aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xphpBB/develop/adjust_avatars.php26
-rw-r--r--phpBB/includes/auth.php12
-rw-r--r--phpBB/includes/functions_user.php26
-rw-r--r--phpBB/install/database_update.php40
-rw-r--r--phpBB/style.php7
-rw-r--r--phpBB/styles/prosilver/theme/common.css1
-rw-r--r--phpBB/styles/prosilver/theme/links.css1
7 files changed, 76 insertions, 37 deletions
diff --git a/phpBB/develop/adjust_avatars.php b/phpBB/develop/adjust_avatars.php
index f2d46e9a52..5133ed8081 100755
--- a/phpBB/develop/adjust_avatars.php
+++ b/phpBB/develop/adjust_avatars.php
@@ -32,8 +32,8 @@ if (!isset($config['avatar_salt']))
// let's start with the users using a group_avatar.
$sql = 'SELECT group_id, group_avatar
- FROM ' . GROUPS_TABLE .
- ' WHERE group_avatar_type = ' . AVATAR_UPLOAD;
+ FROM ' . GROUPS_TABLE . '
+ WHERE group_avatar_type = ' . AVATAR_UPLOAD;
// We'll skip these, so remember them
$group_avatars = array();
@@ -44,21 +44,20 @@ $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
-
$new_avatar_name = adjust_avatar($row['group_avatar'], 'g' . $row['group_id']);
$group_avatars[] = $new_avatar_name;
// failure is probably due to the avatar name already being adjusted
- if ($new_avatar_name !== false)
+ if ($new_avatar_name !== false)
{
$sql = 'UPDATE ' . USERS_TABLE . "
- SET user_avatar = '$new_avatar_name'
- WHERE user_avatar = '{$row['group_avatar']}'
+ SET user_avatar = '" . $db->sql_escape($new_avatar_name) . "'
+ WHERE user_avatar = '" . $db->sql_escape($row['group_avatar']) . "'
AND user_avatar_type = " . AVATAR_UPLOAD;
$db->sql_query($sql);
$sql = 'UPDATE ' . GROUPS_TABLE . "
- SET group_avatar = '$new_avatar_name'
+ SET group_avatar = '" . $db->sql_escape($new_avatar_name) . "'
WHERE group_id = {$row['group_id']}";
$db->sql_query($sql);
}
@@ -66,7 +65,7 @@ while ($row = $db->sql_fetchrow($result))
{
echo '<br /> Failed updating group ' . $row['group_id'] . "\n";
}
-
+
if ($echos > 200)
{
echo '<br />' . "\n";
@@ -84,21 +83,19 @@ $sql = 'SELECT user_id, username, user_avatar, user_avatar_type
FROM ' . USERS_TABLE . '
WHERE user_avatar_type = ' . AVATAR_UPLOAD . '
AND ' . $db->sql_in_set('user_avatar', $group_avatars, true, true);
-
$result = $db->sql_query($sql);
-
+
echo '<br /> Updating users' . "\n";
while ($row = $db->sql_fetchrow($result))
{
-
$new_avatar_name = adjust_avatar($row['user_avatar'], $row['user_id']);
-
+
// failure is probably due to the avatar name already being adjusted
- if ($new_avatar_name !== false)
+ if ($new_avatar_name !== false)
{
$sql = 'UPDATE ' . USERS_TABLE . "
- SET user_avatar = '$new_avatar_name'
+ SET user_avatar = '" . $db->sql_escape($new_avatar_name) . "'
WHERE user_id = {$row['user_id']}";
$db->sql_query($sql);
}
@@ -139,4 +136,5 @@ function adjust_avatar($old_name, $midfix)
}
return false;
}
+
?> \ No newline at end of file
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index de1b669eba..3b05652a87 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -486,8 +486,8 @@ class auth
{
global $db;
- $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : '';
- $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : '';
+ $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : '';
+ $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_opts = '';
@@ -628,8 +628,8 @@ class auth
{
global $db;
- $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : '';
- $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : '';
+ $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : '';
+ $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_opts = '';
@@ -682,8 +682,8 @@ class auth
{
global $db;
- $sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? "group_id = $group_id" : $db->sql_in_set('group_id', $group_id)) : '';
- $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : '';
+ $sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? 'group_id = ' . (int) $group_id : $db->sql_in_set('group_id', array_map('intval', $group_id))) : '';
+ $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_opts = '';
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 457e286840..69990a9524 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -2468,27 +2468,32 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
return true;
}
-
/**
* A small version of validate_username to check for a group name's existence. To be called directly.
*/
-function group_validate_groupname($group_id, $groupname)
+function group_validate_groupname($group_id, $group_name)
{
global $config, $db;
- $groupname = utf8_clean_string($groupname);
+ $group_name = utf8_clean_string($group_name);
if (!empty($group_id))
{
$sql = 'SELECT group_name
- FROM ' . GROUPS_TABLE . '
- WHERE group_id = ' . (int)$group_id;
+ FROM ' . GROUPS_TABLE . '
+ WHERE group_id = ' . (int) $group_id;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
-
- $allowed_groupname = utf8_clean_string($row['group_name']);
- if ($allowed_groupname == $groupname)
+
+ if (!$row)
+ {
+ return false;
+ }
+
+ $allowed_groupname = utf8_clean_string($row['group_name']);
+
+ if ($allowed_groupname == $group_name)
{
return false;
}
@@ -2496,7 +2501,7 @@ function group_validate_groupname($group_id, $groupname)
$sql = 'SELECT group_name
FROM ' . GROUPS_TABLE . "
- WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($groupname)) . "'";
+ WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($group_name)) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
@@ -2505,11 +2510,10 @@ function group_validate_groupname($group_id, $groupname)
{
return 'GROUP_NAME_TAKEN';
}
+
return false;
}
-
-
/**
* Set users default group
*
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index 82faa022ad..287379fcd8 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -60,6 +60,20 @@ require($phpbb_root_path . 'includes/constants.' . $phpEx);
require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);
require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
+// If we are on PHP >= 6.0.0 we do not need some code
+if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
+{
+ /**
+ * @ignore
+ */
+ define('STRIP', false);
+}
+else
+{
+ set_magic_quotes_runtime(0);
+ define('STRIP', (get_magic_quotes_gpc()) ? true : false);
+}
+
$user = new user();
$cache = new cache();
$db = new $sql_db();
@@ -698,16 +712,19 @@ if (version_compare($current_version, '3.0.b5', '<='))
$db->sql_query('DELETE FROM ' . STYLES_IMAGESET_TABLE);
$db->sql_query('DELETE FROM ' . STYLES_TEMPLATE_TABLE);
$db->sql_query('DELETE FROM ' . STYLES_TABLE);
- $db->sql_query('DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE);
$db->sql_query('DELETE FROM ' . STYLES_THEME_TABLE);
+
+// $db->sql_query('DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE);
break;
default:
$db->sql_query('TRUNCATE TABLE ' . STYLES_IMAGESET_TABLE);
$db->sql_query('TRUNCATE TABLE ' . STYLES_TEMPLATE_TABLE);
$db->sql_query('TRUNCATE TABLE ' . STYLES_TABLE);
- $db->sql_query('TRUNCATE TABLE ' . STYLES_IMAGESET_DATA_TABLE);
$db->sql_query('TRUNCATE TABLE ' . STYLES_THEME_TABLE);
+
+// This table does not exist, as well as the constant not exist...
+// $db->sql_query('TRUNCATE TABLE ' . STYLES_IMAGESET_DATA_TABLE);
break;
}
@@ -869,6 +886,8 @@ if (version_compare($current_version, '3.0.b5', '<='))
$data = "INSERT INTO phpbb_styles (style_name, style_copyright, style_active, template_id, theme_id, imageset_id) VALUES ('prosilver', '&copy; phpBB Group', 1, 1, 1, 1);
INSERT INTO phpbb_styles (style_name, style_copyright, style_active, template_id, theme_id, imageset_id) VALUES ('subsilver2', '&copy; phpBB Group', 1, 2, 2, 2);
+ INSERT INTO phpbb_styles_imageset (imageset_name, imageset_copyright, imageset_path) VALUES ('prosilver', '&copy; phpBB Group', 'prosilver');
+ INSERT INTO phpbb_styles_imageset (imageset_name, imageset_copyright, imageset_path) VALUES ('subsilver2', '&copy; phpBB Group', 'subsilver2');
INSERT INTO phpbb_styles_imageset_data (image_name, image_filename, image_lang, image_height, image_width, imageset_id) VALUES ('site_logo', 'site_logo.gif', '', 94, 170, 2);
INSERT INTO phpbb_styles_imageset_data (image_name, image_filename, image_lang, image_height, image_width, imageset_id) VALUES ('upload_bar', 'upload_bar.gif', '', 16, 280, 2);
INSERT INTO phpbb_styles_imageset_data (image_name, image_filename, image_lang, image_height, image_width, imageset_id) VALUES ('poll_left', 'poll_left.gif', '', 12, 4, 2);
@@ -1089,10 +1108,23 @@ if (version_compare($current_version, '3.0.b5', '<='))
set_config('avatar_salt', md5(mt_rand()));
- $sql = 'UPDATE ' . ACL_OPTIONS_TABLE . ' SET is_local = 0 WHERE auth_option = \'m_warn\'';
+ $sql = 'UPDATE ' . ACL_OPTIONS_TABLE . "
+ SET is_local = 0
+ WHERE auth_option = 'm_warn'";
+ $db->sql_query($sql);
+
+ $cache->destroy('_acl_options');
+
+ $sql = 'UPDATE ' . MODULES_TABLE . '
+ SET module_auth = \'acl_m_warn && acl_f_read,$id\'
+ WHERE module_basename = \'warn\'
+ AND module_mode = \'warn_post\'
+ AND module_class = \'mcp\'';
$db->sql_query($sql);
- $sql = 'UPDATE ' . MODULES_TABLE . ' SET module_auth = \'acl_m_warn && acl_f_read,$id\' WHERE module_basename = \'warn\' AND module_mode = \'warn_post\'';
+ $cache->destroy('_modules_mcp');
+
+ $sql = 'UPDATE ' . USERS_TABLE . " SET user_permissions = ''";
$db->sql_query($sql);
$no_updates = false;
diff --git a/phpBB/style.php b/phpBB/style.php
index 84a2394744..38ffd5426b 100644
--- a/phpBB/style.php
+++ b/phpBB/style.php
@@ -128,9 +128,14 @@ if ($id && $sid)
$db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);
+
+ header('Expires: 0');
+ }
+ else
+ {
+ header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
}
- header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
header('Content-type: text/css');
// Parse Theme Data
diff --git a/phpBB/styles/prosilver/theme/common.css b/phpBB/styles/prosilver/theme/common.css
index f60fdec719..459e2cbc2a 100644
--- a/phpBB/styles/prosilver/theme/common.css
+++ b/phpBB/styles/prosilver/theme/common.css
@@ -128,7 +128,6 @@ p.right {
float: left;
width: auto;
padding: 10px 13px 0 10px;
- height: auto;
}
a#logo:hover {
diff --git a/phpBB/styles/prosilver/theme/links.css b/phpBB/styles/prosilver/theme/links.css
index a6418914a5..733a3cc8d3 100644
--- a/phpBB/styles/prosilver/theme/links.css
+++ b/phpBB/styles/prosilver/theme/links.css
@@ -73,6 +73,7 @@ a.topictitle:active {
/* Post body links */
.postlink {
+ text-decoration: none;
color: #d2d2d2;
border-bottom: 1px solid #d2d2d2;
padding-bottom: 0;
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-26 23:22:29 +0000