mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-10 00:15:00 +02:00
Code Issues Releases Wiki Activity

Wasn't stripping slashes from the cookies ... that will account for some of the erroneous mark read, nothing changes issues. Add name="" to image generation ... for "on" event handlers, etc.

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@4052 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-05-23 23:46:55 +00:00
parent 2a896ad260
commit d2f1d9e8bc
4 changed files with 41 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
phpBB/includes/functions.php
View File

@ -485,7 +485,8 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . " $sql = 'UPDATE ' . FORUMS_TRACK_TABLE . "
SET mark_time = $current_time SET mark_time = $current_time
WHERE user_id = " . $user->data['user_id'] . " WHERE user_id = " . $user->data['user_id'] . "
AND forum_id = $forum_id"; AND forum_id = $forum_id
AND mark_time < $current_time";
if (!$db->sql_query($sql) || !$db->sql_affectedrows()) if (!$db->sql_query($sql) || !$db->sql_affectedrows())
{ {
// User is marking this forum for the first time. // User is marking this forum for the first time.
@ -500,11 +501,14 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
} }
else else
{ {
$tracking_forums = (isset($_COOKIE[$config['cookie_name'] . '_f'])) ? unserialize($_COOKIE[$config['cookie_name'] . '_f']) : array(); $tracking = (isset($_COOKIE[$config['cookie_name'] . '_f'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_f'])) : array();
$tracking_forums[$forum_id] = time(); if (empty($tracking[$forum_id]) || $tracking[$forum_id] < $current_time)
{
$tracking[$forum_id] = $current_time;
}
setcookie($config['cookie_name'] . '_f', serialize($tracking_forums), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); setcookie($config['cookie_name'] . '_f', serialize($tracking), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
unset($tracking_forums); unset($tracking);
} }
break; break;
@ -515,12 +519,13 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
{ {
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . ' $sql = 'UPDATE ' . FORUMS_TRACK_TABLE . '
SET mark_time = ' . $current_time . ' SET mark_time = ' . $current_time . '
WHERE user_id = ' . $user->data['user_id']; WHERE user_id = ' . $user->data['user_id'] . "
AND mark_time < $current_time";
$db->sql_query($sql); $db->sql_query($sql);
} }
else else
{ {
$tracking_forums = array(); $tracking = array();
} }
// Select all forum_id's that are not yet in the lastread table // Select all forum_id's that are not yet in the lastread table
@ -569,9 +574,9 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
$db->sql_query($sql); $db->sql_query($sql);
} }
} }
else else if (empty($tracking[$row['forum_id']]) || $tracking[$row['forum_id']] < $current_time)
{ {
$tracking_forums[$row['forum_id']] = $current_time; $tracking[$row['forum_id']] = $current_time;
} }
} }
while ($row = $db->sql_fetchrow($result)); while ($row = $db->sql_fetchrow($result));
@ -581,8 +586,8 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
if (!$config['load_db_lastread']) if (!$config['load_db_lastread'])
{ {
setcookie($config['cookie_name'] . '_f', serialize($tracking_forums), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); setcookie($config['cookie_name'] . '_f', serialize($tracking), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
unset($tracking_forums); unset($tracking);
} }
} }
break; break;
@ -596,21 +601,25 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
if ($config['load_db_lastread'] || ($config['load_db_track'] && $type == TRACK_POSTED)) if ($config['load_db_lastread'] || ($config['load_db_track'] && $type == TRACK_POSTED))
{ {
$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . " $sql = 'UPDATE ' . TOPICS_TRACK_TABLE . "
SET mark_type = $type, mark_time = " . time() . " SET mark_type = $type, mark_time = $current_time
WHERE topic_id = $topic_id WHERE topic_id = $topic_id
AND user_id = " . $user->data['user_id']; AND user_id = " . $user->data['user_id'] . "
AND mark_time < $current_time";
if (!$db->sql_query($sql) || !$db->sql_affectedrows()) if (!$db->sql_query($sql) || !$db->sql_affectedrows())
{ {
$sql = 'INSERT INTO ' . TOPICS_TRACK_TABLE . ' (user_id, topic_id, mark_type, mark_time) $sql = 'INSERT INTO ' . TOPICS_TRACK_TABLE . ' (user_id, topic_id, mark_type, mark_time)
VALUES (' . $user->data['user_id'] . ", $topic_id, $type, " . time() . ")"; VALUES (' . $user->data['user_id'] . ", $topic_id, $type, $current_time)";
$db->sql_query($sql); $db->sql_query($sql);
} }
} }
if (!$config['load_db_lastread']) if (!$config['load_db_lastread'])
{ {
$tracking = (isset($_COOKIE[$config['cookie_name'] . '_t'])) ? unserialize($_COOKIE[$config['cookie_name'] . '_t']) : array(); $tracking = (isset($_COOKIE[$config['cookie_name'] . '_t'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_t'])) : array();
if (empty($tracking[$topic_id]) || $tracking[$topic_id] < $current_time)
{
$tracking[$topic_id] = $current_time; $tracking[$topic_id] = $current_time;
}
setcookie($config['cookie_name'] . '_t', serialize($tracking), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']); setcookie($config['cookie_name'] . '_t', serialize($tracking), time() + 31536000, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
unset($tracking); unset($tracking);

2
phpBB/includes/session.php
View File

@ -498,7 +498,7 @@ class user extends session
$alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : ''; $alt = (!empty($this->lang[$alt])) ? $this->lang[$alt] : '';
$width = ($width) ? 'width="' . $width . '" ' : ''; $width = ($width) ? 'width="' . $width . '" ' : '';
$imgs[$img] = '<img src=' . str_replace('{LANG}', $this->img_lang, $this->theme[$img]) . ' ' . $width . 'alt="' . $alt . '" title="' . $alt . '" />'; $imgs[$img] = '<img src=' . str_replace('{LANG}', $this->img_lang, $this->theme[$img]) . ' ' . $width . 'alt="' . $alt . '" title="' . $alt . '" name="' . $img . '"/>';
} }
return $imgs[$img]; return $imgs[$img];
} }

6
phpBB/viewforum.php
View File

@ -75,8 +75,8 @@ else
$lastread_select = ''; $lastread_select = '';
$sql_where = ''; $sql_where = '';
$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_t'])) ? unserialize($_COOKIE[$config['cookie_name'] . '_t']) : array(); $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_t'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_t'])) : array();
$tracking_forums = (isset($_COOKIE[$config['cookie_name'] . '_f'])) ? unserialize($_COOKIE[$config['cookie_name'] . '_f']) : array(); $tracking_forums = (isset($_COOKIE[$config['cookie_name'] . '_f'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_f'])) : array();
} }
$sql = "SELECT f.*, fw.notify_status $lastread_select $sql = "SELECT f.*, fw.notify_status $lastread_select
@ -406,7 +406,7 @@ if ($forum_data['forum_type'] == FORUM_POST)
$topic_check = (!$config['load_db_lastread']) ? $tracking_topics[$topic_id] : $row['mark_time']; $topic_check = (!$config['load_db_lastread']) ? $tracking_topics[$topic_id] : $row['mark_time'];
$forum_check = (!$config['load_db_lastread']) ? $tracking_forums[$forum_id] : $forum_data['mark_time']; $forum_check = (!$config['load_db_lastread']) ? $tracking_forums[$forum_id] : $forum_data['mark_time'];
if ($topic_check > $row['topic_last_post_time'] || $forum_check > $row['topic_last_post_time']) if ($topic_check >= $row['topic_last_post_time'] || $forum_check >= $row['topic_last_post_time'])
{ {
$unread_topic = false; $unread_topic = false;
} }

30
phpBB/viewtopic.php
View File

@ -71,8 +71,10 @@ if (isset($_GET['view']) && !$post_id)
} }
else else
{ {
$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_t'])) ? unserialize($_COOKIE[$config['cookie_name'] . '_t']) : array(); $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_t'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_t'])) : array();
$sql_unread_time = (!empty($tracking_topics[$topic_id])) ? $tracking_topics[$topic_id] : 0; $tracking_forums = (isset($_COOKIE[$config['cookie_name'] . '_f'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_f'])) : array();
$sql_unread_time = max($tracking_topics[$topic_id], $tracking_forums[$forum_id]);
$sql_unread_time = max($sql_unread_time, $user->data['session_last_visit']);
} }
$sql = 'SELECT p.post_id $sql = 'SELECT p.post_id
@ -81,7 +83,7 @@ if (isset($_GET['view']) && !$post_id)
WHERE t.topic_id = $topic_id WHERE t.topic_id = $topic_id
AND p.topic_id = t.topic_id AND p.topic_id = t.topic_id
" . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND p.post_approved = 1') . " " . (($auth->acl_get('m_approve', $forum_id)) ? '' : 'AND p.post_approved = 1') . "
AND (p.post_time >= $sql_unread_time AND (p.post_time > $sql_unread_time
OR p.post_id = t.topic_last_post_id) OR p.post_id = t.topic_last_post_id)
ORDER BY p.post_time ASC"; ORDER BY p.post_time ASC";
$result = $db->sql_query_limit($sql, 1); $result = $db->sql_query_limit($sql, 1);
@ -219,7 +221,6 @@ if ($topic_data['forum_password'])
// Extract the data // Extract the data
extract($topic_data); extract($topic_data);
// Start auth check // Start auth check
if (!$auth->acl_get('f_read', $forum_id)) if (!$auth->acl_get('f_read', $forum_id))
{ {
@ -391,11 +392,6 @@ $view_prev_topic_url = 'viewtopic.' . $phpEx . $SID . '&amp;f=' . $forum_id . '&
$view_next_topic_url = 'viewtopic.' . $phpEx . $SID . '&amp;f=' . $forum_id . '&amp;t=' . $topic_id . '&amp;view=next'; $view_next_topic_url = 'viewtopic.' . $phpEx . $SID . '&amp;f=' . $forum_id . '&amp;t=' . $topic_id . '&amp;view=next';
// Post/reply images
$reply_img = ($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) ? $user->img('btn_locked', $user->lang['TOPIC_LOCKED']) : $user->img('btn_reply', $user->lang['REPLY_TO_TOPIC']);
$post_img = ($forum_status == ITEM_LOCKED) ? $user->img('post_locked', $user->lang['FORUM_LOCKED']) : $user->img('btn_post', $user->lang['POST_NEW_TOPIC']);
// Grab censored words // Grab censored words
$censors = array(); $censors = array();
obtain_word_list($censors); obtain_word_list($censors);
@ -432,9 +428,9 @@ $template->assign_vars(array(
'MCP' => ($auth->acl_get('m_', $forum_id)) ? sprintf($user->lang['MCP'], "<a href=\"mcp.$phpEx?sid=" . $user->session_id . "&amp;f=$forum_id&amp;t=$topic_id&amp;start=$start&amp;$u_sort_param&amp;posts_per_page=" . $config['posts_per_page'] . '">', '</a>') : '', 'MCP' => ($auth->acl_get('m_', $forum_id)) ? sprintf($user->lang['MCP'], "<a href=\"mcp.$phpEx?sid=" . $user->session_id . "&amp;f=$forum_id&amp;t=$topic_id&amp;start=$start&amp;$u_sort_param&amp;posts_per_page=" . $config['posts_per_page'] . '">', '</a>') : '',
'MODERATORS' => (sizeof($forum_moderators[$forum_id])) ? implode(', ', $forum_moderators[$forum_id]) : '', 'MODERATORS' => (sizeof($forum_moderators[$forum_id])) ? implode(', ', $forum_moderators[$forum_id]) : '',
'POST_IMG' => $post_img, 'POST_IMG' => ($forum_status == ITEM_LOCKED) ? $user->img('post_locked', $user->lang['FORUM_LOCKED']) : $user->img('btn_post', $user->lang['POST_NEW_TOPIC']),
'REPLY_IMG' => $reply_img,
'QUOTE_IMG' => $user->img('btn_quote', $user->lang['QUOTE_POST']), 'QUOTE_IMG' => $user->img('btn_quote', $user->lang['QUOTE_POST']),
'REPLY_IMG' => ($forum_status == ITEM_LOCKED || $topic_status == ITEM_LOCKED) ? $user->img('btn_locked', $user->lang['TOPIC_LOCKED']) : $user->img('btn_reply', $user->lang['REPLY_TO_TOPIC']),
'EDIT_IMG' => $user->img('btn_edit', $user->lang['EDIT_POST']), 'EDIT_IMG' => $user->img('btn_edit', $user->lang['EDIT_POST']),
'DELETE_IMG' => $user->img('btn_delete', $user->lang['DELETE_POST']), 'DELETE_IMG' => $user->img('btn_delete', $user->lang['DELETE_POST']),
'IP_IMG' => $user->img('btn_ip', $user->lang['VIEW_IP']), 'IP_IMG' => $user->img('btn_ip', $user->lang['VIEW_IP']),
@ -824,10 +820,6 @@ while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result); $db->sql_freeresult($result);
// Store the last post time for this page ... for use in marking
$last_post_time = $row['post_time'];
// Pull attachment data // Pull attachment data
if (count($attach_list)) if (count($attach_list))
{ {
@ -1099,7 +1091,7 @@ foreach ($rowset as $key => $row)
} }
$display_name = $attachment['real_filename']; $display_name = $attachment['real_filename'];
$comment = stripslashes(trim(nl2br($attachment['comment']))); $comment = stripslashes(trim(str_replace("\n", '<br />', $attachment['comment'])));
$denied = false; $denied = false;
@ -1120,7 +1112,7 @@ foreach ($rowset as $key => $row)
$download_link = ''; $download_link = '';
$additional_array = array(); $additional_array = array();
$display_cat = intval($extensions[$attachment['extension']]['display_cat']); $display_cat = $extensions[$attachment['extension']]['display_cat'];
if ($display_cat == IMAGE_CAT) if ($display_cat == IMAGE_CAT)
{ {
@ -1288,7 +1280,7 @@ if (!preg_match("#&t=$topic_id#", $user->data['session_page']))
// Mark topics read // Mark topics read
markread('topic', $forum_id, $topic_id, $last_post_time); markread('topic', $forum_id, $topic_id, $row['post_time']);
// Change encoding if appropriate // Change encoding if appropriate
@ -1301,6 +1293,8 @@ if ($force_encoding != '')
// Output the page // Output the page
page_header($user->lang['VIEW_TOPIC'] .' - ' . $topic_title); page_header($user->lang['VIEW_TOPIC'] .' - ' . $topic_title);
//print_r($_COOKIE);
$template->set_filenames(array( $template->set_filenames(array(
'body' => (isset($_GET['view']) && $_GET['view'] == 'print') ? 'viewtopic_print.html' : 'viewtopic_body.html') 'body' => (isset($_GET['view']) && $_GET['view'] == 'print') ? 'viewtopic_print.html' : 'viewtopic_body.html')
); );