diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php
index 8604220ebe..19511c22bb 100644
--- a/phpBB/admin/admin_smilies.php
+++ b/phpBB/admin/admin_smilies.php
@@ -447,6 +447,9 @@ else if ( $mode != "" )
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+ $smile_code = trim($smile_code);
+ $smile_url = trim($smile_url);
+ $smile_emotion = trim($smile_emotion);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
@@ -553,4 +556,4 @@ else
//
include('./page_footer_admin.'.$phpEx);
-?>
+?>
\ No newline at end of file
diff --git a/phpBB/admin/admin_ug_auth.php b/phpBB/admin/admin_ug_auth.php
index 44bb276320..d61a9b7afd 100644
--- a/phpBB/admin/admin_ug_auth.php
+++ b/phpBB/admin/admin_ug_auth.php
@@ -508,6 +508,48 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
}
}
+ $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
+ WHERE group_id = $group_id";
+ $result = $db->sql_query($sql);
+
+ $group_user = array();
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $group_user[$row['user_id']] = $row['user_id'];
+ }
+ $db->sql_freeresult($result);
+
+ $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod
+ FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
+ WHERE ug.user_id IN (" . implode(', ', $group_user) . ")
+ AND aa.group_id = ug.group_id
+ AND aa.auth_mod = 1
+ GROUP BY ug.user_id";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
+ }
+
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['is_auth_mod'])
+ {
+ unset($group_user[$row['user_id']]);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ if (sizeof($group_user))
+ {
+ $sql = "UPDATE " . USERS_TABLE . "
+ SET user_level = " . USER . "
+ WHERE user_id IN (" . implode(', ', $group_user) . ")";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
+ }
+ }
+
message_die(GENERAL_MESSAGE, $message);
}
}
diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php
index 05e5d39b33..a78608d616 100644
--- a/phpBB/admin/pagestart.php
+++ b/phpBB/admin/pagestart.php
@@ -59,6 +59,11 @@ if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
redirect("index.$phpEx?sid=" . $userdata['session_id']);
}
+if (!$userdata['session_admin'])
+{
+ redirect(append_sid("login.$phpEx?redirect=admin/&admin=1", true));
+}
+
if (empty($no_page_header))
{
// Not including the pageheader can be neccesarry if META tags are
diff --git a/phpBB/db/postgres7.php b/phpBB/db/postgres7.php
index 95c697d4a5..96a90fbb1a 100644
--- a/phpBB/db/postgres7.php
+++ b/phpBB/db/postgres7.php
@@ -123,7 +123,6 @@ class sql_db
$this->num_queries++;
$query = preg_replace("/LIMIT ([0-9]+),([ 0-9]+)/", "LIMIT \\2 OFFSET \\1", $query);
- $query = preg_replace('#(.*WHERE.*)(username|user_email|ban_email) = \'(.*)\'#ise', "\"\\1LOWER(\\2) = '\" . strtolower('\\3') . \"'\"", $query);
if( $transaction == BEGIN_TRANSACTION && !$this->in_transaction )
{
diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html
index bebd732a88..5986ff4011 100644
--- a/phpBB/docs/INSTALL.html
+++ b/phpBB/docs/INSTALL.html
@@ -3,7 +3,7 @@
-phpBB 2.0.14 :: Install
+phpBB 2.0.15 :: Install