mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-05 08:17:47 +02:00
again... some more fixes.
git-svn-id: file:///svn/phpbb/trunk@7150 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
@@ -104,6 +104,7 @@ class acp_groups
|
||||
if (confirm_box(true))
|
||||
{
|
||||
$group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
|
||||
|
||||
if (!sizeof($mark_ary))
|
||||
{
|
||||
$start = 0;
|
||||
|
||||
@@ -422,7 +422,7 @@ class acp_permissions
|
||||
$sql = 'SELECT forum_name
|
||||
FROM ' . FORUMS_TABLE . '
|
||||
WHERE ' . $db->sql_in_set('forum_id', $forum_id) . '
|
||||
ORDER BY forum_name ASC';
|
||||
ORDER BY left_id ASC';
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
$forum_names = array();
|
||||
|
||||
@@ -437,9 +437,12 @@ class auth_admin extends auth
|
||||
$hold_ary = array();
|
||||
foreach ($hold_ary_temp as $ug_id => $row)
|
||||
{
|
||||
foreach ($row as $forum_id => $auth_row)
|
||||
foreach ($forum_names_ary as $forum_id => $forum_row)
|
||||
{
|
||||
$hold_ary[$forum_id][$ug_id] = $auth_row;
|
||||
if (isset($row[$forum_id]))
|
||||
{
|
||||
$hold_ary[$forum_id][$ug_id] = $row[$forum_id];
|
||||
}
|
||||
}
|
||||
}
|
||||
unset($hold_ary_temp);
|
||||
@@ -451,6 +454,8 @@ class auth_admin extends auth
|
||||
|
||||
$template->assign_block_vars($tpl_pmask, array(
|
||||
'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
|
||||
'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
|
||||
|
||||
'CATEGORIES' => implode('</th><th>', $categories),
|
||||
|
||||
'L_ACL_TYPE' => $l_acl_type,
|
||||
|
||||
@@ -2013,7 +2013,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
|
||||
$username = request_var('username', '', true);
|
||||
$password = request_var('password', '', true);
|
||||
$autologin = (!empty($_POST['autologin'])) ? true : false;
|
||||
$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
|
||||
$viewonline = (!empty($_POST['viewonline']) && $auth->acl_get('u_hideonline')) ? 0 : 1;
|
||||
$admin = ($admin) ? 1 : 0;
|
||||
$viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline;
|
||||
|
||||
@@ -2169,6 +2169,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
|
||||
|
||||
'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false,
|
||||
'S_AUTOLOGIN_ENABLED' => ($config['allow_autologin']) ? true : false,
|
||||
'S_ALLOW_HIDE_ONLINE' => ($auth->acl_get('u_hideonline')) ? true : false,
|
||||
'S_LOGIN_ACTION' => (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory
|
||||
'S_HIDDEN_FIELDS' => $s_hidden_fields,
|
||||
|
||||
@@ -2794,9 +2795,17 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count,
|
||||
{
|
||||
if ($config['img_link_width'] || $config['img_link_height'])
|
||||
{
|
||||
list($width, $height) = getimagesize($filename);
|
||||
$dimension = getimagesize($filename);
|
||||
|
||||
$display_cat = (!$width && !$height) ? ATTACHMENT_CATEGORY_IMAGE : (($width <= $config['img_link_width'] && $height <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE);
|
||||
// If the dimensions could not be determined or the image being too small we display it as a link for safety purposes
|
||||
if ($dimension === false || $dimension[0] < 2 || $dimension[1] < 2)
|
||||
{
|
||||
$display_cat = ATTACHMENT_CATEGORY_NONE;
|
||||
}
|
||||
else
|
||||
{
|
||||
$display_cat = ($dimension[0] <= $config['img_link_width'] && $dimension[1] <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
|
||||
@@ -552,9 +552,16 @@ function create_thumbnail($source, $destination, $mimetype)
|
||||
return false;
|
||||
}
|
||||
|
||||
list($width, $height, $type, ) = getimagesize($source);
|
||||
$dimension = getimagesize($source);
|
||||
|
||||
if (!$width || !$height)
|
||||
if ($dimension === false)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
list($width, $height, $type, ) = $dimension;
|
||||
|
||||
if ($width < 2 || $height < 2)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
@@ -1578,6 +1585,19 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
|
||||
|
||||
'topic_attachment' => (!empty($data['attachment_data'])) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0),
|
||||
);
|
||||
|
||||
// no break;
|
||||
|
||||
case 'edit':
|
||||
case 'edit_last_post':
|
||||
|
||||
// Correctly set back the topic replies and forum posts...
|
||||
if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']))
|
||||
{
|
||||
$sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies = topic_replies - 1';
|
||||
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - 1';
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@@ -337,6 +337,12 @@ class filespec
|
||||
$this->error[] = sprintf($user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$this->image_info[2]][0], $this->extension);
|
||||
}
|
||||
}
|
||||
|
||||
// Make sure the dimensions match a valid image
|
||||
if ($this->width < 2 || $this->height < 2)
|
||||
{
|
||||
$this->error[] = $user->lang['ATTACHED_IMAGE_NOT_IMAGE'];
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@@ -11,8 +11,12 @@
|
||||
/**
|
||||
* Obtain user_ids from usernames or vice versa. Returns false on
|
||||
* success else the error string
|
||||
*
|
||||
* @param array &$user_id_ary The user ids to check or empty if usernames used
|
||||
* @param array &$username_ary The usernames to check or empty if user ids used
|
||||
* @param mixed $user_type Array of user types to check, false if not restricting by user type
|
||||
*/
|
||||
function user_get_id_name(&$user_id_ary, &$username_ary, $only_active = false)
|
||||
function user_get_id_name(&$user_id_ary, &$username_ary, $user_type = false)
|
||||
{
|
||||
global $db;
|
||||
|
||||
@@ -45,9 +49,9 @@ function user_get_id_name(&$user_id_ary, &$username_ary, $only_active = false)
|
||||
FROM ' . USERS_TABLE . '
|
||||
WHERE ' . $db->sql_in_set($sql_where, $sql_in);
|
||||
|
||||
if ($only_active)
|
||||
if ($user_type !== false && !empty($user_type))
|
||||
{
|
||||
$sql .= ' AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
|
||||
$sql .= ' AND ' . $db->sql_in_set('user_type', $user_type);
|
||||
}
|
||||
|
||||
$result = $db->sql_query($sql);
|
||||
@@ -1410,10 +1414,16 @@ function avatar_remote($data, &$error)
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($image_data[0] < 2 || $image_data[1] < 2)
|
||||
{
|
||||
$error[] = $user->lang['AVATAR_NO_SIZE'];
|
||||
return false;
|
||||
}
|
||||
|
||||
$width = ($data['width'] && $data['height']) ? $data['width'] : $image_data[0];
|
||||
$height = ($data['width'] && $data['height']) ? $data['height'] : $image_data[1];
|
||||
|
||||
if (!$width || !$height)
|
||||
if ($width < 2 || $height < 2)
|
||||
{
|
||||
$error[] = $user->lang['AVATAR_NO_SIZE'];
|
||||
return false;
|
||||
@@ -1630,7 +1640,17 @@ function avatar_process_user(&$error, $custom_userdata = false)
|
||||
}
|
||||
|
||||
$sql_ary = array();
|
||||
$data['user_id'] = ($custom_userdata === false) ? $user->data['user_id'] : $custom_userdata['user_id'];
|
||||
|
||||
if ($custom_userdata === false)
|
||||
{
|
||||
$userdata = &$user->data;
|
||||
}
|
||||
else
|
||||
{
|
||||
$userdata = &$custom_userdata;
|
||||
}
|
||||
|
||||
$data['user_id'] = $userdata['user_id'];
|
||||
$change_avatar = ($custom_userdata === false) ? $auth->acl_get('u_chgavatar') : true;
|
||||
$avatar_select = basename(request_var('avatar_select', ''));
|
||||
|
||||
@@ -1669,7 +1689,7 @@ function avatar_process_user(&$error, $custom_userdata = false)
|
||||
$sql_ary['user_avatar'] = '';
|
||||
$sql_ary['user_avatar_type'] = $sql_ary['user_avatar_width'] = $sql_ary['user_avatar_height'] = 0;
|
||||
}
|
||||
else if ($data['width'] && $data['height'])
|
||||
else if ($data['width'] && $data['height'] && ($userdata['user_avatar_type'] != AVATAR_GALLERY))
|
||||
{
|
||||
// Only update the dimensions?
|
||||
if ($config['avatar_max_width'] || $config['avatar_max_height'])
|
||||
|
||||
@@ -915,6 +915,12 @@ class session
|
||||
|
||||
if ($banned && !$return)
|
||||
{
|
||||
// If the session is empty we need to create a valid one...
|
||||
if (empty($this->session_id))
|
||||
{
|
||||
$this->session_create(ANONYMOUS);
|
||||
}
|
||||
|
||||
// Initiate environment ... since it won't be set at this stage
|
||||
$this->setup();
|
||||
|
||||
@@ -941,6 +947,13 @@ class session
|
||||
$this->session_kill(false);
|
||||
}
|
||||
|
||||
// Ok, we catch the case of an empty session id for the anonymous user...
|
||||
// This can happen if the user is logging in, banned by username and the login_box() being called "again".
|
||||
if (empty($this->session_id))
|
||||
{
|
||||
$this->session_create(ANONYMOUS);
|
||||
}
|
||||
|
||||
// Determine which message to output
|
||||
$till_date = ($ban_row['ban_end']) ? $this->format_date($ban_row['ban_end']) : '';
|
||||
$message = ($ban_row['ban_end']) ? 'BOARD_BAN_TIME' : 'BOARD_BAN_PERM';
|
||||
|
||||
@@ -326,7 +326,7 @@ function compose_pm($id, $mode, $action)
|
||||
}
|
||||
|
||||
// Handle User/Group adding/removing
|
||||
handle_message_list_actions($address_list, $remove_u, $remove_g, $add_to, $add_bcc);
|
||||
handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc);
|
||||
|
||||
// Check for too many recipients
|
||||
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1)
|
||||
@@ -907,9 +907,9 @@ function compose_pm($id, $mode, $action)
|
||||
/**
|
||||
* For composing messages, handle list actions
|
||||
*/
|
||||
function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_to, $add_bcc)
|
||||
function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove_g, $add_to, $add_bcc)
|
||||
{
|
||||
global $auth, $db;
|
||||
global $auth, $db, $user;
|
||||
|
||||
// Delete User [TO/BCC]
|
||||
if ($remove_u)
|
||||
@@ -956,7 +956,13 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
|
||||
if (sizeof($usernames))
|
||||
{
|
||||
$user_id_ary = array();
|
||||
user_get_id_name($user_id_ary, $usernames);
|
||||
user_get_id_name($user_id_ary, $usernames, array(USER_NORMAL, USER_FOUNDER, USER_INACTIVE));
|
||||
|
||||
// If there are users not existing, we will at least print a notice...
|
||||
if (!sizeof($user_id_ary))
|
||||
{
|
||||
$error[] = $user->lang['PM_NO_USERS'];
|
||||
}
|
||||
}
|
||||
|
||||
// Add Friends if specified
|
||||
@@ -987,11 +993,19 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
|
||||
AND user_allow_pm = 0';
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
$removed = false;
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
$removed = true;
|
||||
unset($address_list['u'][$row['user_id']]);
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
// print a notice about users not being added who do not want to receive pms
|
||||
if ($removed)
|
||||
{
|
||||
$error[] = $user->lang['PM_USERS_REMOVED_NO_PM'];
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user