diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-10-04 13:09:10 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-10-04 13:09:10 +0000 |
| commit | 30aeac65dccceab18e19318e5981118f150c0647 (patch) | |
| tree | 409e1a742796ff1c988593c43f19a9533c258742 /phpBB/admin | |
| parent | b5bbc005a51658c7496abdcad9b23e978fb7db68 (diff) | |
| download | forums-30aeac65dccceab18e19318e5981118f150c0647.tar forums-30aeac65dccceab18e19318e5981118f150c0647.tar.gz forums-30aeac65dccceab18e19318e5981118f150c0647.tar.bz2 forums-30aeac65dccceab18e19318e5981118f150c0647.tar.xz forums-30aeac65dccceab18e19318e5981118f150c0647.zip | |
Well, here are all my changes ... don't blame me if things break :D
git-svn-id: file:///svn/phpbb/trunk@2923 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin')
| -rw-r--r-- | phpBB/admin/admin_ban.php | 62 | ||||
| -rw-r--r-- | phpBB/admin/admin_board.php | 64 | ||||
| -rw-r--r-- | phpBB/admin/admin_database.php | 493 | ||||
| -rw-r--r-- | phpBB/admin/admin_disallow.php | 20 | ||||
| -rw-r--r-- | phpBB/admin/admin_email.php | 36 | ||||
| -rw-r--r-- | phpBB/admin/admin_forums.php | 22 | ||||
| -rw-r--r-- | phpBB/admin/admin_groups.php | 165 | ||||
| -rw-r--r-- | phpBB/admin/admin_permissions.php | 24 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune.php | 20 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune_users.php | 30 | ||||
| -rw-r--r-- | phpBB/admin/admin_ranks.php | 26 | ||||
| -rw-r--r-- | phpBB/admin/admin_search.php | 64 | ||||
| -rw-r--r-- | phpBB/admin/admin_smilies.php | 24 | ||||
| -rw-r--r-- | phpBB/admin/admin_styles.php | 28 | ||||
| -rw-r--r-- | phpBB/admin/admin_users.php | 66 | ||||
| -rw-r--r-- | phpBB/admin/admin_viewlogs.php | 24 | ||||
| -rw-r--r-- | phpBB/admin/admin_words.php | 16 | ||||
| -rw-r--r-- | phpBB/admin/index.php | 56 | ||||
| -rw-r--r-- | phpBB/admin/pagestart.php | 2 |
19 files changed, 663 insertions, 579 deletions
diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index 3214c38589..a4f22c2481 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('ban') ) + if ( !$auth->get_acl_admin('ban') ) { return; } @@ -46,7 +46,7 @@ require('pagestart.' . $phpEx); // // Do we have ban permissions? // -if ( !$acl->get_acl_admin('ban') ) +if ( !$auth->get_acl_admin('ban') ) { return; } @@ -74,7 +74,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) $ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban'])); $ban_list_log = implode(', ', $ban_list); - if ( !empty($HTTP_POST_VARS['banlength']) ) + if ( !empty($HTTP_POST_VARS['banlength']) ) { if ( $HTTP_POST_VARS['banlength'] != -1 || empty($HTTP_POST_VARS['banlengthother']) ) { @@ -107,8 +107,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) } } - $sql = "SELECT user_id - FROM " . USERS_TABLE . " + $sql = "SELECT user_id + FROM " . USERS_TABLE . " WHERE username IN (" . implode(', ', $banlist_tmp) . ")"; $result = $db->sql_query($sql); @@ -224,8 +224,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) break; } - $sql = "SELECT $type - FROM " . BANLIST_TABLE . " + $sql = "SELECT $type + FROM " . BANLIST_TABLE . " WHERE $type <> ''"; $result = $db->sql_query($sql); @@ -253,13 +253,13 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) $banlist = array_unique(array_diff($banlist, $banlist_tmp)); unset($banlist_tmp); - } + } if ( sizeof($banlist) ) { for($i = 0; $i < count($banlist); $i++) { - $sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason) + $sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason) VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')"; $db->sql_query($sql); } @@ -276,8 +276,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) break; case 'email': - $sql = "SELECT user_id - FROM " . USERS_TABLE . " + $sql = "SELECT user_id + FROM " . USERS_TABLE . " WHERE user_email IN (" . implode(', ', $banlist) . ")"; $result = $db->sql_query($sql); @@ -297,7 +297,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) if ( $sql != '' ) { - $sql = "DELETE FROM " . SESSIONS_TABLE . " + $sql = "DELETE FROM " . SESSIONS_TABLE . " $sql"; $db->sql_query($sql); } @@ -322,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) ) if ( $unban_sql != '' ) { - $sql = "DELETE FROM " . BANLIST_TABLE . " + $sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_id IN ($unban_sql)"; $db->sql_query($sql); @@ -339,8 +339,8 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) ) // // Remove timed out bans // -$sql = "DELETE FROM " . BANLIST_TABLE . " - WHERE ban_end < " . time() . " +$sql = "DELETE FROM " . BANLIST_TABLE . " + WHERE ban_end < " . time() . " AND ban_end <> 0"; $db->sql_query($sql); @@ -387,7 +387,7 @@ switch ( $mode ) case 'user': $sql = "SELECT b.*, u.user_id, u.username FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE ( b.ban_end >= " . time() . " + WHERE ( b.ban_end >= " . time() . " OR b.ban_end = 0 ) AND u.user_id = b.ban_userid AND b.ban_userid <> 0 @@ -422,10 +422,10 @@ switch ( $mode ) case 'ip': - $sql = "SELECT * - FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + $sql = "SELECT * + FROM " . BANLIST_TABLE . " + WHERE ( ban_end >= " . time() . " + OR ban_end = 0 ) AND ban_ip <> ''"; $result = $db->sql_query($sql); @@ -456,10 +456,10 @@ switch ( $mode ) case 'email': - $sql = "SELECT * - FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + $sql = "SELECT * + FROM " . BANLIST_TABLE . " + WHERE ( ban_end >= " . time() . " + OR ban_end = 0 ) AND ban_email <> ''"; $result = $db->sql_query($sql); @@ -496,17 +496,17 @@ switch ( $mode ) <p><?php echo $l_ban_explain; ?></p> <script language="Javascript" type="text/javascript"> -<!-- +<!-- var ban_length = new Array(<?php echo $banned_length; ?>); var ban_reasons = new Array(<?php echo $banned_reasons; ?>); //--> </script> <form method="post" action="<?php echo "admin_ban.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> + <tr> <th colspan="2"><?php echo $l_ban_title; ?></th> </tr> - <tr> + <tr> <td class="row1" width="45%"><?php echo $l_ban_cell; ?>: </td> <td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td> </tr> @@ -518,7 +518,7 @@ switch ( $mode ) <td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td> <td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td> </tr> - <tr> + <tr> <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td> </tr> </table> @@ -528,14 +528,14 @@ switch ( $mode ) <p><?php echo $l_unban_explain; ?></p> <table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> + <tr> <th colspan="2"><?php echo $l_unban_title; ?></th> </tr> - <tr> + <tr> <td class="row1" width="45%"><?php echo $l_ban_cell; ?>: <br /></td> <td class="row1"> <?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $l_no_ban_cell; } ?></td> </tr> - <tr> + <tr> <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td> </tr> </table></form> diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index bb4061ba1f..e6d62fcfac 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -45,7 +45,7 @@ $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -325,9 +325,6 @@ switch ( $mode ) $activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : ''; $activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : ''; - $gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : ''; - $gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : ''; - $privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : ''; $privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : ''; @@ -348,18 +345,6 @@ switch ( $mode ) <td class="row2"><input type="radio" name="board_disable" value="1" <?php echo $disable_board_yes; ?> /> <?php echo $lang['Yes']; ?> <input type="radio" name="board_disable" value="0" <?php echo $disable_board_no; ?> /> <?php echo $lang['No']; ?><br /><input type="text" name="board_disable_msg" maxlength="255" size="40" value="<?php echo $new['board_disable_msg']; ?>" /></td> </tr> <tr> - <td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td> - <td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td> - </tr> - <tr> - <td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td> - <td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td> - </tr> - <tr> - <td class="row1"><?php echo $lang['Enable_gzip']; ?>: </td> - <td class="row2"><input type="radio" name="gzip_compress" value="1" <?php echo $gzip_yes; ?> /> <?php echo $lang['Yes']; ?> <input type="radio" name="gzip_compress" value="0" <?php echo $gzip_no; ?> /> <?php echo $lang['No']; ?></td> - </tr> - <tr> <td class="row1"><?php echo $lang['Enable_prune']; ?>: </td> <td class="row2"><input type="radio" name="prune_enable" value="1" <?php echo $prune_yes; ?> /> <?php echo $lang['Yes']; ?> <input type="radio" name="prune_enable" value="0" <?php echo $prune_no; ?> /> <?php echo $lang['No']; ?></td> </tr> @@ -408,14 +393,6 @@ switch ( $mode ) <td class="row2"><input type="text" size="3" maxlength="3" name="max_search_chars" value="<?php echo $new['max_search_chars']; ?>" /></td> </tr> <tr> - <td class="row1"><?php echo $lang['Smilies_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Smilies_path_explain']; ?></span></td> - <td class="row2"><input type="text" size="20" maxlength="255" name="smilies_path" value="<?php echo $new['smilies_path']; ?>" /></td> - </tr> - <tr> - <td class="row1"><?php echo $lang['Icons_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Icons_path_explain']; ?></span></td> - <td class="row2"><input type="text" size="20" maxlength="255" name="icons_path" value="<?php echo $new['icons_path']; ?>" /></td> - </tr> - <tr> <td class="row1"><?php echo $lang['Topics_per_page']; ?>: </td> <td class="row2"><input type="text" name="topics_per_page" size="3" maxlength="4" value="<?php echo $new['topics_per_page']; ?>" /></td> </tr> @@ -485,6 +462,13 @@ switch ( $mode ) case 'server': + $ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : ''; + $ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : ''; + $ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : ''; + $ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : ''; + + $gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : ''; + $gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : ''; ?> <tr> <td class="row1"><?php echo $lang['Server_name']; ?>: <br /><span class="gensmall"><?php echo $lang['Server_name_explain']; ?></span></td> @@ -498,6 +482,30 @@ switch ( $mode ) <td class="row1"><?php echo $lang['Script_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Script_path_explain']; ?></span></td> <td class="row2"><input type="text" maxlength="255" name="script_path" value="<?php echo $new['script_path']; ?>" /></td> </tr> + <tr> + <td class="row1"><?php echo $lang['IP_valid']; ?>: <br /><span class="gensmall"><?php echo $lang['IP_valid_explain']; ?></span></td> + <td class="row2"><input type="radio" name="ip_check" value="4" <?php echo $ip_all; ?> /> <?php echo $lang['All']; ?> <input type="radio" name="ip_check" value="3" <?php echo $ip_classc; ?> /> <?php echo $lang['Class_C']; ?> <input type="radio" name="ip_check" value="2" <?php echo $ip_classb; ?> /> <?php echo $lang['Class_B']; ?> <input type="radio" name="ip_check" value="0" <?php echo $ip_none; ?> /> <?php echo $lang['None']; ?> </td> + </tr> + <tr> + <td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td> + <td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td> + </tr> + <tr> + <td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td> + <td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td> + </tr> + <tr> + <td class="row1"><?php echo $lang['Enable_gzip']; ?>: </td> + <td class="row2"><input type="radio" name="gzip_compress" value="1" <?php echo $gzip_yes; ?> /> <?php echo $lang['Yes']; ?> <input type="radio" name="gzip_compress" value="0" <?php echo $gzip_no; ?> /> <?php echo $lang['No']; ?></td> + </tr> + <tr> + <td class="row1"><?php echo $lang['Smilies_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Smilies_path_explain']; ?></span></td> + <td class="row2"><input type="text" size="20" maxlength="255" name="smilies_path" value="<?php echo $new['smilies_path']; ?>" /></td> + </tr> + <tr> + <td class="row1"><?php echo $lang['Icons_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Icons_path_explain']; ?></span></td> + <td class="row2"><input type="text" size="20" maxlength="255" name="icons_path" value="<?php echo $new['icons_path']; ?>" /></td> + </tr> <?php break; @@ -513,7 +521,7 @@ switch ( $mode ) $dp = opendir($phpbb_root_path . 'includes/auth'); while ( $file = readdir($dp) ) { - if ( preg_match('/^auth_(.*?)\.' . $phpEx . '$/', $file) ) + if ( preg_match('/^auth_(.*?)\.' . $phpEx . '$/', $file) ) { $auth_plugins[] = preg_replace('/^auth_(.*?)\.' . $phpEx . '$/', '\1', $file); } @@ -534,7 +542,7 @@ switch ( $mode ) <td class="row2"><select name="auth_method"><?php echo $auth_select; ?></select></td> </tr> <?php - + foreach ( $auth_plugins as $method ) { if ( $method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx) ) @@ -553,7 +561,7 @@ switch ( $mode ) { if ( !isset($board_config[$field]) ) { - $sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value) + $sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value) VALUES ('$field', '')"; $db->sql_query($sql); } diff --git a/phpBB/admin/admin_database.php b/phpBB/admin/admin_database.php index 74783b1c2a..bedb91efff 100644 --- a/phpBB/admin/admin_database.php +++ b/phpBB/admin/admin_database.php @@ -1,6 +1,6 @@ <?php /*************************************************************************** -* admin_db_utilities.php +* admin_database.php * ------------------- * begin : Thu May 31, 2001 * copyright : (C) 2001 The phpBB Group @@ -18,17 +18,14 @@ * (at your option) any later version. * ***************************************************************************/ -// -// Some functions are adapted phpMyAdmin 2.2.0. -// if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } - + $filename = basename(__FILE__); $module['DB']['DB_Backup'] = $filename . "$SID&mode=backup"; @@ -51,9 +48,9 @@ require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // +// Do we have DB backup/restore permissions? // -// -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -64,46 +61,43 @@ if ( !$acl->get_acl_admin('general') ) // @set_time_limit(1200); +$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : ''; + // // Begin program proper // - -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +switch( $mode ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + case 'backup': - switch( $mode ) - { - case 'backup': - - if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + { + switch ( SQL_LAYER ) { - switch ( SQL_LAYER ) - { - case 'oracle': - $db_type = 'Oracle'; - break; - case 'odbc': - $db_type = 'ODBC'; - break; - case 'mssql': - $db_type = 'MSSQL'; - break; - } - - message_die(MESSAGE, $lang['Backups_not_supported']); - break; + case 'oracle': + $db_type = 'Oracle'; + break; + case 'odbc': + $db_type = 'ODBC'; + break; + case 'mssql': + $db_type = 'MSSQL'; + break; } - $additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' ); - $backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' ); - $search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 ); - $store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' ); - $compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' ); + message_die(MESSAGE, $lang['Backups_not_supported']); + break; + } - if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) ) - { - page_header($lang['DB_Backup']); + $additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' ); + $backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' ); + $search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 ); + $store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' ); + $compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' ); + + if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) ) + { + page_header($lang['DB_Backup']); ?> @@ -132,35 +126,35 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) <td class="row2"><input type="text" name="store" size="40" /></td> </tr> <?php - - if ( extension_loaded('zlib') || extension_loaded('bz2') ) - { + + if ( extension_loaded('zlib') || extension_loaded('bz2') ) + { ?> <tr> <td class="row1"><?php echo $lang['Compress_file']; ?>: </td> <td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $lang['None']; ?><?php - - if ( extension_loaded('zlib') ) - { + + if ( extension_loaded('zlib') ) + { ?> <input type="radio" name="compress" value="gzip" />.gz <input type="radio" name="compress" value="zip" />.zip<?php - - } - if ( extension_loaded('bz2') ) - { + } + + if ( extension_loaded('bz2') ) + { ?> <input type="radio" name="compress" value="bzip" />.bz2<?php - - } - + + } + ?></td> </tr> <?php - - } + + } ?> <tr> @@ -170,229 +164,232 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) <?php - break; + break; + } + else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) ) + { + $meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&type=$backup_type&tables=" . quotemeta($additional_tables) . "&search=$search&store=" . quotemeta($store_path) . "&compress=$compress&backupstart=1&startdownload=1\">"; - } - else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) ) - { - $meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&type=$backup_type&tables=" . quotemeta($additional_tables) . "&search=$search&store=" . quotemeta($store_path) . "&compress=$compress&backupstart=1&startdownload=1\">"; + $message = ( empty($store_path) ) ? $lang['Backup_download'] : $lang['Backup_writing']; - $message = ( empty($store_path) ) ? $lang['Backup_download'] : $lang['Backup_writing']; + page_header($lang['DB_Backup'], $meta); + page_message($lang['DB_Backup'], $message); + page_footer(); + } - page_header($lang['DB_Backup'], $meta); - page_message($lang['DB_Backup'], $message); - page_footer(); - } + $tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables(); + @sort($tables); - $tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables(); - @sort($tables); + if ( !empty($additional_tables) ) + { + $additional_tables = explode(',', $additional_tables); - if ( !empty($additional_tables) ) + for($i = 0; $i < count($additional_tables); $i++) { - $additional_tables = explode(',', $additional_tables); - - for($i = 0; $i < count($additional_tables); $i++) - { - $tables[] = trim($additional_tables[$i]); - } - unset($additional_tables); + $tables[] = trim($additional_tables[$i]); } + unset($additional_tables); + } - // - // Enable output buffering - // - @ob_start(); - @ob_implicit_flush(0); + // + // Enable output buffering + // + @ob_start(); + @ob_implicit_flush(0); - // - // Build the sql script file... - // - echo "#\n"; - echo "# phpBB Backup Script\n"; - echo "# Dump of tables for $dbname\n"; - echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; - echo "#\n"; + // + // Build the sql script file... + // + echo "#\n"; + echo "# phpBB Backup Script\n"; + echo "# Dump of tables for $dbname\n"; + echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; + echo "#\n"; + + if ( SQL_LAYER == 'postgresql' ) + { + echo "\n" . pg_get_sequences("\n", $backup_type); + } + + for($i = 0; $i < count($tables); $i++) + { + $table_name = $tables[$i]; - if ( SQL_LAYER == 'postgresql' ) + if ( SQL_LAYER != 'mysql4' ) { - echo "\n" . pg_get_sequences("\n", $backup_type); + $table_def_function = "get_table_def_" . SQL_LAYER; + $table_content_function = "get_table_content_" . SQL_LAYER; + } + else + { + $table_def_function = "get_table_def_mysql"; + $table_content_function = "get_table_content_mysql"; } - for($i = 0; $i < count($tables); $i++) + if ( $backup_type != 'data' ) { - $table_name = $tables[$i]; + echo "#\n# TABLE: " . $table_name . "\n#\n"; + echo $table_def_function($table_name, "\n") . "\n"; + } - if ( SQL_LAYER != 'mysql4' ) - { - $table_def_function = "get_table_def_" . SQL_LAYER; - $table_content_function = "get_table_content_" . SQL_LAYER; - } - else + if ( $backup_type != 'structure' ) + { + // + // Skip search table data? + // + if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) ) { - $table_def_function = "get_table_def_mysql"; - $table_content_function = "get_table_content_mysql"; + $table_content_function($table_name, "output_table_content"); } + } + } - if ( $backup_type != 'data' ) - { - echo "#\n# TABLE: " . $table_name . "\n#\n"; - echo $table_def_function($table_name, "\n") . "\n"; - } + // + // Flush the buffer, send the file + // + switch ( $compress ) + { + case 'gzip': + $extension = 'sql.gz'; + $contents = gzencode(ob_get_contents()); + ob_end_clean(); + break; - if ( $backup_type != 'structure' ) - { - // - // Skip search table data? - // - if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) ) - { - $table_content_function($table_name, "output_table_content"); - } - } - } - - // - // Flush the buffer, send the file - // - switch ( $compress ) - { - case 'gzip': - $extension = 'sql.gz'; - $contents = gzencode(ob_get_contents()); - ob_end_clean(); - break; + case 'zip': + $extension = 'zip'; + $zip = new zipfile; + $zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time()); + ob_end_clean(); + $contents = $zip->file(); + break; - case 'zip': - $extension = 'zip'; - $zip = new zipfile; - $zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time()); - ob_end_clean(); - $contents = $zip->file(); - break; + case 'bzip': + $extension = 'bz2'; + $contents = bzcompress(ob_get_contents()); + ob_end_clean(); + break; - case 'bzip': - $extension = 'bz2'; - $contents = bzcompress(ob_get_contents()); - ob_end_clean(); - break; + default: + $extension = 'sql'; + $contents = ob_get_contents(); + ob_end_clean(); + } - default: - $extension = 'sql'; - $contents = ob_get_contents(); - ob_end_clean(); - } + add_admin_log('log_db_backup'); - if ( empty($store_path) ) - { - header("Pragma: no-cache"); - header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\""); - header("Content-disposition: attachment; filename=phpbb_db_backup.$extension"); + if ( empty($store_path) ) + { + header("Pragma: no-cache"); + header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\""); + header("Content-disposition: attachment; filename=phpbb_db_backup.$extension"); - echo $contents; - unset($contents); + echo $contents; + unset($contents); + } + else + { + if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) ) + { + message_die(ERROR, 'Could not open backup file'); } - else + + if ( !fwrite($fp, $contents) ) { - if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) ) - { - message_die(ERROR, 'Could not open backup file'); - } + message_die(ERROR, 'Could not write backup file content'); + } - if ( !fwrite($fp, $contents) ) - { - message_die(ERROR, 'Could not write backup file content'); - } + fclose($fp); + unset($contents); + + message_die(MESSAGE, $lang['Backup_success']); + } - fclose($fp); - unset($contents); + exit; + break; - message_die(MESSAGE, $lang['Backup_success']); + case 'restore': + + if ( isset($HTTP_POST_VARS['restorestart']) ) + { + // + // Handle the file upload .... + // If no file was uploaded report an error... + // + if ( !empty($HTTP_POST_VARS['local']) ) + { + $file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']); + $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); + } + else + { + $filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : ''; + $file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; } - exit; - break; + if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) ) + { + message_die(MESSAGE, $lang['Restore_Error_no_file']); + } - case 'restore': + $ext = substr($filename, strrpos($filename, '.') + 1); - if ( isset($HTTP_POST_VARS['restorestart']) ) + if ( !preg_match('/^(sql|gz|bz2)$/', $ext) ) { - // - // Handle the file upload .... - // If no file was uploaded report an error... - // - if ( !empty($HTTP_POST_VARS['local']) ) - { - $file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']); - $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); - } - else - { - $filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : ''; - $file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; - } + message_die(MESSAGE, $lang['Restore_Error_filename']); + } - if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) ) - { - message_die(MESSAGE, $lang['Restore_Error_no_file']); - } + if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) ) + { + message_die(MESSAGE, $lang['Compress_unsupported']); + } - $ext = substr($filename, strrpos($filename, '.') + 1); + $sql_query = ''; + switch ( $ext ) + { + case 'gz': + $fp = gzopen($file_tmpname, 'rb'); + while ( !gzeof($fp) ) + { + $sql_query .= gzgets($fp, 100000); + } + gzclose($fp); + break; - if ( !preg_match('/^(sql|gz|bz2)$/', $ext) ) - { - message_die(MESSAGE, $lang['Restore_Error_filename']); - } + case 'bz2': + $sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname))); + break; - if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) ) - { - message_die(MESSAGE, $lang['Compress_unsupported']); - } + default; + $sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname)); + } - $sql_query = ''; - switch ( $ext ) - { - case 'gz': - $fp = gzopen($file_tmpname, 'rb'); - while ( !gzeof($fp) ) - { - $sql_query .= gzgets($fp, 100000); - } - gzclose($fp); - break; - - case 'bz2': - $sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname))); - break; - - default; - $sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname)); - } + if ( $sql_query != '' ) + { + // Strip out sql comments... + $sql_query = remove_remarks($sql_query); + $pieces = split_sql_file($sql_query, ';'); - if ( $sql_query != '' ) + $sql_count = count($pieces); + for($i = 0; $i < $sql_count; $i++) { - // Strip out sql comments... - $sql_query = remove_remarks($sql_query); - $pieces = split_sql_file($sql_query, ';'); + $sql = trim($pieces[$i]); - $sql_count = count($pieces); - for($i = 0; $i < $sql_count; $i++) + if ( !empty($sql) && $sql[0] != '#' ) { - $sql = trim($pieces[$i]); - - if ( !empty($sql) && $sql[0] != '#' ) - { - $db->sql_query($sql); - } + $db->sql_query($sql); } } - - message_die(MESSAGE, $lang['Restore_success']); } - // - // Restore page - // - page_header($lang['DB_Restore']); + add_admin_log('log_db_restore'); + + message_die(MESSAGE, $lang['Restore_success']); + } + + // + // Restore page + // + page_header($lang['DB_Restore']); ?> @@ -404,21 +401,21 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) <th colspan="2"><?php echo $lang['Select_file']; ?></th> </tr> <tr> - <td class="row1"><?php echo $lang['Upload_file']; ?>: <br /><span class="gensmall"><?php - - echo $lang['Supported_extensions']; + <td class="row1"><?php echo $lang['Upload_file']; ?>: <br /><span class="gensmall"><?php - $types = ': <u>sql</u>'; - if ( extension_loaded('zlib') ) - { - $types .= ', <u>sql.gz</u>'; - } - if ( extension_loaded('bz2') ) - { - $types .= ', <u>bz2</u>'; - } + echo $lang['Supported_extensions']; - echo $types; + $types = ': <u>sql</u>'; + if ( extension_loaded('zlib') ) + { + $types .= ', <u>sql.gz</u>'; + } + if ( extension_loaded('bz2') ) + { + $types .= ', <u>bz2</u>'; + } + + echo $types; ?></span></td> <td class="row2"><input type="file" name="backup_file" /></td> @@ -434,7 +431,11 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) <?php - } + break; + + default: + exit; + } page_footer(); @@ -1030,7 +1031,7 @@ function output_table_content($content) // Zip creation class from phpMyAdmin 2.3.0 (c) Tobias Ratschiller, Olivier Müller, Loïc Chapeaux, Marc Delisle // http://www.phpmyadmin.net/ // -// Based on work by Eric Mueller and Denis125 +// Based on work by Eric Mueller and Denis125 // Official ZIP file format: http://www.pkware.com/appnote.txt // class zipfile @@ -1138,7 +1139,7 @@ class zipfile pack('V', strlen($ctrldir)) . // size of central dir pack('V', strlen($data)) . // offset to start of central dir "\x00\x00"; // .zip file comment length - } + } } diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php index 83caf18e9c..83f9a48a8e 100644 --- a/phpBB/admin/admin_disallow.php +++ b/phpBB/admin/admin_disallow.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -45,7 +45,7 @@ require('pagestart.' . $phpEx); // // Do we have user admin permissions? // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -63,7 +63,7 @@ if( isset($HTTP_POST_VARS['add_name']) ) } else { - $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) + $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) VALUES('" . str_replace("\'", "''", $disallowed_user) . "')"; $result = $db->sql_query( $sql ); @@ -79,8 +79,8 @@ if( isset($HTTP_POST_VARS['add_name']) ) else if( isset($HTTP_POST_VARS['delete_name']) ) { $disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] ); - - $sql = "DELETE FROM " . DISALLOW_TABLE . " + + $sql = "DELETE FROM " . DISALLOW_TABLE . " WHERE disallow_id = $disallowed_id"; $db->sql_query($sql); @@ -95,7 +95,7 @@ else if( isset($HTTP_POST_VARS['delete_name']) ) // // Grab the current list of disallowed usernames... // -$sql = "SELECT * +$sql = "SELECT * FROM " . DISALLOW_TABLE; $result = $db->sql_query($sql); @@ -121,17 +121,17 @@ page_header($lang['Users']); <p><?php echo $lang['Disallow_explain']; ?></p> <form method="post" action="<?php echo "admin_disallow.$phpEx$SID"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> + <tr> <th colspan="2"><?php echo $lang['Add_disallow_title']; ?></th> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Username']; ?><br /><span class="gensmall"><?php echo $lang['Add_disallow_explain']; ?></span></td> <td class="row2"><input type="text" name="disallowed_user" size="30" /> <input type="submit" name="add_name" value="<?php echo $lang['Add_disallow']; ?>" class="mainoption" /></td> </tr> - <tr> + <tr> <th colspan="2"><?php echo $lang['Delete_disallow_title']; ?></th> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Username']; ?><br /><span class="gensmall"><?php echo $lang['Delete_disallow_explain']; ?></span></td> <td class="row2"><?php if ( $disallow_select != '' ) { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select> <input type="submit" name="delete_name" value="<?php echo $lang['Delete']; ?>" class="liteoption" /><?php } else { echo $lang['No_disallowed']; } ?></td> </tr> diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index e1e6af523d..27dd13e2db 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -21,14 +21,14 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } $filename = basename(__FILE__); $module['General']['Mass_Email'] = $filename . $SID; - + return; } @@ -43,14 +43,14 @@ require('pagestart.' . $phpEx); // // Do we have general admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { return; } // // Set some vars -// +// $message = ''; $subject = ''; @@ -80,7 +80,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) $subject = stripslashes($HTTP_POST_VARS['subject']); $message = stripslashes($HTTP_POST_VARS['message']); - + // // Error checking needs to go here ... if no subject and/or // no message then skip over the send and return to the form @@ -102,7 +102,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) $board_config['smtp_host'] = get_cfg_var('SMTP'); } $emailer = new emailer($board_config['smtp_delivery']); - + $email_headers = 'From: ' . $board_config['board_email'] . "\n"; $bcc_list = ''; @@ -111,7 +111,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) $bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $email_list[$i]['user_email']; } $email_headers .= "Bcc: $bcc_list\n"; - + $email_headers .= 'Return-Path: ' . $userdata['board_email'] . "\n"; $email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n"; $email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n"; @@ -124,8 +124,8 @@ if ( isset($HTTP_POST_VARS['submit']) ) $emailer->extra_headers($email_headers); $emailer->assign_vars(array( - 'SITENAME' => $board_config['sitename'], - 'BOARD_EMAIL' => $board_config['board_email'], + 'SITENAME' => $board_config['sitename'], + 'BOARD_EMAIL' => $board_config['board_email'], 'MESSAGE' => $message) ); @@ -134,13 +134,13 @@ if ( isset($HTTP_POST_VARS['submit']) ) message_die(MESSAGE, $lang['Email_sent']); } -} +} // // Initial selection // -$sql = "SELECT group_id, group_name +$sql = "SELECT group_id, group_name FROM ".GROUPS_TABLE; $result = $db->sql_query($sql); @@ -164,22 +164,22 @@ page_header($lang['Mass_Email']); <p><?php echo $lang['Mass_email_explain']; ?></p> <form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1"> - <tr> + <tr> <th colspan="2"><?php echo $lang['Compose']; ?></th> </tr> - <tr> + <tr> <td class="row1" align="right"><b><?php echo $lang['Recipients']; ?></b></td> <td class="row2" align="left"><?php echo $select_list; ?></td> </tr> - <tr> + <tr> <td class="row1" align="right"><b><?php echo $lang['Subject']; ?></b></td> <td class="row2"><span class="gen"><input type="text" name="subject" size="45" maxlength="100" tabindex="2" class="post" value="<?php echo $subject; ?>" /></span></td> </tr> - <tr> - <td class="row1" align="right" valign="top"><span class="gen"><b><?php echo $lang['Message']; ?></b></span> - <td class="row2"><textarea class="post" name="message" rows="15" cols="35" wrap="virtual" style="width:450px" tabindex="3"><?php echo $message; ?></textarea></td> + <tr> + <td class="row1" align="right" valign="top"><span class="gen"><b><?php echo $lang['Message']; ?></b></span> + <td class="row2"><textarea class="post" name="message" rows="15" cols="35" wrap="virtual" style="width:450px" tabindex="3"><?php echo $message; ?></textarea></td> </tr> - <tr> + <tr> <td class="cat" colspan="2" align="center"><input type="submit" value="<?php echo $lang['Email']; ?>" name="submit" class="mainoption" /></td> </tr> </table></form> diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index a15fb902c6..34e842b0fb 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -21,7 +21,7 @@ if (!empty($setmodules)) { - if (!$acl->get_acl_admin('forum')) + if (!$auth->get_acl_admin('forum')) { return; } @@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have forum admin permissions? // -if (!$acl->get_acl_admin('forum')) +if (!$auth->get_acl_admin('forum')) { message_die(MESSAGE, $lang['No_admin']); } @@ -535,7 +535,7 @@ switch ($mode) </tr> </table> </form> - + <br clear="all" /> <?php @@ -562,10 +562,10 @@ switch ($mode) <form action="admin_forums.<?php echo $phpEx . $SID ?>&mode=remove&f=<?php echo $forum_id ?>" method="post"> <table cellpadding="4" cellspacing="1" border="0" class="forumline" align="center"> - <tr> + <tr> <th colspan="2" class="thHead"><?php echo $lang['Forum_delete'] ?></th> </tr> - <tr> + <tr> <td class="row1"><?php echo ($forum_status == ITEM_CATEGORY) ? $lang['Category_name'] : $lang['Forum_name'] ?></td> <td class="row1"><span class="row1"><?php echo $forum_name ?></span></td> </tr> @@ -573,11 +573,11 @@ switch ($mode) if ($forum_status != ITEM_CATEGORY) { ?> - <tr> + <tr> <td class="row1"><?php echo $lang['Action'] ?></td> <td class="row1"><input type="radio" name="action_posts" value="delete" checked="checked" /> <?php echo $lang['Delete_all_posts'] ?></td> </tr> - <tr> + <tr> <td class="row1"></td> <td class="row1"><input type="radio" name="action_posts" value="move" /> <?php echo $lang['Move_posts_to'] ?> <select name="posts_to_id" ?><option value="0"></option><?php echo $move_posts_list ?></select></td> </tr> @@ -586,18 +586,18 @@ switch ($mode) if ($right_id - $left_id > 1) { ?> - <tr> + <tr> <td class="row1"><?php echo $lang['Action'] ?></td> <td class="row1"><input type="radio" name="action_subforums" value="delete" checked="checked" /> <?php echo $lang['Delete_subforums'] ?></td> </tr> - <tr> + <tr> <td class="row1"></td> <td class="row1"><input type="radio" name="action_subforums" value="move" /> <?php echo $lang['Move_subforums_to'] ?> <select name="subforums_to_id" ?><option value="0"></option><?php echo $forums_list ?></select></td> </tr> <?php } ?> - <tr> + <tr> <td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $lang['Move_and_Delete'] ?>" class="mainoption" /></td> </tr> </table> @@ -705,7 +705,7 @@ while ($row = $db->sql_fetchrow($result)) $forum_title = htmlspecialchars($sub_row['forum_name']); $forum_desc = htmlspecialchars($sub_row['forum_desc']); $subforums = ($sub_row['right_id'] - $sub_row['left_id'] - 1) / 2; - + if ($sub_row['forum_status'] != ITEM_CATEGORY) { $colspan = ''; diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php index e3c35f1d93..3a7e7a95fe 100644 --- a/phpBB/admin/admin_groups.php +++ b/phpBB/admin/admin_groups.php @@ -19,10 +19,13 @@ * ***************************************************************************/ -define('IN_PHPBB', 1); - if( !empty($setmodules) ) { + if ( !$auth->get_acl_admin('group') ) + { + return; + } + $filename = basename(__FILE__); $module['Groups']['Create'] = $filename . "$SID&mode=create"; $module['Groups']['Delete'] = $filename . "$SID&mode=delete"; @@ -31,20 +34,29 @@ if( !empty($setmodules) ) return; } +define('IN_PHPBB', 1); // -// Load default header +// Include files // -$phpbb_root_path = "../"; +$phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +// +// Do we have general permissions? +// +if ( !$auth->get_acl_admin('group') ) +{ + message_die(MESSAGE, $lang['No_admin']); +} + if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) { $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); } else { - $group_id = ""; + $group_id = ''; } // @@ -122,7 +134,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) for($i = 0; $i < count($user_list); $i++) { - if( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) + if( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) { $group_moderator = $user_list[$i]['username']; } @@ -136,15 +148,15 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) $template->assign_vars(array( "GROUP_NAME" => $group_info['group_name'], - "GROUP_DESCRIPTION" => $group_info['group_description'], - "GROUP_MODERATOR" => $group_moderator, + "GROUP_DESCRIPTION" => $group_info['group_description'], + "GROUP_MODERATOR" => $group_moderator, "L_GROUP_TITLE" => $lang['Group_administration'], - "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], + "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], "L_GROUP_NAME" => $lang['group_name'], "L_GROUP_DESCRIPTION" => $lang['group_description'], - "L_GROUP_MODERATOR" => $lang['group_moderator'], - "L_FIND_USERNAME" => $lang['Find_username'], + "L_GROUP_MODERATOR" => $lang['group_moderator'], + "L_FIND_USERNAME" => $lang['Find_username'], "L_GROUP_STATUS" => $lang['group_status'], "L_GROUP_OPEN" => $lang['group_open'], "L_GROUP_CLOSED" => $lang['group_closed'], @@ -157,7 +169,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) "L_DELETE_MODERATOR_EXPLAIN" => $lang['delete_moderator_explain'], "L_YES" => $lang['Yes'], - "U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"), + "U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"), "S_GROUP_OPEN_TYPE" => GROUP_OPEN, "S_GROUP_CLOSED_TYPE" => GROUP_CLOSED, @@ -220,7 +232,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); } - + $this_userdata = get_userdata($group_moderator); $group_moderator = $this_userdata['user_id']; @@ -228,7 +240,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); } - + if( $mode == "editgroup" ) { $sql = "SELECT * @@ -243,14 +255,14 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); } - $group_info = $db->sql_fetchrow($result); - + $group_info = $db->sql_fetchrow($result); + if ( $group_info['group_moderator'] != $group_moderator ) { if ( $delete_old_moderator != "" ) { $sql = "DELETE FROM " . USER_GROUP_TABLE . " - WHERE user_id = " . $group_info['group_moderator'] . " + WHERE user_id = " . $group_info['group_moderator'] . " AND group_id = " . $group_id; if ( !$result = $db->sql_query($sql) ) { @@ -265,20 +277,20 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } } $sql = "UPDATE " . GROUPS_TABLE . " - SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator + SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator WHERE group_id = $group_id"; if ( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql); } - + $message = $lang['Updated_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");; message_die(GENERAL_MESSAGE, $message); } else if( $mode == "newgroup" ) { - $sql = "SELECT MAX(group_id) AS new_group_id + $sql = "SELECT MAX(group_id) AS new_group_id FROM " . GROUPS_TABLE; if ( !$result = $db->sql_query($sql) ) { @@ -288,7 +300,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) $new_group_id = $row['new_group_id'] + 1; - $sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user) + $sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user) VALUES ($new_group_id, $group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')"; if ( !$result = $db->sql_query($sql) ) { @@ -301,7 +313,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql); } - + $message = $lang['Added_new_group'] . "<br /><br />" . sprintf($lang['Click_return_groupsadmin'], "<a href=\"" . append_sid("admin_groups.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");; message_die(GENERAL_MESSAGE, $message); @@ -313,48 +325,97 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } } } -else -{ + +page_header($lang['Manage']); + +?> + +<h1><?php echo $lang['Manage']; ?></h1> + +<p><?php echo $lang['Group_manage_explain']; ?></p> + +<form method="post" action="<?php echo "admin_groups.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="3"><?php echo $lang['Manage']; ?></th> + </tr> +<?php + $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " - WHERE group_single_user <> " . TRUE . " ORDER BY group_name"; - $g_result = $db->sql_query($sql); - $group_list = $db->sql_fetchrowset($g_result); + $result = $db->sql_query($sql); - $select_list = "<select name=\"" . POST_GROUPS_URL . "\">"; - for($i = 0; $i < count($group_list); $i++) + $groups = array(); + if ( $row = $db->sql_fetchrow($result) ) { - $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>"; + do + { + $groups[] = $row; + } + while ( $row = $db->sql_fetchrow($result) ); } - $select_list .= "</select>"; - - $template->set_filenames(array( - "body" => "admin/group_select_body.tpl") - ); - $template->assign_vars(array( - "L_GROUP_TITLE" => $lang['Group_administration'], - "L_GROUP_EXPLAIN" => $lang['Group_admin_explain'], - "L_GROUP_SELECT" => $lang['Select_group'], - "L_LOOK_UP" => $lang['Look_up_group'], - "L_CREATE_NEW_GROUP" => $lang['New_group'], + $sql = "SELECT ug.group_id, u.user_id, u.username + FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug + WHERE ug.user_pending = 1 + AND u.user_id = ug.user_id + ORDER BY ug.group_id"; + $result = $db->sql_query($sql); - "S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"), - "S_GROUP_SELECT" => $select_list) - ); + $pending = array(); + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $pending[$row['group_id']][] = $row; + } + while ( $row = $db->sql_fetchrow($result) ); + } - // - // Faking the IF... ELSE statements again... - // - if( count($group_list) > 0 ) + foreach ( $groups as $group_ary ) { - $template->assign_block_vars("select_box", array()); + $group_id = $group_ary['group_id']; + $group_name = ( !empty($lang[$group_ary['group_name']]) ) ? $lang[$group_ary['group_name']] : $group_ary['group_name']; + +?> + <tr> + <td class="cat"><span class="cattitle"><?php echo $group_name;?></span></td> + <td class="cat" align="center"> <input class="liteoption" type="submit" name="edit[<?php echo $group_id; ?>]" value="<?php echo $lang['Edit'];?>" /> </td> + <td class="cat" align="center"> <input class="liteoption" type="submit" name="delete[<?php echo $group_id; ?>]" value="<?php echo $lang['Delete'];?>" /> </td> + </tr> +<?php + + if ( is_array($pending[$group_id]) ) + { + $row_class = ''; + foreach( $pending[$group_id] as $pending_ary ) + { + $row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2'; +?> + <tr> + <td class="<?php echo $row_class; ?>"><?php echo $pending_ary['username'];?></td> + <td class="<?php echo $row_class; ?>" align="center"><input class="liteoption" type="submit" name="approve[<?php echo $pending_ary['user_id']; ?>]" value="<?php echo $lang['Approve_selected'];?>" /></td> + <td class="<?php echo $row_class; ?>" align="center"><input class="liteoption" type="submit" name="decline[<?php echo $pending_ary['user_id']; ?>]" value="<?php echo $lang['Deny_selected'];?>" /></td> + </tr> +<?php + } + } + else + { +?> + <tr> + <td class="row1" colspan="4" align="center">No pending users</td> + </tr> +<?php + + } } - $template->pparse('body'); -} +?> +</table></form> + +<?php -include('page_footer_admin.'.$phpEx); +page_footer(); ?> diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 43d79d4709..656ddcedcd 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('auth') ) + if ( !$auth->get_acl_admin('auth') ) { return; } @@ -46,7 +46,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('auth') ) +if ( !$auth->get_acl_admin('auth') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -101,6 +101,13 @@ switch ( $mode ) break; } +// +// Brief explanation of how things work when updating ... +// +// Granting someone any admin permissions grants them permissions +// to all other options, e.g. Moderator and Forums across the board. +// This is done via the acl class +// if ( isset($HTTP_POST_VARS['update']) ) { switch ( $HTTP_POST_VARS['type'] ) @@ -116,7 +123,7 @@ if ( isset($HTTP_POST_VARS['update']) ) foreach ( $HTTP_POST_VARS['entries'] as $id ) { - $acl->$set($forum_id, $id, $HTTP_POST_VARS['option']); + $auth->$set($forum_id, $id, $HTTP_POST_VARS['option']); } message_die(MESSAGE, 'Permissions updated successfully'); @@ -156,7 +163,7 @@ else if ( isset($HTTP_POST_VARS['delete']) ) foreach ( $HTTP_POST_VARS['entries'] as $id ) { - $acl->$set($forum_id, $id, $option_ids); + $auth->$set($forum_id, $id, $option_ids); } message_die(MESSAGE, 'Permissions updated successfully'); @@ -344,9 +351,16 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators else { + // + // Founder only operations ... these operations can + // only be altered by someone with founder status + // + $founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : ''; + $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " - WHERE auth_value LIKE '" . $type_sql . "_%'"; + WHERE auth_value LIKE '" . $type_sql . "_%' + $founder_sql"; $result = $db->sql_query($sql); $auth_options = array(); diff --git a/phpBB/admin/admin_prune.php b/phpBB/admin/admin_prune.php index f1b531cb7d..12bebe7c0c 100644 --- a/phpBB/admin/admin_prune.php +++ b/phpBB/admin/admin_prune.php @@ -21,11 +21,11 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('forum') ) + if ( !$auth->get_acl_admin('forum') ) { return; } - + $filename = basename(__FILE__); $module['Forums']['Prune'] = $filename . $SID . '&mode=forums'; @@ -39,12 +39,12 @@ define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); +require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('forum') ) +if ( !$auth->get_acl_admin('forum') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -97,10 +97,10 @@ if ( isset($HTTP_POST_VARS['doprune']) ) { $p_result = prune($forum_rows[$i]['forum_id'], $prunedate); sync('forum', $forum_rows[$i]['forum_id']); - + $template->assign_block_vars('prune_results', array( - 'ROW_COLOR' => '#' . $row_color, - 'ROW_CLASS' => $row_class, + 'ROW_COLOR' => '#' . $row_color, + 'ROW_CLASS' => $row_class, 'FORUM_NAME' => $forum_rows[$i]['forum_name'], 'FORUM_TOPICS' => $p_result['topics'], 'FORUM_POSTS' => $p_result['posts']) @@ -161,7 +161,7 @@ else { $forum_name = ( $forum_id == -1 ) ? $lang['All_Forums'] : $forum_rows[0]['forum_name']; - $prune_data = $lang['Prune_topics_not_posted'] . " "; + $prune_data = $lang['Prune_topics_not_posted'] . " "; $prune_data .= '<input type="text" name="prunedays" size="4"> ' . $lang['Days']; $s_hidden_fields = '<input type="hidden" name="f" value="' . $forum_id . '">'; @@ -175,13 +175,13 @@ else <h2><?php echo $lang['Forum'] . ': ' . $forum_name; ?></h2> <form method="post" action="<?php echo "admin_prune.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> + <tr> <th class="th"><?php echo $lang['Forum_Prune']; ?></th> </tr> <tr> <td class="row1"><?php echo $prune_data; ?></td> </tr> - <tr> + <tr> <td class="cat" align="center"><?php echo $s_hidden_fields; ?><input type="submit" name="doprune" value="<?php echo $lang['Do_Prune']; ?>" class="mainoption"></td> </tr> </table></form> diff --git a/phpBB/admin/admin_prune_users.php b/phpBB/admin/admin_prune_users.php index 1169c4415d..ec744510a8 100644 --- a/phpBB/admin/admin_prune_users.php +++ b/phpBB/admin/admin_prune_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -75,7 +75,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) { $l_message .= ( !empty($HTTP_POST_VARS[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($HTTP_POST_VARS[$field]) . '" />' : ''; } - + $l_message .= '</form>'; page_header($lang['Prune_users']); @@ -90,7 +90,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) page_message($lang['Confirm'], $l_message, false); page_footer(); - + } else if ( isset($HTTP_POST_VARS['confirm']) ) { @@ -128,8 +128,8 @@ if ( isset($HTTP_POST_VARS['prune']) ) $where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; } - $sql = "SELECT username, user_id FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS . " + $sql = "SELECT username, user_id FROM " . USERS_TABLE . " + WHERE user_id <> " . ANONYMOUS . " $where_sql"; $result = $db->sql_query($sql); @@ -169,8 +169,8 @@ if ( isset($HTTP_POST_VARS['prune']) ) for($i = 0; $i < sizeof($user_ids); $i++) { - $sql = "UPDATE " . POSTS_TABLE . " - SET poster_id = " . ANONYMOUS . ", post_username = '" . $usernames[$i] . "' + $sql = "UPDATE " . POSTS_TABLE . " + SET poster_id = " . ANONYMOUS . ", post_username = '" . $usernames[$i] . "' WHERE user_id = " . $userids[$i]; // $db->sql_query($sql); } @@ -184,7 +184,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) $sql = "UPDATE " . USERS_TABLE . " SET user_active = 0"; } - $sql .= " WHERE user_id <> " . ANONYMOUS . " + $sql .= " WHERE user_id <> " . ANONYMOUS . " $where_sql"; // $db->sql_query($sql); @@ -233,26 +233,26 @@ page_header($lang['Prune_users']); <p><?php echo $lang['Prune_users_explain']; ?></p> <form method="post" name="post" action="<?php echo "admin_prune_users.$phpEx$SID"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> + <tr> <th colspan="2"><?php echo $lang['Prune_users']; ?></th> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Username']; ?>: </td> <td class="row2"><input class="post" type="text" name="username" /></td> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Email']; ?>: </td> <td class="row2"><input class="post" type="text" name="email" /></td> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Joined']; ?>: <br /><span class="gensmall"><?php echo $lang['Joined_explain']; ?></span></td> <td class="row2"><select name="joined_select"><?php echo $s_find_join_time; ?></select> <input class="post" type="text" name="joined" maxlength="10" size="10" /></td> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Last_active']; ?>: <br /><span class="gensmall"><?php echo $lang['Last_active_explain']; ?></span></td> <td class="row2"><select name="active_select"><?php echo $s_find_active_time; ?></select> <input class="post" type="text" name="active" maxlength="10" size="10" /></td> </tr> - <tr> + <tr> <td class="row1"><?php echo $lang['Posts']; ?>: </td> <td class="row2"><select name="count_select"><?php echo $s_find_count; ?></select> <input class="post" type="text" name="count" /></td> </tr> diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index fd87887456..176aa50cf4 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -55,7 +55,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; } -else +else { // // These could be entered via a form button @@ -85,9 +85,9 @@ if ( $mode != '' ) // They want to add a new rank, show the form. // $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; - + $s_hidden_fields = '<input type="hidden" name="mode" value="save" />'; - + if ( $mode == 'edit' ) { if ( empty($rank_id) ) @@ -98,7 +98,7 @@ if ( $mode != '' ) $sql = "SELECT * FROM " . RANKS_TABLE . " WHERE rank_id = $rank_id"; $result = $db->sql_query($sql); - + $rank_info = $db->sql_fetchrow($result); $s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />'; @@ -151,7 +151,7 @@ if ( $mode != '' ) // // Ok, they sent us our info, let's update it. // - + $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; $rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : ''; $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0; @@ -194,7 +194,7 @@ if ( $mode != '' ) $message = $lang['Rank_added']; } - + $db->sql_query($sql); $message .= '<br /><br />' . sprintf($lang['Click_return_rankadmin'], '<a href="' . "admin_ranks.$phpEx$SID" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&pane=right" . '">', '</a>'); @@ -207,7 +207,7 @@ if ( $mode != '' ) // // Ok, they want to delete their rank // - + if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) { $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); @@ -216,15 +216,15 @@ if ( $mode != '' ) { $rank_id = 0; } - + if ( $rank_id ) { $sql = "DELETE FROM " . RANKS_TABLE . " WHERE rank_id = $rank_id"; $db->sql_query($sql); - - $sql = "UPDATE " . USERS_TABLE . " - SET user_rank = 0 + + $sql = "UPDATE " . USERS_TABLE . " + SET user_rank = 0 WHERE user_rank = $rank_id"; $db->sql_query($sql); diff --git a/phpBB/admin/admin_search.php b/phpBB/admin/admin_search.php index 9adfa2cae4..86d7b820b2 100644 --- a/phpBB/admin/admin_search.php +++ b/phpBB/admin/admin_search.php @@ -1,4 +1,4 @@ -<?php +<?php /*************************************************************************** * admin_search.php * ------------------- @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -113,8 +113,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) // // Take board offline // - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = '1' + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '1' WHERE config_name = 'board_disable'"; $db->sql_query($sql); @@ -129,7 +129,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) // // Fetch a batch of posts_text entries // - $sql = "SELECT COUNT(*) AS total, MAX(post_id) AS max_post_id, MIN(post_id) AS min_post_id + $sql = "SELECT COUNT(*) AS total, MAX(post_id) AS max_post_id, MIN(post_id) AS min_post_id FROM " . POSTS_TEXT_TABLE; $result = $db->sql_query($sql); @@ -139,18 +139,18 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) $db->sql_freeresult($result); - $sql = "SELECT * - FROM " . POSTS_TEXT_TABLE . " - WHERE post_id - BETWEEN $batchstart + $sql = "SELECT * + FROM " . POSTS_TEXT_TABLE . " + WHERE post_id + BETWEEN $batchstart AND $batchend"; $result = $db->sql_query($sql); - + if ( $row = $db->sql_fetchrow($result) ) { do { - $post_id = $row['post_id']; + $post_id = $row['post_id']; $search_raw_words = array(); $search_raw_words['text'] = split_words(clean_words('post', $row['post_text'], $stopword_array, $synonym_array)); @@ -164,14 +164,14 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) if ( !empty($search_matches) ) { for ($i = 0; $i < count($search_matches); $i++) - { + { $search_matches[$i] = trim($search_matches[$i]); - if ( $search_matches[$i] != '' ) + if ( $search_matches[$i] != '' ) { $word[] = $search_matches[$i]; $word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; - } + } } } } @@ -194,8 +194,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) case 'mssql-odbc': case 'oracle': case 'db2': - $sql = "SELECT word_id, word_text - FROM " . SEARCH_WORD_TABLE . " + $sql = "SELECT word_id, word_text + FROM " . SEARCH_WORD_TABLE . " WHERE word_text IN ($word_text_sql)"; $result = $db->sql_query($sql); @@ -209,7 +209,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) $value_sql = ''; $match_word = array(); for ($i = 0; $i < count($word); $i++) - { + { $new_match = true; if ( isset($check_words[$word[$i]]) ) { @@ -228,8 +228,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) $value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'"; break; default: - $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) - VALUES ('" . $word[$i] . "')"; + $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) + VALUES ('" . $word[$i] . "')"; $db->sql_query($sql); break; } @@ -242,12 +242,12 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) { case 'mysql': case 'mysql4': - $sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text) - VALUES $value_sql"; + $sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text) + VALUES $value_sql"; break; case 'mssql': - $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) - $value_sql"; + $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) + $value_sql"; break; } @@ -261,10 +261,10 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) if ( $match_sql != '' ) { - $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) - SELECT $post_id, word_id, $title_match - FROM " . SEARCH_WORD_TABLE . " - WHERE word_text IN ($match_sql)"; + $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) + SELECT $post_id, word_id, $title_match + FROM " . SEARCH_WORD_TABLE . " + WHERE word_text IN ($match_sql)"; $db->sql_query($sql); } } @@ -290,8 +290,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) } else { - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = '0' + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '0' WHERE config_name = 'board_disable'"; $db->sql_query($sql); @@ -314,8 +314,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) } else if ( isset($HTTP_POST_VARS['cancel']) ) { - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = '0' + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '0' WHERE config_name = 'board_disable'"; $db->sql_query($sql); diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 549bac5831..0c832bb3ea 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have general permissions? // -if (!$acl->get_acl_admin('general')) +if (!$auth->get_acl_admin('general')) { message_die(MESSAGE, $lang['No_admin']); } @@ -79,7 +79,7 @@ if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS[ $smilies_images[] = $file; } elseif (preg_match('/\.pak$/i', $file)) - { + { $smilies_paks[] = $file; } } @@ -175,7 +175,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) } } - message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return); + message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return); } else { @@ -200,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) <p><?php echo $lang['Import_smilies_explain'] ?></p> -<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center"> +<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> <th class="thHead" colspan="2"><?php echo $lang['Smilies_import'] ?></th> </tr> @@ -220,7 +220,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) </td> </tr> <tr> - <td class="catBottom" colspan="2" align="center"><input class="mainoption" name="import_pak" type="submit" value="<?php echo $lang['Import_smilies'] ?>" /></td> + <td class="cat" colspan="2" align="center"><input class="mainoption" name="import_pak" type="submit" value="<?php echo $lang['Import_smilies'] ?>" /></td> </tr> </table></form> <?php @@ -288,7 +288,7 @@ function update_smile_dimensions() //--> </script> -<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&mode=create"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center"> +<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&mode=create"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> <th class="thHead" colspan="2"><?php echo $lang['smile_config'] ?></th> </tr> @@ -313,7 +313,7 @@ function update_smile_dimensions() <td class="row2"><input type="text" name="smile_emotion" /></td> </tr> <tr> - <td class="catBottom" colspan="2" align="center"><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td> + <td class="cat" colspan="2" align="center"><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td> </tr> </table></form> <?php @@ -397,9 +397,9 @@ function update_smile_dimensions() //--> </script> -<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&mode=modify"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center"> +<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&mode=modify"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> - <th class="thHead" colspan="2"><?php echo $lang['Smile_config'] ?></th> + <th class="th" colspan="2"><?php echo $lang['Smile_config'] ?></th> </tr> <tr> <td class="row2"><?php echo $lang['Smile_code'] ?></td> @@ -430,7 +430,7 @@ function update_smile_dimensions() <td class="row2"><select name="smile_order"><?php echo $order_list ?></select></td> </tr> <tr> - <td class="catBottom" colspan="2" align="center"><input type="hidden" name="smile_id" value="<?php echo $smile_data['smilies_id'] ?>" /><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td> + <td class="cat" colspan="2" align="center"><input type="hidden" name="smile_id" value="<?php echo $smile_data['smilies_id'] ?>" /><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td> </tr> </table></form> <?php @@ -458,7 +458,7 @@ function update_smile_dimensions() 'emoticon' => stripslashes($HTTP_POST_VARS['smile_emotion']), 'smile_on_posting' => (!empty($HTTP_POST_VARS['smile_on_posting'])) ? 1 : 0 ); - + $smile_id = $HTTP_POST_VARS['smile_id']; $smile_order = $HTTP_POST_VARS['smile_order']; diff --git a/phpBB/admin/admin_styles.php b/phpBB/admin/admin_styles.php index afe37454c4..1f6a020b58 100644 --- a/phpBB/admin/admin_styles.php +++ b/phpBB/admin/admin_styles.php @@ -2,7 +2,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('styles') ) + if ( !$auth->get_acl_admin('styles') ) { return; } @@ -27,7 +27,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$acl->get_acl_admin('styles') ) +if ( !$auth->get_acl_admin('styles') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -57,8 +57,8 @@ switch ( $mode ) if ( isset($HTTP_POST_VARS['img_root']) ) { - $sql = "SELECT * - FROM " . STYLES_IMAGE_TABLE . " + $sql = "SELECT * + FROM " . STYLES_IMAGE_TABLE . " WHERE imageset_path LIKE '" . $HTTP_POST_VARS['imgroot'] . "'"; $result = $db->sql_query($sql); @@ -74,7 +74,7 @@ switch ( $mode ) $imageset = array('imageset_path', 'post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_profile', 'icon_pm', 'icon_delete', 'icon_ip', 'icon_quote', 'icon_search', 'icon_edit', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm', 'goto_post', 'goto_post_new', 'goto_post_latest', 'goto_post_newest', 'forum', 'forum_new', 'forum_locked', 'folder', 'folder_new', 'folder_hot', 'folder_hot_new', 'folder_locked', 'folder_locked_new', 'folder_sticky', 'folder_sticky_new', 'folder_announce', 'folder_announce_new', 'topic_watch', 'topic_unwatch', 'poll_left', 'poll_center', 'poll_right', 'rating'); $sql = "SELECT imageset_name, imageset_path - FROM " . STYLES_IMAGE_TABLE . " + FROM " . STYLES_IMAGE_TABLE . " ORDER BY imageset_name"; $result = $db->sql_query($sql); @@ -117,7 +117,7 @@ switch ( $mode ) echo '<tr>'; echo '<th height="25">Image</th><th>Source</th><th>Width</th><th>Height</th><th>Border</th><th> </th>'; echo '</tr>'; - + for($i = 0; $i < count($imageset); $i++) { $class = ( !($i%2) ) ? 'row1' : 'row2'; @@ -246,8 +246,8 @@ switch ( $mode ) if ( isset($HTTP_POST_VARS['update']) ) { - $sql = "SELECT theme_id, theme_name - FROM " . STYLES_CSS_TABLE . " + $sql = "SELECT theme_id, theme_name + FROM " . STYLES_CSS_TABLE . " WHERE theme_id = $theme_id"; $result = $db->sql_query($sql); @@ -258,8 +258,8 @@ switch ( $mode ) $css_data = ( !empty($HTTP_POST_VARS['css_data']) ) ? htmlentities($HTTP_POST_VARS['css_data']) : ''; $css_external = ( !empty($HTTP_POST_VARS['css_data']) ) ? $HTTP_POST_VARS['css_data'] : ''; - $sql = "UPDATE " > STYLES_CSS_TABLE . " - SET css_data = '$css_data', css_external = '$css_external' + $sql = "UPDATE " > STYLES_CSS_TABLE . " + SET css_data = '$css_data', css_external = '$css_external' WHERE theme_id = $theme_id"; $db->sql_query($sql); @@ -271,7 +271,7 @@ switch ( $mode ) page_header($lang['Edit_theme']); - $sql = "SELECT theme_id, theme_name + $sql = "SELECT theme_id, theme_name FROM " . STYLES_CSS_TABLE; $result = $db->sql_query($sql); @@ -290,7 +290,7 @@ switch ( $mode ) $css_external = ''; if ( $theme_id ) { - $sql = "SELECT css_data, css_external + $sql = "SELECT css_data, css_external FROM " . STYLES_CSS_TABLE . " WHERE theme_id = $theme_id"; $result = $db->sql_query($sql); @@ -343,7 +343,7 @@ function get_templates($tplroot = '') global $db; $sql = "SELECT template_name, template_path - FROM " . STYLES_TPL_TABLE . " + FROM " . STYLES_TPL_TABLE . " ORDER BY template_name"; $result = $db->sql_query($sql); @@ -353,7 +353,7 @@ function get_templates($tplroot = '') $selected = ( $tplroot == $row['template_path'] ) ? ' selected="selected"' : ''; $tplroot_options .= '<option value="' . $row['template_path'] . '"' . $selected . '>' . $row['template_path'] . '</option>'; } - + return $tplroot_options; } diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index 378636dbd9..9776106e86 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -127,7 +127,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ''; $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; - $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; + $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0; @@ -155,7 +155,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_lang = stripslashes($user_lang); $user_dateformat = stripslashes($user_dateformat); - if ( !isset($HTTP_POST_VARS['cancelavatar'])) + if ( !isset($HTTP_POST_VARS['cancelavatar'])) { $user_avatar = $user_avatar_local; $user_avatar_type = USER_AVATAR_GALLERY; @@ -215,7 +215,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) if( $user_status == 0 ) { // User is (made) inactive. Delete all their sessions. - $sql = "DELETE FROM " . SESSIONS_TABLE . " + $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = $user_id"; $db->sql_query($sql); } @@ -237,7 +237,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); if ( strlen($sig_length_check) > $board_config['max_sig_chars'] ) - { + { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long']; } @@ -388,7 +388,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) ) { - $file_size = $file_data1[1]; + $file_size = $file_data1[1]; $file_type = $file_data2[1]; switch( $file_type ) @@ -512,7 +512,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) { $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY; } - + // // Update entry in DB // @@ -520,10 +520,10 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) { if( $HTTP_POST_VARS['deleteuser'] ) { - $sql = "SELECT g.group_id - FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g - WHERE ug.user_id = $user_id - AND g.group_id = ug.group_id + $sql = "SELECT g.group_id + FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g + WHERE ug.user_id = $user_id + AND g.group_id = ug.group_id AND g.group_single_user = 1"; $result = $db->sql_query($sql); @@ -533,12 +533,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $db->sql_transaction(); $sql = "UPDATE " . POSTS_TABLE . " - SET poster_id = " . ANONYMOUS . ", post_username = '$username' + SET poster_id = " . ANONYMOUS . ", post_username = '$username' WHERE poster_id = $user_id"; $db->sql_query($sql); $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_poster = " . ANONYMOUS . " + SET topic_poster = " . ANONYMOUS . " WHERE topic_poster = $user_id"; $db->sql_query($sql); @@ -677,11 +677,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_lang = $this_userdata['user_lang']; $user_timezone = $this_userdata['user_timezone']; $user_dateformat = $this_userdata['user_dateformat']; - + $user_status = $this_userdata['user_active']; $user_allowavatar = $this_userdata['user_allowavatar']; $user_allowpm = $this_userdata['user_allow_pm']; - + $COPPA = false; $html_status = ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF']; @@ -727,7 +727,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } } } - + @closedir($dir); if( isset($HTTP_POST_VARS['avatarcategory']) ) @@ -794,7 +794,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />'; $s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />'; $s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />'; - $s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />'; + $s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />'; $s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />'; $s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />'; $s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", """, $user_dateformat) . '" />'; @@ -807,15 +807,15 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $template->assign_vars(array( "L_USER_TITLE" => $lang['User_admin'], "L_USER_EXPLAIN" => $lang['User_admin_explain'], - "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], - "L_SELECT_AVATAR" => $lang['Select_avatar'], - "L_RETURN_PROFILE" => $lang['Return_profile'], - "L_CATEGORY" => $lang['Select_category'], + "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], + "L_SELECT_AVATAR" => $lang['Select_avatar'], + "L_RETURN_PROFILE" => $lang['Return_profile'], + "L_CATEGORY" => $lang['Select_category'], "L_GO" => $lang['Go'], - "S_OPTIONS_CATEGORIES" => $s_categories, - "S_COLSPAN" => $s_colspan, - "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), + "S_OPTIONS_CATEGORIES" => $s_categories, + "S_COLSPAN" => $s_colspan, + "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), "S_HIDDEN_FIELDS" => $s_hidden_fields) ); } @@ -860,17 +860,17 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) { $rank = $row['rank_title']; $rank_id = $row['rank_id']; - + $selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : ''; $rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>'; } $signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature); - + $template->set_filenames(array( "body" => "admin/user_edit_body.tpl") ); - + // // Let's do an overall check for settings/versions which would prevent // us from doing file uploads.... @@ -918,12 +918,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) 'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '', 'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '', 'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '', - 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', + 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', 'RANK_SELECT_BOX' => $rank_select_box, 'L_USER_TITLE' => $lang['User_admin'], 'L_USER_EXPLAIN' => $lang['User_admin_explain'], - 'L_NEW_PASSWORD' => $lang['New_password'], + 'L_NEW_PASSWORD' => $lang['New_password'], 'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'], 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'], @@ -949,13 +949,13 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'], 'L_HIDE_USER' => $lang['Hide_user'], 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'], - + 'L_SPECIAL' => $lang['User_special'], 'L_SPECIAL_EXPLAIN' => $lang['User_specail_explain'], 'L_USER_ACTIVE' => $lang['User_status'], 'L_ALLOW_PM' => $lang['User_allowpm'], 'L_ALLOW_AVATAR' => $lang['User_allowavatar'], - + 'L_AVATAR_PANEL' => $lang['Avatar_panel'], 'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'], 'L_DELETE_AVATAR' => $lang['Delete_Image'], @@ -981,7 +981,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) 'S_FORM_ENCTYPE' => $form_enctype, 'HTML_STATUS' => $html_status, - 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . "faq.$phpEx$SID&mode=bbcode" . '" target="_phpbbcode">', '</a>'), + 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . "faq.$phpEx$SID&mode=bbcode" . '" target="_phpbbcode">', '</a>'), 'SMILIES_STATUS' => $smilies_status, 'L_DELETE_USER' => $lang['User_delete'], diff --git a/phpBB/admin/admin_viewlogs.php b/phpBB/admin/admin_viewlogs.php index e09a98030f..acc8844fe3 100644 --- a/phpBB/admin/admin_viewlogs.php +++ b/phpBB/admin/admin_viewlogs.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -44,7 +44,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -73,7 +73,7 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M // // Delete entries if requested and able // -if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $acl->get_acl_admin('clearlogs')) +if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs')) { $where_sql = ''; if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) ) @@ -85,7 +85,7 @@ if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) $where_sql = "WHERE log_id IN ($where_sql)"; } - $sql = "DELETE FROM $table_sql + $sql = "DELETE FROM $table_sql $where_sql"; $db->sql_query($sql); @@ -148,7 +148,7 @@ $forum_options = ''; if ( $mode == 'mod' ) { $sql = "SELECT forum_id, forum_name - FROM " . FORUMS_TABLE . " + FROM " . FORUMS_TABLE . " ORDER BY cat_id, forum_order"; $result = $db->sql_query($sql); @@ -203,7 +203,7 @@ if ( $mode == 'mod' ) <tr> <td class="cat" colspan="5" height="28" align="center"><span class="gensmall"><?php echo $lang['Display_log']; ?>: <select name="sort_days"><?php echo $sort_day_options; ?></select> <?php echo $lang['Sort_by']; ?> <select name="sort_key"><?php echo $sort_key_options; ?></select> <select name="sort_dir"><?php echo $sort_order_options; ?></select> <input class="liteoption" type="submit" value="<?php echo $lang['Go']; ?>" name="sort" /></span></td> </tr> - <tr> + <tr> <th width="15%" height="25" nowrap="nowrap"><?php echo $lang['Username']; ?></th> <th width="15%" nowrap="nowrap"><?php echo $lang['IP']; ?></th> <th width="20%" nowrap="nowrap"><?php echo $lang['Time']; ?></th> @@ -224,7 +224,7 @@ if ( $log_count ) for($i = 0; $i < sizeof($log_data); $i++) { $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; - + ?> <tr> <td class="<?php echo $row_class; ?>" nowrap="nowrap"><?php echo $log_data[$i]['username']; ?></td> @@ -237,7 +237,7 @@ if ( $log_count ) } - if ( $acl->get_acl_admin('clearlogs') ) + if ( $auth->get_acl_admin('clearlogs') ) { ?> @@ -262,14 +262,14 @@ else </table> <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center"> - <tr> + <tr> <td align="left" valign="top"> <span class="nav"><?php echo on_page($log_count, $board_config['topics_per_page'], $start); ?></span></td> - <td align="right" valign="top" nowrap="nowrap"><?php + <td align="right" valign="top" nowrap="nowrap"><?php - if ( $acl->get_acl_admin('clearlogs') ) + if ( $auth->get_acl_admin('clearlogs') ) { - + ?><b><span class="gensmall"><a href="javascript:marklist(true);" class="gensmall"><?php echo $lang['Mark_all']; ?></a> :: <a href="javascript:marklist(false);" class="gensmall"><?php echo $lang['Unmark_all']; ?></a></span></b> <br /><br /><?php } diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php index 384c83fd3c..ec152d47d7 100644 --- a/phpBB/admin/admin_words.php +++ b/phpBB/admin/admin_words.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -42,7 +42,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { return; } @@ -54,7 +54,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; } -else +else { // // These could be entered via a form button @@ -89,8 +89,8 @@ if( $mode != '' ) message_die(MESSAGE, $lang['No_word_selected']); } - $sql = "SELECT * - FROM " . WORDS_TABLE . " + $sql = "SELECT * + FROM " . WORDS_TABLE . " WHERE word_id = $word_id"; $result = $db->sql_query($sql); @@ -158,7 +158,7 @@ if( $mode != '' ) message_die(MESSAGE, $lang['Must_specify_word']); } - $sql = "DELETE FROM " . WORDS_TABLE . " + $sql = "DELETE FROM " . WORDS_TABLE . " WHERE word_id = $word_id"; $db->sql_query($sql); @@ -189,8 +189,8 @@ else <?php - $sql = "SELECT * - FROM " . WORDS_TABLE . " + $sql = "SELECT * + FROM " . WORDS_TABLE . " ORDER BY word"; $result = $db->sql_query($sql); diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index 6a6651df6f..115b1199e4 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -37,7 +37,7 @@ require('pagestart.' . $phpEx); // // Do we have any admin permissions at all? // -if ( !$acl->get_acl_admin() ) +if ( !$auth->get_acl_admin() ) { message_die(MESSAGE, 'No_admin', '', true); } @@ -112,20 +112,20 @@ else if ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' ) $cat = ( !empty($lang[$cat . '_cat']) ) ? $lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat); ?> - <tr> + <tr> <th class="menu" height="25">» <?php echo $cat; ?></th> </tr> <?php @ksort($action_ary); - foreach ( $action_ary as $action => $file ) + foreach ( $action_ary as $action => $file ) { $action = ( !empty($lang[$action]) ) ? $lang[$action] : preg_replace('/_/', ' ', $action); $cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1'; ?> - <tr> + <tr> <td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td> </tr> <?php @@ -167,13 +167,13 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) if ( isset($HTTP_POST_VARS['delete']) ) { - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = config_value - " . sizeof($HTTP_POST_VARS['mark']) . " + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = config_value - " . sizeof($HTTP_POST_VARS['mark']) . " WHERE config_name = 'num_users'"; $db->sql_query($sql); } - $log_action = ( isset($HTTP_POST_VARS['activate']) ) ? 'log_index_activate' : 'log_index_delete'; + $log_action = ( isset($HTTP_POST_VARS['activate']) ) ? 'log_index_activate' : 'log_index_delete'; add_admin_log($log_action, sizeof($HTTP_POST_VARS['mark'])); } } @@ -264,7 +264,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) if ( preg_match('/^mysql/', SQL_LAYER) ) { $result = $db->sql_query('SELECT VERSION() AS mysql_version'); - + if ( $row = $db->sql_fetchrow($result) ) { $version = $row['mysql_version']; @@ -273,10 +273,10 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) { $db_name = ( preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version) ) ? "`$dbname`" : $dbname; - $sql = "SHOW TABLE STATUS + $sql = "SHOW TABLE STATUS FROM " . $db_name; $result = $db->sql_query($sql); - + $dbsize = 0; while ( $row = $db->sql_fetchrow($result) ) { @@ -308,10 +308,10 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) } else if ( preg_match('/^mssql/', SQL_LAYER) ) { - $sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize - FROM sysfiles"; + $sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize + FROM sysfiles"; $result = $db->sql_query($sql); - + $dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $lang['Not_available']; } else @@ -347,37 +347,37 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) <h1><?php echo $lang['Forum_stats']; ?></h1> <table class="bg" width="100%" cellpadding="4" cellspacing="1" border="0"> - <tr> + <tr> <th width="25%" nowrap="nowrap" height="25"><?php echo $lang['Statistic']; ?></th> <th width="25%"><?php echo $lang['Value']; ?></th> <th width="25%" nowrap="nowrap"><?php echo $lang['Statistic']; ?></th> <th width="25%"><?php echo $lang['Value']; ?></th> </tr> - <tr> + <tr> <td class="row1" nowrap="nowrap"><?php echo $lang['Number_posts']; ?>:</td> <td class="row2"><b><?php echo $total_posts; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $lang['Posts_per_day']; ?>:</td> <td class="row2"><b><?php echo $posts_per_day; ?></b></td> </tr> - <tr> + <tr> <td class="row1" nowrap="nowrap"><?php echo $lang['Number_topics']; ?>:</td> <td class="row2"><b><?php echo $total_topics; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $lang['Topics_per_day']; ?>:</td> <td class="row2"><b><?php echo $topics_per_day; ?></b></td> </tr> - <tr> + <tr> <td class="row1" nowrap="nowrap"><?php echo $lang['Number_users']; ?>:</td> <td class="row2"><b><?php echo $total_users; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $lang['Users_per_day']; ?>:</td> <td class="row2"><b><?php echo $users_per_day; ?></b></td> </tr> - <tr> + <tr> <td class="row1" nowrap="nowrap"><?php echo $lang['Board_started']; ?>:</td> <td class="row2"><b><?php echo $start_date; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $lang['Avatar_dir_size']; ?>:</td> <td class="row2"><b><?php echo $avatar_dir_size; ?></b></td> </tr> - <tr> + <tr> <td class="row1" nowrap="nowrap"><?php echo $lang['Database_size']; ?>:</td> <td class="row2"><b><?php echo $dbsize; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $lang['Gzip_compression']; ?>:</td> @@ -393,7 +393,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) <p><?php echo $lang['Admin_log_index_explain']; ?></p> <table class="bg" width="100%" cellpadding="4" cellspacing="1" border="0"> - <tr> + <tr> <th width="15%" height="25" nowrap="nowrap"><?php echo $lang['Username']; ?></th> <th width="15%"><?php echo $lang['IP']; ?></th> <th width="20%"><?php echo $lang['Time']; ?></th> @@ -406,7 +406,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) for($i = 0; $i < sizeof($log_data); $i++) { $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; - + ?> <tr> <td class="<?php echo $row_class; ?>"><?php echo $log_data[$i]['username']; ?></td> @@ -426,17 +426,17 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) <p><?php echo $lang['Inactive_users_explain']; ?></p> <form method="post" name="inactive" action="<?php echo "index.$phpEx$SID&pane=right"; ?>"><table class="bg" width="100%" cellpadding="4" cellspacing="1" border="0"> - <tr> + <tr> <th width="45%" height="25" nowrap="nowrap"><?php echo $lang['Username']; ?></th> <th width="45%"><?php echo $lang['Joined']; ?></th> <th width="5%" nowrap="nowrap"><?php echo $lang['Mark']; ?></th> </tr> <?php - $sql = "SELECT user_id, username, user_regdate - FROM " . USERS_TABLE . " - WHERE user_active = 0 - AND user_id <> " . ANONYMOUS . " + $sql = "SELECT user_id, username, user_regdate + FROM " . USERS_TABLE . " + WHERE user_active = 0 + AND user_id <> " . ANONYMOUS . " ORDER BY user_regdate ASC"; $result = $db->sql_query($sql); @@ -479,7 +479,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) </table> <table width="100%" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> + <tr> <td align="right" valign="top" nowrap="nowrap"><b><span class="gensmall"><a href="javascript:marklist(true);" class="gensmall"><?php echo $lang['Mark_all']; ?></a> :: <a href="javascript:marklist(false);" class="gensmall"><?php echo $lang['Unmark_all']; ?></a></span></b></td> </tr> </table></form> @@ -506,7 +506,7 @@ else <frameset rows="60, *" border="0" framespacing="0" frameborder="NO"> <frame src="<?php echo "index.$phpEx$SID&pane=top"; ?>" name="title" noresize marginwidth="0" marginheight="0" scrolling="NO"> - <frameset cols="155,*" rows="*" border="2" framespacing="0" frameborder="yes"> + <frameset cols="155,*" rows="*" border="2" framespacing="0" frameborder="yes"> <frame src="<?php echo "index.$phpEx$SID&pane=left"; ?>" name="nav" marginwidth="3" marginheight="3" scrolling="yes"> <frame src="<?php echo "index.$phpEx$SID&pane=right"; ?>" name="main" marginwidth="0" marginheight="0" scrolling="auto"> </frameset> diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 4a02f21154..f1a844a962 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -31,7 +31,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start($update); -$acl = new acl($userdata); +$auth->acl($userdata); // // End session management // |