mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-04 07:47:34 +02:00
Code Issues Releases Wiki Activity

- added confirm box to ucp zebra (adding fried/foe)

Browse Source 
- permission fixes for conversions
- use more appropiate error message within convertor if source tables could not be found
- other tiny fixes


git-svn-id: file:///svn/phpbb/trunk@6925 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2007-01-24 11:29:56 +00:00
parent 180a5a243d
commit 9e5c25504e
17 changed files with 233 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
phpBB/includes/acp/acp_ban.php
View File

@@ -40,17 +40,23 @@ class acp_ban
$ban_reason = request_var('banreason', '', true);
$ban_give_reason = request_var('bangivereason', '', true);
user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
if ($ban)
{
user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action));
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action));
}
}
else if ($unbansubmit)
{
$ban = request_var('unban', array(''));
user_unban($mode, $ban);
if ($ban)
{
user_unban($mode, $ban);
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action));
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . adm_back_link($this->u_action));
}
}
// Define language vars

11
phpBB/includes/acp/acp_language.php
View File

@@ -320,7 +320,16 @@ class acp_language
}
$transfer->rename($lang_path . $file, $lang_path . $file . '.bak');
$transfer->copy_file('store/' . $lang_path . $file, $lang_path . $file);
$result = $transfer->copy_file('store/' . $lang_path . $file, $lang_path . $file);
if ($result === false)
{
// If failed, try to rename again and print error out...
$transfer->rename($lang_path . $file . '.bak', $lang_path . $file);
trigger_error($user->lang['UPLOAD_FAILED'] . adm_back_link($this->u_action . '&action=details&id=' . $lang_id . '&language_file=' . urlencode($selected_lang_file)), E_USER_WARNING);
}
$transfer->close_session();
// Remove from storage folder

2
phpBB/includes/functions_module.php
View File

@@ -445,7 +445,7 @@ class p_master
}
// Add url_extra parameter to u_action url
if ($this->module_ary[$this->active_module_row_id]['url_extra'])
if (!empty($this->module_ary) && $this->active_module !== false && $this->module_ary[$this->active_module_row_id]['url_extra'])
{
$this->module->u_action .= $this->module_ary[$this->active_module_row_id]['url_extra'];
}

6
phpBB/includes/functions_transfer.php
View File

@@ -32,8 +32,8 @@ class transfer
{
global $phpbb_root_path;
$this->file_perms = 644;
$this->dir_perms = 777;
$this->file_perms = '0644';
$this->dir_perms = '0777';
// We use the store directory as temporary path to circumvent open basedir restrictions
$this->tmp_path = $phpbb_root_path . 'store/';
@@ -382,7 +382,7 @@ class ftp extends transfer
}
else
{
$chmod_cmd = 'CHMOD 0' . $perms . ' ' . $file;
$chmod_cmd = 'CHMOD ' . $perms . ' ' . $file;
$err = $this->_site($chmod_cmd);
}

4
phpBB/includes/functions_upload.php
View File

@@ -50,8 +50,8 @@ class filespec
$this->filename = $upload_ary['tmp_name'];
$this->filesize = $upload_ary['size'];
$this->realname = $this->uploadname = trim(htmlspecialchars(basename($upload_ary['name'])));
$this->mimetype = $upload_ary['type'];
$name = trim(htmlspecialchars(basename($upload_ary['name'])));
$this->realname = $this->uploadname = (STRIP) ? stripslashes($name) : $name;
// Opera adds the name to the mime type
$this->mimetype = (strpos($this->mimetype, '; name') !== false) ? str_replace(strstr($this->mimetype, '; name'), '', $this->mimetype) : $this->mimetype;

3
phpBB/includes/functions_user.php
View File

@@ -825,6 +825,9 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
AND ban_exclude = $ban_exclude";
$result = $db->sql_query($sql);
// Reset $sql_where, because we use it later...
$sql_where = '';
if ($row = $db->sql_fetchrow($result))
{
$banlist_ary_tmp = array();

14
phpBB/includes/mcp/mcp_ban.php
View File

@@ -43,17 +43,23 @@ class mcp_ban
$ban_reason = request_var('banreason', '', true);
$ban_give_reason = request_var('bangivereason', '', true);
user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
if ($ban)
{
user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason);
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">&laquo; ' . $user->lang['BACK_TO_PREV'] . '</a>');
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">&laquo; ' . $user->lang['BACK_TO_PREV'] . '</a>');
}
}
else if ($unbansubmit)
{
$ban = request_var('unban', array(''));
user_unban($mode, $ban);
if ($ban)
{
user_unban($mode, $ban);
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">&laquo; ' . $user->lang['BACK_TO_PREV'] . '</a>');
trigger_error($user->lang['BAN_UPDATE_SUCCESSFUL'] . '<br /><br /><a href="' . $this->u_action . '">&laquo; ' . $user->lang['BACK_TO_PREV'] . '</a>');
}
}
// Ban length options

301
phpBB/includes/ucp/ucp_zebra.php
View File

@@ -40,159 +40,174 @@ class ucp_zebra
$data[$var] = request_var($var, $default, true);
}
if ($data['add'])
if (!empty($data['add']) || sizeof($data['usernames']))
{
$data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add'])));
// Do these name/s exist on a list already? If so, ignore ... we could be
// 'nice' and automatically handle names added to one list present on
// the other (by removing the existing one) ... but I have a feeling this
// may lead to complaints
$sql = 'SELECT z.*, u.username, u.username_clean
FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
WHERE z.user_id = ' . $user->data['user_id'] . '
AND u.user_id = z.zebra_id';
$result = $db->sql_query($sql);
$friends = $foes = array();
while ($row = $db->sql_fetchrow($result))
if (confirm_box(true))
{
if ($row['friend'])
if ($data['add'])
{
$friends[] = utf8_clean_string($row['username']);
$data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add'])));
// Do these name/s exist on a list already? If so, ignore ... we could be
// 'nice' and automatically handle names added to one list present on
// the other (by removing the existing one) ... but I have a feeling this
// may lead to complaints
$sql = 'SELECT z.*, u.username, u.username_clean
FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
WHERE z.user_id = ' . $user->data['user_id'] . '
AND u.user_id = z.zebra_id';
$result = $db->sql_query($sql);
$friends = $foes = array();
while ($row = $db->sql_fetchrow($result))
{
if ($row['friend'])
{
$friends[] = utf8_clean_string($row['username']);
}
else
{
$foes[] = utf8_clean_string($row['username']);
}
}
$db->sql_freeresult($result);
// remove friends from the username array
$n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], $friends);
if (sizeof($data['add']) < $n && $mode == 'foes')
{
$error[] = $user->lang['NOT_ADDED_FOES_FRIENDS'];
}
// remove foes from the username array
$n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], $foes);
if (sizeof($data['add']) < $n && $mode == 'friends')
{
$error[] = $user->lang['NOT_ADDED_FRIENDS_FOES'];
}
// remove the user himself from the username array
$n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username'])));
if (sizeof($data['add']) < $n)
{
$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF'];
}
unset($friends, $foes, $n);
if (sizeof($data['add']))
{
$sql = 'SELECT user_id, user_type
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $data['add']) . '
AND user_type <> ' . USER_INACTIVE;
$result = $db->sql_query($sql);
$user_id_ary = array();
while ($row = $db->sql_fetchrow($result))
{
if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE)
{
$user_id_ary[] = $row['user_id'];
}
else
{
$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS'];
}
}
$db->sql_freeresult($result);
if (sizeof($user_id_ary))
{
// Remove users from foe list if they are admins or moderators
if ($mode == 'foes')
{
$perms = array();
foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
{
foreach ($forum_ary as $auth_option => $user_ary)
{
$perms = array_merge($perms, $user_ary);
}
}
$perms = array_unique($perms);
if (sizeof($perms))
{
$error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN'];
}
// This may not be right ... it may yield true when perms equate to deny
$user_id_ary = array_diff($user_id_ary, $perms);
unset($perms);
}
if (sizeof($user_id_ary))
{
$sql_mode = ($mode == 'friends') ? 'friend' : 'foe';
$sql_ary = array();
foreach ($user_id_ary as $zebra_id)
{
$sql_ary[] = array(
'user_id' => $user->data['user_id'],
'zebra_id' => (int) $zebra_id,
$sql_mode => 1
);
}
$db->sql_multi_insert(ZEBRA_TABLE, $sql_ary);
$updated = true;
}
unset($user_id_ary);
}
else if (!sizeof($error))
{
$error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE'];
}
}
}
else if (sizeof($data['usernames']))
{
// Force integer values
$data['usernames'] = array_map('intval', $data['usernames']);
$sql = 'DELETE FROM ' . ZEBRA_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . '
AND ' . $db->sql_in_set('zebra_id', $data['usernames']);
$db->sql_query($sql);
$updated = true;
}
if ($updated)
{
meta_refresh(3, $this->u_action);
$message = $user->lang[$l_mode . '_UPDATED'] . '<br />' . implode('<br />', $error) . ((sizeof($error)) ? '<br />' : '') . '<br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
trigger_error($message);
}
else
{
$foes[] = utf8_clean_string($row['username']);
$template->assign_var('ERROR', implode('<br />', $error));
}
}
$db->sql_freeresult($result);
// remove friends from the username array
$n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], $friends);
if (sizeof($data['add']) < $n && $mode == 'foes')
else
{
$error[] = $user->lang['NOT_ADDED_FOES_FRIENDS'];
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
'mode' => $mode,
'submit' => true,
'usernames' => $data['usernames'],
'add' => $data['add']))
);
}
// remove foes from the username array
$n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], $foes);
if (sizeof($data['add']) < $n && $mode == 'friends')
{
$error[] = $user->lang['NOT_ADDED_FRIENDS_FOES'];
}
// remove the user himself from the username array
$n = sizeof($data['add']);
$data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username'])));
if (sizeof($data['add']) < $n)
{
$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF'];
}
unset($friends, $foes, $n);
if (sizeof($data['add']))
{
$sql = 'SELECT user_id, user_type
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $data['add']) . '
AND user_type <> ' . USER_INACTIVE;
$result = $db->sql_query($sql);
$user_id_ary = array();
while ($row = $db->sql_fetchrow($result))
{
if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE)
{
$user_id_ary[] = $row['user_id'];
}
else
{
$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS'];
}
}
$db->sql_freeresult($result);
if (sizeof($user_id_ary))
{
// Remove users from foe list if they are admins or moderators
if ($mode == 'foes')
{
$perms = array();
foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
{
foreach ($forum_ary as $auth_option => $user_ary)
{
$perms = array_merge($perms, $user_ary);
}
}
$perms = array_unique($perms);
if (sizeof($perms))
{
$error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN'];
}
// This may not be right ... it may yield true when perms equate to deny
$user_id_ary = array_diff($user_id_ary, $perms);
unset($perms);
}
if (sizeof($user_id_ary))
{
$sql_mode = ($mode == 'friends') ? 'friend' : 'foe';
$sql_ary = array();
foreach ($user_id_ary as $zebra_id)
{
$sql_ary[] = array(
'user_id' => $user->data['user_id'],
'zebra_id' => (int) $zebra_id,
$sql_mode => 1
);
}
$db->sql_multi_insert(ZEBRA_TABLE, $sql_ary);
$updated = true;
}
unset($user_id_ary);
}
else if (!sizeof($error))
{
$error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE'];
}
}
}
else if (sizeof($data['usernames']))
{
// Force integer values
$data['usernames'] = array_map('intval', $data['usernames']);
$sql = 'DELETE FROM ' . ZEBRA_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . '
AND ' . $db->sql_in_set('zebra_id', $data['usernames']);
$db->sql_query($sql);
$updated = true;
}
if ($updated)
{
meta_refresh(3, $this->u_action);
$message = $user->lang[$l_mode . '_UPDATED'] . '<br />' . implode('<br />', $error) . ((sizeof($error)) ? '<br />' : '') . '<br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
trigger_error($message);
}
else
{
$template->assign_var('ERROR', implode('<br />', $error));
}
}