mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-06 23:55:26 +02:00
Code Issues Releases Wiki Activity

...see if i am able to break the cookie tracking system this time. :D

Browse Source 
- made some session code updates
- added new acl function (might be helpful later)


git-svn-id: file:///svn/phpbb/trunk@5038 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2005-01-02 19:06:45 +00:00
parent cf54570f6c
commit a082635b76
3 changed files with 61 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
phpBB/includes/functions.php
View File

@ -687,6 +687,11 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
$type = TRACK_POSTED;
case 'topic':
if (!isset($type))
{
$type = TRACK_NORMAL;
}
$forum_id = (int) $forum_id[0];
// Mark a topic as read
@ -735,12 +740,17 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
}
}
if (base_convert($tracking[$forum_id][0], 36, 10) < $current_time)
if (isset($tracking[$forum_id]) && base_convert($tracking[$forum_id][0], 36, 10) < $current_time)
{
$tracking[$forum_id][base_convert($topic_id, 10, 36)] = base_convert($current_time - $config['board_startdate'], 10, 36);
$user->set_cookie('track', serialize($tracking), time() + 31536000);
}
else if (!isset($tracking[$forum_id]))
{
$tracking[$forum_id][0] = base_convert($current_time - $config['board_startdate'], 10, 36);
$user->set_cookie('track', serialize($tracking), time() + 31536000);
}
unset($tracking);
}
break;
@ -1389,7 +1399,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
if (defined('DEBUG_EXTRA'))
{
// Remove me
if (!strstr($errfile, '/cache/') && !strstr($errfile, 'template.php'))
if (!strstr($errfile, 'cache') && !strstr($errfile, 'template.php'))
{
echo "<b>PHP Notice</b>: in file <b>$errfile</b> on line <b>$errline</b>: <b>$msg_text</b><br>";
}

51
phpBB/includes/session.php
View File

@ -146,6 +146,7 @@ class session
{
$bot = $row['user_id'];
}
if ($row['bot_ip'] && (!$row['bot_agent'] || $bot))
{
foreach (explode(',', $row['bot_ip']) as $bot_ip)
@ -186,10 +187,20 @@ class session
$db->sql_freeresult($result);
// Check autologin request, is it valid?
if (empty($this->data) || ($this->data['user_password'] != $autologin && !$set_autologin) || ($this->data['user_type'] == USER_INACTIVE && !$bot))
if ($this->data === false || ($this->data['user_password'] != $autologin && !$set_autologin) || ($this->data['user_type'] == USER_INACTIVE && !$bot))
{
$autologin = '';
$this->data['user_id'] = $user_id = ANONYMOUS;
$sql = 'SELECT u.*, g.*
FROM ' . USERS_TABLE . ' u, ' . GROUPS_TABLE . ' g
WHERE u.user_id = ' . ANONYMOUS;
$result = $db->sql_query($sql);
$this->data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$this->data['session_time'] = 0;
}
// If we're a bot then we'll re-use an existing id if available
@ -456,7 +467,14 @@ class session
{
global $config;
setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
if ($config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1')
{
setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path']);
}
else
{
setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
}
}
}
@ -1106,6 +1124,35 @@ class auth
return $hold_ary;
}
function acl_group_raw_data($group_id = false, $opts = false, $forum_id = false)
{
global $db;
$sql_group = ($group_id) ? ((!is_array($group_id)) ? "group_id = $group_id" : 'group_id IN (' . implode(', ', $group_id) . ')') : '';
$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
$sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . \$db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
$hold_ary = array();
// Grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
$sql = 'SELECT a.group_id, ao.auth_option, a.forum_id, a.auth_setting
FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
WHERE ao.auth_option_id = a.auth_option_id
' . (($sql_group) ? 'AND a.' . $sql_group : '') . "
$sql_forum
$sql_opts
ORDER BY a.forum_id, ao.auth_option";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$hold_ary[$row['group_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
return $hold_ary;
}
// Clear one or all users cached permission settings
function acl_clear_prefetch($user_id = false)
{

6
phpBB/viewforum.php
View File

@ -69,12 +69,6 @@ else
$sql_lastread = $lastread_select = '';
$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_track'])) : array();
if (!isset($tracking_topics[$forum_id]) && $user->data['user_id'] != ANONYMOUS)
{
markread('mark', $forum_id);
redirect("viewforum.$phpEx$SID&amp;f=$forum_id");
}
}
$sql_from = ($sql_lastread) ? '((' . FORUMS_TABLE . ' f LEFT JOIN ' . FORUMS_WATCH_TABLE . ' fw ON (fw.forum_id = f.forum_id AND fw.user_id = ' . $user->data['user_id'] . ")) $sql_lastread)" : '(' . FORUMS_TABLE . ' f LEFT JOIN ' . FORUMS_WATCH_TABLE . ' fw ON (fw.forum_id = f.forum_id AND fw.user_id = ' . $user->data['user_id'] . '))';