diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2003-08-27 16:31:54 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2003-08-27 16:31:54 +0000 |
| commit | 6225256418c127806f2c3d8a0ca0fe448b74c1c4 (patch) | |
| tree | f6234c61eb8c304df981e875219b13f59dc59f24 | |
| parent | 2c9b17ba48923df1d66d1b571dc92fa0db505374 (diff) | |
| download | forums-6225256418c127806f2c3d8a0ca0fe448b74c1c4.tar forums-6225256418c127806f2c3d8a0ca0fe448b74c1c4.tar.gz forums-6225256418c127806f2c3d8a0ca0fe448b74c1c4.tar.bz2 forums-6225256418c127806f2c3d8a0ca0fe448b74c1c4.tar.xz forums-6225256418c127806f2c3d8a0ca0fe448b74c1c4.zip | |
bah, group handling needs some further discussion ... I'm done with it for M-2
git-svn-id: file:///svn/phpbb/trunk@4440 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/adm/admin_database.php | 236 | ||||
| -rw-r--r-- | phpBB/adm/admin_groups.php | 189 | ||||
| -rw-r--r-- | phpBB/adm/admin_icons.php | 2 | ||||
| -rw-r--r-- | phpBB/adm/admin_users.php | 46 | ||||
| -rw-r--r-- | phpBB/adm/subSilver.css | 5 | ||||
| -rw-r--r-- | phpBB/includes/db/firebird.php | 10 | ||||
| -rw-r--r-- | phpBB/includes/db/mysql.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/db/postgres.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 40 | ||||
| -rw-r--r-- | phpBB/includes/functions_admin.php | 34 | ||||
| -rw-r--r-- | phpBB/includes/functions_jabber.php | 16 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 19 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 99 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 45 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_profile.php | 33 |
15 files changed, 336 insertions, 446 deletions
diff --git a/phpBB/adm/admin_database.php b/phpBB/adm/admin_database.php index 4647311760..b47f820b69 100644 --- a/phpBB/adm/admin_database.php +++ b/phpBB/adm/admin_database.php @@ -1,23 +1,15 @@ <?php -/*************************************************************************** -* admin_database.php -* ------------------- -* begin : Thu May 31, 2001 -* copyright : (C) 2001 The phpBB Group -* email : support@phpbb.com -* -* $Id$ -* -****************************************************************************/ - -/*************************************************************************** - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - ***************************************************************************/ +// ------------------------------------------------------------- +// +// $Id$ +// +// FILENAME : admin_database.php +// STARTED : Thu May 31, 2001 +// COPYRIGHT : © 2003 phpBB Group +// WWW : http://www.phpbb.com/ +// LICENCE : GPL vs2.0 [ see /docs/COPYING ] +// +// ------------------------------------------------------------- if (!empty($setmodules)) { @@ -27,7 +19,7 @@ if (!empty($setmodules)) $file_uploads = @ini_get('file_uploads'); if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && $auth->acl_get('a_restore')) { - $module['DB']['DB_RESTORE'] = $filename . "$SID&mode=restore"; + $module['DB']['DB_RESTORE'] = "$filenamex$SID&mode=restore"; } return; @@ -38,14 +30,19 @@ define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +include($phpbb_root_path . 'functions_compress.'.$phpEx); -$mode = (isset($_GET['mode'])) ? $_GET['mode'] : ''; - -// Increase maximum execution time, but don't complain about it if it isn't -// allowed. @set_time_limit(1200); + +// Get some vars +$mode = (isset($_GET['mode'])) ? htmlspecialchars($_GET['mode']) : ''; +$action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : ''; + + +// -------------------- // Begin program proper +// -------------------- switch($mode) { case 'backup': @@ -54,30 +51,30 @@ switch($mode) trigger_error($user->lang['NO_ADMIN']); } - if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql') + $db_type = ''; + switch (SQL_LAYER) { - switch (SQL_LAYER) - { - case 'oracle': - $db_type = 'Oracle'; - break; - case 'odbc': - $db_type = 'ODBC'; - break; - case 'mssql': - $db_type = 'MSSQL'; - break; - } + case 'oracle': + $db_type = 'Oracle'; + break; + case 'odbc': + $db_type = 'ODBC'; + break; + case 'mssql': + $db_type = 'MSSQL'; + break; + } + if ($db_type) + { trigger_error($user->lang['Backups_not_supported']); - break; } - $additional_tables = (isset($_POST['tables'])) ? $_POST['tables'] : ((isset($_GET['tables'])) ? $_GET['tables'] : ''); - $backup_type = (isset($_POST['type'])) ? $_POST['type'] : ((isset($_GET['type'])) ? $_GET['type'] : ''); - $search = (!empty($_POST['search'])) ? intval($_POST['search']) : ((!empty($_GET['search'])) ? intval($_GET['search']) : 0); - $store_path = (isset($_POST['store'])) ? $_POST['store'] : ((isset($_GET['store'])) ? $_GET['store'] : ''); - $compress = (!empty($_POST['compress'])) ? $_POST['compress'] : ((!empty($_GET['compress'])) ? $_GET['compress'] : 'none'); + $additional_tables = (isset($_REQUEST['tables'])) ? htmlspecialchars($_REQUEST['tables']) : ''; + $backup_type = (isset($_REQUEST['type'])) ? intval($_REQUEST['type']) : false; + $search = (!empty($_REQUEST['search'])) ? true : false; + $store = (!empty($_REQUEST['store'])) ? true : false; + $compress = (isset($_REQUEST['compress'])) ? htmlspecialchars($_REQUEST['compress']) : ''; if (!isset($_POST['backupstart']) && !isset($_GET['backupstart'])) { @@ -89,34 +86,34 @@ switch($mode) <p><?php echo $user->lang['Backup_explain']; ?></p> -<form method="post" action="<?php echo "admin_database.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> +<form method="post" action="<?php echo "admin_database.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="95%" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> <th colspan="2"><?php echo $user->lang['Backup_options']; ?></th> </tr> <tr> - <td class="row1"><?php echo $user->lang['Backup_type']; ?>: </td> + <td class="row1" width="40%"><b><?php echo $user->lang['Backup_type']; ?>: </b></td> <td class="row2"><input type="radio" name="type" value="full" checked="checked" /> <?php echo $user->lang['Full_backup']; ?> <input type="radio" name="type" value="structure" /> <?php echo $user->lang['Structure_only']; ?> <input type="radio" name="type" value="data" /> <?php echo $user->lang['Data_only']; ?></td> </tr> <tr> - <td class="row1"><?php echo $user->lang['Include_search_index']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Include_search_index_explain']; ?></span></td> - <td class="row2"><input type="radio" name="search" value="0" /> <?php echo $user->lang['NO']; ?> <input type="radio" name="search" value="1" checked="checked" /> <?php echo $user->lang['YES']; ?></td> + <td class="row1"><b><?php echo $user->lang['Additional_tables']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['Additional_tables_explain']; ?></span></td> + <td class="row2"><input class="post" type="text" name="tables" maxlength="255" size="40" /></td> </tr> <tr> - <td class="row1"><?php echo $user->lang['Additional_tables']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Additional_tables_explain']; ?></span></td> - <td class="row2"><input type="text" name="tables" size="40" /></td> + <td class="row1"><b><?php echo $user->lang['INC_SEARCH_INDEX']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['INC_SEARCH_INDEX_EXPLAIN']; ?></span></td> + <td class="row2"><input type="radio" name="search" value="1" checked="checked" /> <?php echo $user->lang['YES']; ?> <input type="radio" name="search" value="0" /> <?php echo $user->lang['NO']; ?></td> </tr> <tr> - <td class="row1"><?php echo $user->lang['Store_local']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Store_local_explain']; ?></span></td> - <td class="row2"><input type="text" name="store" size="40" /></td> + <td class="row1"><b><?php echo $user->lang['DOWNLOAD_STORE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['DOWNLOAD_STORE_EXPLAIN']; ?></span></td> + <td class="row2"><input type="radio" name="store" value="0" checked="checked" /> <?php echo $user->lang['EXPORT_DOWNLOAD']; ?> <input type="radio" name="store" value="1" /> <?php echo $user->lang['EXPORT_STORE']; ?></td> </tr> <?php - if (extension_loaded('zlib') || extension_loaded('bz2')) + if (@extension_loaded('zlib') || extension_loaded('bz2')) { ?> <tr> - <td class="row1"><?php echo $user->lang['Compress_file']; ?>: </td> + <td class="row1"><b><?php echo $user->lang['Compress_file']; ?>: </b></td> <td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $user->lang['NONE']; ?><?php if (extension_loaded('zlib')) @@ -175,15 +172,11 @@ switch($mode) unset($additional_tables); } - // // Enable output buffering - // @ob_start(); @ob_implicit_flush(0); - // // Build the sql script file... - // echo "#\n"; echo "# phpBB Backup Script\n"; echo "# Dump of tables for $dbname\n"; @@ -228,11 +221,9 @@ switch($mode) } } - // // Flush the buffer, send the file - // switch ($compress) - { + {/* case 'gzip': $extension = 'sql.gz'; $contents = gzencode(ob_get_contents()); @@ -251,7 +242,7 @@ switch($mode) $extension = 'bz2'; $contents = bzcompress(ob_get_contents()); ob_end_clean(); - break; + break;*/ default: $extension = 'sql'; @@ -294,15 +285,13 @@ switch($mode) case 'restore': if (!$auth->acl_get('a_restore')) { - trigger_error($user->lang['No_admin']); + trigger_error($user->lang['NO_ADMIN']); } if (isset($_POST['restorestart'])) { - // // Handle the file upload .... // If no file was uploaded report an error... - // if (!empty($_POST['local'])) { $file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']); @@ -310,7 +299,7 @@ switch($mode) } else { - $filename = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : ''; + $filename = (!empty($_POST['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : ''; $file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != 'none') ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; } @@ -999,123 +988,6 @@ function output_table_content($content) echo $content ."\n"; return; } - - -// -// Zip creation class from phpMyAdmin 2.3.0 (c) Tobias Ratschiller, Olivier Müller, Loïc Chapeaux, Marc Delisle -// http://www.phpmyadmin.net/ -// -// Based on work by Eric Mueller and Denis125 -// Official ZIP file format: http://www.pkware.com/appnote.txt -// -class zipfile -{ - var $datasec = array(); - var $ctrl_dir = array(); - var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; - var $old_offset = 0; - - function unix_to_dos_time($unixtime = 0) - { - $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); - - if ($timearray['year'] < 1980) - { - $timearray['year'] = 1980; - $timearray['mon'] = 1; - $timearray['mday'] = 1; - $timearray['hours'] = 0; - $timearray['minutes'] = 0; - $timearray['seconds'] = 0; - } - - return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | - ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); - } - - function add_file($data, $name, $time = 0) - { - $name = str_replace('\\', '/', $name); - - $dtime = dechex($this->unix_to_dos_time($time)); - $hexdtime = '\x' . $dtime[6] . $dtime[7] - . '\x' . $dtime[4] . $dtime[5] - . '\x' . $dtime[2] . $dtime[3] - . '\x' . $dtime[0] . $dtime[1]; - eval('$hexdtime = "' . $hexdtime . '";'); - - $fr = "\x50\x4b\x03\x04"; - $fr .= "\x14\x00"; // ver needed to extract - $fr .= "\x00\x00"; // gen purpose bit flag - $fr .= "\x08\x00"; // compression method - $fr .= $hexdtime; // last mod time and date - - $unc_len = strlen($data); - $crc = crc32($data); - $zdata = gzcompress($data); - $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); // fix crc bug - $c_len = strlen($zdata); - $fr .= pack('V', $crc); // crc32 - $fr .= pack('V', $c_len); // compressed filesize - $fr .= pack('V', $unc_len); // uncompressed filesize - $fr .= pack('v', strlen($name)); // length of filename - $fr .= pack('v', 0); // extra field length - $fr .= $name; - - // "file data" segment - $fr .= $zdata; - - // "data descriptor" segment (optional but necessary if archive is not - // served as file) - $fr .= pack('V', $crc); // crc32 - $fr .= pack('V', $c_len); // compressed filesize - $fr .= pack('V', $unc_len); // uncompressed filesize - - // add this entry to array - $this -> datasec[] = $fr; - $new_offset = strlen(implode('', $this->datasec)); - - // now add to central directory record - $cdrec = "\x50\x4b\x01\x02"; - $cdrec .= "\x00\x00"; // version made by - $cdrec .= "\x14\x00"; // version needed to extract - $cdrec .= "\x00\x00"; // gen purpose bit flag - $cdrec .= "\x08\x00"; // compression method - $cdrec .= $hexdtime; // last mod time & date - $cdrec .= pack('V', $crc); // crc32 - $cdrec .= pack('V', $c_len); // compressed filesize - $cdrec .= pack('V', $unc_len); // uncompressed filesize - $cdrec .= pack('v', strlen($name)); // length of filename - $cdrec .= pack('v', 0); // extra field length - $cdrec .= pack('v', 0); // file comment length - $cdrec .= pack('v', 0); // disk number start - $cdrec .= pack('v', 0); // internal file attributes - $cdrec .= pack('V', 32); // external file attributes - 'archive' bit set - - $cdrec .= pack('V', $this -> old_offset); // relative offset of local header - $this -> old_offset = $new_offset; - - $cdrec .= $name; - - // optional extra field, file comment goes here - // save to central directory - $this -> ctrl_dir[] = $cdrec; - } - - function file() - { - $data = implode('', $this -> datasec); - $ctrldir = implode('', $this -> ctrl_dir); - - return $data . $ctrldir . $this -> eof_ctrl_dir . - pack('v', sizeof($this -> ctrl_dir)) . // total # of entries "on this disk" - pack('v', sizeof($this -> ctrl_dir)) . // total # of entries overall - pack('V', strlen($ctrldir)) . // size of central dir - pack('V', strlen($data)) . // offset to start of central dir - "\x00\x00"; // .zip file comment length - } -} - // // End Functions // ----------------------------------------------- diff --git a/phpBB/adm/admin_groups.php b/phpBB/adm/admin_groups.php index bd65107656..11b1e9455f 100644 --- a/phpBB/adm/admin_groups.php +++ b/phpBB/adm/admin_groups.php @@ -60,7 +60,6 @@ else $action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : ''; } - // Grab basic data for group, if group_id is set and exists if ($group_id) { @@ -85,42 +84,63 @@ switch ($mode) // Which page? switch ($action) { - case 'delete': + case 'approve': if (!$group_id) { trigger_error($user->lang['NO_GROUP']); } - + approve_user($group_id, $mark_ary, false, $group_name); + trigger_error($user->lang['USERS_APPROVED']); break; - case 'deleteusers': + case 'default': if (!$group_id) { trigger_error($user->lang['NO_GROUP']); } - + set_default_group($group_id, $mark_ary, false, $group_name, $group_colour, $group_rank, false, false); + trigger_error($user->lang['GROUP_DEFS_UPDATED']); break; - - case 'approve': + + case 'delete': + case 'deleteusers': + case 'demote': if (!$group_id) { trigger_error($user->lang['NO_GROUP']); } - approve_user($group_id, $mark_ary, false, $group_name); - trigger_error($user->lang['USERS_APPROVED']); + if ($error = remove_from_group($action, $group_id, $mark_ary, false, $group_name)) + { + trigger_error($user->lang[$error]); + } + + $message = ($action == 'demote') ? 'GROUP_MODS_DEMOTED' : (($action == 'deleteusers') ? 'GROUP_USERS_REMOVE' : 'GROUP_DELETED'); + trigger_error($user->lang[$message]); break; - case 'default': + case 'addleaders': + case 'addusers': if (!$group_id) { trigger_error($user->lang['NO_GROUP']); } - set_default_group($group_id, $mark_ary, false, $group_name, $group_colour, $group_rank, false, false); - trigger_error($user->lang['GROUP_DEFS_UPDATED']); + if (!$name_ary) + { + trigger_error($user->lang['NO_USERS']); + } + + // Add user/s to group + if ($error = add_to_group($action, $group_id, false, $name_ary, $group_colour, $group_rank, $group_avatar, $group_avatar_type)) + { + trigger_error($user->lang[$error]); + } + + $message = ($action == 'addleaders') ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED'; + trigger_error($user->lang[$message]); break; case 'edit': @@ -259,6 +279,9 @@ function swatch() <td class="row1"><select name="group_rank"><?php echo $rank_options; ?></select></td> </tr> <!-- tr> + <th colspan="2"><?php echo $user->lang['GROUP_AVATAR']; ?></th> + </tr> + <tr> <td class="row2"><b><?php echo $user->lang['GROUP_AVATAR']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_AVATAR_EXPLAIN']; ?></span></td> <td class="row1"> </td> </tr --> @@ -270,30 +293,6 @@ function swatch() break; - - case 'addleaders': - case 'addusers': - if (!$group_id) - { - trigger_error($user->lang['NO_GROUP']); - } - - if (!$name_ary) - { - trigger_error($user->lang['NO_USERS']); - } - - // Add user/s to group - if ($error = add_to_group($action, $group_id, false, $name_ary, $group_colour, $group_rank, $group_avatar, $group_avatar_type)) - { - trigger_error($user->lang[$error]); - } - - $message = ($action == 'addleaders') ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED'; - trigger_error($user->lang[$message]); - break; - - // Show list of leaders, existing and pending members case 'list': if (!$group_id) @@ -410,7 +409,7 @@ function swatch() ?> <tr> - <td class="cat" colspan="5" align="right">Select option: <select name="action"><option value="default">Default</option><option value="delete">Delete</option></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['UPDATE']; ?>" /> </td> + <td class="cat" colspan="5" align="right">Select option: <select name="action"><option value="default">Default</option><option value="demote">Demote</option><option value="delete">Delete</option></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['UPDATE']; ?>" /> </td> </tr> </table> @@ -706,100 +705,19 @@ function hidebox(id) adm_page_footer(); break; - - - + // Setting groupwide preferences case 'prefs': adm_page_header($user->lang['GROUP_PREFS']); - - adm_page_footer(); - break; - - - - default: - trigger_error($user->lang['NO_MODE']); -} - -exit; - - - - - - - - - - - - - - - - - - -/* - - - - - - - - - - - - case 'add': - - - break; - - - - - - - case 'delete': - // TODO: - // Need to offer ability to demote moderators or remove from group - break; - - - - - - case 'approve': - break; - - - - - - - - - - - -adm_page_footer(); - - - - - - case 'prefs': - - } - else - { - $user_lang = (!empty($_POST['user_lang'])) ? htmlspecialchars($_POST['user_lang']) : ''; - $user_tz = (isset($_POST['user_tz'])) ? doubleval($_POST['user_tz']) : ''; - $user_dst = (isset($_POST['user_dst'])) ? intval($_POST['user_dst']) : ''; - } + if ($update) + { + } + else + { + $user_lang = (!empty($_POST['user_lang'])) ? htmlspecialchars($_POST['user_lang']) : ''; + $user_tz = (isset($_POST['user_tz'])) ? doubleval($_POST['user_tz']) : ''; + $user_dst = (isset($_POST['user_dst'])) ? intval($_POST['user_dst']) : ''; + } ?> <h1><?php echo $user->lang['GROUP_SETTINGS']; ?></h1> @@ -829,18 +747,13 @@ adm_page_footer(); <?php -*/ - - -function delete_group() -{ - -} - -function remove_from_group($type, $id, $user_id) -{ + adm_page_footer(); + break; + default: + trigger_error($user->lang['NO_MODE']); } +exit; ?>
\ No newline at end of file diff --git a/phpBB/adm/admin_icons.php b/phpBB/adm/admin_icons.php index f09173dd29..78c1f139f5 100644 --- a/phpBB/adm/admin_icons.php +++ b/phpBB/adm/admin_icons.php @@ -169,7 +169,7 @@ switch ($action) { foreach ($img_ary as $img) { - $img = substr($path, 1) . (($path != '') ? '/' : '') . $img; + $img = "$path$img"; if (!in_array($img, $existing_imgs) || $action == 'edit') { diff --git a/phpBB/adm/admin_users.php b/phpBB/adm/admin_users.php index 3cf40c5d1a..759f3efeeb 100644 --- a/phpBB/adm/admin_users.php +++ b/phpBB/adm/admin_users.php @@ -34,17 +34,20 @@ if (!empty($setmodules)) define('IN_PHPBB', 1); // Include files $phpbb_root_path = '../'; -require($phpbb_root_path . 'extension.inc'); +$phpEx = substr(strrchr(__FILE__, '.'), 1); require('pagestart.' . $phpEx); + // Set mode -$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main'; +$mode = (isset($_REQUEST['mode'])) ? htmlspecialchars($_REQUEST['mode']) : ''; +$action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : 'main'; + // Begin program if (isset($_POST['username']) || isset($_REQUEST['u'])) { // Grab relevant userdata - if(isset($_REQUEST['u'])) + if (isset($_REQUEST['u'])) { $user_id = intval($_REQUEST['u']); @@ -71,35 +74,24 @@ if (isset($_POST['username']) || isset($_REQUEST['u'])) $db->sql_transaction(); - $sql = "UPDATE " . POSTS_TABLE . " - SET poster_id = " . ANONYMOUS . ", post_username = '$username' + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET poster_id = ' . ANONYMOUS . " WHERE poster_id = $user_id"; $db->sql_query($sql); - $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_poster = " . ANONYMOUS . " + $sql = 'UPDATE ' . TOPICS_TABLE . ' + SET topic_poster = ' . ANONYMOUS . " WHERE topic_poster = $user_id"; $db->sql_query($sql); - $sql = "DELETE FROM " . USERS_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - $sql = "DELETE FROM " . USER_GROUP_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - $sql = "DELETE FROM " . FORUMS_WATCH_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); + $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE); - $sql = "DELETE FROM " . ACL_USERS_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); + foreach ($table_ary as $table) + { + $sql = "DELETE FROM $table + WHERE user_id = $user_id"; + $db->sql_query($sql); + } $db->sql_transaction('commit'); @@ -114,11 +106,11 @@ if (isset($_POST['username']) || isset($_REQUEST['u'])) <form method="post" action="admin_users.<?php echo $phpEx . $SID; ?>&mode=<?php echo $mode; ?>&u=<?php echo $userdata['user_id']; ?>"><table width="90%" cellspacing="3" cellpadding="0" border="0" align="center"> <tr> - <td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=permissions">Permissions</a></td> + <td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&action=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&action=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&action=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&action=permissions">Permissions</a></td> </tr> <?php - switch ($mode) + switch ($action) { case 'main': diff --git a/phpBB/adm/subSilver.css b/phpBB/adm/subSilver.css index 807d1cf164..047d2d19b9 100644 --- a/phpBB/adm/subSilver.css +++ b/phpBB/adm/subSilver.css @@ -194,6 +194,11 @@ input.text { font-family: 'Courier New', courier; } +input.checkbox { + height: 16px; + width: 16px; +} + option.sep { color: white; background-color: #006699; diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 247f3dd429..65be3b7723 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -43,7 +43,7 @@ class sql_db $this->password = $sqlpassword; $this->server = $sqlserver; - $this->db_connect_id =($this->persistency) ? @ibase_pconnect($this->server, $this->user, $this->password) : @ibase_connect($this->server, $this->user, $this->password); + $this->db_connect_id =($this->persistency) ? @ibase_pconnect($this->server, $this->user, $this->password, false, false, 3) : @ibase_connect($this->server, $this->user, $this->password, false, false, 3); return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error(''); } @@ -132,6 +132,12 @@ class sql_db $this->sql_error($query); } + if (!$this->transaction && (strpos($query, 'INSERT') === 0 || strpos($query, 'UPDATE') === 0)) + { + echo $query; + ibase_commit(); + } + if (!empty($_GET['explain'])) { $endtime = explode(' ', microtime()); @@ -415,7 +421,7 @@ class sql_db function sql_escape($msg) { - return (@ini_get('magic_quotes_sybase') || strtoupper(@ini_get('magic_quotes_sybase')) == 'ON') ? str_replace('\\\'', '\'', addslashes($msg)) : str_replace('\\\'', '\'\'', $msg); + return (@ini_get('magic_quotes_sybase') || strtolower(@ini_get('magic_quotes_sybase')) == 'on') ? str_replace('\\\'', '\'', addslashes($msg)) : str_replace('\'', '\'\'', stripslashes($msg)); } function sql_error($sql = '') diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php index cd9a074f35..040f057f4e 100644 --- a/phpBB/includes/db/mysql.php +++ b/phpBB/includes/db/mysql.php @@ -134,7 +134,7 @@ class sql_db $curtime = $curtime[0] + $curtime[1] - $starttime; } - if (!($this->query_result = @mysql_query($query, $this->db_connect_id))) + if (($this->query_result = @mysql_query($query, $this->db_connect_id)) === false) { $this->sql_error($query); } diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php index 8f916eae99..aa26e8ec8f 100644 --- a/phpBB/includes/db/postgres.php +++ b/phpBB/includes/db/postgres.php @@ -35,12 +35,9 @@ class sql_db var $rownum = array(); var $num_queries = 0; - // - // Constructor - // function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $persistency = true) { - $this->connect_string = ""; + $this->connect_string = ''; if ($sqluser) { @@ -363,7 +360,6 @@ class sql_db function sql_error($sql = '') { - if (!$this->return_on_error) { if ($this->transaction) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 57282981ba..40de5d6690 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1,23 +1,15 @@ <?php -/*************************************************************************** - * functions.php - * ------------------- - * begin : Saturday, Feb 13, 2001 - * copyright : (C) 2001 The phpBB Group - * email : support@phpbb.com - * - * $Id$ - * - ***************************************************************************/ - -/*************************************************************************** - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - ***************************************************************************/ +// ------------------------------------------------------------- +// +// $Id$ +// +// FILENAME : functions.php +// STARTED : Sat Feb 13, 2001 +// COPYRIGHT : © 2001,2003 phpBB Group +// WWW : http://www.phpbb.com/ +// LICENCE : GPL vs2.0 [ see /docs/COPYING ] +// +// ------------------------------------------------------------- function set_config($config_name, $config_value, $is_dynamic = FALSE) { @@ -697,10 +689,11 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add $page_string .= ($on_page == $total_pages) ? '<b>' . $total_pages . '</b>' : '<a href="' . $base_url . '&start=' . (($total_pages - 1) * $per_page) . '">' . $total_pages . '</a> <a href="' . $base_url . "&start=" . ($on_page * $per_page) . '">' . $user->lang['NEXT'] . '</a>'; -// $page_string = '<a href="javascript:goto();">' . $user->lang['GOTO_PAGE'] . '</a> ' . $page_string; $page_string = $user->lang['GOTO_PAGE'] . ' ' . $page_string; +// $page_string = '<a href="javascript:goto();">' . $user->lang['GOTO_PAGE'] . '</a> ' . $page_string; // $template->assign_var('BASE_URL', $base_url); +// $template->assign_var('PER_PAGE', $per_page); return $page_string; } @@ -944,10 +937,6 @@ function login_box($s_action, $s_hidden_fields = '', $login_explain = '') $err = ($result === 0) ? $user->lang['ACTIVE_ERROR'] : $user->lang['LOGIN_ERROR']; } - $sql = 'DELETE FROM ' . CONFIRM_TABLE . ' - WHERE confirm_time < ' . (time() - $config['session_length']); -// $db->sql_query($sql); - $template->assign_vars(array( 'LOGIN_ERROR' => $err, 'LOGIN_EXPLAIN' => $login_explain, @@ -994,6 +983,9 @@ function login_forum_box(&$forum_data) if (!empty($_POST['password'])) { + // TODO + // Remove old valid sessions + if ($_POST['password'] == $forum_data['forum_password']) { $sql = 'INSERT INTO phpbb_forum_access (forum_id, user_id, session_id) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 503ede56ca..d4da25127b 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -1,23 +1,15 @@ <?php -/*************************************************************************** - * functions_admin.php - * ------------------- - * begin : Saturday, Feb 13, 2001 - * copyright : © 2001 The phpBB Group - * email : support@phpbb.com - * - * $Id$ - * - ***************************************************************************/ - -/*************************************************************************** - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - ***************************************************************************/ +// ------------------------------------------------------------- +// +// $Id$ +// +// FILENAME : functions_admin.php +// STARTED : Sat Feb 13, 2001 +// COPYRIGHT : © 2001,2003 phpBB Group +// WWW : http://www.phpbb.com/ +// LICENCE : GPL vs2.0 [ see /docs/COPYING ] +// +// ------------------------------------------------------------- // Simple version of jumpbox, just lists authed forums function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true) @@ -1362,7 +1354,7 @@ function split_sql_file($sql, $delimiter) // and group names must be carried through for the moderators table function cache_moderators() { - global $db; + global $db, $cache; // Clear table $sql = (SQL_LAYER != 'sqlite') ? 'TRUNCATE ' . MODERATOR_TABLE : 'DELETE FROM ' . MODERATOR_TABLE; @@ -1448,6 +1440,8 @@ function cache_moderators() } } } + + $cache->destroy(MODERATOR_TABLE); } // Logging functions diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php index 271bf98b7c..8059f55589 100644 --- a/phpBB/includes/functions_jabber.php +++ b/phpBB/includes/functions_jabber.php @@ -296,6 +296,22 @@ class Jabber } } + function SendPresence($type = NULL, $to = NULL, $status = NULL, $show = NULL, $priority = NULL) + { + $xml = '<presence'; + $xml .= ($to) ? " to='$to'" : ''; + $xml .= ($type) ? " type='$type'" : ''; + $xml .= ($status || $show || $priority) ? ">\n" : " />\n"; + + $xml .= ($status) ? " <status>$status</status>\n" : ''; + $xml .= ($show) ? " <show>$show</show>\n" : ''; + $xml .= ($priority) ? " <priority>$priority</priority>\n" : ''; + + $xml .= ($status || $show || $priority) ? "</presence>\n" : ''; + + return ($this->SendPacket($xml)) ? TRUE : FALSE; + } + function SendError($to, $id = NULL, $error_number, $error_message = NULL) { $xml = "<iq type='error' to='$to'"; diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index a42952375b..a25c44f5e3 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -29,6 +29,8 @@ function generate_smilies($mode) if ($mode == 'window') { + $user->setup(false); + page_header($user->lang['SMILIES'] . ' - ' . $topic_title); $template->set_filenames(array( @@ -555,7 +557,8 @@ function move_uploaded_attachment($upload_mode, $source_filename, &$filedata) } } } - return ''; + + return; } // Delete File @@ -568,14 +571,13 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false) if (file_exists($filename)) { - $filesys = eregi_replace('/','\\', $filename); + $filesys = str_replace('/','\\', $filename); $deleted = @system("del $filesys"); if (file_exists($filename)) { @chmod($filename, 0777); - $deleted = @unlink($filename); - if (!$deleted) + if (!($deleted = @unlink($filename))) { $deleted = @system("del $filename"); } @@ -590,8 +592,8 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false) function get_img_size_format($width, $height) { // Change these two values to define the Thumbnail Size - $max_width = 300; - $max_height = 85; + $max_width = 400; + $max_height = 200; if ($height > $max_height) { @@ -673,8 +675,7 @@ function create_thumbnail($source, $new_file, $mimetype) $new_size = get_img_size_format($size[0], $size[1]); - $tmp_path = ''; - $old_file = ''; + $tmp_path = $old_file = ''; $used_imagick = FALSE; @@ -682,7 +683,7 @@ function create_thumbnail($source, $new_file, $mimetype) { if (is_array($size) && count($size) > 0) { - @exec($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 75 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' ' . $source . ' +profile "*" ' . $new_file); + passthru($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"'); if (file_exists($new_file)) { $used_imagick = TRUE; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index cf2614cce3..a352a3987c 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -569,16 +569,12 @@ function create_group($action, $group_id, &$type, &$name, &$desc, &$colour, &$ra return (sizeof($error)) ? $error : false; } - +// Call with: user_id_ary or username_ary set ... if both false entire group +// will be set default function set_default_group($id, $user_id_ary, $username_ary, &$name, &$colour, &$rank, $avatar, $avatar_type) { global $db; - if (!is_array($$which_ary)) - { - $$which_ary = array($$which_ary); - } - if (is_array($user_id_ary) || is_array($username_ary)) { $sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')'; @@ -656,31 +652,41 @@ function set_default_group($id, $user_id_ary, $username_ary, &$name, &$colour, & return false; } -// TODO -// approve group +// Call with: user_id_ary or username_ary set ... if both false entire group +// will be approved function approve_user($group_id, $user_id_ary, $username_ary, &$group_name) { global $db; - $sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')'; + if (is_array($user_id_ary) || is_array($username_ary)) + { + $sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')'; - $sql = 'SELECT user_id, username - FROM ' . USERS_TABLE . " - WHERE $sql_where"; + $sql = 'SELECT user_id, username + FROM ' . USERS_TABLE . " + WHERE $sql_where"; + } + else + { + $sql = 'SELECT u.user_id, u.username + FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " + WHERE ug.group_id = $group_id + AND u.user_id = ug.user_id"; + } $result = $db->sql_query($sql); $usernames = array(); while ($row = $db->sql_fetchrow($result)) { $username_ary[] = $row['username']; - $user_id_ary[] = $row['user_id']; + $user_id_ary[] = $row['user_id']; } $db->sql_freeresult($result); - $sql = 'UPDATE ' . USER_GROUP_TABLE . ' + $sql = 'UPDATE ' . USER_GROUP_TABLE . " SET user_pending = 0 - WHERE user_id IN (' . implode(', ', $user_id_ary) . ") - AND group_id = $group_id"; + WHERE group_id = $group_id + AND user_id IN (" . implode(', ', $user_id_ary) . ')'; $db->sql_query($sql); add_log('admin', 'LOG_GROUP_APPROVE', $group_name, implode(', ', $username_ary)); @@ -691,4 +697,65 @@ function approve_user($group_id, $user_id_ary, $username_ary, &$group_name) return false; } +// If user_id or username_ary are set users are deleted, else group is +// removed. Setting action to demote true will demote leaders to users +// (if appropriate), deleting leaders removes them from group as with +// normal users +function remove_from_group($type, $id, $user_id_ary, $username_ary, &$group_name) +{ + global $db; + + // Delete or demote individuals if data exists, else delete group + if (is_array($user_id_ary) || is_array($username_ary)) + { + $sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')'; + + $sql = 'SELECT user_id, username + FROM ' . USERS_TABLE . " + WHERE $sql_where"; + $result = $db->sql_query($sql); + + $usernames = array(); + while ($row = $db->sql_fetchrow($result)) + { + $username_ary[] = $row['username']; + $user_id_ary[] = $row['user_id']; + } + $db->sql_freeresult($result); + + switch ($type) + { + case 'demote': + $sql = 'UPDATE ' . USER_GROUP_TABLE . " + SET group_leader = 0 + WHERE $sql_where"; + $db->sql_query($sql); + break; + + default: + $sql = 'SELECT g.group_id, g.group_name, u.user_id + FROM ' . USER_GROUP_TABLE . ' ug, ' . GROUPS_TABLE . ' g + WHERE u.user_id IN ' . implode(', ', $user_id_ary) . " + AND ug.group_id <> $group_id + AND g.group_type = " . GROUP_SPECIAL . ' + GROUP BY u.user_id'; + break; + } + } + else + { + } + + if (!function_exists('add_log')) + { + global $phpbb_root_path, $phpEx; + include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); + } + + $log = ($action == 'demote') ? 'LOG_GROUP_DEMOTED' : (($action == 'deleteusers') ? 'LOG_GROUP_REMOVE' : 'LOG_GROUP_DELETED'); + add_log('admin', $log, $name, implode(', ', $username_ary)); + + return false; +} + ?>
\ No newline at end of file diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 96cc8ee974..9cb1200d76 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -71,9 +71,9 @@ class session } // Load limit check (if applicable) - if (doubleval($config['limit_load']) && @file_exists('/proc/loadavg')) + if (@file_exists('/proc/loadavg')) { - if ($load = @file('/proc/loadavg')) + if ($config['limit_load'] && $load = @file('/proc/loadavg')) { list($this->load) = explode(' ', $load[0]); @@ -398,6 +398,8 @@ class user extends session var $lang_path; var $img_lang; + var $keyoptions = array('viewimg', 'notify', 'notify_pm', 'popup_pm', 'viewflash', 'viewsmilies', 'viewsigs', 'viewavatars', 'viewcensors', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmile', 'allowavatar', 'allow_pm', 'allow_email', 'allow_viewonline', 'allow_viewemail', 'allow_massemail'); + function setup($lang_set = false, $style = false) { global $db, $template, $config, $auth, $phpEx, $phpbb_root_path; @@ -539,6 +541,45 @@ class user extends session } return $imgs[$img]; } + + // Start code for checking/setting option bit field for user table (if we go that way) + // TODO + // array_search begone + // set values, blah, everything else + function option_set($key, $value = false) + { + if (is_array($key)) + { + if (is_array($value)) + { + $return = array(); + foreach ($key as $k) + { + $return[$key] = ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false; + } + return $return; + } + else + { + $return = array(); + foreach ($key as $k) + { + $return[$key] = ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false; + } + return $return; + } + } + else + { + if ($value !== false) + { + } + else + { + return ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false; + } + } + } } // Will be keeping my eye of 'other products' to ensure these things don't diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index deedf20f25..1c5d498d52 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -1,23 +1,18 @@ <?php -/*************************************************************************** - * ucp_profile.php - * ------------------- - * begin : Saturday, Feb 21, 2003 - * copyright : (C) 2001 The phpBB Group - * email : support@phpbb.com - * - * $Id$ - * - ***************************************************************************/ - -/*************************************************************************** - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - ***************************************************************************/ +// ------------------------------------------------------------- +// +// $Id$ +// +// FILENAME : admin_styles.php +// STARTED : Thu Aug 7 2003 +// COPYRIGHT : © 2003 phpBB Group +// WWW : http://www.phpbb.com/ +// LICENCE : GPL vs2.0 [ see /docs/COPYING ] +// +// ------------------------------------------------------------- + +// TODO +// Check birthday for date in past class ucp_profile extends ucp { |