diff options
Diffstat (limited to 'phpBB/includes/acp')
| -rw-r--r-- | phpBB/includes/acp/acp_attachments.php | 11 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_ban.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_captcha.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 55 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_forums.php | 27 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_groups.php | 11 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_php_info.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_profile.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_prune.php | 8 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_reasons.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_styles.php | 29 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 76 | ||||
| -rw-r--r-- | phpBB/includes/acp/info/acp_board.php | 2 |
14 files changed, 157 insertions, 83 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 25e51814c4..fc5f44e14f 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -90,6 +90,7 @@ class acp_attachments $s_assigned_groups = array(); while ($row = $db->sql_fetchrow($result)) { + $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name']; $s_assigned_groups[$row['cat_id']][] = $row['group_name']; } $db->sql_freeresult($result); @@ -494,6 +495,10 @@ class acp_attachments $sql = 'SELECT group_id FROM ' . EXTENSION_GROUPS_TABLE . " WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'"; + if ($group_id) + { + $sql .= ' AND group_id <> ' . $group_id; + } $result = $db->sql_query($sql); if ($db->sql_fetchrow($result)) @@ -551,6 +556,7 @@ class acp_attachments $group_id = $db->sql_nextid(); } + $group_name = (isset($user->lang['EXT_GROUP_' . $group_name])) ? $user->lang['EXT_GROUP_' . $group_name] : $group_name; add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name); } @@ -858,7 +864,7 @@ class acp_attachments 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", - 'GROUP_NAME' => $row['group_name'], + 'GROUP_NAME' => (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name'], 'CATEGORY' => $cat_lang[$row['cat_id']], ) ); @@ -1118,6 +1124,7 @@ class acp_attachments $group_name = array(); while ($row = $db->sql_fetchrow($result)) { + $row['group_name'] = (isset($user->lang['EXT_GROUP_' . $row['group_name']])) ? $user->lang['EXT_GROUP_' . $row['group_name']] : $row['group_name']; $group_name[] = $row; } $db->sql_freeresult($result); @@ -1215,7 +1222,7 @@ class acp_attachments return; } - if (!is_writable($phpbb_root_path . $upload_dir)) + if (!phpbb_is_writable($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); return; diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 3198376584..a7ea57b753 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -224,7 +224,7 @@ class acp_ban $template->assign_block_vars('ban_reason', array( 'BAN_ID' => $ban_id, 'REASON' => $reason, - 'A_REASON' => addslashes(htmlspecialchars_decode($reason)), + 'A_REASON' => addslashes($reason), )); } } @@ -236,7 +236,7 @@ class acp_ban $template->assign_block_vars('ban_give_reason', array( 'BAN_ID' => $ban_id, 'REASON' => $reason, - 'A_REASON' => addslashes(htmlspecialchars_decode($reason)), + 'A_REASON' => addslashes($reason), )); } } diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index a5feac1902..a5e80e1f6d 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -58,7 +58,7 @@ class acp_board 'board_disable_msg' => false, 'default_lang' => array('lang' => 'DEFAULT_LANGUAGE', 'validate' => 'lang', 'type' => 'select', 'function' => 'language_select', 'params' => array('{CONFIG_VALUE}'), 'explain' => false), 'default_dateformat' => array('lang' => 'DEFAULT_DATE_FORMAT', 'validate' => 'string', 'type' => 'custom', 'method' => 'dateformat_select', 'explain' => true), - 'board_timezone' => array('lang' => 'SYSTEM_TIMEZONE', 'validate' => 'string', 'type' => 'select', 'function' => 'tz_select', 'params' => array('{CONFIG_VALUE}', 1), 'explain' => false), + 'board_timezone' => array('lang' => 'SYSTEM_TIMEZONE', 'validate' => 'string', 'type' => 'select', 'function' => 'tz_select', 'params' => array('{CONFIG_VALUE}', 1), 'explain' => true), 'board_dst' => array('lang' => 'SYSTEM_DST', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'default_style' => array('lang' => 'DEFAULT_STYLE', 'validate' => 'int', 'type' => 'select', 'function' => 'style_select', 'params' => array('{CONFIG_VALUE}', false), 'explain' => false), 'override_user_style' => array('lang' => 'OVERRIDE_STYLE', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), @@ -319,6 +319,7 @@ class acp_board 'load_online_guests' => array('lang' => 'YES_ONLINE_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'load_onlinetrack' => array('lang' => 'YES_ONLINE_TRACK', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'load_birthdays' => array('lang' => 'YES_BIRTHDAYS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'load_unreads_search' => array('lang' => 'YES_UNREAD_SEARCH', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_moderators' => array('lang' => 'YES_MODERATORS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_jumpbox' => array('lang' => 'YES_JUMPBOX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'load_user_activity' => array('lang' => 'LOAD_USER_ACTIVITY', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), @@ -888,8 +889,8 @@ class acp_board $old_tz = $user->timezone; $old_dst = $user->dst; - $user->timezone = $config['board_timezone']; - $user->dst = $config['board_dst']; + $user->timezone = $config['board_timezone'] * 3600; + $user->dst = $config['board_dst'] * 3600; $dateformat_options = ''; diff --git a/phpBB/includes/acp/acp_captcha.php b/phpBB/includes/acp/acp_captcha.php index 56a57e319c..1893eed14f 100644 --- a/phpBB/includes/acp/acp_captcha.php +++ b/phpBB/includes/acp/acp_captcha.php @@ -89,14 +89,14 @@ class acp_captcha } else { - trigger_error($user->lang['CAPTCHA_UNAVAILABLE'] . adm_back_link($this->u_action)); + trigger_error($user->lang['CAPTCHA_UNAVAILABLE'] . adm_back_link($this->u_action), E_USER_WARNING); } } trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } else if ($submit) { - trigger_error($user->lang['FORM_INVALID'] . adm_back_link()); + trigger_error($user->lang['FORM_INVALID'] . adm_back_link(), E_USER_WARNING); } else { diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index abfad2b90b..193dd001c0 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -394,6 +394,7 @@ class acp_database case 'mssql': case 'mssql_odbc': + case 'mssqlnative': while (($sql = $fgetd($fp, "GO\n", $read, $seek, $eof)) !== false) { $db->sql_query($sql); @@ -1618,41 +1619,48 @@ class mssql_extractor extends base_extractor function write_data_mssqlnative($table_name) { global $db; - $ary_type = $ary_name = $meta_array = array(); + $ary_type = $ary_name = array(); $ident_set = false; $sql_data = ''; // Grab all of the data from current table. $sql = "SELECT * FROM $table_name"; + $db->mssqlnative_set_query_options(array('Scrollable' => SQLSRV_CURSOR_STATIC)); $result = $db->sql_query($sql); - $retrieved_data = $db->mssqlnative_num_rows($result); + $retrieved_data = $db->mssqlnative_num_rows($result); - $meta_array = sqlsrv_field_metadata($result); - $i_num_fields = sqlsrv_num_fields($result); - + if (!$retrieved_data) + { + $db->sql_freeresult($result); + return; + } + + $sql = "SELECT * FROM $table_name"; + $result_fields = $db->sql_query_limit($sql, 1); + + $row = new result_mssqlnative($result_fields); + $i_num_fields = $row->num_fields(); + for ($i = 0; $i < $i_num_fields; $i++) { - $info = $db->mssqlnative_fieldInfo($table_name, $meta_array[$i]['Name']); - $ary_type[$i] = $info->type(); - $ary_name[$i] = $info->name(); + $ary_type[$i] = $row->field_type($i); + $ary_name[$i] = $row->field_name($i); } + $db->sql_freeresult($result_fields); + + $sql = "SELECT 1 as has_identity + FROM INFORMATION_SCHEMA.COLUMNS + WHERE COLUMNPROPERTY(object_id('$table_name'), COLUMN_NAME, 'IsIdentity') = 1"; + $result2 = $db->sql_query($sql); + $row2 = $db->sql_fetchrow($result2); - if ($retrieved_data) + if (!empty($row2['has_identity'])) { - $sql = "SELECT 1 as has_identity - FROM INFORMATION_SCHEMA.COLUMNS - WHERE COLUMNPROPERTY(object_id('$table_name'), COLUMN_NAME, 'IsIdentity') = 1"; - $result2 = $db->sql_query($sql); - $row2 = $db->sql_fetchrow($result2); - - if (!empty($row2['has_identity'])) - { - $sql_data .= "\nSET IDENTITY_INSERT $table_name ON\nGO\n"; - $ident_set = true; - } - $db->sql_freeresult($result2); + $sql_data .= "\nSET IDENTITY_INSERT $table_name ON\nGO\n"; + $ident_set = true; } + $db->sql_freeresult($result2); while ($row = $db->sql_fetchrow($result)) { @@ -1663,7 +1671,8 @@ class mssql_extractor extends base_extractor { $str_val = $row[$ary_name[$i]]; - if (preg_match('#char|text|bool|varbinary#i', $ary_type[$i])) + // defaults to type number - better quote just to be safe, so check for is_int too + if (is_int($ary_type[$i]) || preg_match('#char|text|bool|varbinary#i', $ary_type[$i])) { $str_quote = ''; $str_empty = "''"; @@ -1704,7 +1713,7 @@ class mssql_extractor extends base_extractor } $db->sql_freeresult($result); - if ($retrieved_data && $ident_set) + if ($ident_set) { $sql_data .= "\nSET IDENTITY_INSERT $table_name OFF\nGO\n"; } diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 5a5adc57ae..4d9b9f01e0 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -169,7 +169,7 @@ class acp_forums $forum_data['forum_status'] = ITEM_UNLOCKED; } - $forum_data['show_active'] = ($forum_data['forum_type'] == FORUM_POST) ? request_var('display_recent', true) : request_var('display_active', true); + $forum_data['show_active'] = ($forum_data['forum_type'] == FORUM_POST) ? request_var('display_recent', true) : request_var('display_active', false); // Get data for forum rules if specified... if ($forum_data['forum_rules']) @@ -190,12 +190,14 @@ class acp_forums $forum_perm_from = request_var('forum_perm_from', 0); $cache->destroy('sql', FORUMS_TABLE); + $copied_permissions = false; // Copy permissions? if ($forum_perm_from && $forum_perm_from != $forum_data['forum_id'] && ($action != 'edit' || empty($forum_id) || ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')))) { copy_forum_permissions($forum_perm_from, $forum_data['forum_id'], ($action == 'edit') ? true : false); cache_moderators(); + $copied_permissions = true; } /* Commented out because of questionable UI workflow - re-visit for 3.0.7 else if (!$this->parent_id && $action != 'edit' && $auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')) @@ -211,13 +213,13 @@ class acp_forums $message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED']; // Redirect to permissions - if ($auth->acl_get('a_fauth')) + if ($auth->acl_get('a_fauth') && !$copied_permissions) { $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>'); } // redirect directly to permission settings screen if authed - if ($action == 'add' && !$forum_perm_from && $auth->acl_get('a_fauth')) + if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth')) { meta_refresh(4, append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url)); } @@ -407,7 +409,7 @@ class acp_forums $exclude_forums[] = $row['forum_id']; } - $parents_list = make_forum_select($forum_data['parent_id'], $exclude_forums, true, false, false); + $parents_list = make_forum_select($forum_data['parent_id'], $exclude_forums, false, false, false); $forum_data['forum_password_confirm'] = $forum_data['forum_password']; } @@ -416,7 +418,7 @@ class acp_forums $this->page_title = 'CREATE_FORUM'; $forum_id = $this->parent_id; - $parents_list = make_forum_select($this->parent_id, false, true, false, false); + $parents_list = make_forum_select($this->parent_id, false, false, false, false); // Fill forum data with default values if (!$update) @@ -639,7 +641,8 @@ class acp_forums 'S_PRUNE_OLD_POLLS' => ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_POLL) ? true : false, 'S_PRUNE_ANNOUNCE' => ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_ANNOUNCE) ? true : false, 'S_PRUNE_STICKY' => ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_STICKY) ? true : false, - 'S_DISPLAY_ACTIVE_TOPICS' => ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) ? true : false, + 'S_DISPLAY_ACTIVE_TOPICS' => ($forum_data['forum_type'] == FORUM_POST) ? ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) : true, + 'S_ENABLE_ACTIVE_TOPICS' => ($forum_data['forum_type'] == FORUM_CAT) ? ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) : false, 'S_ENABLE_POST_REVIEW' => ($forum_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) ? true : false, 'S_ENABLE_QUICK_REPLY' => ($forum_data['forum_flags'] & FORUM_FLAG_QUICK_REPLY) ? true : false, 'S_CAN_COPY_PERMISSIONS' => ($action != 'edit' || empty($forum_id) || ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))) ? true : false, @@ -980,7 +983,7 @@ class acp_forums if (!$row) { - trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&' . $this->parent_id), E_USER_WARNING); + trigger_error($user->lang['PARENT_NOT_EXIST'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id), E_USER_WARNING); } if ($row['forum_type'] == FORUM_LINK) @@ -1639,6 +1642,9 @@ class acp_forums delete_attachments('topic', $topic_ids, false); + // Delete shadow topics pointing to topics in this forum + delete_topic_shadows($forum_id); + // Before we remove anything we make sure we are able to adjust the post counts later. ;) $sql = 'SELECT poster_id FROM ' . POSTS_TABLE . ' @@ -1705,6 +1711,9 @@ class acp_forums ) ); + // Amount of rows we select and delete in one iteration. + $batch_size = 500; + foreach ($tables_ary as $field => $tables) { $start = 0; @@ -1714,7 +1723,7 @@ class acp_forums $sql = "SELECT $field FROM " . POSTS_TABLE . ' WHERE forum_id = ' . $forum_id; - $result = $db->sql_query_limit($sql, 500, $start); + $result = $db->sql_query_limit($sql, $batch_size, $start); $ids = array(); while ($row = $db->sql_fetchrow($result)) @@ -1733,7 +1742,7 @@ class acp_forums } } } - while ($row); + while (sizeof($ids) == $batch_size); } unset($ids); diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 3df61ff4e2..486616c33d 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -49,7 +49,7 @@ class acp_groups // Clear some vars - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; $group_row = array(); // Grab basic data for group, if group_id is set and exists @@ -394,6 +394,15 @@ class acp_groups } } + // Validate the length of "Maximum number of allowed recipients per private message" setting. + // We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value + // which is the lowest amongst DBMSes supported by phpBB3 + if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215)))) + { + // Replace "error" string with its real, localised form + $error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error)); + } + if (!sizeof($error)) { // Only set the rank, colour, etc. if it's changed or if we're adding a new diff --git a/phpBB/includes/acp/acp_php_info.php b/phpBB/includes/acp/acp_php_info.php index 9935c0466e..0499095004 100644 --- a/phpBB/includes/acp/acp_php_info.php +++ b/phpBB/includes/acp/acp_php_info.php @@ -35,9 +35,9 @@ class acp_php_info $this->tpl_name = 'acp_php_info'; $this->page_title = 'ACP_PHP_INFO'; - + ob_start(); - @phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES | INFO_VARIABLES); + phpinfo(INFO_GENERAL | INFO_CONFIGURATION | INFO_MODULES | INFO_VARIABLES); $phpinfo = ob_get_clean(); $phpinfo = trim($phpinfo); diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index fc08c7e8e8..2288a0728b 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -1480,6 +1480,7 @@ class acp_profile case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // We are defining the biggest common value, because of the possibility to edit the min/max values of each field. $sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] "; diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 7eeb37133f..ffe20f86f5 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -315,8 +315,8 @@ class acp_prune 'mode' => $mode, 'prune' => 1, - 'users' => request_var('users', '', true), - 'username' => request_var('username', '', true), + 'users' => utf8_normalize_nfc(request_var('users', '', true)), + 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => request_var('email', ''), 'joined_select' => request_var('joined_select', ''), 'joined' => request_var('joined', ''), @@ -369,7 +369,7 @@ class acp_prune { global $user, $db; - $users = request_var('users', '', true); + $users = utf8_normalize_nfc(request_var('users', '', true)); if ($users) { @@ -378,7 +378,7 @@ class acp_prune } else { - $username = request_var('username', '', true); + $username = utf8_normalize_nfc(request_var('username', '', true)); $email = request_var('email', ''); $joined_select = request_var('joined_select', 'lt'); diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php index 8d7bc88769..dbc9fcb6cc 100644 --- a/phpBB/includes/acp/acp_reasons.php +++ b/phpBB/includes/acp/acp_reasons.php @@ -233,6 +233,7 @@ class acp_reasons // Standard? What's that? case 'mssql': case 'mssql_odbc': + case 'mssqlnative': // Change the reports using this reason to 'other' $sql = "DECLARE @ptrval binary(16) diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 3310560c73..2ccc728031 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -748,7 +748,7 @@ parse_css_file = {PARSE_CSS_FILE} $additional = ''; // If the template is stored on the filesystem try to write the file else store it in the database - if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && @is_writable($file)) + if (!$safe_mode && !$template_info['template_storedb'] && file_exists($file) && phpbb_is_writable($file)) { if (!($fp = @fopen($file, 'wb'))) { @@ -1155,7 +1155,7 @@ parse_css_file = {PARSE_CSS_FILE} $message = $user->lang['THEME_UPDATED']; // If the theme is stored on the filesystem try to write the file else store it in the database - if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && @is_writable($file)) + if (!$safe_mode && !$theme_info['theme_storedb'] && file_exists($file) && phpbb_is_writable($file)) { if (!($fp = @fopen($file, 'wb'))) { @@ -2040,23 +2040,18 @@ parse_css_file = {PARSE_CSS_FILE} { case 'tar': $ext = '.tar'; - $mimetype = 'x-tar'; - $compress = 'compress_tar'; break; case 'zip': $ext = '.zip'; - $mimetype = 'zip'; break; case 'tar.gz': $ext = '.tar.gz'; - $mimetype = 'x-gzip'; break; case 'tar.bz2': $ext = '.tar.bz2'; - $mimetype = 'x-bzip2'; break; default: @@ -2246,7 +2241,7 @@ parse_css_file = {PARSE_CSS_FILE} { // a rather elaborate check we have to do here once to avoid trouble later $check = "{$phpbb_root_path}styles/" . $style_row["{$mode}_path"] . (($mode === 'theme') ? '/theme/stylesheet.css' : '/template'); - if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !@is_writable($check))) + if (($style_row["{$mode}_storedb"] != $store_db) && !$store_db && ($safe_mode || !phpbb_is_writable($check))) { $error[] = $user->lang['EDIT_' . strtoupper($mode) . '_STORED_DB']; $store_db = 1; @@ -2326,7 +2321,7 @@ parse_css_file = {PARSE_CSS_FILE} { $theme_data = $this->db_theme_data($style_row); } - else if (!$store_db && !$safe_mode && @is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css")) + else if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['theme_path']}/theme/stylesheet.css")) { $store_db = 1; $theme_data = $style_row['theme_data']; @@ -2357,7 +2352,7 @@ parse_css_file = {PARSE_CSS_FILE} } else { - if (!$store_db && !$safe_mode && @is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template")) + if (!$store_db && !$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$style_row['template_path']}/template")) { $err = $this->store_in_fs('template', $style_row['template_id']); if ($err) @@ -2531,13 +2526,21 @@ parse_css_file = {PARSE_CSS_FILE} // Match CSS imports $matches = array(); - preg_match_all('/@import url\(["\'](.*)["\']\);/i', $stylesheet, $matches); + preg_match_all('/@import url\((["\'])(.*)\1\);/i', $stylesheet, $matches); + + // remove commented stylesheets (very simple parser, allows only whitespace + // around an @import statement) + preg_match_all('#/\*\s*@import url\((["\'])(.*)\1\);\s\*/#i', $stylesheet, $commented); + $matches[2] = array_diff($matches[2], $commented[2]); if (sizeof($matches)) { foreach ($matches[0] as $idx => $match) { - $stylesheet = str_replace($match, acp_styles::load_css_file($theme_row['theme_path'], $matches[1][$idx]), $stylesheet); + if (isset($matches[2][$idx])) + { + $stylesheet = str_replace($match, acp_styles::load_css_file($theme_row['theme_path'], $matches[2][$idx]), $stylesheet); + } } } @@ -3728,7 +3731,7 @@ parse_css_file = {PARSE_CSS_FILE} $store_db = 0; $error = array(); - if (!$safe_mode && @is_writable("{$phpbb_root_path}styles/{$path}/template")) + if (!$safe_mode && phpbb_is_writable("{$phpbb_root_path}styles/{$path}/template")) { $sql = 'SELECT * FROM ' . STYLES_TEMPLATE_DATA_TABLE . " diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 4905840e02..6be0760be0 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -105,7 +105,7 @@ class acp_users LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id) WHERE u.user_id = ' . $user_id . ' ORDER BY s.session_time DESC'; - $result = $db->sql_query($sql); + $result = $db->sql_query_limit($sql, 1); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -191,24 +191,31 @@ class acp_users trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - if (confirm_box(true)) + if ($delete_type) { - user_delete($delete_type, $user_id, $user_row['username']); + if (confirm_box(true)) + { + user_delete($delete_type, $user_id, $user_row['username']); - add_log('admin', 'LOG_USER_DELETED', $user_row['username']); - trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action)); + add_log('admin', 'LOG_USER_DELETED', $user_row['username']); + trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action)); + } + else + { + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'u' => $user_id, + 'i' => $id, + 'mode' => $mode, + 'action' => $action, + 'update' => true, + 'delete' => 1, + 'delete_type' => $delete_type)) + ); + } } else { - confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( - 'u' => $user_id, - 'i' => $id, - 'mode' => $mode, - 'action' => $action, - 'update' => true, - 'delete' => 1, - 'delete_type' => $delete_type)) - ); + trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } } @@ -224,6 +231,11 @@ class acp_users trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_id == ANONYMOUS) + { + trigger_error($user->lang['CANNOT_BAN_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + if ($user_row['user_type'] == USER_FOUNDER) { trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); @@ -307,10 +319,7 @@ class acp_users $server_url = generate_board_url(); - $user_actkey = gen_rand_string(10); - $key_len = 54 - (strlen($server_url)); - $key_len = ($key_len > 6) ? $key_len : 6; - $user_actkey = substr($user_actkey, 0, $key_len); + $user_actkey = gen_rand_string(mt_rand(6, 10)); $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive'; if ($user_row['user_type'] == USER_NORMAL) @@ -1550,6 +1559,31 @@ class acp_users WHERE user_id = $user_id"; $db->sql_query($sql); + // Check if user has an active session + if ($user_row['session_id']) + { + // We'll update the session if user_allow_viewonline has changed and the user is a bot + // Or if it's a regular user and the admin set it to hide the session + if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE + || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline']) + { + // We also need to check if the user has the permission to cloak. + $user_auth = new auth(); + $user_auth->acl($user_row); + + $session_sql_ary = array( + 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true, + ); + + $sql = 'UPDATE ' . SESSIONS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . " + WHERE session_user_id = $user_id"; + $db->sql_query($sql); + + unset($user_auth); + } + } + trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id)); } @@ -1664,7 +1698,7 @@ class acp_users include($phpbb_root_path . 'includes/functions_display.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx); - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; if ($submit) { @@ -1674,7 +1708,7 @@ class acp_users trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - if (avatar_process_user($error, $user_row)) + if (avatar_process_user($error, $user_row, $can_upload)) { trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_row['user_id'])); } @@ -2084,7 +2118,7 @@ class acp_users LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id) WHERE u.user_id = ' . $user_id . ' ORDER BY s.session_time DESC'; - $result = $db->sql_query($sql); + $result = $db->sql_query_limit($sql, 1); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); } diff --git a/phpBB/includes/acp/info/acp_board.php b/phpBB/includes/acp/info/acp_board.php index 58b650650c..3e18f55940 100644 --- a/phpBB/includes/acp/info/acp_board.php +++ b/phpBB/includes/acp/info/acp_board.php @@ -24,7 +24,7 @@ class acp_board_info 'features' => array('title' => 'ACP_BOARD_FEATURES', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION')), 'avatar' => array('title' => 'ACP_AVATAR_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION')), 'message' => array('title' => 'ACP_MESSAGE_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION', 'ACP_MESSAGES')), - 'post' => array('title' => 'ACP_POST_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION')), + 'post' => array('title' => 'ACP_POST_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION', 'ACP_MESSAGES')), 'signature' => array('title' => 'ACP_SIGNATURE_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION')), 'feed' => array('title' => 'ACP_FEED_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION')), 'registration' => array('title' => 'ACP_REGISTER_SETTINGS', 'auth' => 'acl_a_board', 'cat' => array('ACP_BOARD_CONFIGURATION')), |