mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-07 09:16:55 +02:00
- adjust unread query a bit to cope with large topics (thanks bart!)
- fixing some bugs - more username_clean work git-svn-id: file:///svn/phpbb/trunk@6513 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
@@ -28,7 +28,7 @@ class acp_email
|
||||
$submit = (isset($_POST['submit'])) ? true : false;
|
||||
$error = array();
|
||||
|
||||
$usernames = request_var('usernames', '');
|
||||
$usernames = request_var('usernames', '', true);
|
||||
$group_id = request_var('g', 0);
|
||||
$subject = request_var('subject', '', true);
|
||||
$message = request_var('message', '', true);
|
||||
@@ -57,7 +57,7 @@ class acp_email
|
||||
{
|
||||
$sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang
|
||||
FROM ' . USERS_TABLE . '
|
||||
WHERE ' . $db->sql_in_set('username', explode("\n", $usernames)) . '
|
||||
WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . '
|
||||
AND user_allow_massemail = 1
|
||||
ORDER BY user_lang, user_notify_type'; // , SUBSTRING(user_email FROM INSTR(user_email, '@'))
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ class acp_groups
|
||||
$action = (isset($_POST['add'])) ? 'add' : ((isset($_POST['addusers'])) ? 'addusers' : request_var('action', ''));
|
||||
$group_id = request_var('g', 0);
|
||||
$mark_ary = request_var('mark', array(0));
|
||||
$name_ary = request_var('usernames', '');
|
||||
$name_ary = request_var('usernames', '', true);
|
||||
$leader = request_var('leader', 0);
|
||||
$default = request_var('default', 0);
|
||||
$start = request_var('start', 0);
|
||||
|
||||
@@ -59,8 +59,8 @@ class acp_permissions
|
||||
$subforum_id = request_var('subforum_id', 0);
|
||||
$forum_id = request_var('forum_id', array(0));
|
||||
|
||||
$username = request_var('username', array(''));
|
||||
$usernames = request_var('usernames', '');
|
||||
$username = request_var('username', array(''), true);
|
||||
$usernames = request_var('usernames', '', true);
|
||||
$user_id = request_var('user_id', array(0));
|
||||
|
||||
$group_id = request_var('group_id', array(0));
|
||||
|
||||
@@ -196,17 +196,18 @@ class acp_prune
|
||||
{
|
||||
if (confirm_box(true))
|
||||
{
|
||||
$users = request_var('users', '');
|
||||
$users = request_var('users', '', true);
|
||||
$action = request_var('action', 'deactivate');
|
||||
$deleteposts = request_var('deleteposts', 0);
|
||||
|
||||
if ($users)
|
||||
{
|
||||
$where_sql = ' AND ' . $db->sql_in_set('username', explode("\n", $users));
|
||||
$users = explode("\n", $users);
|
||||
$where_sql = ' AND ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', $users));
|
||||
}
|
||||
else
|
||||
{
|
||||
$username = request_var('username', '');
|
||||
$username = request_var('username', '', true);
|
||||
$email = request_var('email', '');
|
||||
|
||||
$joined_select = request_var('joined_select', 'lt');
|
||||
@@ -224,7 +225,7 @@ class acp_prune
|
||||
$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
|
||||
|
||||
$where_sql = '';
|
||||
$where_sql .= ($username) ? " AND username LIKE '" . $db->sql_escape(str_replace('*', '%', $username)) . "'" : '';
|
||||
$where_sql .= ($username) ? " AND username_clean LIKE '" . $db->sql_escape(str_replace('*', '%', utf8_clean_string($username))) . "'" : '';
|
||||
$where_sql .= ($email) ? " AND user_email LIKE '" . $db->sql_escape(str_replace('*', '%', $email)) . "' " : '';
|
||||
$where_sql .= (sizeof($joined)) ? " AND user_regdate " . $key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]) : '';
|
||||
$where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . " $count " : '';
|
||||
@@ -244,7 +245,8 @@ class acp_prune
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
// Do not prune founder members
|
||||
$sql = 'SELECT username, user_id FROM ' . USERS_TABLE . '
|
||||
$sql = 'SELECT user_id, username
|
||||
FROM ' . USERS_TABLE . '
|
||||
WHERE user_id <> ' . ANONYMOUS . '
|
||||
AND user_type <> ' . USER_FOUNDER . "
|
||||
$where_sql";
|
||||
@@ -305,7 +307,7 @@ class acp_prune
|
||||
'prune' => 1,
|
||||
|
||||
'users' => request_var('users', ''),
|
||||
'username' => request_var('username', ''),
|
||||
'username' => request_var('username', '', true),
|
||||
'email' => request_var('email', ''),
|
||||
'joined_select' => request_var('joined_select', ''),
|
||||
'joined' => request_var('joined', ''),
|
||||
|
||||
@@ -34,7 +34,7 @@ class acp_users
|
||||
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
|
||||
|
||||
$error = array();
|
||||
$username = request_var('username', '');
|
||||
$username = request_var('username', '', true);
|
||||
$user_id = request_var('u', 0);
|
||||
$action = request_var('action', '');
|
||||
|
||||
@@ -86,7 +86,7 @@ class acp_users
|
||||
{
|
||||
$sql = 'SELECT user_id
|
||||
FROM ' . USERS_TABLE . "
|
||||
WHERE username = '" . $db->sql_escape($username) . "'";
|
||||
WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
|
||||
$result = $db->sql_query($sql);
|
||||
$user_id = (int) $db->sql_fetchfield('user_id');
|
||||
$db->sql_freeresult($result);
|
||||
@@ -736,6 +736,7 @@ class acp_users
|
||||
if ($update_username !== false)
|
||||
{
|
||||
$sql_ary['username'] = $update_username;
|
||||
$sql_ary['username_clean'] = utf8_clean_string($update_username);
|
||||
|
||||
add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
|
||||
}
|
||||
|
||||
@@ -291,6 +291,23 @@ function user_delete($mode, $user_id, $post_username = false)
|
||||
SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = ''
|
||||
WHERE topic_last_poster_id = $user_id";
|
||||
$db->sql_query($sql);
|
||||
|
||||
// Since we change every post by this author, we need to count this amount towards the anonymous user
|
||||
$sql = 'SELECT user_posts
|
||||
FROM ' . USERS_TABLE . '
|
||||
WHERE user_id = ' . $user_id;
|
||||
$result = $db->sql_query($sql);
|
||||
$num_posts = (int) $db->sql_fetchfield('user_posts');
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
// Update the post count for the anonymous user
|
||||
if ($num_posts)
|
||||
{
|
||||
$sql = 'UPDATE ' . USERS_TABLE . '
|
||||
SET user_posts = user_posts + ' . $num_posts . '
|
||||
WHERE user_id = ' . ANONYMOUS;
|
||||
$db->sql_query($sql);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'remove':
|
||||
|
||||
@@ -68,13 +68,13 @@ class mcp_notes
|
||||
global $template, $db, $user, $auth;
|
||||
|
||||
$user_id = request_var('u', 0);
|
||||
$username = request_var('username', '');
|
||||
$username = request_var('username', '', true);
|
||||
$start = request_var('start', 0);
|
||||
$st = request_var('st', 0);
|
||||
$sk = request_var('sk', 'b');
|
||||
$sd = request_var('sd', 'd');
|
||||
|
||||
$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
|
||||
$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
|
||||
|
||||
$sql = 'SELECT *
|
||||
FROM ' . USERS_TABLE . "
|
||||
|
||||
@@ -59,8 +59,8 @@ function mcp_post_details($id, $mode, $action)
|
||||
|
||||
if ($action == 'chgposter')
|
||||
{
|
||||
$username = request_var('username', '');
|
||||
$sql_where = "username = '" . $db->sql_escape($username) . "'";
|
||||
$username = request_var('username', '', true);
|
||||
$sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@@ -310,11 +310,11 @@ function mcp_warn_user_view($id, $mode, $action)
|
||||
global $template, $db, $user, $auth;
|
||||
|
||||
$user_id = request_var('u', 0);
|
||||
$username = request_var('username', '');
|
||||
$username = request_var('username', '', true);
|
||||
$notify = (isset($_REQUEST['notify_user'])) ? true : false;
|
||||
$warning = request_var('warning', '', true);
|
||||
|
||||
$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
|
||||
$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
|
||||
|
||||
$sql = 'SELECT *
|
||||
FROM ' . USERS_TABLE . '
|
||||
|
||||
@@ -863,7 +863,7 @@ class ucp_groups
|
||||
|
||||
$user->add_lang(array('acp/groups', 'acp/common'));
|
||||
|
||||
$name_ary = request_var('usernames', '');
|
||||
$name_ary = request_var('usernames', '', true);
|
||||
|
||||
if (!$group_id)
|
||||
{
|
||||
|
||||
@@ -884,8 +884,8 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
|
||||
$user_id_ary = array();
|
||||
|
||||
// Build usernames to add
|
||||
$usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '')) : array();
|
||||
$username_list = request_var('username_list', '');
|
||||
$usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '', true)) : array();
|
||||
$username_list = request_var('username_list', '', true);
|
||||
if ($username_list)
|
||||
{
|
||||
$usernames = array_merge($usernames, explode("\n", $username_list));
|
||||
|
||||
@@ -98,6 +98,7 @@ class ucp_profile
|
||||
{
|
||||
$sql_ary = array(
|
||||
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
|
||||
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($username) : $user->data['username_clean'],
|
||||
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
|
||||
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
|
||||
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
|
||||
|
||||
@@ -22,7 +22,7 @@ class ucp_remind
|
||||
global $config, $phpbb_root_path, $phpEx;
|
||||
global $db, $user, $auth, $template;
|
||||
|
||||
$username = request_var('username', '');
|
||||
$username = request_var('username', '', true);
|
||||
$email = request_var('email', '');
|
||||
$submit = (isset($_POST['submit'])) ? true : false;
|
||||
|
||||
|
||||
@@ -22,7 +22,7 @@ class ucp_resend
|
||||
global $config, $phpbb_root_path, $phpEx;
|
||||
global $db, $user, $auth, $template;
|
||||
|
||||
$username = request_var('username', '');
|
||||
$username = request_var('username', '', true);
|
||||
$email = request_var('email', '');
|
||||
$submit = (isset($_POST['submit'])) ? true : false;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user