mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-11 19:24:01 +02:00
Code Issues Releases Wiki Activity

- streamlined reports to consist of the feature set we decided upon (Nils, your turn now)

Browse Source 
- use getenv instead of $_ENV (with $_ENV the case could be wrong)
- permission fixes (there was a bug arising with getting permission flags - re-added them and handled roles deletion differently)
- implemented max login attempts
- changed the expected return parameters for logins/sessions
- added acp page for editing report/denial reasons
- other fixes here and there


git-svn-id: file:///svn/phpbb/trunk@5622 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-03-12 23:19:55 +00:00
parent f4cfd3665f
commit 9988679d56
58 changed files with 1117 additions and 1119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
phpBB/includes/acp/acp_attachments.php
View File

@@ -266,7 +266,7 @@ class acp_attachments
}
$db->sql_freeresult($result);
// Delete Extension ?
// Delete Extension?
$extension_id_list = (isset($_POST['extension_id_list'])) ? array_map('intval', $_POST['extension_id_list']) : array();
if (sizeof($extension_id_list))
@@ -292,7 +292,7 @@ class acp_attachments
}
}
// Add Extension ?
// Add Extension?
$add_extension = strtolower(request_var('add_extension', ''));
$add_extension_group = request_var('add_group_select', 0);
$add = (isset($_POST['add_extension_check'])) ? true : false;
@@ -1120,10 +1120,10 @@ class acp_attachments
$exe = ((defined('PHP_OS')) && (preg_match('#win#i', PHP_OS))) ? '.exe' : '';
if (empty($_ENV['MAGICK_HOME']))
if (empty(getenv('MAGICK_HOME')))
{
$locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/');
$path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', $_ENV['PATH'])));
$path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH'))));
$locations = array_merge($path_locations, $locations);
@@ -1144,7 +1144,7 @@ class acp_attachments
}
else
{
$imagick = str_replace('\\', '/', $_ENV['MAGICK_HOME']);
$imagick = str_replace('\\', '/', getenv('MAGICK_HOME'));
}
return $imagick;

1
phpBB/includes/acp/acp_board.php
View File

@@ -258,7 +258,6 @@ class acp_board
'allow_pm_attach' => array('lang' => 'ALLOW_PM_ATTACHMENTS', 'type' => 'radio:yes_no', 'explain' => false),
'auth_download_pm' => array('lang' => 'ALLOW_DOWNLOAD_PM', 'type' => 'radio:yes_no', 'explain' => false),
'allow_sig_pm' => array('lang' => 'ALLOW_SIG_PM', 'type' => 'radio:yes_no', 'explain' => false),
'auth_report_pm' => array('lang' => 'ALLOW_REPORT_PM', 'type' => 'radio:yes_no', 'explain' => false),
'auth_quote_pm' => array('lang' => 'ALLOW_QUOTE_PM', 'type' => 'radio:yes_no', 'explain' => false),
'print_pm' => array('lang' => 'ALLOW_PRINT_PM', 'type' => 'radio:yes_no', 'explain' => false),
'email_pm' => array('lang' => 'ALLOW_EMAIL_PM', 'type' => 'radio:yes_no', 'explain' => false),

7
phpBB/includes/acp/acp_permission_roles.php
View File

@@ -559,9 +559,10 @@ class acp_permission_roles
{
$template->assign_block_vars('auth', array(
'CAT_NAME' => $user->lang['permission_cat'][$cat],
'S_YES' => $cat_array['S_YES'],
'S_NO' => $cat_array['S_NO'],
'S_UNSET' => $cat_array['S_UNSET'])
'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NO'] && !$cat_array['S_UNSET']) ? true : false,
'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_YES'] && !$cat_array['S_UNSET']) ? true : false,
'S_UNSET' => ($cat_array['S_UNSET'] && !$cat_array['S_NO'] && !$cat_array['S_YES']) ? true : false)
);
foreach ($cat_array['permissions'] as $permission => $allowed)

340
phpBB/includes/acp/acp_reasons.php Normal file
View File

@@ -0,0 +1,340 @@
<?php
/**
*
* @package acp
* @version $Id$
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
* @package acp
*/
class acp_reasons
{
var $u_action;
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache;
global $config, $SID, $phpbb_root_path, $phpbb_admin_path, $phpEx;
$user->add_lang(array('mcp', 'acp/posting'));
// Set up general vars
$action = request_var('action', '');
$submit = (isset($_POST['submit'])) ? true : false;
$reason_id = request_var('id', 0);
$this->tpl_name = 'acp_reasons';
$this->page_title = 'ACP_REASONS';
// dumdidum... do i really need to do something mom?
$error = array();
switch ($action)
{
case 'add':
case 'edit':
$reason_row = array(
'reason_title' => request_var('reason_title', ''),
'reason_description' => request_var('reason_description', '')
);
if ($submit)
{
// Reason specified?
if (!$reason_row['reason_title'] || !$reason_row['reason_description'])
{
$error[] = $user->lang['NO_REASON_INFO'];
}
$check_double = ($action == 'add') ? true : false;
if ($action == 'edit')
{
$sql = 'SELECT reason_title
FROM ' . REASONS_TABLE . "
WHERE reason_id = $reason_id";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row['reason_title'] == 'other')
{
$reason_row['reason_title'] = 'other';
}
else if (strtolower($row['reason_title']) != strtolower($reason_row['reason_title']))
{
$check_double = true;
}
}
// Check for same reason if adding it...
if ($check_double)
{
$sql = 'SELECT reason_id
FROM ' . REASONS_TABLE . "
WHERE LOWER(reason_title) = '" . strtolower($reason_row['reason_title']) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
$error[] = $user->lang['REASON_ALREADY_EXIST'];
}
}
if (!sizeof($error))
{
// New reason?
if ($action == 'add')
{
// Get new order...
$sql = 'SELECT MAX(reason_order) as max_reason_order
FROM ' . REASONS_TABLE;
$result = $db->sql_query($sql);
$max_order = (int) $db->sql_fetchfield('max_reason_order', 0, $result);
$db->sql_freeresult($result);
$sql_ary = array(
'reason_title' => (string) $reason_row['reason_title'],
'reason_description' => (string) $reason_row['reason_description'],
'reason_order' => $max_order + 1
);
$db->sql_query('INSERT INTO ' . REASONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$log = 'ADDED';
}
else if ($reason_id)
{
$sql_ary = array(
'reason_title' => (string) $reason_row['reason_title'],
'reason_description' => (string) $reason_row['reason_description'],
);
$db->sql_query('UPDATE ' . REASONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE reason_id = ' . $reason_id);
$log = 'UPDATED';
}
add_log('admin', 'LOG_REASON_' . $log, $reason_row['reason_title']);
trigger_error($user->lang['REASON_' . $log] . adm_back_link($this->u_action));
}
}
else if ($reason_id)
{
$sql = 'SELECT *
FROM ' . REASONS_TABLE . '
WHERE reason_id = ' . $reason_id;
$result = $db->sql_query($sql);
$reason_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$reason_row)
{
trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action));
}
}
$l_title = ($action == 'edit') ? 'EDIT' : 'ADD';
$translated = false;
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason_row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason_row['reason_title'])]))
{
$translated = true;
}
$template->assign_vars(array(
'L_TITLE' => $user->lang['REASON_' . $l_title],
'U_ACTION' => $this->u_action . "&amp;id=$reason_id&amp;action=$action",
'U_BACK' => $this->u_action,
'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '',
'REASON_TITLE' => $reason_row['reason_title'],
'REASON_DESCRIPTION' => $reason_row['reason_description'],
'S_EDIT_REASON' => true,
'S_TRANSLATED' => $translated,
'S_ERROR' => (sizeof($error)) ? true : false,
)
);
return;
break;
case 'delete':
$sql = 'SELECT *
FROM ' . REASONS_TABLE . '
WHERE reason_id = ' . $reason_id;
$result = $db->sql_query($sql);
$reason_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$reason_row)
{
trigger_error($user->lang['NO_REASON'] . adm_back_link($this->u_action));
}
// Let the deletion be confirmed...
if (confirm_box(true))
{
$sql = 'SELECT reason_id
FROM ' . REASONS_TABLE . "
WHERE reason_title = 'other'";
$result = $db->sql_query($sql);
$other_reason_id = (int) $db->sql_fetchfield('reason_id', 0, $result);
$db->sql_freeresult($result);
// Change the reports using this reason to 'other'
$sql = 'UPDATE ' . REPORTS_TABLE . '
SET reason_id = ' . $other_reason_id . ", report_text = CONCAT('" . $db->sql_escape($reason_row['reason_description']) . "\n\n', report_text)
WHERE reason_id = $reason_id";
$db->sql_query($sql);
$db->sql_query('DELETE FROM ' . REASONS_TABLE . ' WHERE reason_id = ' . $reason_id);
add_log('admin', 'LOG_REASON_REMOVED', $reason_row['reason_title']);
trigger_error($user->lang['REASON_REMOVED'] . adm_back_link($this->u_action));
}
else
{
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
'i' => $id,
'mode' => $mode,
'action' => $action,
'id' => $reason_id))
);
}
break;
case 'move_up':
case 'move_down':
$order = request_var('order', 0);
$order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
$sql = 'UPDATE ' . REASONS_TABLE . '
SET reason_order = ' . $order_total . ' - reason_order
WHERE reason_order IN (' . $order . ', ' . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
$db->sql_query($sql);
break;
}
// By default, check that order is valid and fix it if necessary
$sql = 'SELECT reason_id, reason_order
FROM ' . REASONS_TABLE . '
ORDER BY reason_order';
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$order = 0;
do
{
++$order;
if ($row['reason_order'] != $order)
{
$sql = 'UPDATE ' . REASONS_TABLE . "
SET reason_order = $order
WHERE reason_id = {$row['reason_id']}";
$db->sql_query($sql);
}
}
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'U_ACTION' => $this->u_action,
)
);
// Reason count
$sql = 'SELECT reason_id, COUNT(reason_id) AS reason_count
FROM ' . REPORTS_TABLE . '
GROUP BY reason_id';
$result = $db->sql_query($sql);
$reason_count = array();
while ($row = $db->sql_fetchrow($result))
{
$reason_count[$row['reason_id']] = $row['reason_count'];
}
$db->sql_freeresult($result);
$sql = 'SELECT *
FROM ' . REASONS_TABLE . '
ORDER BY reason_order ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$translated = false;
$other_reason = ($row['reason_title'] == 'other') ? true : false;
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
if (isset($user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]))
{
$row['reson_description'] = $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])];
$row['reason_title'] = $user->lang['report_reasons']['TITLE'][strtoupper($row['reason_title'])];
$translated = true;
}
$template->assign_block_vars('reasons', array(
'REASON_TITLE' => $row['reason_title'],
'REASON_DESCRIPTION' => $row['reason_description'],
'REASON_COUNT' => (isset($reason_count[$row['reason_id']])) ? $reason_count[$row['reason_id']] : 0,
'S_TRANSLATED' => $translated,
'S_OTHER_REASON' => $other_reason,
'U_EDIT' => $this->u_action . '&amp;action=edit&amp;id=' . $row['reason_id'],
'U_DELETE' => (!$other_reason) ? $this->u_action . '&amp;action=delete&amp;id=' . $row['reason_id'] : '',
'U_MOVE_UP' => $this->u_action . '&amp;action=move_up&amp;order=' . $row['reason_order'],
'U_MOVE_DOWN' => $this->u_action . '&amp;action=move_down&amp;order=' . $row['reason_order'])
);
}
$db->sql_freeresult($result);
}
}
/**
* @package module_install
*/
class acp_reasons_info
{
function module()
{
return array(
'filename' => 'acp_reasons',
'title' => 'ACP_REASONS',
'version' => '1.0.0',
'modes' => array(
'main' => array('title' => 'ACP_MANAGE_REASONS', 'auth' => 'acl_a_reasons'),
),
);
}
function install()
{
}
function uninstall()
{
}
}
?>

3
phpBB/includes/acp/acp_users.php
View File

@@ -997,7 +997,6 @@ class acp_users
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
'report_pm_notify' => false,
'topic_sk' => (string) 't',
'topic_sd' => (string) 'd',
@@ -1041,7 +1040,6 @@ class acp_users
if (!sizeof($error))
{
$this->optionset($user_row, 'popuppm', $data['popuppm']);
$this->optionset($user_row, 'report_pm_notify', $data['report_pm_notify']);
$this->optionset($user_row, 'viewimg', $data['view_images']);
$this->optionset($user_row, 'viewflash', $data['view_flash']);
$this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
@@ -1176,7 +1174,6 @@ class acp_users
'NOTIFY_BOTH' => ($notify_method == NOTIFY_BOTH) ? true : false,
'NOTIFY_PM' => (isset($data['notifypm'])) ? $data['notifypm'] : $user_row['user_notify_pm'],
'POPUP_PM' => (isset($data['popuppm'])) ? $data['popuppm'] : $this->optionget($user_row, 'popuppm'),
'REPORT_PM_NOTIFY' => (isset($data['report_pm_notify'])) ? $data['report_pm_notify'] : $this->optionget($user_row, 'report_pm_notify'),
'DST' => (isset($data['dst'])) ? $data['dst'] : $user_row['user_dst'],
'BBCODE' => (isset($data['bbcode'])) ? $data['bbcode'] : $this->optionget($user_row, 'bbcode'),
'SMILIES' => (isset($data['smilies'])) ? $data['smilies'] : $this->optionget($user_row, 'smilies'),

66
phpBB/includes/acp/auth.php
View File

@@ -305,6 +305,12 @@ class auth_admin extends auth
$s_role_js_array = array();
while ($row = $db->sql_fetchrow($result))
{
$flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1);
if ($flag == $row['auth_option'])
{
continue;
}
if (!isset($s_role_js_array[$row['role_id']]))
{
$s_role_js_array[$row['role_id']] = "\n" . 'role_options[' . $row['role_id'] . '] = new Array();' . "\n";
@@ -687,7 +693,7 @@ class auth_admin extends auth
list(, $flag) = each(array_keys($auth));
$flag = substr($flag, 0, strpos($flag, '_') + 1);
// This ID (the any-flag) is only set if roles are assigned - this makes it very easy to determine the correct roles
// This ID (the any-flag) is set if one or more permissions are true...
$any_option_id = (int) $this->option_ids[$flag];
// Remove any-flag from auth ary
@@ -709,6 +715,38 @@ class auth_admin extends auth
AND auth_option_id IN ($any_option_id, " . implode(', ', $auth_option_ids) . ')';
$db->sql_query($sql);
// Remove those having a role assigned... the correct type of course...
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "
WHERE role_type = '" . $db->sql_escape($flag) . "'";
$result = $db->sql_query($sql);
$role_ids = array();
while ($row = $db->sql_fetchrow($result))
{
$role_ids[] = $row['role_id'];
}
$db->sql_freeresult($result);
if (sizeof($role_ids))
{
$sql = "DELETE FROM $table
WHERE forum_id $forum_sql
AND $id_field $ug_id_sql
AND auth_option_id = 0
AND auth_role_id IN (" . implode(', ', $role_ids) . ')';
$db->sql_query($sql);
}
// Ok, include the any-flag if one or more auth options are set to yes...
foreach ($auth as $auth_option => $setting)
{
if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NO))
{
$auth[$flag] = ACL_YES;
}
}
$sql_ary = array();
foreach ($forum_id as $forum)
{
@@ -721,7 +759,7 @@ class auth_admin extends auth
$sql_ary[] = array(
$id_field => (int) $id,
'forum_id' => (int) $forum,
'auth_option_id' => $any_option_id,
'auth_option_id' => 0,
'auth_setting' => 0,
'auth_role_id' => $role_id
);
@@ -781,6 +819,25 @@ class auth_admin extends auth
{
global $db;
// Get any-flag as required
list(, $flag) = each(array_keys($auth));
$flag = substr($flag, 0, strpos($flag, '_') + 1);
// Remove any-flag from auth ary
if (isset($auth[$flag]))
{
unset($auth[$flag]);
}
// Re-set any flag...
foreach ($auth as $auth_option => $setting)
{
if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NO))
{
$auth[$flag] = ACL_YES;
}
}
// Remove current auth options...
$sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
WHERE role_id = ' . $role_id;
@@ -867,9 +924,10 @@ class auth_admin extends auth
// First of all, lets grab the items having roles with the specified auth options assigned
$sql = "SELECT auth_role_id, $id_field, forum_id
FROM $table
FROM $table, " . ACL_ROLES_TABLE . " r
WHERE auth_role_id <> 0
AND auth_option_id = {$auth_id_ary[$permission_type]}
AND auth_role_id = r.role_id
AND r.role_type = '{$permission_type}'
AND " . implode(' AND ', $where_sql) . '
ORDER BY auth_role_id';
$result = $db->sql_query($sql);