aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_board.php2
-rw-r--r--phpBB/includes/acp/acp_email.php5
-rw-r--r--phpBB/includes/acp/acp_forums.php8
-rw-r--r--phpBB/includes/acp/acp_ranks.php2
-rw-r--r--phpBB/includes/acp/acp_update.php2
-rw-r--r--phpBB/includes/acp/acp_users.php2
-rw-r--r--phpBB/includes/auth/auth_db.php11
-rw-r--r--phpBB/includes/db/db_tools.php175
-rw-r--r--phpBB/includes/db/mysqli.php8
-rw-r--r--phpBB/includes/functions_admin.php13
-rw-r--r--phpBB/includes/functions_display.php22
-rw-r--r--phpBB/includes/functions_install.php57
-rw-r--r--phpBB/includes/mcp/mcp_main.php17
-rw-r--r--phpBB/includes/mcp/mcp_post.php2
-rw-r--r--phpBB/includes/mcp/mcp_topic.php4
-rw-r--r--phpBB/includes/startup.php4
-rw-r--r--phpBB/includes/ucp/ucp_groups.php52
17 files changed, 198 insertions, 188 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index d8ab42ed2d..3ed5f40368 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -188,7 +188,7 @@ class acp_board
'hot_threshold' => array('lang' => 'HOT_THRESHOLD', 'validate' => 'int:0', 'type' => 'text:3:4', 'explain' => true),
'max_poll_options' => array('lang' => 'MAX_POLL_OPTIONS', 'validate' => 'int:2:127', 'type' => 'text:4:4', 'explain' => false),
'max_post_chars' => array('lang' => 'CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
- 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:6', 'explain' => true),
+ 'min_post_chars' => array('lang' => 'MIN_CHAR_LIMIT', 'validate' => 'int:1', 'type' => 'text:4:6', 'explain' => true),
'max_post_smilies' => array('lang' => 'SMILIES_LIMIT', 'validate' => 'int:0', 'type' => 'text:4:4', 'explain' => true),
'max_post_urls' => array('lang' => 'MAX_POST_URLS', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true),
'max_post_font_size' => array('lang' => 'MAX_POST_FONT_SIZE', 'validate' => 'int:0', 'type' => 'text:5:4', 'explain' => true, 'append' => ' %'),
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index 133fe47e09..e98b7a19a5 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -136,8 +136,9 @@ class acp_email
$i = $j = 0;
- // Send with BCC, no more than 50 recipients for one mail (to not exceed the limit)
- $max_chunk_size = 50;
+ // Send with BCC
+ // Maximum number of bcc recipients
+ $max_chunk_size = (int) $config['email_max_chunk_size'];
$email_list = array();
$old_lang = $row['user_lang'];
$old_notify_type = $row['user_notify_type'];
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php
index 27bec3f1ea..50e12a0f15 100644
--- a/phpBB/includes/acp/acp_forums.php
+++ b/phpBB/includes/acp/acp_forums.php
@@ -212,15 +212,11 @@ class acp_forums
$message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED'];
- // Redirect to permissions
- if ($auth->acl_get('a_fauth') && !$copied_permissions)
- {
- $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>');
- }
-
// redirect directly to permission settings screen if authed
if ($action == 'add' && !$copied_permissions && $auth->acl_get('a_fauth'))
{
+ $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url) . '">', '</a>');
+
meta_refresh(4, append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions' . $acl_url));
}
diff --git a/phpBB/includes/acp/acp_ranks.php b/phpBB/includes/acp/acp_ranks.php
index fcfef2a61e..dfd7511427 100644
--- a/phpBB/includes/acp/acp_ranks.php
+++ b/phpBB/includes/acp/acp_ranks.php
@@ -199,7 +199,7 @@ class acp_ranks
'RANK_TITLE' => (isset($ranks['rank_title'])) ? $ranks['rank_title'] : '',
'S_FILENAME_LIST' => $filename_list,
'RANK_IMAGE' => ($edit_img) ? $phpbb_root_path . $config['ranks_path'] . '/' . $edit_img : $phpbb_admin_path . 'images/spacer.gif',
- 'S_SPECIAL_RANK' => (!isset($ranks['rank_special']) || $ranks['rank_special']) ? true : false,
+ 'S_SPECIAL_RANK' => (isset($ranks['rank_special']) && $ranks['rank_special']) ? true : false,
'MIN_POSTS' => (isset($ranks['rank_min']) && !$ranks['rank_special']) ? $ranks['rank_min'] : 0)
);
diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php
index 931fa53165..7e3d1a1024 100644
--- a/phpBB/includes/acp/acp_update.php
+++ b/phpBB/includes/acp/acp_update.php
@@ -37,7 +37,7 @@ class acp_update
$errstr = '';
$errno = 0;
- $info = obtain_latest_version_info(request_var('versioncheck_force', false), true);
+ $info = obtain_latest_version_info(request_var('versioncheck_force', false));
if ($info === false)
{
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 789003e31b..abf1481000 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -818,7 +818,7 @@ class acp_users
// Which updates do we need to do?
$update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
- $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
+ $update_password = ($data['new_password'] && !phpbb_check_hash($data['new_password'], $user_row['user_password'])) ? true : false;
$update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
if (!sizeof($error))
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php
index 6ca69d9174..c20196d019 100644
--- a/phpBB/includes/auth/auth_db.php
+++ b/phpBB/includes/auth/auth_db.php
@@ -107,6 +107,15 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
if (!$row)
{
+ if ($config['ip_login_limit_max'] && $attempts >= $config['ip_login_limit_max'])
+ {
+ return array(
+ 'status' => LOGIN_ERROR_ATTEMPTS,
+ 'error_msg' => 'LOGIN_ERROR_ATTEMPTS',
+ 'user_row' => array('user_id' => ANONYMOUS),
+ );
+ }
+
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
@@ -264,4 +273,4 @@ function login_db($username, $password, $ip = '', $browser = '', $forwarded_for
);
}
-?> \ No newline at end of file
+?>
diff --git a/phpBB/includes/db/db_tools.php b/phpBB/includes/db/db_tools.php
index 10ca6c0a1f..2cba11133a 100644
--- a/phpBB/includes/db/db_tools.php
+++ b/phpBB/includes/db/db_tools.php
@@ -348,6 +348,66 @@ class phpbb_db_tools
}
/**
+ * Gets a list of tables in the database.
+ *
+ * @return array Array of table names (all lower case)
+ */
+ function sql_list_tables()
+ {
+ switch ($this->db->sql_layer)
+ {
+ case 'mysql':
+ case 'mysql4':
+ case 'mysqli':
+ $sql = 'SHOW TABLES';
+ break;
+
+ case 'sqlite':
+ $sql = 'SELECT name
+ FROM sqlite_master
+ WHERE type = "table"';
+ break;
+
+ case 'mssql':
+ case 'mssql_odbc':
+ case 'mssqlnative':
+ $sql = "SELECT name
+ FROM sysobjects
+ WHERE type='U'";
+ break;
+
+ case 'postgres':
+ $sql = 'SELECT relname
+ FROM pg_stat_user_tables';
+ break;
+
+ case 'firebird':
+ $sql = 'SELECT rdb$relation_name
+ FROM rdb$relations
+ WHERE rdb$view_source is null
+ AND rdb$system_flag = 0';
+ break;
+
+ case 'oracle':
+ $sql = 'SELECT table_name
+ FROM USER_TABLES';
+ break;
+ }
+
+ $result = $this->db->sql_query($sql);
+
+ $tables = array();
+ while ($row = $this->db->sql_fetchrow($result))
+ {
+ $name = current($row);
+ $tables[$name] = $name;
+ }
+ $this->db->sql_freeresult($result);
+
+ return $tables;
+ }
+
+ /**
* Check if table exists
*
*
@@ -1011,34 +1071,21 @@ class phpbb_db_tools
}
/**
- * Check if a specified column exist
+ * Gets a list of columns of a table.
*
- * @param string $table Table to check the column at
- * @param string $column_name The column to check
+ * @param string $table Table name
*
- * @return bool True if column exists, else false
+ * @return array Array of column names (all lower case)
*/
- function sql_column_exists($table, $column_name)
+ function sql_list_columns($table)
{
+ $columns = array();
+
switch ($this->sql_layer)
{
case 'mysql_40':
case 'mysql_41':
-
$sql = "SHOW COLUMNS FROM $table";
- $result = $this->db->sql_query($sql);
-
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['Field']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
// PostgreSQL has a way of doing this in a much simpler way but would
@@ -1049,19 +1096,6 @@ class phpbb_db_tools
WHERE c.relname = '{$table}'
AND a.attnum > 0
AND a.attrelid = c.oid";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['attname']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
-
- return false;
break;
// same deal with PostgreSQL, we must perform more complex operations than
@@ -1072,62 +1106,26 @@ class phpbb_db_tools
FROM syscolumns c
LEFT JOIN sysobjects o ON c.id = o.id
WHERE o.name = '{$table}'";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['name']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
case 'oracle':
$sql = "SELECT column_name
FROM user_tab_columns
WHERE LOWER(table_name) = '" . strtolower($table) . "'";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['column_name']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
case 'firebird':
$sql = "SELECT RDB\$FIELD_NAME as FNAME
FROM RDB\$RELATION_FIELDS
WHERE RDB\$RELATION_NAME = '" . strtoupper($table) . "'";
- $result = $this->db->sql_query($sql);
- while ($row = $this->db->sql_fetchrow($result))
- {
- // lower case just in case
- if (strtolower($row['fname']) == $column_name)
- {
- $this->db->sql_freeresult($result);
- return true;
- }
- }
- $this->db->sql_freeresult($result);
- return false;
break;
- // ugh, SQLite
case 'sqlite':
$sql = "SELECT sql
FROM sqlite_master
WHERE type = 'table'
AND name = '{$table}'";
+
$result = $this->db->sql_query($sql);
if (!$result)
@@ -1151,14 +1149,39 @@ class phpbb_db_tools
continue;
}
- if (strtolower($entities[0]) == $column_name)
- {
- return true;
- }
+ $column = strtolower($entities[0]);
+ $columns[$column] = $column;
}
- return false;
+
+ return $columns;
break;
}
+
+ $result = $this->db->sql_query($sql);
+
+ while ($row = $this->db->sql_fetchrow($result))
+ {
+ $column = strtolower(current($row));
+ $columns[$column] = $column;
+ }
+ $this->db->sql_freeresult($result);
+
+ return $columns;
+ }
+
+ /**
+ * Check whether a specified column exist in a table
+ *
+ * @param string $table Table to check
+ * @param string $column_name Column to check
+ *
+ * @return bool True if column exists, false otherwise
+ */
+ function sql_column_exists($table, $column_name)
+ {
+ $columns = $this->sql_list_columns($table);
+
+ return isset($columns[$column_name]);
}
/**
@@ -2092,7 +2115,7 @@ class phpbb_db_tools
case 'mysql_40':
case 'mysql_41':
- $statements[] = 'CREATE UNIQUE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')';
+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD UNIQUE INDEX (' . implode(', ', $column) . ')';
break;
case 'mssql':
@@ -2145,7 +2168,7 @@ class phpbb_db_tools
}
// no break
case 'mysql_41':
- $statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')';
+ $statements[] = 'ALTER TABLE ' . $table_name . ' ADD INDEX ' . $index_name . '(' . implode(', ', $column) . ')';
break;
case 'mssql':
diff --git a/phpBB/includes/db/mysqli.php b/phpBB/includes/db/mysqli.php
index 46c2f9210b..456ce906d0 100644
--- a/phpBB/includes/db/mysqli.php
+++ b/phpBB/includes/db/mysqli.php
@@ -249,7 +249,13 @@ class dbal_mysqli extends dbal
return $cache->sql_fetchrow($query_id);
}
- return ($query_id !== false) ? @mysqli_fetch_assoc($query_id) : false;
+ if ($query_id !== false)
+ {
+ $result = @mysqli_fetch_assoc($query_id);
+ return $result !== null ? $result : false;
+ }
+
+ return false;
}
/**
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index f7e19f3e7d..513b7a68b2 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -3130,7 +3130,7 @@ function get_database_size()
/**
* Retrieve contents from remotely stored file
*/
-function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 10)
+function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6)
{
global $user;
@@ -3140,6 +3140,9 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
@fputs($fsock, "HOST: $host\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
+ $timer_stop = time() + $timeout;
+ stream_set_timeout($fsock, $timeout);
+
$file_info = '';
$get_info = false;
@@ -3162,6 +3165,14 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
return false;
}
}
+
+ $stream_meta_data = stream_get_meta_data($fsock);
+
+ if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
+ {
+ $errstr = $user->lang['FSOCK_TIMEOUT'];
+ return false;
+ }
}
@fclose($fsock);
}
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php
index 86eabc419c..ee7048638d 100644
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@@ -465,6 +465,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
'S_NO_CAT' => $catless && !$last_catless,
'S_IS_LINK' => ($row['forum_type'] == FORUM_LINK) ? true : false,
'S_UNREAD_FORUM' => $forum_unread,
+ 'S_AUTH_READ' => $auth->acl_get('f_read', $row['forum_id']),
'S_LOCKED_FORUM' => ($row['forum_status'] == ITEM_LOCKED) ? true : false,
'S_LIST_SUBFORUMS' => ($row['display_subforum_list']) ? true : false,
'S_SUBFORUMS' => (sizeof($subforums_list)) ? true : false,
@@ -1083,6 +1084,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$match_id = ($mode == 'forum') ? $forum_id : $topic_id;
$u_url = "uid={$user->data['user_id']}";
$u_url .= ($mode == 'forum') ? '&amp;f' : '&amp;f=' . $forum_id . '&amp;t';
+ $is_watching = 0;
// Is user watching this thread?
if ($user_id != ANONYMOUS)
@@ -1109,9 +1111,9 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$uid = request_var('uid', 0);
$token = request_var('hash', '');
- if (($token && check_link_hash($token, "{$mode}_$match_id")) || confirm_box(true))
+ if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true))
{
- if (($uid != $user_id) || ($_GET['unwatch'] != $mode))
+ if ($uid != $user_id || $_GET['unwatch'] != $mode)
{
$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
$message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
@@ -1124,7 +1126,8 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$db->sql_query($sql);
$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
- $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
+ $message = $user->lang['NOT_WATCHING_' . strtoupper($mode)] . '<br /><br />';
+ $message .= sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
meta_refresh(3, $redirect_url);
trigger_error($message);
}
@@ -1141,7 +1144,14 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$s_hidden_fields['t'] = $topic_id;
}
- $confirm_box_message = (($item_title == '') ? 'UNWATCH_' . strtoupper($mode) : $user->lang('UNWATCH_' . strtoupper($mode) . '_DETAILED', $item_title));
+ if ($item_title == '')
+ {
+ $confirm_box_message = 'UNWATCH_' . strtoupper($mode);
+ }
+ else
+ {
+ $confirm_box_message = $user->lang('UNWATCH_' . strtoupper($mode) . '_DETAILED', $item_title);
+ }
confirm_box(false, $confirm_box_message, build_hidden_fields($s_hidden_fields));
}
}
@@ -1166,9 +1176,9 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
$uid = request_var('uid', 0);
$token = request_var('hash', '');
- if (($token && check_link_hash($token, "{$mode}_$match_id")) || confirm_box(true))
+ if ($token && check_link_hash($token, "{$mode}_$match_id") || confirm_box(true))
{
- if (($uid != $user_id) || ($_GET['watch'] != $mode))
+ if ($uid != $user_id || $_GET['watch'] != $mode)
{
$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
$message = $user->lang['ERR_WATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
diff --git a/phpBB/includes/functions_install.php b/phpBB/includes/functions_install.php
index 992e8d6bb0..2c640e0999 100644
--- a/phpBB/includes/functions_install.php
+++ b/phpBB/includes/functions_install.php
@@ -211,61 +211,20 @@ function dbms_select($default = '', $only_20x_options = false)
/**
* Get tables of a database
+*
+* @deprecated
*/
-function get_tables($db)
+function get_tables(&$db)
{
- switch ($db->sql_layer)
- {
- case 'mysql':
- case 'mysql4':
- case 'mysqli':
- $sql = 'SHOW TABLES';
- break;
-
- case 'sqlite':
- $sql = 'SELECT name
- FROM sqlite_master
- WHERE type = "table"';
- break;
-
- case 'mssql':
- case 'mssql_odbc':
- case 'mssqlnative':
- $sql = "SELECT name
- FROM sysobjects
- WHERE type='U'";
- break;
-
- case 'postgres':
- $sql = 'SELECT relname
- FROM pg_stat_user_tables';
- break;
-
- case 'firebird':
- $sql = 'SELECT rdb$relation_name
- FROM rdb$relations
- WHERE rdb$view_source is null
- AND rdb$system_flag = 0';
- break;
-
- case 'oracle':
- $sql = 'SELECT table_name
- FROM USER_TABLES';
- break;
- }
-
- $result = $db->sql_query($sql);
-
- $tables = array();
-
- while ($row = $db->sql_fetchrow($result))
+ if (!class_exists('phpbb_db_tools'))
{
- $tables[] = current($row);
+ global $phpbb_root_path, $phpEx;
+ require($phpbb_root_path . 'includes/db/db_tools.' . $phpEx);
}
- $db->sql_freeresult($result);
+ $db_tools = new phpbb_db_tools($db);
- return $tables;
+ return $db_tools->sql_list_tables();
}
/**
diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index ad10a52705..ffede11d37 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -286,14 +286,6 @@ function change_topic_type($action, $topic_ids)
{
global $auth, $user, $db, $phpEx, $phpbb_root_path;
- // For changing topic types, we only allow operations in one forum.
- $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('f_announce', 'f_sticky', 'm_'), true);
-
- if ($forum_id === false)
- {
- return;
- }
-
switch ($action)
{
case 'make_announce':
@@ -316,11 +308,18 @@ function change_topic_type($action, $topic_ids)
default:
$new_topic_type = POST_NORMAL;
- $check_acl = '';
+ $check_acl = false;
$l_new_type = (sizeof($topic_ids) == 1) ? 'MCP_MAKE_NORMAL' : 'MCP_MAKE_NORMALS';
break;
}
+ $forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', $check_acl, true);
+
+ if ($forum_id === false)
+ {
+ return;
+ }
+
$redirect = request_var('redirect', build_url(array('action', 'quickmod')));
$s_hidden_fields = array(
diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php
index de7f3e63ee..ba45037a18 100644
--- a/phpBB/includes/mcp/mcp_post.php
+++ b/phpBB/includes/mcp/mcp_post.php
@@ -246,7 +246,7 @@ function mcp_post_details($id, $mode, $action)
}
// Get Reports
- if ($auth->acl_get('m_', $post_info['forum_id']))
+ if ($auth->acl_get('m_report', $post_info['forum_id']))
{
$sql = 'SELECT r.*, re.*, u.user_id, u.username
FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u, ' . REPORTS_REASONS_TABLE . " re
diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php
index 76cd9beb92..d7cc1e795a 100644
--- a/phpBB/includes/mcp/mcp_topic.php
+++ b/phpBB/includes/mcp/mcp_topic.php
@@ -239,8 +239,8 @@ function mcp_topic_view($id, $mode, $action)
'MINI_POST_IMG' => ($post_unread) ? $user->img('icon_post_target_unread', 'UNREAD_POST') : $user->img('icon_post_target', 'POST'),
- 'S_POST_REPORTED' => ($row['post_reported']) ? true : false,
- 'S_POST_UNAPPROVED' => ($row['post_approved']) ? false : true,
+ 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_report', $topic_info['forum_id'])),
+ 'S_POST_UNAPPROVED' => (!$row['post_approved'] && $auth->acl_get('m_approve', $topic_info['forum_id'])),
'S_CHECKED' => (($submitted_id_list && !in_array(intval($row['post_id']), $submitted_id_list)) || in_array(intval($row['post_id']), $checked_ids)) ? true : false,
'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? true : false,
diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php
index ca9665da29..bbe2f127f1 100644
--- a/phpBB/includes/startup.php
+++ b/phpBB/includes/startup.php
@@ -97,8 +97,8 @@ function deregister_globals()
unset($input);
}
-// If we are on PHP >= 6.0.0 we do not need some code
-if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
+// Register globals and magic quotes have been dropped in PHP 5.4
+if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
{
/**
* @ignore
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index 1c055a4823..d62dbb1866 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -193,47 +193,43 @@ class ucp_groups
if ($group_row[$group_id]['group_type'] == GROUP_FREE)
{
group_user_add($group_id, $user->data['user_id']);
-
- $email_template = 'group_added';
}
else
{
group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
- $email_template = 'group_request';
- }
+ include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+ $messenger = new messenger();
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
- $messenger = new messenger();
+ $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang
+ FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u
+ WHERE ug.user_id = u.user_id
+ AND ug.group_leader = 1
+ AND ug.group_id = $group_id";
+ $result = $db->sql_query($sql);
- $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang
- FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
- WHERE ug.user_id = u.user_id
- AND ' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . "
- AND ug.group_id = $group_id";
- $result = $db->sql_query($sql);
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $messenger->template('group_request', $row['user_lang']);
- while ($row = $db->sql_fetchrow($result))
- {
- $messenger->template($email_template, $row['user_lang']);
+ $messenger->to($row['user_email'], $row['username']);
+ $messenger->im($row['user_jabber'], $row['username']);
- $messenger->to($row['user_email'], $row['username']);
- $messenger->im($row['user_jabber'], $row['username']);
+ $messenger->assign_vars(array(
+ 'USERNAME' => htmlspecialchars_decode($row['username']),
+ 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']),
+ 'REQUEST_USERNAME' => $user->data['username'],
- $messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($row['username']),
- 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']),
- 'REQUEST_USERNAME' => $user->data['username'],
+ 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id",
+ 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")
+ );
- 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id",
- 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")
- );
+ $messenger->send($row['user_notify_type']);
+ }
+ $db->sql_freeresult($result);
- $messenger->send($row['user_notify_type']);
+ $messenger->save_queue();
}
- $db->sql_freeresult($result);
-
- $messenger->save_queue();
add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']);
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-17 02:44:54 +0000