diff --git a/phpBB/adm/admin_attachments.php b/phpBB/adm/admin_attachments.php index e129930dee..a4e6ecfed1 100644 --- a/phpBB/adm/admin_attachments.php +++ b/phpBB/adm/admin_attachments.php @@ -356,7 +356,7 @@ if ($submit && $mode == 'orphan') while ($row = $db->sql_fetchrow($result)) { echo sprintf($user->lang['UPLOADING_FILE_TO'], $upload_list[$row['post_id']], $row['post_id']) . '
'; - if (!$auth->acl_get('f_attach', $row['forum_id'])) + if (!$auth->acl_gets('f_attach', 'u_attach', $row['forum_id'])) { echo '' . sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) . '

'; } @@ -716,7 +716,7 @@ function marklist(match, name, status) sql_query($sql); while ($row = $db->sql_fetchrow($result)) @@ -918,6 +918,9 @@ function upload_file($post_id, $topic_id, $forum_id, $upload_dir, $filename) if ($filedata['post_attach'] && !sizeof($filedata['error'])) { $message_parser->attachment_data = array( + 'post_id' => $post_id, + 'poster_id' => $user->data['user_id'], + 'topic_id' => $topic_id, 'physical_filename' => $filedata['destination_filename'], 'real_filename' => $filedata['filename'], 'comment' => $message_parser->filename_data['filecomment'], @@ -936,17 +939,6 @@ function upload_file($post_id, $topic_id, $forum_id, $upload_dir, $filename) $db->sql_transaction(); - $sql = 'INSERT INTO ' . ATTACHMENTS_DESC_TABLE . ' ' . $db->sql_build_array('INSERT', $attach_sql); - $db->sql_query($sql); - - $attach_sql = array( - 'attach_id' => $db->sql_nextid(), - 'post_id' => $post_id, - 'privmsgs_id' => 0, - 'user_id_from' => $user->data['user_id'], - 'user_id_to' => 0 - ); - $sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $attach_sql); $db->sql_query($sql); diff --git a/phpBB/adm/admin_forums.php b/phpBB/adm/admin_forums.php index ee88d4d0f5..f30d63eb83 100644 --- a/phpBB/adm/admin_forums.php +++ b/phpBB/adm/admin_forums.php @@ -1307,6 +1307,8 @@ function delete_forum_content($forum_id) switch (SQL_LAYER) { case 'mysql4': + // Use delete_attachments('topic', $ids, false) here... + // Select then delete all attachments $sql = 'SELECT d.physical_filename, d.thumbnail FROM ' . POSTS_TABLE . ' p, ' . ATTACHMENTS_DESC_TABLE . ' d, ' . ATTACHMENTS_TABLE . " a diff --git a/phpBB/common.php b/phpBB/common.php index 0187566308..4e1bc628bc 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -149,7 +149,6 @@ define('ACL_DEPS_TABLE', $table_prefix.'auth_deps'); define('ACL_PRESETS_TABLE', $table_prefix.'auth_presets'); define('ACL_USERS_TABLE', $table_prefix.'auth_users'); define('ATTACHMENTS_TABLE', $table_prefix.'attachments'); -define('ATTACHMENTS_DESC_TABLE', $table_prefix.'attach_desc'); define('BANLIST_TABLE', $table_prefix.'banlist'); define('BBCODES_TABLE', $table_prefix.'bbcodes'); define('BOTS_TABLE', $table_prefix.'bots'); diff --git a/phpBB/download.php b/phpBB/download.php index 209a969caf..c728777d02 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -36,7 +36,7 @@ if (!$config['allow_attachments']) } $sql = 'SELECT * - FROM ' . ATTACHMENTS_DESC_TABLE . " + FROM ' . ATTACHMENTS_TABLE . " WHERE attach_id = $download_id"; $result = $db->sql_query_limit($sql, 1); @@ -46,42 +46,24 @@ if (!($attachment = $db->sql_fetchrow($result))) } $db->sql_freeresult($result); -// get forum_id for attachment authorization or private message authorization -$authorised = false; - // Additional query, because of more than one attachment assigned to posts and private messages -$sql = 'SELECT a.*, p.forum_id, f.forum_password, f.parent_id - FROM ' . ATTACHMENTS_TABLE . ' a, ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f - WHERE a.attach_id = ' . $attachment['attach_id'] . ' - AND ((a.post_id = p.post_id AND p.forum_id = f.forum_id) - OR a.post_id = 0)'; -$result = $db->sql_query($sql); - -while ($row = $db->sql_fetchrow($result)) -{ - if ($row['post_id'] && $auth->acl_get('f_download', $row['forum_id'])) - { - if ($row['forum_password']) - { - // Do something else ... ? - login_forum_box($row); - } - - $authorised = TRUE; - break; - } - else - { - if ($config['allow_pm_attach'] && ($user->data['user_id'] == $row['user_id_2'] || $user->data['user_id'] == $row['user_id_1'])) - { - $authorised = TRUE; - break; - } - } -} +$sql = 'SELECT p.forum_id, f.forum_password, f.parent_id + FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f + WHERE p.post_id = ' . $attachment['post_id'] . ' + AND p.forum_id = f.forum_id'; +$result = $db->sql_query_limit($sql, 1); +$row = $db->sql_fetchrow($result); $db->sql_freeresult($result); -if (!$authorised) +if ($auth->acl_gets('f_download', 'u_download', $row['forum_id'])) +{ + if ($row['forum_password']) + { + // Do something else ... ? + login_forum_box($row); + } +} +else { trigger_error('SORRY_AUTH_VIEW_ATTACH'); } @@ -105,7 +87,7 @@ if ($thumbnail) else { // Update download count - $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . ' + $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET download_count = download_count + 1 WHERE attach_id = ' . $attachment['attach_id']; $db->sql_query($sql); diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php index f5f89e3d1e..82eef2290b 100644 --- a/phpBB/includes/db/mysql.php +++ b/phpBB/includes/db/mysql.php @@ -381,7 +381,7 @@ class sql_db // DEBUG function sql_report($mode, $query = '') { - if (empty($_GET['explain'])) + if (empty($_REQUEST['explain'])) { return; } diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 9eac5d44ce..3faef1a8de 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -431,7 +431,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = TRUE) } unset($table_ary); - delete_attachments($post_ids); + delete_attachments('post', $post_ids, FALSE); $db->sql_transaction('commit'); @@ -466,215 +466,152 @@ function delete_posts($where_type, $where_ids, $auto_sync = TRUE) } // Delete Attachments -function delete_attachments($post_id_array = -1, $attach_id_array = -1, $page = 'post', $user_id = -1) +// mode => (post, topic, attach, user) +// ids => (post_ids, topic_ids, attach_ids, user_ids) +// resync => set this to false if you are deleting posts or topics... +function delete_attachments($mode, $ids, $resync = TRUE) { global $db; - if ($post_id_array == -1 && $attach_id_array == -1 && $page == -1) + if (is_array($ids)) { - return; + $ids = array_unique($ids); } - - // Generate Array, if it's not an array - if ($post_id_array == -1 && $attach_id_array != -1) - { - $post_id_array = array(); - - if (!is_array($attach_id_array)) - { - $attach_id_array = (strstr($attach_id_array, ',')) ? explode(',', str_replace(', ', ',', $attach_id_array)) : array((int) $attach_id_array); - } - // Get the post_ids to fill the array - $sql = 'SELECT ' . (($page == 'privmsgs') ? 'privmsgs_id' : 'post_id') . ' as id - FROM ' . ATTACHMENTS_TABLE . ' - WHERE attach_id IN (' . implode(', ', $attach_id_array) . ') - GROUP BY id'; - $result = $db->sql_query($sql); - - if (!($row = $db->sql_fetchrow($result))) - { - return; - } - - do - { - $post_id_array[] = $row['id']; - } - while ($row = $db->sql_fetchrow($result)); - $db->sql_freeresult($result); - } - - if (!is_array($post_id_array)) + if (!sizeof($ids)) { - if (trim($post_id_array) == '') - { - return; - } - - $post_id_array = (strstr($post_id_array, ',')) ? explode(',', str_replace(', ', ',', $attach_id_array)) : array((int) $post_id_array); - } - - if (!count($post_id_array)) - { - return; + return false; } - // First of all, determine the post id and attach_id - if ($attach_id_array == -1) - { - $attach_id_array = array(); + $sql_id = ($mode == 'user') ? 'poster_id' : (($mode == 'post') ? 'post_id' : (($mode == 'topic') ? 'topic_id' : 'attach_id')); - // Get the attach_ids to fill the array - $sql = 'SELECT attach_id + $post_ids = $topic_ids = $physical = array(); + + // Collect post and topics ids for later use + if ($mode == 'attach' || $mode == 'user' || ($mode == 'topic' && $resync)) + { + $sql = 'SELECT post_id, topic_id, physical_filename, thumbnail FROM ' . ATTACHMENTS_TABLE . ' - WHERE ' . (($page == 'privmsgs') ? 'privmsgs_id' : 'post_id') . ' IN (' . implode(', ', $post_id_array) . ') - GROUP BY attach_id'; + WHERE ' . $sql_id . ' IN (' . implode(', ', $ids) . ')'; $result = $db->sql_query($sql); - - if (!($row = $db->sql_fetchrow($result))) - { - return; - } - - do - { - $attach_id_array[] = $row['attach_id']; - } - while ($row = $db->sql_fetchrow($result)); - $db->sql_freeresult($result); - } - - if (!is_array($attach_id_array)) - { - $attach_id_array = (strstr($post_id_array, ',')) ? explode(',', str_replace(', ', ',', $attach_id_array)) : array((int) $attach_id_array); - } - - if (!count($attach_id_array)) - { - return; - } - - $sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . ' - WHERE attach_id IN (' . implode(', ', $attach_id_array) . ') - AND post_id IN (' . implode(', ', $post_id_array) . ')'; - $db->sql_query($sql); - - foreach ($attach_id_array as $attach_id) - { - $sql = 'SELECT attach_id - FROM ' . ATTACHMENTS_TABLE . " - WHERE attach_id = $attach_id"; - $select_result = $db->sql_query($sql); - - if (!is_array($db->sql_fetchrow($select_result))) - { - $sql = 'SELECT attach_id, physical_filename, thumbnail - FROM ' . ATTACHMENTS_DESC_TABLE . " - WHERE attach_id = $attach_id"; - $result = $db->sql_query($sql); - - // delete attachments - while ($row = $db->sql_fetchrow($result)) - { - phpbb_unlink($row['physical_filename'], 'file'); - if ($row['thumbnail']) - { - phpbb_unlink($row['physical_filename'], 'thumbnail'); - } - - $sql = 'DELETE FROM ' . ATTACHMENTS_DESC_TABLE . ' - WHERE attach_id = ' . $row['attach_id']; - $db->sql_query($sql); - } - $db->sql_freeresult($result); - } - $db->sql_freeresult($select_result); - } - - // Now Sync the Topic/PM - if ($page == 'privmsgs') - { - foreach ($post_id_array as $privmsgs_id) - { - $sql = 'SELECT attach_id - FROM ' . ATTACHMENTS_TABLE . ' - WHERE privmsgs_id = ' . $privmsgs_id; - $select_result = $db->sql_query($sql); - - if (!is_array($db->sql_fetchrow($select_result))) - { - $sql = 'UPDATE ' . PRIVMSGS_TABLE . ' - SET privmsgs_attachment = 0 - WHERE privmsgs_id = ' . $privmsgs_id; - $db->sql_query($sql); - } - $db->sql_freeresult($select_result); - } - } - else - { - $sql = 'SELECT topic_id - FROM ' . POSTS_TABLE . ' - WHERE post_id IN (' . implode(', ', $post_id_array) . ') - GROUP BY topic_id'; - $result = $db->sql_query($sql); - + while ($row = $db->sql_fetchrow($result)) { - $topic_id = $row['topic_id']; - - $sql = 'SELECT post_id - FROM ' . POSTS_TABLE . " - WHERE topic_id = $topic_id - GROUP BY post_id"; - $result2 = $db->sql_query($sql); - - $post_ids = array(); - - while ($post_row = $db->sql_fetchrow($result2)) - { - $post_ids[] = $post_row['post_id']; - } - $db->sql_freeresult($result2); - - if (count($post_ids)) - { - $post_id_sql = implode(', ', $post_ids); - - $sql = 'SELECT attach_id - FROM ' . ATTACHMENTS_TABLE . " - WHERE post_id IN ($post_id_sql)"; - $select_result = $db->sql_query_limit($sql, 1); - $set_id = (!is_array($db->sql_fetchrow($select_result))) ? 0 : 1; - $db->sql_freeresult($select_result); - - $sql = 'UPDATE ' . TOPICS_TABLE . " - SET topic_attachment = $set_id - WHERE topic_id = $topic_id"; - $db->sql_query($sql); - - foreach ($post_ids as $post_id) - { - $sql = 'SELECT attach_id - FROM ' . ATTACHMENTS_TABLE . " - WHERE post_id = $post_id"; - $select_result = $db->sql_query_limit($sql, 1); - $set_id = (!is_array($db->sql_fetchrow($select_result))) ? 0 : 1; - $db->sql_freeresult($select_result); - - $sql = 'UPDATE ' . POSTS_TABLE . " - SET post_attachment = $set_id - WHERE post_id = $post_id"; - $db->sql_query($sql); - } - } + $post_ids[] = $row['post_id']; + $topic_ids[] = $row['topic_id']; + $physical[] = array('filename' => $row['physical_filename'], 'thumbnail' => $row['thumbnail']); } $db->sql_freeresult($result); } - // TODO - // Return number of deleted attachments + if ($mode == 'post') + { + $sql = 'SELECT topic_id, physical_filename, thumbnail + FROM ' . ATTACHMENTS_TABLE . ' + WHERE post_id IN (' . implode(', ', $ids) . ')'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $topic_ids[] = $row['topic_id']; + $physical[] = array('filename' => $row['physical_filename'], 'thumbnail' => $row['thumbnail']); + } + $db->sql_freeresult($result); + } + + // Delete attachments + $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $sql_id . ' IN (' . implode(', ', $ids) . ')'); + $num_deleted = $db->sql_affectedrows(); + + // Delete attachments from filesystem + foreach ($physical as $file_ary) + { + phpbb_unlink($file_ary['filename'], 'file'); + if ($file_ary['thumbnail']) + { + phpbb_unlink($file_ary['filename'], 'thumbnail'); + } + } + + if ($mode == 'topic' && !$resync) + { + return $num_deleted; + } + + if ($mode == 'post') + { + $post_ids = $ids; + } + unset($ids); + + $post_ids = array_unique($post_ids); + $topic_ids = array_unique($topic_ids); + + // Update post indicators + if ($mode == 'post' || $mode == 'topic') + { + $db->sql_query('UPDATE ' . POSTS_TABLE . ' + SET post_attachment = 0 + WHERE post_id IN (' . implode(', ', $post_ids) . ')'); + } + + if ($mode == 'user' || $mode == 'attach') + { + $remaining = array(); + + $sql = 'SELECT post_id + FROM ' . ATTACHMENTS_TABLE . ' + WHERE post_id IN (' . implode(', ', $post_ids) . ')'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $remaining[] = $row['post_id']; + } + $db->sql_fetchrow($result); + + $unset_ids = array_diff($post_ids, $remaining); + if (sizeof($delete_ids)) + { + $db->sql_query('UPDATE ' . POSTS_TABLE . ' + SET post_attachment = 0 + WHERE post_id IN (' . implode(', ', $unset_ids) . ')'); + } + } + + // Update topic indicator + if ($mode == 'topic') + { + $db->sql_query('UPDATE ' . TOPICS_TABLE . ' + SET topic_attachment = 0 + WHERE topic_id IN (' . implode(', ', $topic_ids) . ')'); + } + + if ($mode == 'post' || $mode == 'user' || $mode == 'attach') + { + $remaining = array(); + + $sql = 'SELECT topic_id + FROM ' . ATTACHMENTS_TABLE . ' + WHERE topic_id IN (' . implode(', ', $topic_ids) . ')'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $remaining[] = $row['topic_id']; + } + $db->sql_fetchrow($result); + + $unset_ids = array_diff($topic_ids, $remaining); + if (sizeof($unset_ids)) + { + $db->sql_query('UPDATE ' . TOPICS_TABLE . ' + SET topic_attachment = 0 + WHERE topic_id IN (' . implode(', ', $unset_ids) . ')'); + } + } + + return $num_deleted; } function delete_topic_shadows($max_age, $forum_id = '', $auto_sync = TRUE) diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 17ba765b8f..d96f2cb9c9 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -292,6 +292,8 @@ function display_attachments($attachment_data, &$update_count, $force_physical = global $extensions, $template; global $config, $user, $phpbb_root_path, $phpEx, $SID, $censors; + $upload_dir = ($config['upload_dir'][0] == '/' || ($config['upload_dir'][0] != '/' && $config['upload_dir'][1] == ':')) ? $config['upload_dir'] : $phpbb_root_path . $config['upload_dir']; + if (empty($censors)) { $censors = array(); @@ -304,14 +306,12 @@ function display_attachments($attachment_data, &$update_count, $force_physical = obtain_attach_extensions($extensions); } - $update_count = array(); - foreach ($attachment_data as $attachment) { // Some basics... $attachment['extension'] = strtolower(trim($attachment['extension'])); - $filename = $config['upload_dir'] . '/' . $attachment['physical_filename']; - $thumbnail_filename = $config['upload_dir'] . '/thumbs/t_' . $attachment['physical_filename']; + $filename = $upload_dir . '/' . $attachment['physical_filename']; + $thumbnail_filename = $upload_dir . '/thumbs/t_' . $attachment['physical_filename']; $upload_image = ''; diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 92557fbb78..2de8b424c3 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -746,7 +746,7 @@ class parse_message } else { - delete_attachments($post_id, intval($this->attachment_data[$index]['attach_id'])); + delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id']))); } unset($this->attachment_data[$index]); diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index ccaf4beca7..bcaabdceb8 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -133,7 +133,7 @@ class ucp_main extends module 'LAST_POST_IMG' => $last_post_img, 'NEWEST_POST_IMG' => $newest_post_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'ATTACH_ICON_IMG' => ($auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', + 'ATTACH_ICON_IMG' => ($auth->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', 'S_ROW_COUNT' => $i, 'S_USER_POSTED' => (!empty($row['mark_type'])) ? true : false, @@ -487,7 +487,7 @@ class ucp_main extends module 'LAST_POST_IMG' => $last_post_img, 'NEWEST_POST_IMG' => $newest_post_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'ATTACH_ICON_IMG' => ($auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', + 'ATTACH_ICON_IMG' => ($auth->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', 'S_ROW_COUNT' => $i++, 'S_USER_POSTED' => (!empty($row['mark_type'])) ? true : false, diff --git a/phpBB/install/schemas/mysql_schema.sql b/phpBB/install/schemas/mysql_schema.sql index 305676fbbe..77b50d3b75 100644 --- a/phpBB/install/schemas/mysql_schema.sql +++ b/phpBB/install/schemas/mysql_schema.sql @@ -4,19 +4,12 @@ # $Id$ # -# Table: phpbb_attachments -CREATE TABLE phpbb_attachments ( - attach_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, - post_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, - privmsgs_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, - user_id_from mediumint(8) NOT NULL, - user_id_to mediumint(8) NOT NULL, - KEY attach_id (attach_id) -); - # Table: phpbb_attachments_desc -CREATE TABLE phpbb_attach_desc ( +CREATE TABLE phpbb_attachments ( attach_id mediumint(8) UNSIGNED NOT NULL auto_increment, + post_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + topic_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, + poster_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, physical_filename varchar(255) NOT NULL, real_filename varchar(255) NOT NULL, download_count mediumint(8) UNSIGNED DEFAULT '0' NOT NULL, @@ -28,6 +21,9 @@ CREATE TABLE phpbb_attach_desc ( thumbnail tinyint(1) DEFAULT '0' NOT NULL, PRIMARY KEY (attach_id), KEY filetime (filetime), + KEY post_id (post_id), + KEY topic_id (topic_id), + KEY poster_id (poster_id), KEY physical_filename (physical_filename(10)), KEY filesize (filesize) ); diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 844ffcf2bd..095c3c3328 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -168,7 +168,7 @@ INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_post', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_reply', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_quote', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_edit', 1); -INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_lock', 1); +INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_user_lock', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_delete', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_bump', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_poll', 1); @@ -192,6 +192,7 @@ INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_ignoreflood', INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_postcount', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_moderate', 1); INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_report', 1); +INSERT INTO phpbb_auth_options (auth_option, is_local) VALUES ('f_subscribe', 1); INSERT INTO phpbb_auth_options (auth_option, is_local, is_global) VALUES ('m_', 1, 1); INSERT INTO phpbb_auth_options (auth_option, is_local, is_global) VALUES ('m_edit', 1, 1); @@ -259,6 +260,8 @@ INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_chgpasswd', 1 INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_chgcensors', 1); INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_search', 1); INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_savedrafts', 1); +INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_download', 1); +INSERT INTO phpbb_auth_options (auth_option, is_global) VALUES ('u_attach', 1); # MSSQL IDENTITY phpbb_styles ON # @@ -407,11 +410,11 @@ INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) # REGISTERED/REGISTERED COPPA groups - common forum rights INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 4, 0, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option LIKE 'u_%' AND auth_option NOT IN ('u_chggrp', 'u_viewonline', 'u_chgname'); -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 4, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount'); -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 4, 2, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_votechg', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount', 'f_report'); +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 4, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount', 'f_subscribe'); +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 4, 2, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_votechg', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount', 'f_report', 'f_subscribe'); INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 5, 0, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option LIKE 'u_%' AND auth_option NOT IN ('u_chgcensors', 'u_chggrp', 'u_viewonline', 'u_chgname'); -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 5, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount'); -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 5, 2, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_votechg', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount', 'f_report'); +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 5, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount', 'f_subscribe'); +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 5, 2, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_', 'f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_edit', 'f_delete', 'f_vote', 'f_votechg', 'f_download', 'f_bbcode', 'f_smilies', 'f_img', 'f_flash', 'f_sigs', 'f_search', 'f_email', 'f_print', 'f_postcount', 'f_report', 'f_subscribe'); # GUESTS, INACTIVE, INACTIVE_COPPA group - basic rights INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_setting) SELECT 1, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_option IN ('f_list', 'f_read', 'f_post', 'f_reply', 'f_quote', 'f_bbcode', 'f_search', 'f_print'); diff --git a/phpBB/language/en/lang_admin.php b/phpBB/language/en/lang_admin.php index 4d6d5949c0..a008f8c5e6 100644 --- a/phpBB/language/en/lang_admin.php +++ b/phpBB/language/en/lang_admin.php @@ -425,7 +425,7 @@ $lang += array( 'acl_f_reply' => 'Can reply to posts', 'acl_f_quote' => 'Can quote posts', 'acl_f_edit' => 'Can edit own posts', - 'acl_f_lock' => 'Can lock own topics', + 'acl_f_user_lock' => 'Can lock own topics', 'acl_f_delete' => 'Can delete own posts', 'acl_f_poll' => 'Can create polls', 'acl_f_vote' => 'Can vote in polls', @@ -448,6 +448,8 @@ $lang += array( 'acl_f_ignoreflood' => 'Can ignore flood limit', 'acl_f_postcount' => 'Increment post counter', 'acl_f_moderate' => 'Posts are moderated', + 'acl_f_bump' => 'Can bump topics', + 'acl_f_subscribe' => 'Can subscribe forum', 'acl_u_hideonline' => 'Can hide online status', 'acl_u_viewonline' => 'Can view all online', @@ -463,7 +465,9 @@ $lang += array( 'acl_u_chgpasswd' => 'Can change password', 'acl_u_chgcensors' => 'Can disable word censors', 'acl_u_search' => 'Can search board', - 'acl_u_savedrafts' => 'Can save drafts' + 'acl_u_savedrafts' => 'Can save drafts', + 'acl_u_download' => 'Can download files', + 'acl_u_attach' => 'Can attach files' ); // User pruning diff --git a/phpBB/posting.php b/phpBB/posting.php index f4d001f4f3..fb0711ee62 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -688,7 +688,7 @@ if ($submit || $preview || $refresh) { // Lock/Unlock Topic $change_topic_status = $topic_status; - $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster)) ? TRUE : FALSE; + $perm_lock_unlock = ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster)) ? TRUE : FALSE; if ($topic_status == ITEM_LOCKED && !$topic_lock && $perm_lock_unlock) { @@ -967,7 +967,7 @@ $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? ''; $s_hidden_fields .= (isset($check_value)) ? '' : ''; -$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_attachments'] || !$auth->acl_get('f_attach', $forum_id)) ? '' : 'enctype="multipart/form-data"'; +$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_attachments'] || !$auth->acl_gets('f_attach', 'u_attach', $forum_id)) ? '' : 'enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $template->assign_vars(array( @@ -1013,7 +1013,7 @@ $template->assign_vars(array( 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', 'S_NOTIFY_ALLOWED' => ($user->data['user_id'] != ANONYMOUS) ? TRUE : FALSE, 'S_NOTIFY_CHECKED' => ($notify_checked) ? ' checked="checked"' : '', - 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster))) ? TRUE : FALSE, + 'S_LOCK_TOPIC_ALLOWED' => (($mode == 'edit' || $mode == 'reply' || $mode == 'quote') && ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster))) ? TRUE : FALSE, 'S_LOCK_TOPIC_CHECKED' => ($lock_topic_checked) ? ' checked="checked"' : '', 'S_LOCK_POST_ALLOWED' => ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? TRUE : FALSE, 'S_LOCK_POST_CHECKED' => ($lock_post_checked) ? ' checked="checked"' : '', @@ -1051,7 +1051,7 @@ else if ($mode == 'edit' && !empty($poll_last_vote) && ($auth->acl_get('f_poll', } // Attachment entry -if ($auth->acl_get('f_attach', $forum_id) && $config['allow_attachments'] && $form_enctype != '') +if ($auth->acl_gets('f_attach', 'u_attach', $forum_id) && $config['allow_attachments'] && $form_enctype != '') { $template->assign_vars(array( 'S_SHOW_ATTACH_BOX' => TRUE) diff --git a/phpBB/search.php b/phpBB/search.php index c026f0c104..6cbf4d4208 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -782,7 +782,7 @@ if ($search_keywords || $search_author || $search_id) 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '' : '', 'POST_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '' : '', - 'ATTACH_ICON_IMG' => ($auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', + 'ATTACH_ICON_IMG' => ($auth->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', 'MINI_POST_IMG' => ($row['post_time'] > $user->data['user_lastvisit'] && $row['post_time'] > $topic_last_read && $user->data['user_id'] != ANONYMOUS) ? $user->img('icon_post_new', $user->lang['NEW_POST']) : $user->img('icon_post', $user->lang['POST']), 'U_VIEW_TOPIC' => $view_topic_url, diff --git a/phpBB/styles/subSilver/template/ucp_footer.html b/phpBB/styles/subSilver/template/ucp_footer.html index a475c217d3..f9d794855d 100644 --- a/phpBB/styles/subSilver/template/ucp_footer.html +++ b/phpBB/styles/subSilver/template/ucp_footer.html @@ -1,10 +1,14 @@
- + - + + + + +
{L_MARK_ALL} :: {L_UNMARK_ALL} {PAGE_NUMBER}{L_MARK_ALL} :: {L_UNMARK_ALL}
{PAGINATION}
diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index c6455c5914..5cf33a33b4 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -187,7 +187,7 @@ if ($forum_data['forum_type'] == FORUM_POST) // Forum rules, subscription info and word censors $s_watching_forum = $s_watching_forum_img = ''; - if (($config['email_enable'] || $config['jab_enable']) && $config['allow_forum_notify']) + if (($config['email_enable'] || $config['jab_enable']) && $config['allow_forum_notify'] && $auth->acl_get('f_subscribe', $forum_id)) { $notify_status = (isset($forum_data['notify_status'])) ? $forum_data['notify_status'] : NULL; watch_topic_forum('forum', $s_watching_forum, $s_watching_forum_img, $user->data['user_id'], $forum_id, $notify_status); @@ -542,7 +542,7 @@ if ($forum_data['forum_type'] == FORUM_POST) 'NEWEST_POST_IMG' => $newest_post_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '' : '', - 'ATTACH_ICON_IMG' => ($auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', + 'ATTACH_ICON_IMG' => ($auth->acl_gets('f_download', 'u_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_attach', '') : '', 'S_ROW_COUNT' => $i, 'S_TOPIC_TYPE_SWITCH' => ($s_type_switch == $s_type_switch_test) ? -1 : $s_type_switch_test, diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 0787c32510..5fe0e099b3 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -410,7 +410,7 @@ gen_forum_rules('topic', $forum_id); // Quick mod tools $topic_mod = ''; -$topic_mod .= ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster)) ? (($topic_status == ITEM_UNLOCKED) ? '' : '') : ''; +$topic_mod .= ($auth->acl_get('m_lock', $forum_id) || ($auth->acl_get('f_user_lock', $forum_id) && $user->data['user_id'] != ANONYMOUS && $user->data['user_id'] == $topic_poster)) ? (($topic_status == ITEM_UNLOCKED) ? '' : '') : ''; $topic_mod .= ($auth->acl_get('m_delete', $forum_id)) ? '' : ''; $topic_mod .= ($auth->acl_get('m_move', $forum_id)) ? '' : ''; $topic_mod .= ($auth->acl_get('m_split', $forum_id)) ? '' : ''; @@ -961,15 +961,14 @@ unset($id_cache); // Pull attachment data if (count($attach_list)) { - if ($auth->acl_get('f_download', $forum_id)) + if ($auth->acl_gets('f_download', 'u_download', $forum_id)) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); - $sql = 'SELECT a.post_id, d.* - FROM ' . ATTACHMENTS_TABLE . ' a, ' . ATTACHMENTS_DESC_TABLE . ' d - WHERE a.post_id IN (' . implode(', ', $attach_list) . ') - AND a.attach_id = d.attach_id - ORDER BY d.filetime ' . ((!$config['display_order']) ? 'DESC' : 'ASC') . ', a.post_id ASC'; + $sql = 'SELECT * + FROM ' . ATTACHMENTS_TABLE . ' + WHERE post_id IN (' . implode(', ', $attach_list) . ') + ORDER BY filetime ' . ((!$config['display_order']) ? 'DESC' : 'ASC') . ', post_id ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) @@ -1256,7 +1255,7 @@ if (!preg_match("#&t=$topic_id#", $user->data['session_page'])) // Update the attachment download counts if (sizeof($update_count)) { - $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . ' + $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET download_count = download_count + 1 WHERE attach_id IN (' . implode(', ', array_unique($update_count)) . ')'; $db->sql_query($sql);