diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-10-05 12:42:06 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-10-05 12:42:06 +0000 |
| commit | 56b619556354bee7bddc6045c831e8943200d356 (patch) | |
| tree | 94a370a019844c848dbf45550c561d219c042c3e | |
| parent | 305bea7b9e0ecd71b71265ca7d7d1e8e97cb3010 (diff) | |
| download | forums-56b619556354bee7bddc6045c831e8943200d356.tar forums-56b619556354bee7bddc6045c831e8943200d356.tar.gz forums-56b619556354bee7bddc6045c831e8943200d356.tar.bz2 forums-56b619556354bee7bddc6045c831e8943200d356.tar.xz forums-56b619556354bee7bddc6045c831e8943200d356.zip | |
*** empty log message ***
git-svn-id: file:///svn/phpbb/trunk@8142 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 14 | ||||
| -rw-r--r-- | phpBB/includes/auth/auth_db.php | 12 | ||||
| -rw-r--r-- | phpBB/includes/auth/auth_ldap.php | 14 | ||||
| -rw-r--r-- | phpBB/includes/functions_profile_fields.php | 32 |
4 files changed, 52 insertions, 20 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 21892d7668..ed3951dd7b 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -6,12 +6,20 @@ * * @package login * @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** * Checks whether the user is identified to apache * Only allow changing authentication to apache if the user is identified * Called in acp_board while setting authentication plugins @@ -68,7 +76,7 @@ function login_apache(&$username, &$password) ); } - $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; $result = $db->sql_query($sql); diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index 8804ac9b8e..432ae92d21 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -8,12 +8,20 @@ * * @package login * @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** * Login function */ function login_db(&$username, &$password) diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index c6cdb4f4e4..472927ace3 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -1,5 +1,5 @@ <?php -/** +/** * * LDAP auth plug-in for phpBB3 * @@ -7,12 +7,20 @@ * * @package login * @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** * Connect to ldap server * Only allow changing authentication to ldap if we can connect to the ldap server * Called in acp_board while setting authentication plugins diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 82b78f99fe..97b71823ac 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -1,14 +1,22 @@ <?php -/** +/** * * @package phpBB3 * @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License * */ /** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** * Custom Profile Fields * @package phpBB3 */ @@ -49,11 +57,11 @@ class custom_profile } $sql = 'SELECT l.*, f.* - FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . " f + FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . " f WHERE f.field_active = 1 $sql_where AND l.lang_id = $lang_id - AND l.field_id = f.field_id + AND l.field_id = f.field_id ORDER BY f.field_order"; $result = $db->sql_query($sql); @@ -141,7 +149,7 @@ class custom_profile { return 'FIELD_TOO_SMALL'; } - else if ($field_value > $field_data['field_maxlen']) + else if ($field_value > $field_data['field_maxlen']) { return 'FIELD_TOO_LARGE'; } @@ -200,12 +208,12 @@ class custom_profile // Display hidden/no_view fields for admin/moderator $sql = 'SELECT l.*, f.* - FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f + FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f WHERE l.lang_id = ' . $user->get_iso_lang_id() . ' AND f.field_active = 1 ' . ((!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) ? ' AND f.field_hide = 0 ' : '') . ' AND f.field_no_view = 0 - AND l.field_id = f.field_id + AND l.field_id = f.field_id ORDER BY f.field_order'; $result = $db->sql_query($sql); @@ -280,11 +288,11 @@ class custom_profile } $sql = 'SELECT l.*, f.* - FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . " f + FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . " f WHERE l.lang_id = $lang_id AND f.field_active = 1 $sql_where - AND l.field_id = f.field_id + AND l.field_id = f.field_id ORDER BY f.field_order"; $result = $db->sql_query($sql); @@ -800,8 +808,8 @@ class custom_profile } $sql = 'SELECT f.field_type, f.field_ident, f.field_default_value, l.lang_default_value - FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f - WHERE l.lang_id = ' . $user->get_iso_lang_id() . ' + FROM ' . PROFILE_LANG_TABLE . ' l, ' . PROFILE_FIELDS_TABLE . ' f + WHERE l.lang_id = ' . $user->get_iso_lang_id() . ' ' . ((sizeof($sql_not_in)) ? ' AND ' . $db->sql_in_set('f.field_ident', $sql_not_in, true) : '') . ' AND l.field_id = f.field_id'; $result = $db->sql_query($sql); |