diff options
28 files changed, 117 insertions, 105 deletions
diff --git a/phpBB/adm/style/acp_users.html b/phpBB/adm/style/acp_users.html index a672db3c4c..a787d9283f 100644 --- a/phpBB/adm/style/acp_users.html +++ b/phpBB/adm/style/acp_users.html @@ -453,6 +453,7 @@ <dd><input name="uploadurl" type="text" id="uploadurl" value="" /></dd> </dl> <!-- ENDIF --> + <!-- IF S_ALLOW_REMOTE --> <dl> <dt><label for="remotelink">{L_LINK_REMOTE_AVATAR}:</label><br /><span>{L_LINK_REMOTE_AVATAR_EXPLAIN}</span></dt> <dd><input name="remotelink" type="text" id="remotelink" value="" /></dd> @@ -461,6 +462,7 @@ <dt><label for="width">{L_LINK_REMOTE_SIZE}:</label><br /><span>{L_LINK_REMOTE_SIZE_EXPLAIN}</span></dt> <dd><input name="width" type="text" id="width" size="3" value="{USER_AVATAR_WIDTH}" /> <span>px X </span> <input type="text" name="height" size="3" value="{USER_AVATAR_HEIGHT}" /> <span>px</span></dd> </dl> + <!-- ENDIF --> <!-- IF S_DISPLAY_GALLERY --> <dl> <dt><label>{L_AVATAR_GALLERY}:</label></dt> diff --git a/phpBB/includes/acm/acm_main.php b/phpBB/includes/acm/acm_main.php index a2d8bca4a3..9c0ffc127f 100644 --- a/phpBB/includes/acm/acm_main.php +++ b/phpBB/includes/acm/acm_main.php @@ -187,7 +187,7 @@ class cache extends acm AND g.allow_group = 1'; $result = $db->sql_query($sql); - $extensions = array(); + $extensions = array('_allowed_' => array()); while ($row = $db->sql_fetchrow($result)) { $extension = strtolower(trim($row['extension'])); diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index 4d254bb084..e5e10223f7 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -36,8 +36,8 @@ class acp_email { // Error checking needs to go here ... if no subject and/or no message then skip // over the send and return to the form - $subject = html_entity_decode(request_var('subject', '', true)); - $message = html_entity_decode(request_var('message', '', true)); + $subject = request_var('subject', '', true); + $message = request_var('message', '', true); $use_queue = (isset($_POST['send_immediatly'])) ? false : true; $priority = request_var('mail_priority_flag', MAIL_NORMAL_PRIORITY); @@ -150,14 +150,14 @@ class acp_email $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); - $messenger->subject($subject); + $messenger->subject(html_entity_decode($subject)); $messenger->replyto($config['board_email']); $messenger->set_mail_priority($priority); $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], 'CONTACT_EMAIL' => $config['board_contact'], - 'MESSAGE' => $message) + 'MESSAGE' => html_entity_decode($message)) ); if (!($messenger->send($used_method))) @@ -216,8 +216,8 @@ class acp_email 'S_GROUP_OPTIONS' => $select_list, 'USERNAMES' => $usernames, 'U_FIND_USERNAME' => $phpbb_root_path . "memberlist.$phpEx$SID&mode=searchuser&form=acp_email&field=usernames", - 'SUBJECT' => request_var('subject', '', true), - 'MESSAGE' => request_var('message', '', true), + 'SUBJECT' => $subject, + 'MESSAGE' => $message, 'S_PRIORITY_OPTIONS' => $s_priority_options) ); diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index acc1c50112..af48ea700c 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -127,7 +127,7 @@ class acp_main $messenger->assign_vars(array( 'EMAIL_SIG' => $sig, - 'USERNAME' => $row['username'], + 'USERNAME' => html_entity_decode($row['username']), 'SITENAME' => $config['sitename'], 'REGISTER_DATE' => $user->format_date($row['user_regdate']), diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 66fdf40701..1a079b8e0d 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -263,7 +263,7 @@ class acp_users $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], 'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), - 'USERNAME' => $user_row['username'], + 'USERNAME' => html_entity_decode($user_row['username']), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") @@ -1277,7 +1277,7 @@ class acp_users { $data['user_id'] = $user_id; - if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload) + if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload && $config['allow_avatar_upload']) { list($type, $filename, $width, $height) = avatar_upload($data, $error); } @@ -1347,6 +1347,8 @@ class acp_users // Generate users avatar if ($user_row['user_avatar']) { + $avatar_img = ''; + switch ($user_row['user_avatar_type']) { case AVATAR_UPLOAD: @@ -1357,8 +1359,8 @@ class acp_users $avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/'; break; } - $avatar_img .= $user_row['user_avatar']; + $avatar_img .= $user_row['user_avatar']; $avatar_img = '<img src="' . $avatar_img . '" width="' . $user_row['user_avatar_width'] . '" height="' . $user_row['user_avatar_height'] . '" alt="" />'; } else @@ -1375,7 +1377,8 @@ class acp_users $template->assign_vars(array( 'S_AVATAR' => true, - 'S_CAN_UPLOAD' => $can_upload, + 'S_CAN_UPLOAD' => ($can_upload && $config['allow_avatar_upload']) ? true : false, + 'S_ALLOW_REMOTE' => ($config['allow_avatar_remote']) ? true : false, 'S_DISPLAY_GALLERY' => ($config['allow_avatar_local'] && !$display_gallery) ? true : false, 'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false, diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index cc4afd0ba4..2210be1ab9 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -682,15 +682,27 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0) global $user, $db, $template, $auth; global $phpbb_root_path, $phpEx, $SID; - $topic_ids = $draft_rows = array(); + $topic_ids = $forum_ids = $draft_rows = array(); // Load those drafts not connected to forums/topics // If forum_id == 0 AND topic_id == 0 then this is a PM draft - $sql = 'SELECT * - FROM ' . DRAFTS_TABLE . ' - WHERE user_id = ' . $user->data['user_id'] . ' - AND (forum_id = 0 OR topic_id = 0) - ORDER BY save_time DESC'; + if (!$topic_id && !$forum_id) + { + $sql_and = 'AND d.forum_id = 0 AND d.topic_id = 0'; + } + else + { + $sql_and = ''; + $sql_and .= ($forum_id) ? 'AND d.forum_id = ' . $forum_id : ''; + $sql_and .= ($topic_id) ? 'AND d.topic_id = ' . $topic_id : ''; + } + + $sql = 'SELECT d.*, f.forum_id, f.forum_name + FROM ' . DRAFTS_TABLE . ' d + LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = d.forum_id) + WHERE d.user_id = ' . $user->data['user_id'] . " + $sql_and + ORDER BY d.save_time DESC"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) @@ -703,35 +715,12 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0) } $db->sql_freeresult($result); - // Only those fitting into this forum now... - if ($forum_id || $topic_id) - { - $sql = 'SELECT d.draft_id, d.topic_id, d.forum_id, d.draft_subject, d.save_time, f.forum_name - FROM ' . DRAFTS_TABLE . ' d, ' . FORUMS_TABLE . ' f - WHERE d.user_id = ' . $user->data['user_id'] . ' - AND d.forum_id = f.forum_id ' . - (($forum_id) ? " AND d.forum_id = $forum_id" : '') . ' - ORDER BY d.save_time DESC'; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if ($row['topic_id']) - { - $topic_ids[] = (int) $row['topic_id']; - } - $draft_rows[] = $row; - } - $db->sql_freeresult($result); - } - if (!sizeof($draft_rows)) { return; } $topic_rows = array(); - if (sizeof($topic_ids)) { $sql = 'SELECT topic_id, forum_id, topic_title @@ -746,7 +735,7 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0) $db->sql_freeresult($result); } unset($topic_ids); - + $template->assign_var('S_SHOW_DRAFTS', true); foreach ($draft_rows as $draft) diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 717c188a02..4b5a43e2c8 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -1462,9 +1462,9 @@ function pm_notification($mode, $author, $recipients, $subject, $message) $messenger->assign_vars(array( 'EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], - 'SUBJECT' => $subject, - 'AUTHOR_NAME' => $author, - 'USERNAME' => $addr['name'], + 'SUBJECT' => html_entity_decode($subject), + 'AUTHOR_NAME' => html_entity_decode($author), + 'USERNAME' => html_entity_decode($addr['name']), 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox") ); diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 8b67769847..8b59cfa5c7 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -307,7 +307,7 @@ class filespec if (!$this->upload->valid_dimensions($this)) { - $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_SIZE'], $this->upload->min_width, $this->upload->min_height, $this->upload->max_width, $this->upload->max_height); + $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_SIZE'], $this->upload->min_width, $this->upload->min_height, $this->upload->max_width, $this->upload->max_height, $this->width, $this->height); } } } diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 533f7b9ef7..0b3ace62b4 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -982,26 +982,39 @@ function avatar_remote($data, &$error) return false; } - if ((!($data['width'] || $data['height']) || $data['remotelink'] != $user->data['user_avatar']) && ($config['avatar_max_width'] || $config['avatar_max_height'])) + // Make sure getimagesize works... + if (($image_data = @getimagesize($data['remotelink'])) === false) { - list($width, $height) = @getimagesize($data['remotelink']); + $error[] = $user->lang['AVATAR_URL_INVALID']; + return false; + } + + $width = ($data['width'] && $data['height']) ? $data['width'] : $image_data[0]; + $height = ($data['width'] && $data['height']) ? $data['height'] : $image_data[1]; + + if (!$width || !$height) + { + $error[] = $user->lang['AVATAR_NO_SIZE']; + return false; + } - if (!$width || !$height) + if ($config['avatar_max_width'] || $config['avatar_max_height']) + { + if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height']) { - $error[] = $user->lang['AVATAR_NO_SIZE']; + $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $width, $height); return false; } - else if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height']) + } + + if ($config['avatar_min_width'] || $config['avatar_min_height']) + { + if ($width < $config['avatar_min_width'] || $height < $config['avatar_min_height']) { - $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']); + $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $width, $height); return false; } } - else if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) - { - $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']); - return false; - } return array(AVATAR_REMOTE, $data['remotelink'], $width, $height); } diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php index 44265d2475..4544f3cfd3 100755 --- a/phpBB/includes/mcp/mcp_notes.php +++ b/phpBB/includes/mcp/mcp_notes.php @@ -116,7 +116,7 @@ function mcp_notes_user_view($id, $mode, $action) add_log('admin', 'LOG_CLEAR_USER', $userrow['username']); - $msg = ($deletemark) ? 'MARKED_DELETED' : 'ALL_DELETED'; + $msg = ($deletemark) ? 'MARKED_NOTES_DELETED' : 'ALL_NOTES_DELETED'; $redirect = "mcp.$phpEx$SID&i=$id&mode=$mode&u=$user_id"; meta_refresh(2, $redirect); trigger_error($user->lang[$msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>')); diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index 8c0dc9cd6d..7e8dc6760a 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -458,12 +458,12 @@ function approve_post($post_id_list, $mode) $messenger->assign_vars(array( 'EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], - 'USERNAME' => $post_data['username'], - 'POST_SUBJECT' => censor_text($post_data['post_subject']), - 'TOPIC_TITLE' => censor_text($post_data['topic_title']), + 'USERNAME' => html_entity_decode($post_data['username']), + 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), + 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])), - 'U_VIEW_TOPIC' => "{$phpbb_root_path}viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0", - 'U_VIEW_POST' => "{$phpbb_root_path}viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id") + 'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0", + 'U_VIEW_POST' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id") ); $messenger->send($post_data['user_notify_type']); @@ -550,6 +550,7 @@ function disapprove_post($post_id_list, $mode) ); $notify_poster = (isset($_REQUEST['notify_poster'])) ? true : false; + $disapprove_reason = ''; if ($reason_id) { @@ -569,8 +570,7 @@ function disapprove_post($post_id_list, $mode) { // If the reason is defined within the language file, we will use the localized version, else just use the database entry... $disapprove_reason = ($row['reason_title'] != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : ''; - $disapprove_reason .= ($reason) ? "\n\n" . $_REQUEST['reason'] : ''; - unset($reason); + $disapprove_reason .= ($reason) ? "\n\n" . $reason : ''; } } @@ -671,10 +671,10 @@ function disapprove_post($post_id_list, $mode) $messenger->assign_vars(array( 'EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], - 'USERNAME' => $post_data['username'], - 'REASON' => $disapprove_reason, - 'POST_SUBJECT' => censor_text($post_data['post_subject']), - 'TOPIC_TITLE' => censor_text($post_data['topic_title'])) + 'USERNAME' => html_entity_decode($post_data['username']), + 'REASON' => html_entity_decode($disapprove_reason), + 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), + 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title']))) ); $messenger->send($post_data['user_notify_type']); diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index e71e7507bb..f40ef0632c 100755 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -461,10 +461,10 @@ function close_report($post_id_list, $mode, $action) $messenger->assign_vars(array( 'EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], - 'USERNAME' => $reporter['username'], - 'CLOSER_NAME' => $user->data['username'], - 'POST_SUBJECT' => censor_text($post_info[$post_id]['post_subject']), - 'TOPIC_TITLE' => censor_text($post_info[$post_id]['topic_title'])) + 'USERNAME' => html_entity_decode($reporter['username']), + 'CLOSER_NAME' => html_entity_decode($user->data['username']), + 'POST_SUBJECT' => html_entity_decode(censor_text($post_info[$post_id]['post_subject'])), + 'TOPIC_TITLE' => html_entity_decode(censor_text($post_info[$post_id]['topic_title']))) ); $messenger->send($reporter['user_notify_type']); diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index beed7c824b..0e9ad35d21 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -87,7 +87,7 @@ class ucp_activate $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], - 'USERNAME' => $row['username'], + 'USERNAME' => html_entity_decode($row['username']), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])) ); diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php index beef8a1f27..e78c4312ba 100644 --- a/phpBB/includes/ucp/ucp_groups.php +++ b/phpBB/includes/ucp/ucp_groups.php @@ -176,8 +176,8 @@ class ucp_groups $messenger->assign_vars(array( 'EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], - 'USERNAME' => $row['username'], - 'GROUP_NAME' => $group_row[$group_id]['group_name'], + 'USERNAME' => html_entity_decode($row['username']), + 'GROUP_NAME' => html_entity_decode($group_row[$group_id]['group_name']), 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=usergroups&mode=manage", 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index f06a6671b9..2c777e139f 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -604,6 +604,7 @@ class ucp_main case 'drafts': $pm_drafts = ($this->p_master->p_name == 'pm') ? true : false; + $template->assign_var('S_SHOW_DRAFTS', true); $user->add_lang('posting'); diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 7c06895494..cd6831c419 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -332,7 +332,8 @@ function compose_pm($id, $mode, $action) { $sql = 'SELECT draft_id FROM ' . DRAFTS_TABLE . ' - WHERE (forum_id = 0 AND topic_id = 0) + WHERE forum_id = 0 + AND topic_id = 0 AND user_id = ' . $user->data['user_id'] . (($draft_id) ? " AND draft_id <> $draft_id" : ''); $result = $db->sql_query_limit($sql, 1); @@ -397,7 +398,7 @@ function compose_pm($id, $mode, $action) if ($row = $db->sql_fetchrow($result)) { $_REQUEST['subject'] = $row['draft_subject']; - $_POST['message'] = $row['draft_message']; + $_REQUEST['message'] = $row['draft_message']; $refresh = true; $template->assign_var('S_DRAFT_LOADED', true); } diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index bba0b92332..e50ed67037 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -136,7 +136,7 @@ class ucp_profile $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], - 'USERNAME' => $username, + 'USERNAME' => html_entity_decode($username), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") @@ -162,7 +162,7 @@ class ucp_profile $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( - 'USERNAME' => $username, + 'USERNAME' => html_entity_decode($username), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index d7292966ad..28757cf3ca 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -327,8 +327,8 @@ class ucp_register $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], 'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), - 'USERNAME' => $username, - 'PASSWORD' => $password_confirm, + 'USERNAME' => html_entity_decode($username), + 'PASSWORD' => html_entity_decode($password_confirm), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") @@ -365,7 +365,7 @@ class ucp_register $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( - 'USERNAME' => $username, + 'USERNAME' => html_entity_decode($username), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php index 6b2c6240ae..a0976da443 100644 --- a/phpBB/includes/ucp/ucp_remind.php +++ b/phpBB/includes/ucp/ucp_remind.php @@ -69,8 +69,8 @@ class ucp_remind $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], - 'USERNAME' => $username, - 'PASSWORD' => $user_password, + 'USERNAME' => html_entity_decode($username), + 'PASSWORD' => html_entity_decode($user_password), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 8c2b55a04f..6809e84892 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -79,7 +79,7 @@ class ucp_resend $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], 'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), - 'USERNAME' => $row['username'], + 'USERNAME' => html_entity_decode($row['username']), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$row['user_id']}&k={$row['user_actkey']}") @@ -117,7 +117,7 @@ class ucp_resend $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( - 'USERNAME' => $row['username'], + 'USERNAME' => html_entity_decode($row['username']), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$row['user_id']}&k={$row['user_actkey']}") diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 7bd12f7f60..6e23cedffe 100755 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -1301,8 +1301,8 @@ class install_install extends module $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array( - 'USERNAME' => $admin_name, - 'PASSWORD' => $admin_pass1, + 'USERNAME' => html_entity_decode($admin_name), + 'PASSWORD' => html_entity_decode($admin_pass1), 'U_BOARD' => generate_board_url(), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig'])) ); diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 2e547f745a..ea0bb08680 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -73,7 +73,7 @@ $lang = array_merge($lang, array( 'AVATAR_URL_INVALID' => 'The URL you specified is invalid.', 'AVATAR_URL_NOT_FOUND' => 'The file specified could not be found.', 'AVATAR_WRONG_FILESIZE' => 'The avatar must be between 0 and %1d %2s.', - 'AVATAR_WRONG_SIZE' => 'The avatar must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high.', + 'AVATAR_WRONG_SIZE' => 'The avatar must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high. The submitted avatar is %5$d pixels wide and %6$d pixels high.', 'BACK_TO_TOP' => 'Top', 'BBCODE_GUIDE' => 'BBCode Guide', diff --git a/phpBB/language/en/mcp.php b/phpBB/language/en/mcp.php index 36d3e29f32..be047d1ea4 100644 --- a/phpBB/language/en/mcp.php +++ b/phpBB/language/en/mcp.php @@ -35,6 +35,7 @@ $lang = array_merge($lang, array( 'ADD_WARNING' => 'Add warning', 'ADD_WARNING_EXPLAIN' => 'To send a warning to this user please fill out the following form. Only use plain text; HTML, BBCode, etc. are not permitted.', 'ALL_ENTRIES' => 'All entries', + 'ALL_NOTES_DELETED' => 'Sucessfully removed all user notes', 'ALL_REPORTS' => 'All reports', 'ALREADY_REPORTED' => 'This post has already been reported', 'ALREADY_WARNED' => 'A warning has already been issued for this post', @@ -118,6 +119,8 @@ $lang = array_merge($lang, array( 'LOOKUP_ALL' => 'Look up all IP', 'LOOKUP_IP' => 'Look up IP', + 'MARKED_NOTES_DELETED' => 'Sucessfully removed all marked user notes', + 'MCP_ADD' => 'Add a warning', 'MCP_BAN' => 'Banning', diff --git a/phpBB/language/en/posting.php b/phpBB/language/en/posting.php index 6f8dbc3925..a0586aa1d7 100644 --- a/phpBB/language/en/posting.php +++ b/phpBB/language/en/posting.php @@ -193,7 +193,7 @@ $lang = array_merge($lang, array( 'VIEW_MESSAGE' => 'Click %sHere%s to view your message', 'WRONG_FILESIZE' => 'The file is too big, maximum allowed size is %1d %2s', - 'WRONG_SIZE' => 'The image must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high.', + 'WRONG_SIZE' => 'The image must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high. The submitted image is %5$d pixels wide and %6$d pixels high.', )); ?>
\ No newline at end of file diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index a4975f8d6e..3feb7daaa0 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -260,12 +260,12 @@ switch ($mode) include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx); $subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']); - $message = $_POST['message']; + $message = request_var('message', '', true); $messenger = new messenger(); $messenger->template('profile_send_email', $row['user_lang']); - $messenger->subject($subject); + $messenger->subject(html_entity_decode($subject)); $messenger->replyto($user->data['user_email']); $messenger->im($row['user_jabber'], $row['username']); @@ -273,9 +273,9 @@ switch ($mode) $messenger->assign_vars(array( 'SITENAME' => $config['sitename'], 'BOARD_EMAIL' => $config['board_contact'], - 'FROM_USERNAME' => $user->data['username'], - 'TO_USERNAME' => $row['username'], - 'MESSAGE' => $message) + 'FROM_USERNAME' => html_entity_decode($user->data['username']), + 'TO_USERNAME' => html_entity_decode($row['username']), + 'MESSAGE' => html_entity_decode($message)) ); $messenger->send(NOTIFY_IM); @@ -289,10 +289,10 @@ switch ($mode) // Send vars to the template $template->assign_vars(array( 'IM_CONTACT' => $row[$sql_field], - 'USERNAME' => addslashes($row['username']), + 'USERNAME' => $row['username'], 'EMAIL' => $row['user_email'], 'CONTACT_NAME' => $row[$sql_field], - 'SITENAME' => addslashes($config['sitename']), + 'SITENAME' => $config['sitename'], 'PRESENCE_IMG' => $presence_img, @@ -616,7 +616,7 @@ switch ($mode) if ($user_id) { - $messenger->subject($subject); + $messenger->subject(html_entity_decode($subject)); $messenger->im($row['user_jabber'], $row['username']); $notify_type = $row['user_notify_type']; } diff --git a/phpBB/styles/subSilver/template/ucp_footer.html b/phpBB/styles/subSilver/template/ucp_footer.html index 1372d3c3ec..15f9dbcdb3 100644 --- a/phpBB/styles/subSilver/template/ucp_footer.html +++ b/phpBB/styles/subSilver/template/ucp_footer.html @@ -1,5 +1,5 @@ - <!-- IF not S_PRIVMSGS --></form><!-- ENDIF --></td> + <!-- IF not S_PRIVMSGS or S_SHOW_DRAFTS --></form><!-- ENDIF --></td> </tr> </table> diff --git a/phpBB/styles/subSilver/template/ucp_header.html b/phpBB/styles/subSilver/template/ucp_header.html index b84aab9107..924943d4cb 100644 --- a/phpBB/styles/subSilver/template/ucp_header.html +++ b/phpBB/styles/subSilver/template/ucp_header.html @@ -156,4 +156,4 @@ </td> <td><img src="images/spacer.gif" width="4" alt="" /></td> - <td width="80%" valign="top"><!-- IF not S_PRIVMSGS --><form name="ucp" id="ucp" method="post" action="{S_UCP_ACTION}"{S_FORM_ENCTYPE}><!-- ENDIF --> + <td width="80%" valign="top"><!-- IF not S_PRIVMSGS or S_SHOW_DRAFTS --><form name="ucp" id="ucp" method="post" action="{S_UCP_ACTION}"{S_FORM_ENCTYPE}><!-- ENDIF --> diff --git a/phpBB/styles/subSilver/template/ucp_main_drafts.html b/phpBB/styles/subSilver/template/ucp_main_drafts.html index 2ff54a0b31..780a0e9a7b 100644 --- a/phpBB/styles/subSilver/template/ucp_main_drafts.html +++ b/phpBB/styles/subSilver/template/ucp_main_drafts.html @@ -32,10 +32,10 @@ <td class="postdetails" style="padding: 4px;" nowrap="nowrap">{draftrow.DATE}</td> <td style="padding: 4px;" valign="top" width="100%"> <p class="topictitle">{draftrow.DRAFT_SUBJECT}</p> - <!-- IF draftrow.S_LINK_TOPIC --><br /><span class="gensmall">{L_TOPIC}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span> - <!-- ELSEIF draftrow.S_LINK_FORUM --><br /><span class="gensmall">{L_FORUM}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span> - <!-- ELSEIF draftrow.S_LINK_PM --><br /><span class="gensmall">{L_PRIVATE_MESSAGE}</span> - <!-- ELSE --><br /><span class="gensmall">{L_NO_TOPIC_FORUM}</span><!-- ENDIF --> + <!-- IF draftrow.S_LINK_TOPIC --><span class="gensmall">{L_TOPIC}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span> + <!-- ELSEIF draftrow.S_LINK_FORUM --><span class="gensmall">{L_FORUM}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span> + <!-- ELSEIF draftrow.S_LINK_PM --><span class="gensmall">{L_PRIVATE_MESSAGE}</span> + <!-- ELSE --><span class="gensmall">{L_NO_TOPIC_FORUM}</span><!-- ENDIF --> </td> <td style="padding: 4px;" align="center" nowrap="nowrap"><span class="genmed"><!-- IF draftrow.U_INSERT --><a href="{draftrow.U_INSERT}">{L_LOAD_DRAFT}</a><br /><!-- ENDIF --><a href="{draftrow.U_VIEW_EDIT}">{L_VIEW_EDIT}</a></td> <td style="padding: 4px;" align="center"><input type="checkbox" name="d[{draftrow.DRAFT_ID}]" /></td> |