mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00
Code Issues Releases Wiki Activity

merge? merge.

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@8672 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2008-06-23 18:22:44 +00:00
parent 3892e7330a
commit ad739a358c
14 changed files with 153 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions.php
View File

@@ -745,7 +745,7 @@ function tz_select($default = '', $truncate = false)
{
if ($truncate)
{
$zone_trunc = truncate_string($zone, 50, false, '...');
$zone_trunc = truncate_string($zone, 50, 255, false, '...');
}
else
{

29
phpBB/includes/functions_content.php
View File

@@ -435,6 +435,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bbcode = false, $allow_urls = false, $allow_smilies = false)
{
$uid = $bitfield = '';
$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
if (!$text)
{
@@ -458,7 +459,6 @@ function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bb
$uid = '';
}
$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
$bitfield = $message_parser->bbcode_bitfield;
return;
@@ -563,7 +563,7 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
$relative_url = preg_replace('/[&?]sid=[0-9a-f]{32}$/', '', preg_replace('/([&?])sid=[0-9a-f]{32}&/', '$1', $relative_url));
$url = $url . '/' . $relative_url;
$text = $relative_url;
// this url goes to http://domain.tld/path/to/board/ which
// would result in an empty link if treated as local so
// don't touch it and let MAGIC_URL_FULL take care of it.
@@ -1062,8 +1062,16 @@ function extension_allowed($forum_id, $extension, &$extensions)
/**
* Truncates string while retaining special characters if going over the max length
* The default max length is 60 at the moment
* The maximum storage length is there to fit the string within the given length. The string may be further truncated due to html entities.
* For example: string given is 'a "quote"' (length: 9), would be a stored as 'a "quote"' (length: 19)
*
* @param string $string The text to truncate to the given length. String is specialchared.
* @param int $max_length Maximum length of string (multibyte character count as 1 char / Html entity count as 1 char)
* @param int $max_store_length Maximum character length of string (multibyte character count as 1 char / Html entity count as entity chars).
* @param bool $allow_reply Allow Re: in front of string
* @param string $append String to be appended
*/
function truncate_string($string, $max_length = 60, $allow_reply = true, $append = '')
function truncate_string($string, $max_length = 60, $max_store_length = 255, $allow_reply = true, $append = '')
{
$chars = array();
@@ -1086,6 +1094,21 @@ function truncate_string($string, $max_length = 60, $allow_reply = true, $append
$stripped = true;
}
// Due to specialchars, we may not be able to store the string...
if (utf8_strlen($string) > $max_store_length)
{
// let's split again, we do not want half-baked strings where entities are split
$_chars = utf8_str_split(htmlspecialchars_decode($string));
$chars = array_map('utf8_htmlspecialchars', $_chars);
do
{
array_pop($chars);
$string = implode('', $chars);
}
while (utf8_strlen($string) > $max_store_length || !sizeof($chars));
}
if ($strip_reply)
{
$string = 'Re: ' . $string;

30
phpBB/includes/functions_convert.php
View File

@@ -148,7 +148,7 @@ function auto_id($pad = 0)
{
return $convert_row['max_id'] + $pad;
}
return $auto_id + $pad;
}
@@ -280,7 +280,7 @@ function get_config_value($config_name)
{
$convert_config = get_config();
}
if (!isset($convert_config[$config_name]))
{
return false;
@@ -669,12 +669,12 @@ function import_avatar($source, $use_target = false, $user_id = false)
{
$convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_AVATAR_PATH'], 'import_avatar()'), __LINE__, __FILE__);
}
if ($use_target === false && $user_id !== false)
{
$use_target = $config['avatar_salt'] . '_' . $user_id . '.' . substr(strrchr($source, '.'), 1);
}
$result = _import_check('avatar_path', $source, $use_target);
return ((!empty($user_id)) ? $user_id : $use_target) . '.' . substr(strrchr($source, '.'), 1);
@@ -946,7 +946,7 @@ function get_remote_avatar_dim($src, $axis)
unset($remote_avatar_cache);
return $retval;
}
$url_info = @parse_url($src);
if (empty($url_info['host']))
{
@@ -962,19 +962,19 @@ function get_remote_avatar_dim($src, $axis)
case 'ftp':
$port = 21;
break;
case 'https':
$port = 443;
break;
default:
$port = 80;
}
}
$timeout = @ini_get('default_socket_timeout');
@ini_set('default_socket_timeout', 2);
// We're just trying to reach the server to avoid timeouts
$fp = @fsockopen($host, $port, $errno, $errstr, 1);
if ($fp)
@@ -982,11 +982,11 @@ function get_remote_avatar_dim($src, $axis)
$remote_avatar_cache[$src] = @getimagesize($src);
fclose($fp);
}
$default_x = (defined('DEFAULT_AVATAR_X_CUSTOM')) ? DEFAULT_AVATAR_X_CUSTOM : DEFAULT_AVATAR_X;
$default_y = (defined('DEFAULT_AVATAR_Y_CUSTOM')) ? DEFAULT_AVATAR_Y_CUSTOM : DEFAULT_AVATAR_Y;
$default = array($default_x, $default_y);
if (empty($remote_avatar_cache[$src]) || empty($remote_avatar_cache[$src][0]) || empty($remote_avatar_cache[$src][1]))
{
$remote_avatar_cache[$src] = $default;
@@ -1002,7 +1002,7 @@ function get_remote_avatar_dim($src, $axis)
$remote_avatar_cache[$src][1] = (int)($remote_avatar_cache[$src][1] * $ratio);
}
}
@ini_set('default_socket_timeout', $timeout);
return $remote_avatar_cache[$src][$axis];
}
@@ -1112,7 +1112,7 @@ function words_unique(&$words)
function add_user_group($group_id, $user_id, $group_leader=false)
{
global $convert, $config, $user, $db;
$sql = 'INSERT INTO ' . USER_GROUP_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'group_id' => $group_id,
'user_id' => $user_id,
@@ -1282,7 +1282,7 @@ function restore_config($schema)
// Most are...
if (is_string($config_value))
{
$config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, false);
$config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, 255, false);
}
set_config($config_name, $config_value);
@@ -2440,7 +2440,7 @@ function get_smiley_display()
function fill_dateformat($user_dateformat)
{
global $config;
return ((empty($user_dateformat)) ? $config['default_dateformat'] : $user_dateformat);
}

6
phpBB/includes/functions_posting.php
View File

@@ -360,7 +360,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
{
$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
}
if (!$local)
{
$filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false;
@@ -1340,7 +1340,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
else if ($data['topic_first_post_id'] == $post_id)
{
$post_mode = 'delete_first_post';
}
}
else if ($data['topic_last_post_id'] == $post_id)
{
$post_mode = 'delete_last_post';
@@ -1646,7 +1646,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
// Display edit info if edit reason given or user is editing his post, which is not the last within the topic.
if ($data['post_edit_reason'] || (!$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post')))
{
$data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, false);
$data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, 255, false);
$sql_data[POSTS_TABLE]['sql'] = array(
'post_edit_time' => $current_time,

119
phpBB/includes/functions_user.php
View File

@@ -733,70 +733,65 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
case 'user':
$type = 'ban_userid';
if (in_array('*', $ban_list))
// At the moment we do not support wildcard username banning
// Select the relevant user_ids.
$sql_usernames = array();
foreach ($ban_list as $username)
{
// Ban all users (it's a good thing that you can exclude people)
$banlist_ary[] = '*';
$username = trim($username);
if ($username != '')
{
$clean_name = utf8_clean_string($username);
if ($clean_name == $user->data['username_clean'])
{
trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING);
}
if (in_array($clean_name, $founder_names))
{
trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING);
}
$sql_usernames[] = $clean_name;
}
}
// Make sure we have been given someone to ban
if (!sizeof($sql_usernames))
{
trigger_error('NO_USER_SPECIFIED');
}
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $sql_usernames);
// Do not allow banning yourself
if (sizeof($founder))
{
$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true);
}
else
{
// Select the relevant user_ids.
$sql_usernames = array();
foreach ($ban_list as $username)
{
$username = trim($username);
if ($username != '')
{
$clean_name = utf8_clean_string($username);
if ($clean_name == $user->data['username_clean'])
{
trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING);
}
if (in_array($clean_name, $founder_names))
{
trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING);
}
$sql_usernames[] = $clean_name;
}
}
// Make sure we have been given someone to ban
if (!sizeof($sql_usernames))
{
trigger_error('NO_USER_SPECIFIED');
}
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $sql_usernames);
// Do not allow banning yourself
if (sizeof($founder))
{
$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true);
}
else
{
$sql .= ' AND user_id <> ' . $user->data['user_id'];
}
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
do
{
$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
}
else
{
trigger_error('NO_USERS');
}
$db->sql_freeresult($result);
$sql .= ' AND user_id <> ' . $user->data['user_id'];
}
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
do
{
$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
}
else
{
$db->sql_freeresult($result);
trigger_error('NO_USERS');
}
$db->sql_freeresult($result);
break;
case 'ip':
@@ -996,7 +991,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
switch ($mode)
{
case 'user':
$sql_where = (in_array('*', $banlist_ary)) ? '' : 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary);
$sql_where = 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary);
break;
case 'ip':
@@ -2850,7 +2845,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
{
case 'demote':
case 'promote':
$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id
AND user_pending = 1
@@ -2862,7 +2857,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
{
return 'NO_VALID_USERS';
}
$sql = 'UPDATE ' . USER_GROUP_TABLE . '
SET group_leader = ' . (($action == 'promote') ? 1 : 0) . "
WHERE group_id = $group_id

5
phpBB/includes/message_parser.php
View File

@@ -400,7 +400,10 @@ class bbcode_firstpass extends bbcode
case 'php':
$remove_tags = false;
$code = str_replace(array('&lt;', '&gt;'), array('<', '>'), $code);
$str_from = array('&lt;', '&gt;', '&#91;', '&#93;', '&#46;', '&#58;', '&#058;');
$str_to = array('<', '>', '[', ']', '.', ':', ':');
$code = str_replace($str_from, $str_to, $code);
if (!preg_match('/\<\?.*?\?\>/is', $code))
{

9
phpBB/includes/session.php
View File

@@ -1113,6 +1113,14 @@ class session
// To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again
$this->session_kill(false);
// A very special case... we are within the cron script which is not supposed to print out the ban message... show blank page
if (defined('IN_CRON'))
{
garbage_collection();
exit_handler();
exit;
}
trigger_error($message);
}
@@ -1582,6 +1590,7 @@ class user extends session
$localised_images = true;
}
$row['image_filename'] = rawurlencode($row['image_filename']);
$this->img_array[$row['image_name']] = $row;
}
$db->sql_freeresult($result);