mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-04-19 23:32:02 +02:00
Code Issues Releases Wiki Activity

Merge branch '3.1.x'

Browse Source 
* 3.1.x:
  [ticket/10572] Unguarded includes in acp files
This commit is contained in:
Tristan Darricau 2015-10-14 10:14:15 +02:00
commit e0fb680dbb
15 changed files with 124 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
phpBB/includes/acp/acp_attachments.php
View File

@ -114,7 +114,10 @@ class acp_attachments
{
case 'attach':
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
if (!function_exists('get_supported_image_types'))
{
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
}
$sql = 'SELECT group_name, cat_id
FROM ' . EXTENSION_GROUPS_TABLE . '

5
phpBB/includes/acp/acp_ban.php
View File

@ -28,7 +28,10 @@ class acp_ban
global $user, $template, $request, $phpbb_dispatcher;
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_ban'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$bansubmit = $request->is_set_post('bansubmit');
$unbansubmit = $request->is_set_post('unbansubmit');

6
phpBB/includes/acp/acp_bots.php
View File

@ -141,7 +141,11 @@ class acp_bots
case 'edit':
case 'add':
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_update_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$bot_row = array(
'bot_name' => $request->variable('bot_name', '', true),

4
phpBB/includes/acp/acp_disallow.php
View File

@ -26,9 +26,7 @@ class acp_disallow
function main($id, $mode)
{
global $db, $user, $auth, $template, $cache, $phpbb_log, $request;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
global $config, $phpbb_admin_path;
$user->add_lang('acp/posting');

11
phpBB/includes/acp/acp_email.php
View File

@ -189,8 +189,15 @@ class acp_email
$db->sql_freeresult($result);
// Send the messages
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
if (!function_exists('get_group_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$messenger = new messenger($use_queue);
$errored = false;

10
phpBB/includes/acp/acp_groups.php
View File

@ -42,7 +42,10 @@ class acp_groups
return;
}
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('group_user_attributes'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
// Check and set some common vars
$action = (isset($_POST['add'])) ? 'add' : ((isset($_POST['addusers'])) ? 'addusers' : $request->variable('action', ''));
@ -298,7 +301,10 @@ class acp_groups
case 'edit':
case 'add':
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
if (!function_exists('display_forums'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
$data = $submit_ary = array();

15
phpBB/includes/acp/acp_inactive.php
View File

@ -34,7 +34,10 @@ class acp_inactive
global $config, $db, $user, $auth, $template, $phpbb_container, $phpbb_log, $request;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_active_flip'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang('memberlist');
@ -111,7 +114,10 @@ class acp_inactive
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !empty($inactive_users))
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$messenger = new messenger(false);
@ -200,7 +206,10 @@ class acp_inactive
if ($row = $db->sql_fetchrow($result))
{
// Send the messages
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$messenger = new messenger();
$usernames = $user_ids = array();

5
phpBB/includes/acp/acp_jabber.php
View File

@ -34,7 +34,10 @@ class acp_jabber
$user->add_lang('acp/board');
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
if (!class_exists('jabber'))
{
include($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
}
$action = $request->variable('action', '');
$submit = (isset($_POST['submit'])) ? true : false;

5
phpBB/includes/acp/acp_language.php
View File

@ -34,7 +34,10 @@ class acp_language
global $config, $db, $user, $template, $phpbb_log, $phpbb_container;
global $phpbb_root_path, $phpEx, $request;
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('validate_language_iso_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
// Check and set some common vars
$action = (isset($_POST['update_details'])) ? 'update_details' : '';

11
phpBB/includes/acp/acp_permission_roles.php
View File

@ -30,8 +30,15 @@ class acp_permission_roles
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request, $phpbb_log;
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
if (!class_exists('auth_admin'))
{
include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
}
$this->auth_admin = new auth_admin();

11
phpBB/includes/acp/acp_permissions.php
View File

@ -34,8 +34,15 @@ class acp_permissions
global $db, $user, $auth, $template, $cache, $phpbb_container, $request;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
if (!class_exists('auth_admin'))
{
include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
}
$this->permissions = $phpbb_container->get('acl.permissions');

11
phpBB/includes/acp/acp_profile.php
View File

@ -37,8 +37,15 @@ class acp_profile
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
global $request, $phpbb_container, $phpbb_log, $phpbb_dispatcher;
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('generate_smilies'))
{
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
}
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang(array('ucp', 'acp/profile'));
$this->tpl_name = 'acp_profile';

6
phpBB/includes/acp/acp_prune.php
View File

@ -28,7 +28,11 @@ class acp_prune
global $user, $phpEx, $phpbb_admin_path, $phpbb_root_path;
$user->add_lang('acp/prune');
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_active_flip'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
switch ($mode)
{

5
phpBB/includes/acp/acp_send_statistics.php
View File

@ -27,7 +27,10 @@ class acp_send_statistics
{
global $config, $template, $phpbb_admin_path, $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx);
if (!class_exists('phpbb_questionnaire_data_collector'))
{
include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx);
}
$collect_url = "https://www.phpbb.com/stats/receive_stats.php";

48
phpBB/includes/acp/acp_users.php
View File

@ -57,7 +57,10 @@ class acp_users
// Whois (special case)
if ($action == 'whois')
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$this->page_title = 'WHOIS';
$this->tpl_name = 'simple_body';
@ -170,7 +173,10 @@ class acp_users
{
case 'overview':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang('acp/ban');
@ -354,7 +360,10 @@ class acp_users
if ($config['email_enable'])
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$server_url = generate_board_url();
@ -440,7 +449,10 @@ class acp_users
$phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$messenger = new messenger(false);
@ -1400,7 +1412,10 @@ class acp_users
case 'profile':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
/* @var $cp \phpbb\profilefields\manager */
$cp = $phpbb_container->get('profilefields.manager');
@ -1560,7 +1575,10 @@ class acp_users
case 'prefs':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$data = array(
'dateformat' => $request->variable('dateformat', $user_row['user_dateformat'], true),
@ -1830,8 +1848,6 @@ class acp_users
case 'avatar':
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
$avatars_enabled = false;
if ($config['allow_avatar'])
@ -1987,12 +2003,16 @@ class acp_users
case 'sig':
include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
if (!function_exists('display_custom_bbcodes'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
$enable_bbcode = ($config['allow_sig_bbcode']) ? $this->optionget($user_row, 'sig_bbcode') : false;
$enable_smilies = ($config['allow_sig_smilies']) ? $this->optionget($user_row, 'sig_smilies') : false;
$enable_urls = ($config['allow_sig_links']) ? $this->optionget($user_row, 'sig_links') : false;
$decoded_message = generate_text_for_edit($user_row['user_sig'], $user_row['user_sig_bbcode_uid'], $user_row['user_sig_bbcode_bitfield']);
$signature = $request->variable('signature', $decoded_message['text'], true);
$signature_preview = '';
@ -2255,7 +2275,10 @@ class acp_users
case 'groups':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('group_user_attributes'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang(array('groups', 'acp/groups'));
$group_id = $request->variable('g', 0);
@ -2474,7 +2497,10 @@ class acp_users
case 'perm':
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
if (!class_exists('auth_admin'))
{
include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
}
$auth_admin = new auth_admin();