diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/functions.php | 26 | ||||
| -rw-r--r-- | phpBB/includes/functions_admin.php | 139 | ||||
| -rw-r--r-- | phpBB/includes/page_header.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/template.php | 16 |
5 files changed, 102 insertions, 85 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 50d495f6b8..8e80b1de8d 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -671,16 +671,22 @@ function redirect($url) $db->sql_close(); } - $protocol = ($config['cookie_secure']) ? 'https://' : 'http://'; - $server = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($config['server_name'])); - $path = preg_replace('/^\/?(.*?)\/?$/', '/\1', trim($config['script_path'])); - $port = ($config['server_port'] <> 80) ? ':' . trim($config['server_port']) . '/' : '/'; + $server_protocol = ($config['cookie_secure']) ? 'https://' : 'http://'; + $server_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($config['server_name'])); + $server_port = ($config['server_port'] <> 80) ? ':' . trim($config['server_port']) . '/' : '/'; + $script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($config['script_path'])); + $url = preg_replace('/^\/?(.*?)\/?$/', '/\1', trim($url)); + // Redirect via an HTML form for PITA webservers if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) { - header('HTTP/1.0 302 Redirect'); + header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url); + echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>'; + exit; } - header('Location: ' . $protocol . $server . $path . $port . $url); + + // Behave as per HTTP/1.1 spec for others + header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url); exit; } @@ -691,7 +697,7 @@ function validate_username($username) { global $db, $user; - $username = sql_quote($username); + $username = $db->sql_escape($username); $sql = "SELECT username FROM " . USERS_TABLE . " @@ -719,7 +725,7 @@ function validate_username($username) while ($row = $db->sql_fetchrow($result)) { - if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['disallow_username'])) . ')\b#i', $username)) + if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['disallow_username'], '#')) . ')\b#i', $username)) { return $user->lang['Username_disallowed']; } @@ -731,7 +737,7 @@ function validate_username($username) while ($row = $db->sql_fetchrow($result)) { - if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['word'])) . ')\b#i', $username)) + if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . ')\b#i', $username)) { return $user->lang['Username_disallowed']; } @@ -761,7 +767,7 @@ function validate_email($email) while ($row = $db->sql_fetchrow($result)) { - if (preg_match('/^' . str_replace('*', '.*?', $row['ban_email']) . '$/is', $email)) + if (preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#is', $email)) { return $user->lang['Email_banned']; } diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 3b95658404..c2136d4671 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -170,31 +170,35 @@ function sync($type, $id) return true; } -function prune($forum_id, $prune_date) +function prune($forum_id, $prune_date, $sql_topics = '') { global $db, $lang, $phpEx, $phpbb_root_path; - // Those without polls ... - $sql = "SELECT t.topic_id - FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t - WHERE t.forum_id = $forum_id - AND t.topic_vote = 0 - AND t.topic_type <> " . POST_ANNOUNCE . " - AND ( p.post_id = t.topic_last_post_id - OR t.topic_last_post_id = 0 )"; - if ( $prune_date != '' ) + if ($sql_topics = '') { - $sql .= " AND p.post_time < $prune_date"; - } - $result = $db->sql_query($sql); + // Those without polls ... + $sql = "SELECT t.topic_id + FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t + WHERE t.forum_id = $forum_id + AND t.topic_vote = 0 + AND t.topic_type <> " . POST_ANNOUNCE . " + AND (p.post_id = t.topic_last_post_id + OR t.topic_last_post_id = 0)"; + if ($prune_date != '') + { + $sql .= " AND p.post_time < $prune_date"; + } + $result = $db->sql_query($sql); - $sql_topics = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - $sql_topics .= ( ( $sql_topics != '' ) ? ', ' : '' ) . $row['topic_id']; + $sql_topics = ''; + while ($row = $db->sql_fetchrow($result)) + { + $sql_topics .= (($sql_topics != '') ? ', ' : '') . $row['topic_id']; + } + $db->sql_freeresult($result); } - if ( $sql_topics != '' ) + if ($sql_topics != '') { $sql = "SELECT post_id FROM " . POSTS_TABLE . " @@ -202,16 +206,20 @@ function prune($forum_id, $prune_date) AND topic_id IN ($sql_topics)"; $result = $db->sql_query($sql); - $sql_post = ''; - while ( $row = $db->sql_fetchrow($result) ) + $sql_posts = ''; + while ($row = $db->sql_fetchrow($result)) { - $sql_post .= ( ( $sql_post != '' ) ? ', ' : '' ) . $row['post_id']; + $sql_posts .= (($sql_posts != '') ? ', ' : '') . $row['post_id']; } - if ( $sql_post != '' ) + if ($sql_post != '') { $db->sql_transaction(); + $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " + WHERE topic_id IN ($sql_topics)"; + $db->sql_query($sql); + $sql = "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id IN ($sql_topics)"; $db->sql_query($sql); @@ -219,20 +227,20 @@ function prune($forum_id, $prune_date) $pruned_topics = $db->sql_affectedrows(); $sql = "DELETE FROM " . POSTS_TABLE . " - WHERE post_id IN ($sql_post)"; + WHERE post_id IN ($sql_posts)"; $db->sql_query($sql); $pruned_posts = $db->sql_affectedrows(); $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " - WHERE post_id IN ($sql_post)"; + WHERE post_id IN ($sql_posts)"; $db->sql_query($sql); $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " - WHERE post_id IN ($sql_post)"; + WHERE post_id IN ($sql_posts)"; $db->sql_query($sql); - remove_search_post($sql_post); + sync('forum', $forum_id); $db->sql_transaction('commit'); @@ -254,15 +262,14 @@ function auto_prune($forum_id = 0) WHERE forum_id = $forum_id"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { - if ( $row['prune_freq'] && $row['prune_days'] ) + if ($row['prune_freq'] && $row['prune_days']) { - $prune_date = time() - ( $row['prune_days'] * 86400 ); - $next_prune = time() + ( $row['prune_freq'] * 86400 ); + $prune_date = time() - ($row['prune_days'] * 86400); + $next_prune = time() + ($row['prune_freq'] * 86400); prune($forum_id, $prune_date); - sync('forum', $forum_id); $sql = "UPDATE " . FORUMS_TABLE . " SET prune_next = $next_prune @@ -287,17 +294,17 @@ function remove_comments(&$output) $in_comment = false; for($i = 0; $i < $linecount; $i++) { - if ( preg_match('/^\/\*/', preg_quote($lines[$i])) ) + if (preg_match('/^\/\*/', preg_quote($lines[$i]))) { $in_comment = true; } - if ( !$in_comment ) + if (!$in_comment) { $output .= $lines[$i] . "\n"; } - if ( preg_match('/\*\/$/', preg_quote($lines[$i])) ) + if (preg_match('/\*\/$/', preg_quote($lines[$i]))) { $in_comment = false; } @@ -320,9 +327,9 @@ function remove_remarks($sql) for ($i = 0; $i < $linecount; $i++) { - if ( $i != $linecount - 1 || strlen($lines[$i]) > 0 ) + if ($i != $linecount - 1 || strlen($lines[$i]) > 0) { - $output .= ( $lines[$i][0] != '#' ) ? $lines[$i] . "\n" : "\n"; + $output .= ($lines[$i][0] != '#') ? $lines[$i] . "\n" : "\n"; // Trading a bit of speed for lower mem. use here. $lines[$i] = ''; } @@ -351,7 +358,7 @@ function split_sql_file($sql, $delimiter) for ($i = 0; $i < $token_count; $i++) { // Don't wanna add an empty string as the last thing in the array. - if ( $i != $token_count - 1 || strlen($tokens[$i] > 0) ) + if ($i != $token_count - 1 || strlen($tokens[$i] > 0)) { // This is the total number of single quotes in the token. $total_quotes = preg_match_all("/'/", $tokens[$i], $matches); @@ -362,7 +369,7 @@ function split_sql_file($sql, $delimiter) $unescaped_quotes = $total_quotes - $escaped_quotes; // If the number of unescaped quotes is even, then the delimiter did NOT occur inside a string literal. - if ( !($unescaped_quotes % 2) ) + if (!($unescaped_quotes % 2)) { // It's a complete sql statement. $output[] = $tokens[$i]; @@ -390,7 +397,7 @@ function split_sql_file($sql, $delimiter) $unescaped_quotes = $total_quotes - $escaped_quotes; - if ( ($unescaped_quotes % 2) == 1 ) + if (($unescaped_quotes % 2) == 1) { // odd number of unescaped quotes. In combination with the previous incomplete // statement(s), we now have a complete statement. (2 odds always make an even) @@ -426,7 +433,7 @@ function config_config($config = false) { global $db, $phpbb_root_path, $phpEx; - if ( !$config ) + if (!$config) { $config = array(); @@ -444,7 +451,7 @@ function config_config($config = false) $cache_str = "\$config = array(\n"; foreach ($config as $config_name => $config_value) { - $cache_str .= "\t'$config_name' => " . ( ( is_numeric($config_value) ) ? $config_value : '"' . addslashes($config_value) . '"' ) . ",\n"; + $cache_str .= "\t'$config_name' => " . ((is_numeric($config_value)) ? $config_value : '"' . addslashes($config_value) . '"') . ",\n"; } $cache_str .= ");"; @@ -586,7 +593,7 @@ class auth_admin extends auth foreach ($auth as $auth_value => $allow) { $flag = substr($auth_value, 0, strpos($auth_value, '_') + 1); - if ( empty($auth[$flag]) ) + if (empty($auth[$flag])) { $auth[$flag] = $allow; } @@ -603,35 +610,35 @@ class auth_admin extends auth $db->sql_freeresult($result); // One or more forums - if ( !is_array($forum_id) ) + if (!is_array($forum_id)) { $forum_id = array($forum_id); } // NOTE THIS USED TO BE IN ($forum_id, 0) ... $forum_sql = 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')'; - $sql = ( $mode == 'user' ) ? "SELECT o.auth_option_id, o.auth_value, a.forum_id, a.auth_allow_deny FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.user_id = $ug_id" :"SELECT o.auth_option_id, o.auth_value, a.forum_id, a.auth_allow_deny FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.group_id = $ug_id"; + $sql = ($mode == 'user') ? "SELECT o.auth_option_id, o.auth_value, a.forum_id, a.auth_allow_deny FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.user_id = $ug_id" :"SELECT o.auth_option_id, o.auth_value, a.forum_id, a.auth_allow_deny FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE a.auth_option_id = o.auth_option_id $forum_sql AND a.group_id = $ug_id"; $result = $db->sql_query($sql); $cur_auth = array(); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $cur_auth[$row['forum_id']][$row['auth_option_id']] = $row['auth_allow_deny']; } $db->sql_freeresult($result); - $table = ( $mode == 'user' ) ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; + $table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; $id_field = $mode . '_id'; - foreach ( $forum_id as $forum) + foreach ($forum_id as $forum) { - foreach ( $auth as $auth_value => $allow ) + foreach ($auth as $auth_value => $allow) { $auth_option_id = $option_ids[$auth_value]; - if ( !empty($cur_auth[$forum]) ) + if (!empty($cur_auth[$forum])) { - $sql_ary[] = ( !isset($cur_auth[$forum][$auth_option_id]) ) ? "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_allow_deny) VALUES ($ug_id, $forum, $auth_option_id, $allow)" : ( ( $cur_auth[$forum][$auth_option_id] != $allow ) ? "UPDATE " . $table . " SET auth_allow_deny = $allow WHERE $id_field = $ug_id AND forum_id = $forum AND auth_option_id = $auth_option_id" : '' ); + $sql_ary[] = (!isset($cur_auth[$forum][$auth_option_id])) ? "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_allow_deny) VALUES ($ug_id, $forum, $auth_option_id, $allow)" : (($cur_auth[$forum][$auth_option_id] != $allow) ? "UPDATE " . $table . " SET auth_allow_deny = $allow WHERE $id_field = $ug_id AND forum_id = $forum AND auth_option_id = $auth_option_id" : ''); } else { @@ -642,9 +649,9 @@ class auth_admin extends auth unset($forum_id); unset($user_auth); - foreach ( $sql_ary as $sql ) + foreach ($sql_ary as $sql) { - if ( $sql != '' ) + if ($sql != '') { $result = $db->sql_query($sql); $db->sql_freeresult($result); @@ -664,12 +671,12 @@ class auth_admin extends auth { for($i = 0; $i < count($auth_ids); $i++) { - $auth_sql .= ( ( $auth_sql != '' ) ? ', ' : '' ) . $auth_ids[$i]; + $auth_sql .= (($auth_sql != '') ? ', ' : '') . $auth_ids[$i]; } $auth_sql = " AND auth_option_id IN ($auth_sql)"; } - $table = ( $mode == 'user' ) ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; + $table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; $id_field = $mode . '_id'; $sql = "DELETE FROM $table @@ -685,7 +692,7 @@ class auth_admin extends auth { global $db; - $where_sql = ( $user_id ) ? "WHERE user_id = $user_id" : ''; + $where_sql = ($user_id) ? "WHERE user_id = $user_id" : ''; $sql = "UPDATE " . USERS_TABLE . " SET user_permissions = '' @@ -699,7 +706,7 @@ class auth_admin extends auth // $options = array( // 'local' => array('option1', 'option2', ...), // 'global' => array('optionA', 'optionB', ...) - // ); + //); function acl_add_option($options) { global $db; @@ -716,13 +723,13 @@ class auth_admin extends auth ORDER BY is_global, is_local, auth_value"; $result = $db->sql_query($sql); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - if ( !empty($row['is_global']) ) + if (!empty($row['is_global'])) { $cur_options['global'][] = $row['auth_value']; } - if ( !empty($row['is_local']) ) + if (!empty($row['is_local'])) { $cur_options['local'][] = $row['auth_value']; } @@ -773,10 +780,10 @@ class auth_admin extends auth { case 'mysql': case 'mysql4': - $sql .= ( ($sql != '') ? ', ' : '' ) . "('$option', " . $type_sql[$type] . ")"; + $sql .= (($sql != '') ? ', ' : '') . "('$option', " . $type_sql[$type] . ")"; break; case 'mssql': - $sql .= ( ($sql != '') ? ' UNION ALL ' : '' ) . " SELECT '$option', " . $type_sql[$type]; + $sql .= (($sql != '') ? ' UNION ALL ' : '') . " SELECT '$option', " . $type_sql[$type]; break; default: $sql = "INSERT INTO " . ACL_OPTIONS_TABLE . " (auth_value, is_global, is_local) @@ -788,7 +795,7 @@ class auth_admin extends auth } } - if ( $sql != '' ) + if ($sql != '') { $sql = "INSERT INTO " . ACL_OPTIONS_TABLE . " (auth_value, is_global, is_local) VALUES $sql"; @@ -804,7 +811,7 @@ class auth_admin extends auth $options = array(); - if ( !$options ) + if (!$options) { $sql = "SELECT auth_value, is_global, is_local FROM " . ACL_OPTIONS_TABLE . " @@ -812,13 +819,13 @@ class auth_admin extends auth $result = $db->sql_query($sql); $global = $local = 0; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - if ( !empty($row['is_global']) ) + if (!empty($row['is_global'])) { $options['global'][$row['auth_value']] = $global++; } - if ( !empty($row['is_local']) ) + if (!empty($row['is_local'])) { $options['local'][$row['auth_value']] = $local++; } diff --git a/phpBB/includes/page_header.php b/phpBB/includes/page_header.php index 6e5a14fcc2..55504d505b 100644 --- a/phpBB/includes/page_header.php +++ b/phpBB/includes/page_header.php @@ -29,7 +29,7 @@ define('HEADER_INC', TRUE); // gzip_compression if ($config['gzip_compress']) { - if (extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent()) + if (extension_loaded('zlib') && !headers_sent()) { ob_start('ob_gzhandler'); } @@ -306,7 +306,7 @@ $template->assign_vars(array( 'U_SEARCH' => 'search.'.$phpEx.$SID, 'U_REGISTER' => 'ucp.'.$phpEx.$SID.'&mode=register', 'U_PROFILE' => 'ucp.'.$phpEx.$SID.'&mode=editprofile', - 'U_MODCP' => 'modcp.'.$phpEx.$SID, + 'U_MODCP' => 'mcp.'.$phpEx.$SID, 'U_FAQ' => 'faq.'.$phpEx.$SID, 'U_SEARCH_SELF' => 'search.'.$phpEx.$SID.'&search_id=egosearch', 'U_SEARCH_NEW' => 'search.'.$phpEx.$SID.'&search_id=newposts', diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 9f1d5c8f7c..b87a10b725 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -203,8 +203,6 @@ class session } } while ($row = $db->sql_fetchrow($result)); - - } $db->sql_freeresult($result); diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php index 53e559a1c6..44d93b0609 100644 --- a/phpBB/includes/template.php +++ b/phpBB/includes/template.php @@ -37,6 +37,12 @@ to this source */ +// Changes for 2.2: +// +// * Allow use of Smarty plug-ins? +// * Allow use of DB for storage of compiled templates +// * Reduce number of methods and variables + class Template { var $classname = 'Template'; @@ -129,12 +135,12 @@ class Template { // If we don't have a file assigned to this handle, die. if (!isset($this->files[$handle])) { - message_die("Template->loadfile(): No file specified for handle $handle"); + trigger_error("Template->loadfile(): No file specified for handle $handle", E_USER_ERROR); } if (!($fp = @fopen($this->files[$handle], 'r'))) { - message_die("Template->loadfile(): Error - file $filename does not exist or is empty"); + trigger_error("Template->loadfile(): Error - file $filename does not exist or is empty", E_USER_ERROR); } $str = ''; @@ -173,7 +179,7 @@ class Template { { if (!$this->loadfile($handle)) { - message_die("Template->pparse(): Couldn't load template file for handle $handle"); + trigger_error("Template->pparse(): Couldn't load template file for handle $handle", E_USER_ERROR); } // Actually compile the code now. @@ -202,7 +208,7 @@ class Template { { if (!$this->loadfile($handle)) { - message_die("Template->pparse(): Couldn't load template file for handle $handle"); + trigger_error("Template->pparse(): Couldn't load template file for handle $handle", E_USER_ERROR); } $code = $this->compile($this->uncompiled_code[$handle], true, '_str'); @@ -230,7 +236,7 @@ class Template { { if (!$this->loadfile($handle)) { - message_die("Template->pparse(): Couldn't load template file for handle $handle"); + trigger_error("Template->pparse(): Couldn't load template file for handle $handle", E_USER_ERROR); } $this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]); |