mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-06 15:45:34 +02:00
Code Issues Releases Wiki Activity

Two changes:

Browse Source 
- Improved error handling on topic/post ids
- Escape rdns results in case someone has a hostname containing special characters


git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5478 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Graham Eames 2006-01-20 19:50:27 +00:00
parent 43edfa0c4f
commit b406cb7239
1 changed files with 17 additions and 2 deletions

19
phpBB/modcp.php

@ -230,6 +230,11 @@ switch( $mode )
if ( $confirm )
{
if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) )
{
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
@ -256,6 +261,11 @@ switch( $mode )
}
$db->sql_freeresult($result);
if ( $topic_id_sql == '')
{
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
$sql = "SELECT poster_id, COUNT(post_id) AS posts
FROM " . POSTS_TABLE . "
WHERE topic_id IN ($topic_id_sql)
@ -737,6 +747,11 @@ switch( $mode )
}
$db->sql_freeresult($result);
if ($post_id_sql == '')
{
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
$sql = "SELECT post_id, poster_id, topic_id, post_time
FROM " . POSTS_TABLE . "
WHERE post_id IN ($post_id_sql)
@ -987,7 +1002,7 @@ switch( $mode )
}
$ip_this_post = decode_ip($post_row['poster_ip']);
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? gethostbyaddr($ip_this_post) : $ip_this_post;
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? htmlspecialchars(gethostbyaddr($ip_this_post)) : $ip_this_post;
$poster_id = $post_row['poster_id'];
@ -1033,7 +1048,7 @@ switch( $mode )
}
$ip = decode_ip($row['poster_ip']);
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? gethostbyaddr($ip) : $ip;
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? htmlspecialchars(gethostbyaddr($ip)) : $ip;
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];