign_block_vars('topicrow', array( 'FORUM_ID' => $forum_id, 'TOPIC_ID' => $topic_id, - 'TOPIC_FOLDER_IMG' => create_img($folder_image, $folder_alt), - 'TOPIC_AUTHOR' => $topic_author, + 'TOPIC_FOLDER_IMG' => create_img($folder_image, $folder_alt), + 'TOPIC_AUTHOR' => $topic_author, 'GOTO_PAGE' => $goto_page, 'REPLIES' => $replies, - 'NEWEST_POST_IMG' => $newest_post_img, + 'NEWEST_POST_IMG' => $newest_post_img, 'TOPIC_TITLE' => $topic_title, 'TOPIC_TYPE' => $topic_type, - 'TOPIC_ICON' => $topic_icon, - 'TOPIC_RATING' => $topic_rating, + 'TOPIC_ICON' => $topic_icon, + 'TOPIC_RATING' => $topic_rating, 'VIEWS' => $views, - 'FIRST_POST_TIME' => $first_post_time, - 'LAST_POST_TIME' => $last_post_time, - 'LAST_POST_AUTHOR' => $last_post_author, - 'LAST_POST_IMG' => $last_post_url, + 'FIRST_POST_TIME' => $first_post_time, + 'LAST_POST_TIME' => $last_post_time, + 'LAST_POST_AUTHOR' => $last_post_author, + 'LAST_POST_IMG' => $last_post_url, - 'S_ROW_COUNT' => $i, + 'S_ROW_COUNT' => $i, 'U_VIEW_TOPIC' => $view_topic_url) ); diff --git a/phpBB/viewonline.php b/phpBB/viewonline.php index f780e1a776..3da8bcc313 100644 --- a/phpBB/viewonline.php +++ b/phpBB/viewonline.php @@ -28,7 +28,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start(); -$acl = new acl('list', $userdata); +$acl = new acl($userdata); // // End session management // diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index b8faa28e9c..8370bca138 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -53,14 +53,14 @@ if ( isset($HTTP_GET_VARS['view']) && empty($post_id) ) if ( $session_id ) { - $sql = "SELECT p.post_id - FROM " . POSTS_TABLE . " p, " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u - WHERE s.session_id = '$session_id' - AND u.user_id = s.session_user_id - AND p.topic_id = $topic_id - AND p.post_approved = " . TRUE . " - AND p.post_time >= u.user_lastvisit - ORDER BY p.post_time ASC + $sql = "SELECT p.post_id + FROM " . POSTS_TABLE . " p, " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u + WHERE s.session_id = '$session_id' + AND u.user_id = s.session_user_id + AND p.topic_id = $topic_id + AND p.post_approved = " . TRUE . " + AND p.post_time >= u.user_lastvisit + ORDER BY p.post_time ASC LIMIT 1"; $result = $db->sql_query($sql); @@ -89,7 +89,7 @@ if ( isset($HTTP_GET_VARS['view']) && empty($post_id) ) AND p2.post_id = t2.topic_last_post_id AND t.forum_id = t2.forum_id AND p.post_id = t.topic_last_post_id - AND p.post_approved = " . TRUE . " + AND p.post_approved = " . TRUE . " AND p.post_time $sql_condition p2.post_time AND p.topic_id = t.topic_id ORDER BY p.post_time $sql_ordering @@ -119,8 +119,8 @@ $userdata = $session->start(); if ( $userdata['user_id'] != ANONYMOUS && isset($HTTP_POST_VARS['rating']) ) { $sql = "SELECT rating - FROM " . TOPICS_RATINGS_TABLE . " - WHERE topic_id = $topic_id + FROM " . TOPICS_RATINGS_TABLE . " + WHERE topic_id = $topic_id AND user_id = " . $userdata['user_id']; $result = $db->sql_query($sql); @@ -145,12 +145,12 @@ if ( $userdata['user_id'] != ANONYMOUS && isset($HTTP_POST_VARS['rating']) ) $join_sql_table = ( !$post_id ) ? '' : ', ' . POSTS_TABLE . ' p, ' . POSTS_TABLE . ' p2 '; $join_sql = ( !$post_id ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND p.post_approved = " . TRUE . " AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_approved = " . TRUE . " AND p2.post_id <= $post_id"; $count_sql = ( !$post_id ) ? '' : ", COUNT(p2.post_id) AS prev_posts"; -$order_sql = ( !$post_id ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, f.forum_name, f.forum_status, f.forum_id, f.default_style ORDER BY p.post_id ASC"; +$order_sql = ( !$post_id ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, f.forum_name, f.forum_status, f.forum_id, f.forum_style ORDER BY p.post_id ASC"; -$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, f.forum_name, f.forum_status, f.forum_id, f.default_style" . $count_sql . " - FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . " +$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, f.forum_name, f.forum_status, f.forum_id, f.forum_style" . $count_sql . " + FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . " WHERE $join_sql - AND f.forum_id = t.forum_id + AND f.forum_id = t.forum_id $order_sql"; $result = $db->sql_query($sql); @@ -162,10 +162,10 @@ if ( !(extract($db->sql_fetchrow($result))) ) // // Configure style, language, etc. // -$userdata['user_style'] = ( $default_style ) ? $default_style : $userdata['user_style']; +$userdata['user_style'] = ( $forum_style ) ? $forum_style : $userdata['user_style']; $session->configure($userdata); -$acl = new acl('forum', $userdata, $forum_id); +$acl = new acl($userdata, $forum_id); // // Start auth check @@ -174,7 +174,7 @@ if ( !$acl->get_acl($forum_id, 'forum', 'read') ) { if ( $userdata['user_id'] != ANONYMOUS ) { - $redirect = ( isset($post_id) ) ? "p=$post_id" : "t=$topic_id"; + $redirect = ( isset($post_id) ) ? "p=$post_id" : "t=$topic_id"; $redirect .= ( isset($start) ) ? "&start=$start" : ''; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . 'login.' . $phpEx . $SID . '&redirect=viewtopic.' . $phpEx . '&' . $redirect); @@ -215,7 +215,7 @@ if ( isset($HTTP_POST_VARS['sort']) ) $sql = "SELECT COUNT(post_id) AS num_posts FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id - AND post_time >= $min_post_time + AND post_time >= $min_post_time AND post_approved = " . TRUE; $result = $db->sql_query($sql); @@ -233,7 +233,7 @@ if ( isset($HTTP_POST_VARS['sort']) ) } else { - $topic_replies++; + $topic_replies++; $limit_posts_time = ''; $sort_days = 0; @@ -288,9 +288,9 @@ if ( $userdata['user_id'] != ANONYMOUS ) { $rating_text = array(-5 => $lang['Very_poor'], -2 => $lang['Quite_poor'], 0 => $lang['Unrated'], 2 => $lang['Quite_good'], 5 => $lang['Very_good']); - $sql = "SELECT rating - FROM " . TOPICS_RATINGS_TABLE . " - WHERE topic_id = $topic_id + $sql = "SELECT rating + FROM " . TOPICS_RATINGS_TABLE . " + WHERE topic_id = $topic_id AND user_id = " . $userdata['user_id']; $result = $db->sql_query($sql); @@ -414,7 +414,7 @@ make_jumpbox('viewforum.'.$phpEx, $forum_id); // // Output page header -// +// $page_title = $lang['View_topic'] .' - ' . $topic_title; include($phpbb_root_path . 'includes/page_header.'.$phpEx); @@ -432,41 +432,41 @@ $template->assign_vars(array( 'TOPIC_ID' => $topic_id, 'TOPIC_TITLE' => $topic_title, 'PAGINATION' => $pagination, - 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['posts_per_page'] ) + 1 ), ceil( $topic_replies / $board_config['posts_per_page'] )), + 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['posts_per_page'] ) + 1 ), ceil( $topic_replies / $board_config['posts_per_page'] )), 'POST_IMG' => $post_img, 'REPLY_IMG' => $reply_img, 'L_AUTHOR' => $lang['Author'], 'L_MESSAGE' => $lang['Message'], - 'L_POSTED' => $lang['Posted'], + 'L_POSTED' => $lang['Posted'], 'L_POST_SUBJECT' => $lang['Post_subject'], 'L_VIEW_NEXT_TOPIC' => $lang['View_next_topic'], 'L_VIEW_PREVIOUS_TOPIC' => $lang['View_previous_topic'], 'L_BACK_TO_TOP' => $lang['Back_to_top'], 'L_DISPLAY_POSTS' => $lang['Display_posts'], - 'L_LOCK_TOPIC' => $lang['Lock_topic'], - 'L_UNLOCK_TOPIC' => $lang['Unlock_topic'], - 'L_MOVE_TOPIC' => $lang['Move_topic'], - 'L_SPLIT_TOPIC' => $lang['Split_topic'], - 'L_DELETE_TOPIC' => $lang['Delete_topic'], - 'L_GOTO_PAGE' => $lang['Goto_page'], - 'L_SORT_BY' => $lang['Sort_by'], - 'L_RATE_TOPIC' => $lang['Rate_topic'], - 'L_QUICK_MOD' => $lang['Quick_mod'], + 'L_LOCK_TOPIC' => $lang['Lock_topic'], + 'L_UNLOCK_TOPIC' => $lang['Unlock_topic'], + 'L_MOVE_TOPIC' => $lang['Move_topic'], + 'L_SPLIT_TOPIC' => $lang['Split_topic'], + 'L_DELETE_TOPIC' => $lang['Delete_topic'], + 'L_GOTO_PAGE' => $lang['Goto_page'], + 'L_SORT_BY' => $lang['Sort_by'], + 'L_RATE_TOPIC' => $lang['Rate_topic'], + 'L_QUICK_MOD' => $lang['Quick_mod'], - 'S_TOPIC_LINK' => 't', - 'S_SELECT_SORT_DIR' => $select_sort_dir, - 'S_SELECT_SORT_KEY' => $select_sort, + 'S_TOPIC_LINK' => 't', + 'S_SELECT_SORT_DIR' => $select_sort_dir, + 'S_SELECT_SORT_KEY' => $select_sort, 'S_SELECT_SORT_DAYS' => $select_sort_days, - 'S_SELECT_RATING' => $rating, - 'S_TOPIC_ACTION' => "viewtopic.$phpEx$SID&t=" . $topic_id . "&start=$start", + 'S_SELECT_RATING' => $rating, + 'S_TOPIC_ACTION' => "viewtopic.$phpEx$SID&t=" . $topic_id . "&start=$start", 'S_AUTH_LIST' => $s_forum_rules, 'S_TOPIC_MOD' => ( $topic_mod != '' ) ? '' : '', - 'S_MOD_ACTION' => "modcp.$phpEx$SID", + 'S_MOD_ACTION' => "modcp.$phpEx$SID", 'S_WATCH_TOPIC' => $s_watching_topic, - 'U_VIEW_TOPIC' => "viewtopic.$phpEx$SID&t=$topic_id&start=$start&postdays=$post_days&postorder=$post_order&highlight=" . $HTTP_GET_VARS['highlight'], + 'U_VIEW_TOPIC' => "viewtopic.$phpEx$SID&t=$topic_id&start=$start&postdays=$post_days&postorder=$post_order&highlight=" . $HTTP_GET_VARS['highlight'], 'U_VIEW_FORUM' => $view_forum_url, 'U_VIEW_OLDER_TOPIC' => $view_prev_topic_url, 'U_VIEW_NEWER_TOPIC' => $view_next_topic_url, @@ -491,7 +491,7 @@ $nav_links['up'] = array( ); // -// Does this topic contain a poll? +// Does this topic contain a poll? // if ( !empty($poll_start) ) { @@ -560,7 +560,7 @@ if ( !empty($poll_start) ) } $template->assign_vars(array( - 'S_HAS_POLL_DISPLAY' => true, + 'S_HAS_POLL_DISPLAY' => true, 'L_TOTAL_VOTES' => $lang['Total_votes'], 'TOTAL_VOTES' => $vote_results_sum) @@ -583,7 +583,7 @@ if ( !empty($poll_start) ) } $template->assign_vars(array( - 'S_HAS_POLL_OPTIONS' => true, + 'S_HAS_POLL_OPTIONS' => true, 'L_SUBMIT_VOTE' => $lang['Submit_vote'], 'L_VIEW_RESULTS' => $lang['View_results'], @@ -618,12 +618,12 @@ $poster_details = array(); // $sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_sig_bbcode_uid, u.user_avatar, u.user_avatar_type, u.user_allowavatar, u.user_allowsmile, p.*, pt.post_text, pt.post_subject, pt.bbcode_uid FROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u, " . POSTS_TEXT_TABLE . " pt - WHERE p.topic_id = $topic_id - AND p.post_approved = " . TRUE . " + WHERE p.topic_id = $topic_id + AND p.post_approved = " . TRUE . " $limit_posts_time AND pt.post_id = p.post_id AND u.user_id = p.poster_id - ORDER BY $sort_order + ORDER BY $sort_order LIMIT $start, " . $board_config['posts_per_page']; $result = $db->sql_query($sql); @@ -707,7 +707,7 @@ if ( $row = $db->sql_fetchrow($result) ) } if ( !isset($poster_details[$poster_id]['profile']) && $poster_id != ANONYMOUS ) - { + { $temp_url = "profile.$phpEx$SID&mode=viewprofile&u=$poster_id"; $poster_details[$poster_id]['profile_img'] = '' . create_img($theme['icon_profile'], $lang['Read_profile']) . ''; $poster_details[$poster_id]['profile'] = '' . $lang['Read_profile'] . ''; @@ -768,7 +768,7 @@ if ( $row = $db->sql_fetchrow($result) ) } } - else if ( $poster_id == ANONYMOUS ) + else if ( $poster_id == ANONYMOUS ) { $poster_details[$poster_id]['profile_img'] = ''; $poster_details[$poster_id]['profile'] = ''; @@ -862,7 +862,7 @@ if ( $row = $db->sql_fetchrow($result) ) $message = ( $acl->get_acl($forum_id, 'forum', 'bbcode') ) ? bbencode_second_pass($message, $bbcode_uid, $acl->get_acl($forum_id, 'forum', 'img')) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message); } - if ( $row['enable_magic_url'] ) + if ( $row['enable_magic_url'] ) { $message = make_clickable($message); } @@ -967,7 +967,7 @@ if ( $row = $db->sql_fetchrow($result) ) if ( $row['post_edit_count'] ) { $l_edit_time_total = ( $row['post_edit_count'] == 1 ) ? $lang['Edited_time_total'] : $lang['Edited_times_total']; - + $l_edited_by = '

' . sprintf($l_edit_time_total, $poster, create_date($board_config['default_dateformat'], $row['post_edit_time'], $board_config['board_timezone']), $row['post_edit_count']); } else @@ -1032,22 +1032,22 @@ if ( $row = $db->sql_fetchrow($result) ) 'POST_DATE' => $post_date, 'POST_SUBJECT' => $post_subject, - 'MESSAGE' => $message, - 'SIGNATURE' => $poster_details[$poster_id]['sig'], - 'EDITED_MESSAGE' => $l_edited_by, + 'MESSAGE' => $message, + 'SIGNATURE' => $poster_details[$poster_id]['sig'], + 'EDITED_MESSAGE' => $l_edited_by, - 'MINI_POST_IMG' => $mini_post_img, + 'MINI_POST_IMG' => $mini_post_img, 'EDIT_IMG' => $edit_img, 'EDIT' => $edit, 'QUOTE_IMG' => $quote_img, 'QUOTE' => $quote, - 'IP_IMG' => $ip_img, - 'IP' => $ip, - 'DELETE_IMG' => $delpost_img, - 'DELETE' => $delpost, + 'IP_IMG' => $ip_img, + 'IP' => $ip, + 'DELETE_IMG' => $delpost_img, + 'DELETE' => $delpost, - 'PROFILE_IMG' => $poster_details[$poster_id]['profile_img'], - 'PROFILE' => $poster_details[$poster_id]['profile'], + 'PROFILE_IMG' => $poster_details[$poster_id]['profile_img'], + 'PROFILE' => $poster_details[$poster_id]['profile'], 'SEARCH_IMG' => $poster_details[$poster_id]['search_img'], 'SEARCH' => $poster_details[$poster_id]['search'], 'PM_IMG' => $poster_details[$poster_id]['pm_img'], @@ -1057,8 +1057,8 @@ if ( $row = $db->sql_fetchrow($result) ) 'WWW_IMG' => $poster_details[$poster_id]['www_img'], 'WWW' => $poster_details[$poster_id]['www'], 'ICQ_STATUS_IMG' => $poster_details[$poster_id]['icq_status_img'], - 'ICQ_IMG' => $poster_details[$poster_id]['icq_img'], - 'ICQ' => $poster_details[$poster_id]['icq'], + 'ICQ_IMG' => $poster_details[$poster_id]['icq_img'], + 'ICQ' => $poster_details[$poster_id]['icq'], 'AIM_IMG' => $poster_details[$poster_id]['aim_img'], 'AIM' => $poster_details[$poster_id]['aim'], 'MSN_IMG' => $poster_details[$poster_id]['msn_img'], @@ -1066,9 +1066,9 @@ if ( $row = $db->sql_fetchrow($result) ) 'YIM_IMG' => $poster_details[$poster_id]['yim_img'], 'YIM' => $poster_details[$poster_id]['yim'], - 'L_MINI_POST_ALT' => $mini_post_alt, + 'L_MINI_POST_ALT' => $mini_post_alt, - 'S_ROW_COUNT' => $i, + 'S_ROW_COUNT' => $i, 'U_MINI_POST' => $mini_post_url, 'U_POST_ID' => $row['post_id'])