diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 8604220ebe..19511c22bb 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -447,6 +447,9 @@ else if ( $mode != "" ) $smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code']; $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; + $smile_code = trim($smile_code); + $smile_url = trim($smile_url); + $smile_emotion = trim($smile_emotion); // If no code was entered complain ... if ($smile_code == '' || $smile_url == '') @@ -553,4 +556,4 @@ else // include('./page_footer_admin.'.$phpEx); -?> +?> \ No newline at end of file diff --git a/phpBB/admin/admin_ug_auth.php b/phpBB/admin/admin_ug_auth.php index 44bb276320..d61a9b7afd 100644 --- a/phpBB/admin/admin_ug_auth.php +++ b/phpBB/admin/admin_ug_auth.php @@ -508,6 +508,48 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || ( } } + $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . " + WHERE group_id = $group_id"; + $result = $db->sql_query($sql); + + $group_user = array(); + while ($row = $db->sql_fetchrow($result)) + { + $group_user[$row['user_id']] = $row['user_id']; + } + $db->sql_freeresult($result); + + $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod + FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug + WHERE ug.user_id IN (" . implode(', ', $group_user) . ") + AND aa.group_id = ug.group_id + AND aa.auth_mod = 1 + GROUP BY ug.user_id"; + if ( !($result = $db->sql_query($sql)) ) + { + message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql); + } + + while ($row = $db->sql_fetchrow($result)) + { + if ($row['is_auth_mod']) + { + unset($group_user[$row['user_id']]); + } + } + $db->sql_freeresult($result); + + if (sizeof($group_user)) + { + $sql = "UPDATE " . USERS_TABLE . " + SET user_level = " . USER . " + WHERE user_id IN (" . implode(', ', $group_user) . ")"; + if ( !($result = $db->sql_query($sql)) ) + { + message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql); + } + } + message_die(GENERAL_MESSAGE, $message); } } diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 05e5d39b33..a78608d616 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -59,6 +59,11 @@ if ($HTTP_GET_VARS['sid'] != $userdata['session_id']) redirect("index.$phpEx?sid=" . $userdata['session_id']); } +if (!$userdata['session_admin']) +{ + redirect(append_sid("login.$phpEx?redirect=admin/&admin=1", true)); +} + if (empty($no_page_header)) { // Not including the pageheader can be neccesarry if META tags are diff --git a/phpBB/db/postgres7.php b/phpBB/db/postgres7.php index 95c697d4a5..96a90fbb1a 100644 --- a/phpBB/db/postgres7.php +++ b/phpBB/db/postgres7.php @@ -123,7 +123,6 @@ class sql_db $this->num_queries++; $query = preg_replace("/LIMIT ([0-9]+),([ 0-9]+)/", "LIMIT \\2 OFFSET \\1", $query); - $query = preg_replace('#(.*WHERE.*)(username|user_email|ban_email) = \'(.*)\'#ise', "\"\\1LOWER(\\2) = '\" . strtolower('\\3') . \"'\"", $query); if( $transaction == BEGIN_TRANSACTION && !$this->in_transaction ) { diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index bebd732a88..5986ff4011 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -3,7 +3,7 @@ -phpBB 2.0.14 :: Install +phpBB 2.0.15 :: Install