aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp')
-rw-r--r--phpBB/includes/acp/acp_bbcodes.php2
-rw-r--r--phpBB/includes/acp/acp_disallow.php12
-rw-r--r--phpBB/includes/acp/acp_email.php45
-rw-r--r--phpBB/includes/acp/acp_icons.php4
-rw-r--r--phpBB/includes/acp/acp_language.php12
-rw-r--r--phpBB/includes/acp/acp_main.php2
-rw-r--r--phpBB/includes/acp/acp_profile.php2
-rw-r--r--phpBB/includes/acp/acp_search.php18
-rw-r--r--phpBB/includes/acp/acp_styles.php260
-rw-r--r--phpBB/includes/acp/acp_words.php3
10 files changed, 296 insertions, 64 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index 2b706394c4..0644b38eb1 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -213,7 +213,7 @@ class acp_bbcodes
$bbcode_id = NUM_CORE_BBCODES + 1;
}
- if ($bbcode_id > 1511)
+ if ($bbcode_id > BBCODE_LIMIT)
{
trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING);
}
diff --git a/phpBB/includes/acp/acp_disallow.php b/phpBB/includes/acp/acp_disallow.php
index 9549955cc8..e2176b7bcd 100644
--- a/phpBB/includes/acp/acp_disallow.php
+++ b/phpBB/includes/acp/acp_disallow.php
@@ -56,6 +56,18 @@ class acp_disallow
trigger_error($user->lang['NO_USERNAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
}
+ $sql = 'SELECT disallow_id
+ FROM ' . DISALLOW_TABLE . "
+ WHERE disallow_username = '" . $db->sql_escape($disallowed_user) . "'";
+ $result = $db->sql_query($sql);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
+
+ if ($row)
+ {
+ trigger_error($user->lang['DISALLOWED_ALREADY'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
$sql = 'INSERT INTO ' . DISALLOW_TABLE . ' ' . $db->sql_build_array('INSERT', array('disallow_username' => $disallowed_user));
$db->sql_query($sql);
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index 350693a630..133fe47e09 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -82,23 +82,48 @@ class acp_email
{
if ($group_id)
{
- $sql = 'SELECT u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type
- FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug
- WHERE ug.group_id = ' . $group_id . '
+ $sql_ary = array(
+ 'SELECT' => 'u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type',
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ USER_GROUP_TABLE => 'ug',
+ ),
+ 'WHERE' => 'ug.group_id = ' . $group_id . '
AND ug.user_pending = 0
AND u.user_id = ug.user_id
AND u.user_allow_massemail = 1
- AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
- ORDER BY u.user_lang, u.user_notify_type';
+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')',
+ 'ORDER_BY' => 'u.user_lang, u.user_notify_type',
+ );
}
else
{
- $sql = 'SELECT username, username_clean, user_email, user_jabber, user_notify_type, user_lang
- FROM ' . USERS_TABLE . '
- WHERE user_allow_massemail = 1
- AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
- ORDER BY user_lang, user_notify_type';
+ $sql_ary = array(
+ 'SELECT' => 'u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type',
+ 'FROM' => array(
+ USERS_TABLE => 'u',
+ ),
+ 'WHERE' => 'u.user_allow_massemail = 1
+ AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')',
+ 'ORDER_BY' => 'u.user_lang, u.user_notify_type',
+ );
}
+
+ // Mail banned or not
+ if (!isset($_REQUEST['mail_banned_flag']))
+ {
+ $sql_ary['WHERE'] .= ' AND (b.ban_id IS NULL
+ OR b.ban_exclude = 1)';
+ $sql_ary['LEFT_JOIN'] = array(
+ array(
+ 'FROM' => array(
+ BANLIST_TABLE => 'b',
+ ),
+ 'ON' => 'u.user_id = b.ban_userid',
+ ),
+ );
+ }
+ $sql = $db->sql_build_query('SELECT', $sql_ary);
}
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php
index 3d64a2acda..24f6cbbcbf 100644
--- a/phpBB/includes/acp/acp_icons.php
+++ b/phpBB/includes/acp/acp_icons.php
@@ -394,6 +394,10 @@ class acp_icons
{
// skip images where add wasn't checked
}
+ else if (!file_exists($phpbb_root_path . $img_path . '/' . $image))
+ {
+ $errors[$image] = 'SMILIE_NO_FILE';
+ }
else
{
if ($image_width[$image] == 0 || $image_height[$image] == 0)
diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php
index c2cb2f9c11..598b390302 100644
--- a/phpBB/includes/acp/acp_language.php
+++ b/phpBB/includes/acp/acp_language.php
@@ -1055,14 +1055,14 @@ class acp_language
$iso_src .= htmlspecialchars_decode($row['lang_author']);
$compress->add_data($iso_src, 'language/' . $row['lang_iso'] . '/iso.txt');
- // index.html files
- $compress->add_data('', 'language/' . $row['lang_iso'] . '/index.html');
- $compress->add_data('', 'language/' . $row['lang_iso'] . '/email/index.html');
- $compress->add_data('', 'language/' . $row['lang_iso'] . '/acp/index.html');
+ // index.htm files
+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/index.htm');
+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/email/index.htm');
+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/acp/index.htm');
if (sizeof($mod_files))
{
- $compress->add_data('', 'language/' . $row['lang_iso'] . '/mods/index.html');
+ $compress->add_data('', 'language/' . $row['lang_iso'] . '/mods/index.htm');
}
$compress->close();
@@ -1217,7 +1217,7 @@ $lang = array_merge($lang, array(
';
// Language files in language root directory
- $this->main_files = array("common.$phpEx", "groups.$phpEx", "install.$phpEx", "mcp.$phpEx", "memberlist.$phpEx", "posting.$phpEx", "search.$phpEx", "ucp.$phpEx", "viewforum.$phpEx", "viewtopic.$phpEx", "help_bbcode.$phpEx", "help_faq.$phpEx");
+ $this->main_files = array("captcha_qa.$phpEx", "captcha_recaptcha.$phpEx", "common.$phpEx", "groups.$phpEx", "install.$phpEx", "mcp.$phpEx", "memberlist.$phpEx", "posting.$phpEx", "search.$phpEx", "ucp.$phpEx", "viewforum.$phpEx", "viewtopic.$phpEx", "help_bbcode.$phpEx", "help_faq.$phpEx");
}
/**
diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php
index b8712b2a3d..60cebe3c08 100644
--- a/phpBB/includes/acp/acp_main.php
+++ b/phpBB/includes/acp/acp_main.php
@@ -529,7 +529,7 @@ class acp_main
);
$log_data = array();
- $log_count = 0;
+ $log_count = false;
if ($auth->acl_get('a_viewlogs'))
{
diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php
index 2288a0728b..2e43b0545a 100644
--- a/phpBB/includes/acp/acp_profile.php
+++ b/phpBB/includes/acp/acp_profile.php
@@ -512,7 +512,7 @@ class acp_profile
else if ($field_type == FIELD_INT && $key == 'field_default_value')
{
// Permit an empty string
- if (request_var('field_default_value', '') === '')
+ if ($action == 'create' && request_var('field_default_value', '') === '')
{
$var = '';
}
diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php
index 930c8d2a26..0cd67b1c34 100644
--- a/phpBB/includes/acp/acp_search.php
+++ b/phpBB/includes/acp/acp_search.php
@@ -392,7 +392,18 @@ class acp_search
AND post_id <= ' . (int) ($post_counter + $this->batch_size);
$result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
+ $buffer = $db->sql_buffer_nested_transactions();
+
+ if ($buffer)
+ {
+ $rows = $db->sql_fetchrowset($result);
+ $rows[] = false; // indicate end of array for while loop below
+
+ $db->sql_freeresult($result);
+ }
+
+ $i = 0;
+ while ($row = ($buffer ? $rows[$i++] : $db->sql_fetchrow($result)))
{
// Indexing enabled for this forum or global announcement?
// Global announcements get indexed by default.
@@ -402,7 +413,10 @@ class acp_search
}
$row_count++;
}
- $db->sql_freeresult($result);
+ if (!$buffer)
+ {
+ $db->sql_freeresult($result);
+ }
$post_counter += $this->batch_size;
}
diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php
index 2ccc728031..37cf8d1f72 100644
--- a/phpBB/includes/acp/acp_styles.php
+++ b/phpBB/includes/acp/acp_styles.php
@@ -716,7 +716,7 @@ parse_css_file = {PARSE_CSS_FILE}
$save_changes = (isset($_POST['save'])) ? true : false;
// make sure template_file path doesn't go upwards
- $template_file = str_replace('..', '.', $template_file);
+ $template_file = preg_replace('#\.{2,}#', '.', $template_file);
// Retrieve some information about the template
$sql = 'SELECT template_storedb, template_path, template_name
@@ -1587,23 +1587,23 @@ parse_css_file = {PARSE_CSS_FILE}
{
case 'style':
$sql_from = STYLES_TABLE;
- $sql_select = 'style_name';
+ $sql_select = 'style_id, style_name, template_id, theme_id, imageset_id';
$sql_where = 'AND style_active = 1';
break;
case 'template':
$sql_from = STYLES_TEMPLATE_TABLE;
- $sql_select = 'template_name, template_path, template_storedb';
+ $sql_select = 'template_id, template_name, template_path, template_storedb';
break;
case 'theme':
$sql_from = STYLES_THEME_TABLE;
- $sql_select = 'theme_name, theme_path, theme_storedb';
+ $sql_select = 'theme_id, theme_name, theme_path, theme_storedb';
break;
case 'imageset':
$sql_from = STYLES_IMAGESET_TABLE;
- $sql_select = 'imageset_name, imageset_path';
+ $sql_select = 'imageset_id, imageset_name, imageset_path';
break;
}
@@ -1633,37 +1633,14 @@ parse_css_file = {PARSE_CSS_FILE}
trigger_error($user->lang['NO_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING);
}
- $sql = "SELECT {$mode}_id, {$mode}_name
- FROM $sql_from
- WHERE {$mode}_id <> $style_id
- $sql_where
- ORDER BY {$mode}_name ASC";
- $result = $db->sql_query($sql);
-
- $s_options = '';
-
- if ($row = $db->sql_fetchrow($result))
- {
- do
- {
- $s_options .= '<option value="' . $row[$mode . '_id'] . '">' . $row[$mode . '_name'] . '</option>';
- }
- while ($row = $db->sql_fetchrow($result));
- }
- else
- {
- trigger_error($user->lang['ONLY_' . $l_prefix] . adm_back_link($this->u_action), E_USER_WARNING);
- }
- $db->sql_freeresult($result);
-
if ($update)
{
- $sql = "DELETE FROM $sql_from
- WHERE {$mode}_id = $style_id";
- $db->sql_query($sql);
-
if ($mode == 'style')
{
+ $sql = "DELETE FROM $sql_from
+ WHERE {$mode}_id = $style_id";
+ $db->sql_query($sql);
+
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_style = $new_id
WHERE user_style = $style_id";
@@ -1678,19 +1655,19 @@ parse_css_file = {PARSE_CSS_FILE}
{
set_config('default_style', $new_id);
}
+
+ // Remove the components
+ $components = array('template', 'theme', 'imageset');
+ foreach ($components as $component)
+ {
+ $new_id = request_var('new_' . $component . '_id', 0);
+ $component_id = $style_row[$component . '_id'];
+ $this->remove_component($component, $component_id, $new_id, $style_id);
+ }
}
else
{
- if ($mode == 'imageset')
- {
- $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . "
- WHERE imageset_id = $style_id";
- $db->sql_query($sql);
- }
- $sql = 'UPDATE ' . STYLES_TABLE . "
- SET {$mode}_id = $new_id
- WHERE {$mode}_id = $style_id";
- $db->sql_query($sql);
+ $this->remove_component($mode, $style_id, $new_id);
}
$cache->destroy('sql', STYLES_TABLE);
@@ -1700,11 +1677,12 @@ parse_css_file = {PARSE_CSS_FILE}
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
+ $this->display_component_options($mode, $style_row[$mode . '_id'], $style_row);
+
$this->page_title = 'DELETE_' . $l_prefix;
$template->assign_vars(array(
'S_DELETE' => true,
- 'S_REPLACE_OPTIONS' => $s_options,
'L_TITLE' => $user->lang[$this->page_title],
'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'],
@@ -1718,6 +1696,202 @@ parse_css_file = {PARSE_CSS_FILE}
'NAME' => $style_row[$mode . '_name'],
)
);
+
+ if ($mode == 'style')
+ {
+ $template->assign_vars(array(
+ 'S_DELETE_STYLE' => true,
+ ));
+ }
+ }
+
+ /**
+ * Remove template/theme/imageset entry from the database
+ */
+ function remove_component($component, $component_id, $new_id, $style_id = false)
+ {
+ global $db;
+
+ if (($new_id == 0) || ($component === 'template' && ($conflicts = $this->check_inheritance($component, $component_id))))
+ {
+ // We can not delete the template, as the user wants to keep the component or an other template is inheriting from this one.
+ return;
+ }
+
+ $component_in_use = array();
+ if ($component != 'style')
+ {
+ $component_in_use = $this->component_in_use($component, $component_id, $style_id);
+ }
+
+ if (($new_id == -1) && !empty($component_in_use))
+ {
+ // We can not delete the component, as it is still in use
+ return;
+ }
+
+ if ($component == 'imageset')
+ {
+ $sql = 'DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE . "
+ WHERE imageset_id = $component_id";
+ $db->sql_query($sql);
+ }
+
+ switch ($component)
+ {
+ case 'template':
+ $sql_from = STYLES_TEMPLATE_TABLE;
+ break;
+
+ case 'theme':
+ $sql_from = STYLES_THEME_TABLE;
+ break;
+
+ case 'imageset':
+ $sql_from = STYLES_IMAGESET_TABLE;;
+ break;
+ }
+
+ $sql = "DELETE FROM $sql_from
+ WHERE {$component}_id = $component_id";
+ $db->sql_query($sql);
+
+ $sql = 'UPDATE ' . STYLES_TABLE . "
+ SET {$component}_id = $new_id
+ WHERE {$component}_id = $component_id";
+ $db->sql_query($sql);
+ }
+
+ /**
+ * Display the options which can be used to replace a style/template/theme/imageset
+ */
+ function display_component_options($component, $component_id, $style_row = false, $style_id = false)
+ {
+ global $db, $template, $user;
+
+ $component_in_use = array();
+ if ($component != 'style')
+ {
+ $component_in_use = $this->component_in_use($component, $component_id, $style_id);
+ }
+
+ $sql_where = '';
+ switch ($component)
+ {
+ case 'style':
+ $sql_from = STYLES_TABLE;
+ $sql_where = 'WHERE style_active = 1';
+ break;
+
+ case 'template':
+ $sql_from = STYLES_TEMPLATE_TABLE;
+ $sql_where = 'WHERE template_inherits_id <> ' . $component_id;
+ break;
+
+ case 'theme':
+ $sql_from = STYLES_THEME_TABLE;
+ break;
+
+ case 'imageset':
+ $sql_from = STYLES_IMAGESET_TABLE;
+ break;
+ }
+
+ $s_options = '';
+ if (($component != 'style') && empty($component_in_use))
+ {
+ $sql = "SELECT {$component}_id, {$component}_name
+ FROM $sql_from
+ WHERE {$component}_id = {$component_id}";
+ $result = $db->sql_query($sql);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
+
+ $s_options .= '<option value="-1" selected="selected">' . $user->lang['DELETE_' . strtoupper($component)] . '</option>';
+ $s_options .= '<option value="0">' . sprintf($user->lang['KEEP_' . strtoupper($component)], $row[$component . '_name']) . '</option>';
+ }
+ else
+ {
+ $sql = "SELECT {$component}_id, {$component}_name
+ FROM $sql_from
+ $sql_where
+ ORDER BY {$component}_name ASC";
+ $result = $db->sql_query($sql);
+
+ $s_keep_option = $s_options = '';
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if ($row[$component . '_id'] != $component_id)
+ {
+ $s_options .= '<option value="' . $row[$component . '_id'] . '">' . sprintf($user->lang['REPLACE_WITH_OPTION'], $row[$component . '_name']) . '</option>';
+ }
+ else if ($component != 'style')
+ {
+ $s_keep_option = '<option value="0" selected="selected">' . sprintf($user->lang['KEEP_' . strtoupper($component)], $row[$component . '_name']) . '</option>';
+ }
+ }
+ $db->sql_freeresult($result);
+ $s_options = $s_keep_option . $s_options;
+ }
+
+ if (!$style_row)
+ {
+ $template->assign_var('S_REPLACE_' . strtoupper($component) . '_OPTIONS', $s_options);
+ }
+ else
+ {
+ $template->assign_var('S_REPLACE_OPTIONS', $s_options);
+ if ($component == 'style')
+ {
+ $components = array('template', 'theme', 'imageset');
+ foreach ($components as $component)
+ {
+ $this->display_component_options($component, $style_row[$component . '_id'], false, $component_id, true);
+ }
+ }
+ }
+ }
+
+ /**
+ * Check whether the component is still used by another style or component
+ */
+ function component_in_use($component, $component_id, $style_id = false)
+ {
+ global $db;
+
+ $component_in_use = array();
+
+ if ($style_id)
+ {
+ $sql = 'SELECT style_id, style_name
+ FROM ' . STYLES_TABLE . "
+ WHERE {$component}_id = {$component_id}
+ AND style_id <> {$style_id}
+ ORDER BY style_name ASC";
+ }
+ else
+ {
+ $sql = 'SELECT style_id, style_name
+ FROM ' . STYLES_TABLE . "
+ WHERE {$component}_id = {$component_id}
+ ORDER BY style_name ASC";
+ }
+ $result = $db->sql_query($sql);
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $component_in_use[] = $row['style_name'];
+ }
+ $db->sql_freeresult($result);
+
+ if ($component === 'template' && ($conflicts = $this->check_inheritance($component, $component_id)))
+ {
+ foreach ($conflicts as $temp_id => $conflict_data)
+ {
+ $component_in_use[] = $conflict_data['template_name'];
+ }
+ }
+
+ return $component_in_use;
}
/**
diff --git a/phpBB/includes/acp/acp_words.php b/phpBB/includes/acp/acp_words.php
index 1cb9545967..88c5bbe592 100644
--- a/phpBB/includes/acp/acp_words.php
+++ b/phpBB/includes/acp/acp_words.php
@@ -95,6 +95,9 @@ class acp_words
trigger_error($user->lang['ENTER_WORD'] . adm_back_link($this->u_action), E_USER_WARNING);
}
+ // Replace multiple consecutive asterisks with single one as those are not needed
+ $word = preg_replace('#\*{2,}#', '*', $word);
+
$sql_ary = array(
'word' => $word,
'replacement' => $replacement
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-30 12:38:48 +0000