aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/admin
diff options
context:
space:
mode:
authorPaul S. Owen <psotfx@users.sourceforge.net>2001-10-14 15:46:53 +0000
committerPaul S. Owen <psotfx@users.sourceforge.net>2001-10-14 15:46:53 +0000
commit4aeb685d3cba6c46642d2ba6105b706434fcee49 (patch)
treeda3a9fb6736dfb939f2f0bcd989d13e68bf9b4db /phpBB/admin
parente31466a42f03d25d7a9e650f6e0b88b1ff0bb6c3 (diff)
downloadforums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar
forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.gz
forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.bz2
forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.xz
forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.zip
Various updates, cleanups and support for URI based sessions ... more to come at some point
git-svn-id: file:///svn/phpbb/trunk@1179 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin')
-rw-r--r--phpBB/admin/admin_board.php7
-rw-r--r--phpBB/admin/admin_db_utilities.php35
-rw-r--r--phpBB/admin/admin_forum_prune.php3
-rw-r--r--phpBB/admin/admin_forumauth.php41
-rw-r--r--phpBB/admin/admin_forums.php272
-rw-r--r--phpBB/admin/admin_groupauth.php129
-rw-r--r--phpBB/admin/admin_groups.php214
-rw-r--r--phpBB/admin/admin_mass_email.php30
-rw-r--r--phpBB/admin/admin_ranks.php205
-rw-r--r--phpBB/admin/admin_smilies.php87
-rw-r--r--phpBB/admin/admin_styles.php49
-rw-r--r--phpBB/admin/admin_user_ban.php17
-rw-r--r--phpBB/admin/admin_userauth.php127
-rw-r--r--phpBB/admin/admin_users.php91
-rw-r--r--phpBB/admin/admin_words.php3
-rw-r--r--phpBB/admin/index.php94
-rw-r--r--phpBB/admin/page_footer_admin.php7
-rw-r--r--phpBB/admin/page_header_admin.php2
-rw-r--r--phpBB/admin/pagestart.inc6
19 files changed, 691 insertions, 728 deletions
diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php
index e89e6aeb84..da780cac3f 100644
--- a/phpBB/admin/admin_board.php
+++ b/phpBB/admin/admin_board.php
@@ -22,12 +22,11 @@ if($setmodules == 1)
// Let's set the root dir for phpBB
//
$phpbb_root_dir = "./../";
+require('pagestart.inc');
//
-// Include required files, get $phpEx and check permissions
//
-require('pagestart.inc');
-
+//
$sql = "SELECT *
FROM " . CONFIG_TABLE;
if(!$result = $db->sql_query($sql))
@@ -97,7 +96,7 @@ $smtp_yes = ($new['smtp_delivery']) ? "checked=\"checked\"" : "";
$smtp_no = (!$new['smtp_delivery']) ? "checked=\"checked\"" : "";
$template->set_filenames(array(
- "body" => "admin/admin_config_body.tpl")
+ "body" => "admin/board_config_body.tpl")
);
$template->assign_vars(array(
diff --git a/phpBB/admin/admin_db_utilities.php b/phpBB/admin/admin_db_utilities.php
index 4d983f19bd..e4045a79af 100644
--- a/phpBB/admin/admin_db_utilities.php
+++ b/phpBB/admin/admin_db_utilities.php
@@ -37,29 +37,13 @@ if($setmodules == 1)
return;
}
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
//
-// Start session management
+// Load default header
//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
-//
-// End session management
-//
-
-//
-// Is user logged in? If yes are they an admin?
-//
-if( !$userdata['session_logged_in'] )
-{
- header("Location: ../login.$phpEx?forward_page=admin/");
-}
-else if( $userdata['user_level'] != ADMIN )
-{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
-}
+$phpbb_root_dir = "./../";
+$no_page_header = TRUE;
+require('pagestart.inc');
+include($phpbb_root_path . 'includes/sql_parse.'.$phpEx);
//
// Set VERBOSE to 1 for debugging info..
@@ -72,16 +56,9 @@ define("VERBOSE", 0);
//
@set_time_limit(1200);
-//
-// Pull in the functions for splitting an sql file into individual statements
-//
-
-include($phpbb_root_path . 'includes/sql_parse.'.$phpEx);
-
-//
+// -----------------------
// The following functions are adapted from phpMyAdmin and upgrade_20.php
//
-
//
// This function is used for grabbing the sequences for postgres...
//
diff --git a/phpBB/admin/admin_forum_prune.php b/phpBB/admin/admin_forum_prune.php
index b8f4242188..f22ecffd45 100644
--- a/phpBB/admin/admin_forum_prune.php
+++ b/phpBB/admin/admin_forum_prune.php
@@ -41,8 +41,9 @@ if( $setmodules == 1 )
}
//
-// Include required files, get $phpEx and check permissions
+// Load default header
//
+$phpbb_root_dir = "./../";
require('pagestart.inc');
include($phpbb_root_path . 'includes/prune.php');
diff --git a/phpBB/admin/admin_forumauth.php b/phpBB/admin/admin_forumauth.php
index 350f0031e4..6ea86354fb 100644
--- a/phpBB/admin/admin_forumauth.php
+++ b/phpBB/admin/admin_forumauth.php
@@ -20,6 +20,8 @@
*
***************************************************************************/
+define("IN_ADMIN", true);
+
if($setmodules == 1)
{
$filename = basename(__FILE__);
@@ -29,10 +31,13 @@ if($setmodules == 1)
}
//
-// Include required files, get $phpEx and check permissions
+// Load default header
//
+$phpbb_root_dir = "./../";
+$no_page_header = TRUE;
require('pagestart.inc');
+
//
// Start program - define vars
//
@@ -67,7 +72,7 @@ $forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN);
if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))
{
- $forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];
+ $forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? intval($HTTP_POST_VARS[POST_FORUM_URL]) : intval($HTTP_GET_VARS[POST_FORUM_URL]);
$forum_sql = "AND forum_id = $forum_id";
}
else
@@ -78,7 +83,7 @@ else
if( isset($HTTP_GET_VARS['adv']) )
{
- $adv = $HTTP_GET_VARS['adv'];
+ $adv = intval($HTTP_GET_VARS['adv']);
}
else
{
@@ -88,7 +93,7 @@ else
//
// Start program proper
//
-if(isset($HTTP_POST_VARS['submit']))
+if( isset($HTTP_POST_VARS['submit']) )
{
$sql = "";
@@ -124,6 +129,15 @@ if(isset($HTTP_POST_VARS['submit']))
$value = $HTTP_POST_VARS['auth_view'];
}
}
+
+ if($forum_auth_fields[$i] == 'auth_vote')
+ {
+ if( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL )
+ {
+ $value = AUTH_REG;
+ }
+ }
+
$sql .= $forum_auth_fields[$i] . " = " . $value;
if($i < count($forum_auth_fields) - 1)
{
@@ -143,11 +157,16 @@ if(isset($HTTP_POST_VARS['submit']))
}
}
- unset($forum_id);
$forum_sql = "";
$adv = 0;
-
}
+
+ $template->assign_vars(array(
+ "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">')
+ );
+ $message = $lang['Forum_auth_updated'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> " . $lang['return_forum_auth_admin'];
+ message_die(GENERAL_MESSAGE, $message);
+
}
//
@@ -164,7 +183,7 @@ $f_result = $db->sql_query($sql);
$forum_rows = $db->sql_fetchrowset($f_result);
-if(empty($forum_id))
+if( empty($forum_id) )
{
//
// Output the selection table if no forum id was
@@ -234,7 +253,7 @@ else
if( empty($adv) )
{
- $simple_auth = "&nbsp;<select name=\"simpleauth\">";
+ $simple_auth = "<select name=\"simpleauth\">";
for($j = 0; $j < count($simple_auth_types); $j++)
{
@@ -250,7 +269,7 @@ else
}
}
- $simple_auth .= "</select>&nbsp;";
+ $simple_auth .= "</select>";
$template->assign_block_vars("forum_auth_titles", array(
"CELL_TITLE" => $lang['Simple_mode'])
@@ -299,7 +318,7 @@ else
}
}
- $switch_mode = "admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv=";
+ $switch_mode = append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv=");
$switch_mode .= ( empty($adv) ) ? "1" : "0";
$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
@@ -323,6 +342,8 @@ else
}
+include('page_header_admin.'.$phpEx);
+
$template->pparse("body");
include('page_footer_admin.'.$phpEx);
diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php
index 7efe772510..6fe927c24b 100644
--- a/phpBB/admin/admin_forums.php
+++ b/phpBB/admin/admin_forums.php
@@ -22,9 +22,24 @@
if($setmodules==1)
{
- $file = basename(__FILE__);
- $module['Forums']['Manage'] = $file;
- return;
+ $file = basename(__FILE__);
+ $module['Forums']['Manage'] = $file;
+ return;
+}
+
+//
+// Load default header
+//
+$phpbb_root_dir = "./../";
+require('pagestart.inc');
+
+if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+{
+ $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+}
+else
+{
+ $mode = "";
}
// ------------------
@@ -189,106 +204,121 @@ function renumber_order($mode, $cat = 0)
// ------------------
//
-// Include required files, get $phpEx and check permissions
+// Begin program proper
//
-require('pagestart.inc');
-
-if (isset($HTTP_POST_VARS['mode']))
+if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory']) )
{
- $mode = $HTTP_POST_VARS['mode'];
-}
-elseif (isset($HTTP_GET_VARS['mode']))
-{
- $mode = $HTTP_GET_VARS['mode'];
-}
-else
-{
- unset($mode);
+ $mode = ( isset($HTTP_POST_VARS['addforum']) ) ? "addforum" : "addcat";
+
+ if( $mode == "addforum" )
+ {
+ list($cat_id) = each($HTTP_POST_VARS['addforum']);
+ $forumname = $HTTP_POST_VARS['forumname'][$cat_id];
+ }
}
-if(isset($mode)) // Are we supposed to do something?
+if( !empty($mode) )
{
switch($mode)
{
case 'addforum':
case 'editforum':
+ //
// Show form to create/modify a forum
+ //
if ($mode == 'editforum')
{
// $newmode determines if we are going to INSERT or UPDATE after posting?
+
+ $l_title = $lang['Edit_forum'];
$newmode = 'modforum';
- $buttonvalue = 'Change';
+ $buttonvalue = $lang['Update'];
- $forum_id = $HTTP_GET_VARS['forum_id'];
+ $forum_id = intval($HTTP_GET_VARS['forum_id']);
$row = get_info('forum', $forum_id);
- $forumname = $row['forum_name'];
+
$cat_id = $row['cat_id'];
+ $forumname = $row['forum_name'];
$forumdesc = $row['forum_desc'];
$forumstatus = $row['forum_status'];
+
//
// start forum prune stuff.
//
- if( $row['prune_enable'] == 1 )
+ if( $row['prune_enable'] )
{
$prune_enabled = "checked=\"checked\"";
$sql = "SELECT *
- FROM " . PRUNE_TABLE . "
- WHERE forum_id = $forum_id";
+ FROM " . PRUNE_TABLE . "
+ WHERE forum_id = $forum_id";
if(!$pr_result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Auto-Prune: Couldn't read auto_prune table.", __LINE__, __FILE__);
}
+
$pr_row = $db->sql_fetchrow($pr_result);
}
+ else
+ {
+ $prune_enabled = '';
+ }
}
else
{
+ $l_title = $lang['Create_forum'];
$newmode = 'createforum';
- $buttonvalue = 'Create';
+ $buttonvalue = $lang['Create_forum'];
- $forumname = stripslashes($HTTP_POST_VARS['forumname']);
- $cat_id = $HTTP_POST_VARS['cat_id'];
$forumdesc = '';
$forumstatus = FORUM_UNLOCKED;
- $forum_id = '';
+ $forum_id = '';
+ $prune_enabled = '';
}
$catlist = get_list('category', $cat_id, TRUE);
- $forumstatus == FORUM_LOCKED ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
- $statuslist = "<option value=\"".FORUM_UNLOCKED."\" $forumunlocked>Unlocked</option>\n";
- $statuslist .= "<option value=\"".FORUM_LOCKED."\" $forumlocked>Locked</option>\n";
+ $forumstatus == ( FORUM_LOCKED ) ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
+ $statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>Unlocked</option>\n";
+ $statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>Locked</option>\n";
$template->set_filenames(array(
"body" => "admin/forum_edit_body.tpl")
);
+
$template->assign_vars(array(
- 'FORUMNAME' => $forumname,
- 'DESCRIPTION' => $forumdesc,
- 'S_FORUM_ACTION' => $PHP_SELF,
+ 'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
'S_CATLIST' => $catlist,
'S_STATUSLIST' => $statuslist,
'S_FORUMID' => $forum_id,
'S_NEWMODE' => $newmode,
- 'S_PRUNE_EN' => $prune_enabled,
- 'S_PRUNE_DAYS' => $pr_row['prune_days'],
- 'S_PRUNE_FREQ' => $pr_row['prune_freq'],
+ 'S_PRUNE_ENABLED' => $prune_enabled,
+ 'S_PRUNE_DAYS' => ( isset($pr_row['prune_days']) ) ? $pr_row['prune_days'] : 7,
+ 'S_PRUNE_FREQ' => ( isset($pr_row['prune_freq']) ) ? $pr_row['prune_freq'] : 1,
+
+ "L_FORUM_TITLE" => $l_title,
+ "L_FORUM_EXPLAIN" => $lang['Forum_edit_delete_explain'],
'L_ENABLED' => $lang['Enabled'],
'L_PRUNE_DAYS' => $lang['prune_days'],
'L_PRUNE_FREQ' => $lang['prune_freq'],
'L_DAYS' => $lang['days'],
+
+ 'FORUMNAME' => $forumname,
+ 'DESCRIPTION' => $forumdesc,
'BUTTONVALUE' => $buttonvalue)
);
$template->pparse("body");
break;
case 'createforum':
+ //
// Create a forum in the DB
- if( trim($HTTP_POST_VARS['forumname']) == '')
+ //
+ if( trim($HTTP_POST_VARS['forumname']) == "" )
{
message_die(GENERAL_ERROR, "Can't create a forum without a name");
}
+
$sql = "SELECT MAX(forum_order) AS max_order
FROM " . FORUMS_TABLE . "
WHERE cat_id = " . $HTTP_POST_VARS['cat_id'];
@@ -302,23 +332,24 @@ if(isset($mode)) // Are we supposed to do something?
$next_order = $max_order + 1;
// There is no problem having duplicate forum names so we won't check for it.
- $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status)
- VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . $HTTP_POST_VARS['cat_id'] . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . $HTTP_POST_VARS['forumstatus'] . ")";
+ $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable)
+ VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . intval($HTTP_POST_VARS['cat_id']) . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . intval($HTTP_POST_VARS['forumstatus']) . ", " . intval($HTTP_POST_VARS['prune_enable']) . ")";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql);
}
- if( $HTTP_POST_VARS['prune_enable'] == TRUE )
+ if( $HTTP_POST_VARS['prune_enable'] )
{
$new_forum_id = $db->sql_nextid();
+
if($HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "")
{
- message_die(GENERAL_ERROR, $lang['Set_prune_data'], $lang['Error']);
+ message_die(GENERAL_MESSAGE, $lang['Set_prune_data']);
}
$sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq)
- VALUES($new_forum_id, " . $HTTP_POST_VARS['prune_days'] . ", " . $HTTP_POST_VARS['prune_freq'] . ")";
+ VALUES($new_forum_id, " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in prune table", "", __LINE__, __FILE__, $sql);
@@ -334,6 +365,7 @@ if(isset($mode)) // Are we supposed to do something?
{
$HTTP_POST_VARS['prune_enable'] = 0;
}
+
$sql = "UPDATE " . FORUMS_TABLE . "
SET forum_name = '" . $HTTP_POST_VARS['forumname'] . "', cat_id = " . $HTTP_POST_VARS['cat_id'] . ", forum_desc = '" . $HTTP_POST_VARS['forumdesc'] . "', forum_status = " . $HTTP_POST_VARS['forumstatus'] . ", prune_enable = " . $HTTP_POST_VARS['prune_enable'] . "
WHERE forum_id = ".$HTTP_POST_VARS['forum_id'];
@@ -346,7 +378,7 @@ if(isset($mode)) // Are we supposed to do something?
{
if($HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "")
{
- message_die(GENERAL_ERROR, $lang['Set_prune_data'], $lang['Error']);
+ message_die(GENERAL_MESSAGE, $lang['Set_prune_data']);
}
$sql = "SELECT *
@@ -379,10 +411,11 @@ if(isset($mode)) // Are we supposed to do something?
case 'addcat':
// Create a category in the DB
- if( trim($HTTP_POST_VARS['catname']) == '')
+ if( trim($HTTP_POST_VARS['categoryname']) == '')
{
message_die(GENERAL_ERROR, "Can't create a category without a name");
}
+
$sql = "SELECT MAX(cat_order) AS max_order
FROM " . CATEGORIES_TABLE;
if( !$result = $db->sql_query($sql) )
@@ -398,7 +431,7 @@ if(isset($mode)) // Are we supposed to do something?
// There is no problem having duplicate forum names so we won't check for it.
//
$sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order)
- VALUES ('" . $HTTP_POST_VARS['catname'] . "', $next_order)";
+ VALUES ('" . $HTTP_POST_VARS['categoryname'] . "', $next_order)";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);
@@ -467,10 +500,12 @@ if(isset($mode)) // Are we supposed to do something?
break;
case 'movedelforum':
+ //
// Move or delete a forum in the DB
- $from_id = $HTTP_POST_VARS['from_id'];
- $to_id = $HTTP_POST_VARS['to_id'];
- $delete_old = $HTTP_POST_VARS['delete_old'];
+ //
+ $from_id = intval($HTTP_POST_VARS['from_id']);
+ $to_id = intval($HTTP_POST_VARS['to_id']);
+ $delete_old = intval($HTTP_POST_VARS['delete_old']);
// Either delete or move all posts in a forum
@@ -517,11 +552,15 @@ if(isset($mode)) // Are we supposed to do something?
}
$show_index = TRUE;
+
break;
case 'deletecat':
+ //
// Show form to delete a category
- $cat_id = $HTTP_GET_VARS['cat_id'];
+ //
+ $cat_id = intval($HTTP_GET_VARS['cat_id']);
+
$buttonvalue = "Move&Delete";
$newmode = 'movedelcat';
$catinfo = get_info('category', $cat_id);
@@ -537,7 +576,7 @@ if(isset($mode)) // Are we supposed to do something?
}
$count = $db->sql_fetchrow($result);
$count = $count['total'];
- print "count = $count";
+
if ($count > 0)
{
message_die(GENERAL_ERROR, "You need to delete all forums before you can delete this category");
@@ -559,7 +598,7 @@ if(isset($mode)) // Are we supposed to do something?
);
$template->assign_vars(array(
'NAME' => $name,
- 'S_FORUM_ACTION' => $PHP_SELF,
+ 'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
'S_FROM_ID' => $cat_id,
'S_SELECT_TO' => $select_to,
'S_NEWMODE' => $newmode,
@@ -569,9 +608,11 @@ if(isset($mode)) // Are we supposed to do something?
break;
case 'movedelcat':
+ //
// Move or delete a category in the DB
- $from_id = $HTTP_POST_VARS['from_id'];
- $to_id = $HTTP_POST_VARS['to_id'];
+ //
+ $from_id = intval($HTTP_POST_VARS['from_id']);
+ $to_id = intval($HTTP_POST_VARS['to_id']);
if (isset($to_id))
{
@@ -604,13 +645,18 @@ if(isset($mode)) // Are we supposed to do something?
}
$show_index = TRUE;
+
break;
case 'forum_order':
+ //
// Change order of forums in the DB
- $move = $HTTP_GET_VARS['move'];
- $forum_id = $HTTP_GET_VARS['forum_id'];
+ //
+ $move = intval($HTTP_GET_VARS['move']);
+ $forum_id = intval($HTTP_GET_VARS['forum_id']);
+
$forum_info = get_info('forum', $forum_id);
+
$cat_id = $forum_info['cat_id'];
$sql = "UPDATE " . FORUMS_TABLE . "
@@ -620,14 +666,18 @@ if(isset($mode)) // Are we supposed to do something?
{
message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
}
+
renumber_order('forum', $forum_info['cat_id']);
$show_index = TRUE;
+
break;
case 'cat_order':
+ //
// Change order of categories in the DB
- $move = $HTTP_GET_VARS['move'];
- $cat_id = $HTTP_GET_VARS['cat_id'];
+ //
+ $move = intval($HTTP_GET_VARS['move']);
+ $cat_id = intval($HTTP_GET_VARS['cat_id']);
$sql = "UPDATE " . CATEGORIES_TABLE . "
SET cat_order = cat_order + $move
@@ -636,17 +686,20 @@ if(isset($mode)) // Are we supposed to do something?
{
message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
}
+
renumber_order('category');
$show_index = TRUE;
+
break;
case 'forum_sync':
- sync('forum', $HTTP_GET_VARS['forum_id']);
+ sync('forum', intval($HTTP_GET_VARS['forum_id']));
$show_index = TRUE;
+
break;
default:
- message_die(GENERAL_ERROR, "Oops! Wrong mode..");
+ message_die(GENERAL_MESSAGE, $lang['No_mode']);
break;
}
if ($show_index != TRUE)
@@ -660,18 +713,30 @@ if(isset($mode)) // Are we supposed to do something?
// Start page proper
//
$template->set_filenames(array(
- "body" => "admin/forums_body.tpl")
+ "body" => "admin/forum_admin_body.tpl")
+);
+
+$template->assign_vars(array(
+ "L_FORUM_TITLE" => $lang['Forum_admin'],
+ "L_FORUM_EXPLAIN" => $lang['Forum_admin_explain'],
+ "L_CREATE_FORUM" => $lang['Create_forum'],
+ "L_CREATE_CATEGORY" => $lang['Create_category'],
+ "L_EDIT" => $lang['Edit'],
+ "L_DELETE" => $lang['Delete'],
+ "L_MOVE_UP" => $lang['Move_up'],
+ "L_MOVE_DOWN" => $lang['Move_down'],
+ "L_RESYNC" => $lang['Resync'])
);
$sql = "SELECT cat_id, cat_title, cat_order
FROM " . CATEGORIES_TABLE . "
ORDER BY cat_order";
-if(!$q_categories = $db->sql_query($sql))
+if( !$q_categories = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Could not query categories list", "", __LINE__, __FILE__, $sql);
}
-if($total_categories = $db->sql_numrows($q_categories))
+if( $total_categories = $db->sql_numrows($q_categories) )
{
$category_rows = $db->sql_fetchrowset($q_categories);
@@ -685,9 +750,12 @@ if($total_categories = $db->sql_numrows($q_categories))
if( !$total_forums = $db->sql_numrows($q_forums) )
{
- // We don't have any forums
-
+ $lang['No_forums'];
+
+ $template->assign_block_vars("no_forums", array());
+
}
+
$forum_rows = $db->sql_fetchrowset($q_forums);
//
@@ -695,76 +763,56 @@ if($total_categories = $db->sql_numrows($q_categories))
//
$gen_cat = array();
-
for($i = 0; $i < $total_categories; $i++)
{
$cat_id = $category_rows[$i]['cat_id'];
- $template->assign_block_vars("catrow", array(
- "CAT_ID" => $cat_id,
- "CAT_DESC" => stripslashes($category_rows[$i]['cat_title']),
- "CAT_EDIT" => "<a href='".append_sid("$PHP_SELF?mode=editcat&cat_id=$cat_id")."'>Edit</a>",
- "CAT_DELETE" => "<a href='".append_sid("$PHP_SELF?mode=deletecat&cat_id=$cat_id")."'>Delete</a>",
- "CAT_UP" => "<a href='".append_sid("$PHP_SELF?mode=cat_order&move=-15&cat_id=$cat_id")."'>Move up</a>",
- "CAT_DOWN" => "<a href='".append_sid("$PHP_SELF?mode=cat_order&move=15&cat_id=$cat_id")."'>Move down</a>",
- "U_VIEWCAT" => append_sid($phpbb_root_path."index.$phpEx?viewcat=$cat_id"),
- "U_ADDFORUM" => append_sid("$PHP_SELF?mode=addforum&cat_id=$cat_id"),
- "ADDFORUM" => "Add Forum")
- );
+
+ $template->assign_block_vars("catrow", array(
+ "S_ADD_FORUM_SUBMIT" => "addforum[$cat_id]",
+ "S_ADD_FORUM_NAME" => "forumname[$cat_id]",
+
+ "CAT_ID" => $cat_id,
+ "CAT_DESC" => $category_rows[$i]['cat_title'],
+
+ "U_CAT_EDIT" => append_sid("admin_forums.$phpEx?mode=editcat&amp;cat_id=$cat_id"),
+ "U_CAT_DELETE" => append_sid("admin_forums.$phpEx?mode=deletecat&cat_id=$cat_id"),
+ "U_CAT_MOVE_UP" => append_sid("admin_forums.$phpEx?mode=cat_order&move=-15&cat_id=$cat_id"),
+ "U_CAT_MOVE_DOWN" => append_sid("admin_forums.$phpEx?mode=cat_order&move=15&cat_id=$cat_id"),
+ "U_VIEWCAT" => append_sid($phpbb_root_path."index.$phpEx?viewcat=$cat_id"))
+ );
for($j = 0; $j < $total_forums; $j++)
{
$forum_id = $forum_rows[$j]['forum_id'];
- // Don't display this forum unless it's in this category..
if ($forum_rows[$j]['cat_id'] == $cat_id)
{
- //
- // This should end up in the template using IF...ELSE...ENDIF
- //
- $row_color == "#DDDDDD" ? $row_color = "#CCCCCC" : $row_color = "#DDDDDD";
-
+
$template->assign_block_vars("catrow.forumrow", array(
- "FORUM_NAME" => stripslashes($forum_rows[$j]['forum_name']),
- "FORUM_DESC" => stripslashes($forum_rows[$j]['forum_desc']),
+ "FORUM_NAME" => $forum_rows[$j]['forum_name'],
+ "FORUM_DESC" => $forum_rows[$j]['forum_desc'],
"ROW_COLOR" => $row_color,
"NUM_TOPICS" => $forum_rows[$j]['forum_topics'],
"NUM_POSTS" => $forum_rows[$j]['forum_posts'],
- "U_VIEWFORUM" => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&" . $forum_rows[$j]['forum_posts']),
- "FORUM_EDIT" => "<a href='".append_sid("$PHP_SELF?mode=editforum&forum_id=$forum_id")."'>Edit</a>",
- "FORUM_DELETE" => "<a href='".append_sid("$PHP_SELF?mode=deleteforum&forum_id=$forum_id")."'>Delete</a>",
- "FORUM_UP" => "<a href='".append_sid("$PHP_SELF?mode=forum_order&move=-15&forum_id=$forum_id")."'>Move up</a>",
- "FORUM_DOWN" => "<a href='".append_sid("$PHP_SELF?mode=forum_order&move=15&forum_id=$forum_id")."'>Move down</a>",
- "FORUM_SYNC" => "<a href='".append_sid("$PHP_SELF?mode=forum_sync&forum_id=$forum_id")."'>Sync</a>")
+
+ "U_VIEWFORUM" => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;" . $forum_rows[$j]['forum_posts']),
+ "U_FORUM_EDIT" => append_sid("admin_forums.$phpEx?mode=editforum&amp;forum_id=$forum_id"),
+ "U_FORUM_DELETE" => append_sid("admin_forums.$phpEx?mode=deleteforum&amp;forum_id=$forum_id"),
+ "U_FORUM_MOVE_UP" => append_sid("admin_forums.$phpEx?mode=forum_order&amp;move=-15&forum_id=$forum_id"),
+ "U_FORUM_MOVE_DOWN" => append_sid("admin_forums.$phpEx?mode=forum_order&amp;move=15&forum_id=$forum_id"),
+ "U_FORUM_RESYNC" => append_sid("admin_forums.$phpEx?mode=forum_sync&amp;forum_id=$forum_id"))
);
+
}// if ... forumid == catid
} // for ... forums
- $template->assign_block_vars("catrow.forumrow", array(
- "S_ADDFORUM" => '<FORM METHOD="POST" ACTION="'.append_sid($PHP_SELF).'">
- <INPUT TYPE="text" NAME="forumname">
- <INPUT TYPE="hidden" NAME="cat_id" VALUE="'.$cat_id.'">
- <INPUT TYPE="hidden" NAME="mode" VALUE="addforum">
- <INPUT TYPE="submit" NAME="submit" VALUE="Create new Forum">',
- "S_ADDFORUM_ENDFORM" => "</FORM>")
- );
+
} // for ... categories
-}// if ... total_categories
-$template->assign_block_vars("catrow", array(
- "S_ADDCAT" => '<FORM METHOD="POST" ACTION="'.append_sid($PHP_SELF).'">
- <INPUT TYPE="text" NAME="catname">
- <INPUT TYPE="hidden" NAME="mode" VALUE="addcat">
- <INPUT TYPE="submit" NAME="submit" VALUE="Create new category">',
- "S_ADDCAT_ENDFORM" => "</FORM>")
-);
+}// if ... total_categories
-//
-// Generate the page
-//
$template->pparse("body");
-//
-// Page Footer
-//
include('page_footer_admin.'.$phpEx);
+
?> \ No newline at end of file
diff --git a/phpBB/admin/admin_groupauth.php b/phpBB/admin/admin_groupauth.php
index 4a36bbf932..c51e797eba 100644
--- a/phpBB/admin/admin_groupauth.php
+++ b/phpBB/admin/admin_groupauth.php
@@ -28,30 +28,12 @@ if($setmodules == 1)
return;
}
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
-
-//
-// Start session management
-//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
-//
-// End session management
-//
-
//
-// Is user logged in? If yes are they an admin?
+// Load default header
//
-if( !$userdata['session_logged_in'] )
-{
- header("Location: ../login.$phpEx?forward_page=admin/");
-}
-else if( $userdata['user_level'] != ADMIN )
-{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
-}
+$phpbb_root_dir = "./../";
+$no_page_header = TRUE;
+require('pagestart.inc');
//
// Start program - define vars
@@ -126,10 +108,13 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin)
// -------------
-if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL]))
+if( isset($HTTP_POST_VARS['submit']) && ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) ) )
{
- $group_id = $HTTP_POST_VARS[POST_GROUPS_URL];
- $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE;
+ //
+ // Front end
+ //
+ $group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
+ $adv = ( isset($HTTP_POST_VARS['adv']) ) ? TRUE : 0;
//
// This is where things become fun ...
@@ -163,14 +148,9 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL]))
AND u.user_id = ug2.user_id
AND g2.group_id = ug2.group_id
AND aa2.group_id = g2.group_id";
-/*
- $sql = "SELECT aa.*, g.group_single_user, g.group_id, g.group_name
- FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g
- WHERE g.group_id = $group_id
- AND aa.group_id = g.group_id";*/
$ag_result = $db->sql_query($sql);
- if($num_g_access = $db->sql_numrows($ag_result))
+ if( $num_g_access = $db->sql_numrows($ag_result) )
{
$g_access = $db->sql_fetchrowset($ag_result);
}
@@ -519,58 +499,13 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL]))
}
}
-else if(empty($HTTP_GET_VARS[POST_GROUPS_URL]))
-{
- //
- // Default user selection box
- //
- // This should be altered on the final system
- //
-
- $sql = "SELECT group_id, group_name
- FROM " . GROUPS_TABLE . "
- WHERE group_single_user <> " . TRUE;
- $g_result = $db->sql_query($sql);
- $group_list = $db->sql_fetchrowset($g_result);
-
- $select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
- for($i = 0; $i < count($group_list); $i++)
- {
- $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
- }
- $select_list .= "</select>";
-
- include('page_header_admin.'.$phpEx);
-
- $template->set_filenames(array(
- "body" => "admin/auth_select_body.tpl")
- );
-
- $template->assign_vars(array(
- "L_AUTH_TITLE" => $lang['Group'] . " " . $lang['Auth_Control'],
- "L_AUTH_EXPLAIN" => $lang['Group_auth_explain'],
- "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['Group'],
- "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],
-
- "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
- "S_AUTH_SELECT" => $select_list)
- );
-
-}
-else
+else if( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) )
{
//
// Front end
//
- $group_id = $HTTP_GET_VARS[POST_GROUPS_URL];
- if( isset($HTTP_GET_VARS['adv']) )
- {
- $adv = $HTTP_GET_VARS['adv'];
- }
- else
- {
- $adv = FALSE;
- }
+ $group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
+ $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0;
include('page_header_admin.'.$phpEx);
@@ -902,7 +837,43 @@ else
"S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
+}
+else
+{
+ //
+ // Default user selection box
+ //
+ // This should be altered on the final system
+ //
+ $sql = "SELECT group_id, group_name
+ FROM " . GROUPS_TABLE . "
+ WHERE group_single_user <> " . TRUE;
+ $g_result = $db->sql_query($sql);
+ $group_list = $db->sql_fetchrowset($g_result);
+
+ $select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
+ for($i = 0; $i < count($group_list); $i++)
+ {
+ $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
+ }
+ $select_list .= "</select>";
+
+ include('page_header_admin.'.$phpEx);
+
+ $template->set_filenames(array(
+ "body" => "admin/auth_group_select_body.tpl")
+ );
+
+ $template->assign_vars(array(
+ "L_AUTH_TITLE" => $lang['Group'] . " " . $lang['Auth_Control'],
+ "L_AUTH_EXPLAIN" => $lang['Group_auth_explain'],
+ "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['Group'],
+ "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],
+
+ "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
+ "S_AUTH_SELECT" => $select_list)
+ );
}
$template->pparse("body");
diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php
index 9361bab9e0..c9f8653e53 100644
--- a/phpBB/admin/admin_groups.php
+++ b/phpBB/admin/admin_groups.php
@@ -29,39 +29,27 @@ if($setmodules == 1)
}
//
-// Include required files, get $phpEx and check permissions
+// Load default header
//
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
+$phpbb_root_dir = "./../";
+require('pagestart.inc');
-//
-// Start session management
-//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
-//
-// End session management
-//
-if( !$userdata['session_logged_in'] )
+if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
{
- header("Location: ../login.$phpEx?forward_page=admin/");
+ $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? $HTTP_POST_VARS[POST_GROUPS_URL] : $HTTP_GET_VARS[POST_GROUPS_URL];
}
-else if( $userdata['user_level'] != ADMIN )
+else
{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
+ $group_id = "";
}
-$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : ((isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : "");
-if($mode && empty($HTTP_POST_VARS['updategroup']))
+if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
{
-
//
// Ok they are editing a group or creating a new group
//
- include("page_header_admin." . $phpEx);
- if ( $mode == "editgroup" )
+ if ( isset($HTTP_POST_VARS['edit']) )
{
//
// They're editing. Grab the vars.
@@ -69,7 +57,7 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
$sql = "SELECT *
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
- AND group_id = " . $g;
+ AND group_id = $group_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Error getting group information", "", __LINE__, __FILE__, $sql);
@@ -79,8 +67,11 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
message_die(GENERAL_MESSAGE, "That user group does not exist");
}
$group_info = $db->sql_fetchrow($result);
+
+ $mode = "editgroup";
+
}
- else if ($mode == "newgroup")
+ else if( isset($HTTP_POST_VARS['new']) )
{
$group_info = array (
"group_name" => "",
@@ -89,6 +80,9 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
"group_type" => "1"
);
$group_open = "checked=\"checked\"";
+
+ $mode = "newgroup";
+
}
//
// Ok, now we know everything about them, let's show the page.
@@ -98,34 +92,36 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
WHERE user_id <> " . ANONYMOUS . "
ORDER BY username";
$u_result = $db->sql_query($sql);
+ if( !$u_result )
+ {
+ message_die(GENERAL_ERROR, "Couldn't obtain user info for moderator list", "", __LINE__, __FILE__, $sql);
+ }
+
$user_list = $db->sql_fetchrowset($u_result);
$select_list = "<select name=\"group_moderator\">";
for($i = 0; $i < count($user_list); $i++)
{
- if( $user_list[$i]['user_id'] == $group_info['group_moderator'] )
- {
- $select_list .= "<option selected value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
- }
- else
- {
- $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
- }
+ $selected = ( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) ? "selected=\"selected\"" : "";
+ $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\"$selected>" . $user_list[$i]['username'] . "</option>";
}
$select_list .= "</select>";
+
+ $group_open = ( !empty($group_info['group_type']) ) ? "checked=\"checked\"" : "";
+ $group_closed = ( empty($group_info['group_type']) ) ? "checked=\"checked\"" : "";
+
$template->set_filenames(array(
"body" => "admin/group_edit_body.tpl")
);
- if( !empty($group_info['group_type']) )
- {
- $group_open = "checked=\"checked\"";
- }
- else
- {
- $group_closed = "checked=\"checked\"";
- }
+
+ $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
+
$template->assign_vars(array(
- "L_GROUP_INFO" => $lang['Group_edit_explain'],
+ "GROUP_NAME" => $group_info['group_name'],
+ "GROUP_DESCRIPTION" => $group_info['group_description'],
+
+ "L_GROUP_TITLE" => $lang['Group'] . " " . $lang['Admin'],
+ "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
"L_GROUP_NAME" => $lang['group_name'],
"L_GROUP_DESCRIPTION" => $lang['group_description'],
"L_GROUP_MODERATOR" => $lang['group_moderator'],
@@ -137,108 +133,95 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
"L_SUBMIT" => $lang['submit_group_changes'],
"L_RESET" => $lang['reset_group_changes'],
- "S_GROUP_NAME" => $group_info['group_name'],
- "S_GROUP_DESCRIPTION" => $group_info['group_description'],
- "S_GROUP_MODERATOR" => $select_list,
+ "S_SELECT_MODERATORS" => $select_list,
"S_GROUP_OPEN_CHECKED" => $group_open,
"S_GROUP_CLOSED_CHECKED" => $group_closed,
"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
- "S_GROUP_MODE" => $mode,
- "GROUP_ID" => $g)
+ "S_HIDDEN_FIELDS" => $s_hidden_fields)
);
+
$template->pparse('body');
+
}
-else if($mode && $HTTP_POST_VARS['updategroup'] == "update" )
+else if( isset($HTTP_POST_VARS['group_update']) )
{
//
// Ok, they are submitting a group, let's save the data based on if it's new or editing
//
- if( isset($HTTP_POST_VARS['deletegroup']) )
+ if( isset($HTTP_POST_VARS['group_delete']) )
{
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $group_id;
+ if ( !$result = $db->sql_query($sql) )
+ {
+ message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
+ }
+
+ message_die(GENERAL_MESSAGE, $lang['Deleted_group']);
}
else
{
$group_type = isset($HTTP_POST_VARS['group_type']) ? $HTTP_POST_VARS['group_type'] : "";
$group_name = isset($HTTP_POST_VARS['group_name']) ? $HTTP_POST_VARS['group_name'] : "";
$group_description = isset($HTTP_POST_VARS['group_description']) ? $HTTP_POST_VARS['group_description'] : "";
- $group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? $HTTP_POST_VARS['group_moderator'] : "";
- $group_id = isset($HTTP_POST_VARS['group_id']) ? $HTTP_POST_VARS['group_id'] : "";
+ $group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? intval($HTTP_POST_VARS['group_moderator']) : "";
+
+ if( $group_name == "" )
+ {
+ message_die(GENERAL_MESSAGE, $lang['No_group_name']);
+ }
+ else if( $group_moderator == "" )
+ {
+ message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
+ }
+ else if( $group_type == "" )
+ {
+ message_die(GENERAL_MESSAGE, $lang['No_group_mode']);
+ }
- switch($mode)
+ if( $mode == "editgroup" )
{
- case 'editgroup':
- $sql = "UPDATE " . GROUPS_TABLE . "
- SET group_type = '" . $group_type . "',
- group_name = '" . $group_name . "',
- group_description = '" . $group_description . "',
- group_moderator = '" . $group_moderator . "'
- WHERE group_id = '" . $group_id . "'";
- break;
-
- case 'newgroup':
- $sql = "INSERT INTO " . GROUPS_TABLE . "
- (
- group_type,
- group_name,
- group_description,
- group_moderator,
- group_single_user
- )
- VALUES
- (
- '" . $group_type . "',
- '" . $group_name . "',
- '" . $group_description . "',
- '" . $group_moderator . "',
- '0'
- )";
- break;
-
- case 'default':
- message_die(GENERAL_ERROR, $lang['Group_mode_not_selected']);
- break;
+
+ echo $sql = "UPDATE " . GROUPS_TABLE . "
+ SET group_type = $group_type, group_name = '" . $group_name . "', group_description = '" . $group_description . "', group_moderator = $group_moderator
+ WHERE group_id = $group_id";
+ if ( !$result = $db->sql_query($sql) )
+ {
+ message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
+ }
+
+ message_die(GENERAL_MESSAGE, $lang['Updated_group']);
}
- }
- if ( !$result = $db->sql_query($sql) )
- {
- $error = TRUE;
- }
- if ( $mode == "newgroup" )
- {
- $new_group_id = $db->sql_nextid($result);
-
- $sql = "INSERT INTO " . USER_GROUP_TABLE . "
- (
- group_id,
- user_id,
- user_pending
- )
- VALUES
- (
- '" . $new_group_id . "',
- '" . $group_moderator . "',
- '0'
- )";
- if ( !$result = $db->sql_query($sql) )
+ else if( $mode == "newgroup" )
{
- $error = TRUE;
+
+ $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user)
+ VALUES ($group_type, '" . $group_name . "', '" . $group_description . "', $group_moderator, '0')";
+ if ( !$result = $db->sql_query($sql) )
+ {
+ message_die(GENERAL_ERROR, "Couldn't insert new group", "", __LINE__, __FILE__, $sql);
+ }
+
+ $new_group_id = $db->sql_nextid($result);
+
+ $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
+ VALUES ($new_group_id, $group_moderator, 0)";
+ if ( !$result = $db->sql_query($sql) )
+ {
+ message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql);
+ }
+
+ message_die(GENERAL_MESSAGE, $lang['Added_new_group']);
+
+ }
+ else
+ {
+ message_die(GENERAL_MESSAGE, $lang['Group_mode_not_selected']);
}
- }
- if ( isset($error) )
- {
- message_die(GENERAL_ERROR, $lang['Error_updating_groups'], $lang['Error'], __LINE__, __FILE__, $sql);
- }
- else
- {
- message_die(GENERAL_MESSAGE, $lang['Success_updating_groups'], $lang['Success']);
}
}
else
{
- include("page_header_admin." . $phpEx);
-
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
@@ -262,7 +245,7 @@ else
"L_GROUP_EXPLAIN" => $lang['Group_admin_explain'],
"L_GROUP_SELECT" => $lang['Select_a'] . " " . $lang['Group'],
"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],
- "L_GROUP_NEW" => $lang['New_group'],
+ "L_CREATE_NEW_GROUP" => $lang['New_group'],
"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
"S_GROUP_SELECT" => $select_list)
@@ -270,6 +253,7 @@ else
$template->pparse('body');
}
+
include('page_footer_admin.'.$phpEx);
?> \ No newline at end of file
diff --git a/phpBB/admin/admin_mass_email.php b/phpBB/admin/admin_mass_email.php
index 38d5cfd101..a3e3b0657a 100644
--- a/phpBB/admin/admin_mass_email.php
+++ b/phpBB/admin/admin_mass_email.php
@@ -32,30 +32,13 @@ if($setmodules == 1)
return;
}
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
-
-//
-// Start session management
-//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
//
-// End session management
+// Load default header
//
+$phpbb_root_dir = "./../";
+$no_page_header = TRUE;
+require('pagestart.inc');
-//
-// Is user logged in? If yes are they an admin?
-//
-if( !$userdata['session_logged_in'] )
-{
- header("Location: ../login.$phpEx?forward_page=admin/");
-}
-else if( $userdata['user_level'] != ADMIN )
-{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
-}
//
// Set VERBOSE to 1 for debugging info..
@@ -67,7 +50,10 @@ define("VERBOSE", 0);
// allowed.
//
@set_time_limit(600);
-//Set form names
+
+//
+// Set form names
+//
$f_title = 'e_title';
$f_msg = 'e_msg';
diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php
index 18a2dd7c22..04d6c31474 100644
--- a/phpBB/admin/admin_ranks.php
+++ b/phpBB/admin/admin_ranks.php
@@ -31,12 +31,9 @@ if($setmodules == 1)
// Let's set the root dir for phpBB
//
$phpbb_root_dir = "./../";
-
-//
-// Include required files, get $phpEx and check permissions
-//
require('pagestart.inc');
+
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
@@ -69,65 +66,50 @@ if( $mode != "" )
// They want to add a new rank, show the form.
//
- $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : 0;
-
- $template->set_filenames(array(
- "body" => "admin/ranks_edit_body.tpl")
- );
+ $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
- $s_hidden_fields = '';
+ $s_hidden_fields = "";
if( $mode == "edit" )
{
- if( $rank_id )
+ if( empty($rank_id) )
{
- $sql = "SELECT * FROM " . RANKS_TABLE . "
- WHERE rank_id = $rank_id";
- if(!$result = $db->sql_query($sql))
- {
-
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => "Error querying ranks table")
- );
- }
-
- $rank_info = $db->sql_fetchrow($result);
- $s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
+ message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
- else
+
+ $sql = "SELECT * FROM " . RANKS_TABLE . "
+ WHERE rank_id = $rank_id";
+ if(!$result = $db->sql_query($sql))
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => $lang['Must_select_rank'])
- );
-
+ message_die(GENERAL_ERROR, "Couldn't obtain rank data", "", __LINE__, __FILE__, $sql);
}
+
+ $rank_info = $db->sql_fetchrow($result);
+ $s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
+
}
else
{
$rank_info['rank_special'] = 0;
}
+
$s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
- $rank_is_special = ( $rank_info['rank_special'] == 1 ) ? "checked=\"checked\"" : "";
- $rank_is_not_special = ( !($rank_info['rank_special'] == 1) ) ? "checked=\"checked\"" : "";
+
+ $rank_is_special = ( $rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
+ $rank_is_not_special = ( !$rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
+ $template->set_filenames(array(
+ "body" => "admin/ranks_edit_body.tpl")
+ );
+
$template->assign_vars(array(
"RANK" => $rank_info['rank_title'],
"SPECIAL_RANK" => $rank_is_special,
"NOT_SPECIAL_RANK" => $rank_is_not_special,
"MINIMUM" => $rank_info['rank_min'],
"MAXIMUM" => $rank_info['rank_max'],
- "IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "http://",
- "IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="'.$rank_info['rank_image'].'" />' : "",
+ "IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
+ "IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="' . $rank_info['rank_image'] . '" />' : "",
"L_RANKS_TITLE" => $lang['Ranks_title'],
"L_RANKS_TEXT" => $lang['Ranks_explain'],
@@ -153,42 +135,35 @@ if( $mode != "" )
// Ok, they sent us our info, let's update it.
//
- $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : 0;
+ $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
$rank_title = ( isset($HTTP_POST_VARS['title']) ) ? $HTTP_POST_VARS['title'] : "";
- $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? 1 : 0;
- $max_posts = ( isset($HTTP_POST_VARS['max_posts']) ) ? $HTTP_POST_VARS['max_posts'] : -1;
- $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? $HTTP_POST_VARS['min_posts'] : -1;
+ $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
+ $max_posts = ( isset($HTTP_POST_VARS['max_posts']) ) ? intval($HTTP_POST_VARS['max_posts']) : -1;
+ $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1;
$rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) || $HTTP_POST_VARS['rank_image'] != "http://" ) ? $HTTP_POST_VARS['rank_image'] : "";
+
if( $rank_title == "" )
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => $lang['Must_select_rank'])
- );
+ message_die(GENERAML_MESSAGE, $lang['Must_select_rank']);
}
+
if( $special_rank == 1 )
{
$max_posts = -1;
$min_posts = -1;
}
- // The rank image has to start with http://, followed by something with length at least 3 that
- // contains at least one dot.
+
+ //
+ // The rank image has to be a jpg, gif or png
+ //
if($rank_image != "")
{
- if( !ereg("^http\:\/\/", $rank_image) )
- {
- $rank_image = "http://" . $rank_image;
- }
-
- if (!preg_match("#^http\\:\\/\\/[a-z0-9\-]+\.[a-z0-9\-]+#i", $rank_image))
+ if ( !preg_match("/(\.gif|\.png|\.jpg)$/is", $rank_image))
{
$rank_image = "";
}
}
+
if( $rank_id )
{
$sql = "UPDATE " . RANKS_TABLE . "
@@ -199,7 +174,7 @@ if( $mode != "" )
rank_min = '$min_posts',
rank_image = '$rank_image'
WHERE rank_id = $rank_id";
- $message_success = $lang['Rank_updated'];
+ $message = $lang['Rank_updated'];
}
else
{
@@ -207,31 +182,20 @@ if( $mode != "" )
(rank_title, rank_special, rank_max, rank_min, rank_image)
VALUES
('$rank_title', '$special_rank', '$max_posts', '$min_posts', '$rank_image')";
- $message_success = $lang['Rank_added'];
+ $message = $lang['Rank_added'];
}
- if(!$result = $db->sql_query($sql))
- {
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => "Couldn't update ranks table<br>SQL: ".$sql)
- );
- }
- else
+ if( !$result = $db->sql_query($sql) )
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Success'],
- "MESSAGE_TEXT" => $message_success)
- );
+ message_die(GENERAL_ERROR, "Couldn't update/insert into ranks table", "", __LINE__, __FILE__, $sql);
}
+
+ $template->assign_vars(array(
+ "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">')
+ );
+ $message .= "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_ranks.$phpEx") . "\">" . $lang['Here'] . "</a> " . $lang['return_rank_admin'];
+ message_die(GENERAL_MESSAGE, $message);
+
}
else if( $mode == "delete" )
{
@@ -241,7 +205,7 @@ if( $mode != "" )
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
- $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
}
else
{
@@ -255,37 +219,22 @@ if( $mode != "" )
if( !$result = $db->sql_query($sql))
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => "Could not remove data from ranks table.")
- );
- }
- else
- {
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Success'],
- "MESSAGE_TEXT" => $lang['Rank_removed'])
- );
+ message_die(GENERAL_ERROR, "Couldn't delete rank data", "", __LINE__, __FILE__, $sql);
}
+
+ $template->assign_vars(array(
+ "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">')
+ );
+ $message = $lang['Rank_removed'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_ranks.$phpEx") . "\">" . $lang['Here'] . "</a> " . $lang['return_rank_admin'];
+ message_die(GENERAL_MESSAGE, $message);
+
}
else
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
$template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => $lang['Must_select_rank'])
+ "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">')
);
+ message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
}
}
else
@@ -302,14 +251,7 @@ if( $mode != "" )
ORDER BY rank_title";
if( !$result = $db->sql_query($sql) )
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => "Could not query ranks table")
- );
+ message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
}
$rank_rows = $db->sql_fetchrowset($result);
@@ -341,9 +283,10 @@ if( $mode != "" )
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"RANK" => $rank,
- "SPECIAL_RANK" => ( $special_rank == 1 ) ? "Yes" : "No",
- "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
- "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
+ "SPECIAL_RANK" => ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'],
+
+ "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
+ "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
);
}
}
@@ -362,18 +305,11 @@ else
ORDER BY rank_title";
if( !$result = $db->sql_query($sql) )
{
- $template->set_filenames(array(
- "body" => "admin/admin_message_body.tpl")
- );
-
- $template->assign_vars(array(
- "MESSAGE_TITLE" => $lang['Error'],
- "MESSAGE_TEXT" => "Could not query ranks table.")
- );
+ message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
}
+ $rank_count = $db->sql_numrows($result);
$rank_rows = $db->sql_fetchrowset($result);
- $rank_count = count($rank_rows);
$template->assign_vars(array(
"L_RANKS_TITLE" => $lang['Ranks_title'],
@@ -396,15 +332,16 @@ else
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
- $rank_is_special = ( $special_rank == 1 ) ? "Yes" : "No";
+ $rank_is_special = ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'];
$template->assign_block_vars("ranks", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"RANK" => $rank,
"SPECIAL_RANK" => $rank_is_special,
- "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
- "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
+
+ "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
+ "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
);
}
}
@@ -413,4 +350,4 @@ $template->pparse("body");
include('page_footer_admin.'.$phpEx);
-?>
+?> \ No newline at end of file
diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php
index d867d1ce81..946116da4a 100644
--- a/phpBB/admin/admin_smilies.php
+++ b/phpBB/admin/admin_smilies.php
@@ -35,27 +35,41 @@ if($setmodules == 1)
}
//
-// Include required files register $phpEx, and check permisions
+// Load default header
//
+$phpbb_root_dir = "./../";
require('pagestart.inc');
//
// Check to see what mode we should operate in.
//
-$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+{
+ $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+}
+else
+{
+ $mode = "";
+}
//
// Read a listing of uploaded smilies for use in the add or edit smliey code...
//
-$dir = opendir($phpbb_root_path . $board_config['smilies_path']);
-while($file = readdir($dir))
+$dir = @opendir($phpbb_root_path . $board_config['smilies_path']);
+
+while($file = @readdir($dir))
{
- if(!is_dir($phpbb_root_path . $board_config['smilies_path'] . '/' . $file))
+ if( !@is_dir($phpbb_root_path . $board_config['smilies_path'] . '/' . $file) )
{
$smiley_images[] = $file;
}
}
+@closedir($dir);
+
+//
+// Select main mode
+//
switch($mode)
{
case 'delete':
@@ -63,30 +77,24 @@ switch($mode)
// Admin has selected to delete a smiley.
//
- $smiley_id = ( !empty($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id'];
+ $smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
$sql = "DELETE FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
$result = $db->sql_query($sql);
if( !$result )
{
- message_die(GENERAL_ERROR, $lang['smile_remove_err'], "", __LINE__, __FILE__, $sql);
+ message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
}
$template->set_filenames(array(
- "body" => "admin/smile_result_body.tpl")
+ "body" => "admin/admin_message_body.tpl")
);
$template->assign_vars(array(
- "U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"),
-
- "L_SMILEY_TITLE" => $lang['smiley_title'],
- "L_SMILEY_TEXT" => $lang['smiley_return'],
- "L_SMILEY_ACTION" => $lang['smiley_del_success'])
+ "MESSAGE_TITLE" => $lang['smiley_title'],
+ "MESSAGE_TEXT" => $lang['smiley_del_success'])
);
- //
- // Spit out some feedback to the user.
- //
$template->pparse("body");
break;
@@ -95,7 +103,7 @@ switch($mode)
// Admin has selected to edit a smiley.
//
- $smiley_id = ( !empty($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id'];
+ $smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
$sql = "SELECT *
FROM " . SMILIES_TABLE . "
@@ -135,7 +143,7 @@ switch($mode)
"L_SMILEY_TITLE" => $lang['smiley_title'],
"L_SMILEY_CONFIG" => $lang['smiley_config'],
- "L_SMILEY_EXPLAIN" => $lang['smiley_instr'],
+ "L_SMILEY_EXPLAIN" => $lang['smile_desc'],
"L_SMILEY_CODE" => $lang['smiley_code'],
"L_SMILEY_URL" => $lang['smiley_url'],
"L_SMILEY_EMOTION" => $lang['smiley_emot'],
@@ -200,10 +208,10 @@ switch($mode)
// Get the submitted data, being careful to ensure that we only
// accept the data we are looking for.
//
- $smile_code = ($HTTP_POST_VARS['smile_code']) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
- $smile_url = ($HTTP_POST_VARS['smile_url']) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
- $smile_emotion = ($HTTP_POST_VARS['smile_emotion']) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
- $smile_id = intval(($HTTP_POST_VARS['smile_id']) ? $HTTP_POST_VARS['smile_id'] : $HTTP_GET_VARS['smile_id']);
+ $smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
+ $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
+ $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+ $smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']);
//
// Proceed with updating the smiley table.
@@ -214,21 +222,17 @@ switch($mode)
$result = $db->sql_query($sql);
if( !$result )
{
- message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);
+ message_die(GENERAL_ERROR, "Couldn't update smilies info", "", __LINE__, __FILE__, $sql);
}
$template->set_filenames(array(
- "body" => "admin/smile_result_body.tpl")
+ "body" => "admin/admin_message_body.tpl")
);
$template->assign_vars(array(
- "U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"),
-
- "L_SMILEY_TITLE" => $lang['smiley_title'],
- "L_SMILEY_TEXT" => $lang['smiley_return'],
- "L_SMILEY_ACTION" => $lang['smiley_edit_success'])
+ "MESSAGE_TITLE" => $lang['smiley_title'],
+ "MESSAGE_TEXT" => $lang['smiley_edit_success'])
);
-
$template->pparse("body");
break;
@@ -241,9 +245,9 @@ switch($mode)
// Get the submitted data being careful to ensure the the data
// we recieve and process is only the data we are looking for.
//
- $smile_code = ($HTTP_POST_VARS['smile_code']) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
- $smile_url = ($HTTP_POST_VARS['smile_url']) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
- $smile_emotion = ($HTTP_POST_VARS['smile_emotion']) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+ $smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
+ $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
+ $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
//
// Save the data to the smiley table.
@@ -253,21 +257,17 @@ switch($mode)
$result = $db->sql_query($sql);
if( !$result )
{
- message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);
+ message_die(GENERAL_ERROR, "Couldn't insert new smiley", "", __LINE__, __FILE__, $sql);
}
$template->set_filenames(array(
- "body" => "admin/smile_result_body.tpl")
+ "body" => "admin/admin_message_body.tpl")
);
$template->assign_vars(array(
- "U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"),
-
- "L_SMILEY_TITLE" => $lang['smiley_title'],
- "L_SMILEY_TEXT" => $lang['smiley_return'],
- "L_SMILEY_ACTION" => $lang['smiley_add_success'])
+ "MESSAGE_TITLE" => $lang['smiley_title'],
+ "MESSAGE_TEXT" => $lang['smiley_add_success'])
);
-
$template->pparse("body");
break;
@@ -281,7 +281,7 @@ switch($mode)
$result = $db->sql_query($sql);
if( !$result )
{
- message_die(GENERAL_ERROR, $lang['smile_load_err'], "", __LINE__, __FILE__, $sql);
+ message_die(GENERAL_ERROR, "Couldn't obtain smileys from database", "", __LINE__, __FILE__, $sql);
}
$smilies = $db->sql_fetchrowset($result);
@@ -318,6 +318,7 @@ switch($mode)
$template->assign_block_vars("smiles", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
+
"SMILEY_IMG" => $phpbb_root_path . '/' . $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'],
"CODE" => $smilies[$i]['code'],
"EMOT" => $smilies[$i]['emoticon'],
@@ -326,12 +327,14 @@ switch($mode)
"U_SMILEY_DELETE" => append_sid("admin_smilies.$phpEx?mode=delete&amp;id=" . $smilies[$i]['smilies_id']))
);
}
+
//
// Spit out the page.
//
$template->pparse("body");
break;
}
+
//
// Page Footer
//
diff --git a/phpBB/admin/admin_styles.php b/phpBB/admin/admin_styles.php
new file mode 100644
index 0000000000..eacdfa33e7
--- /dev/null
+++ b/phpBB/admin/admin_styles.php
@@ -0,0 +1,49 @@
+<?php
+/***************************************************************************
+ * admin_words.php
+ * -------------------
+ * begin : Thursday, Jul 12, 2001
+ * copyright : (C) 2001 The phpBB Group
+ * email : support@phpbb.com
+ *
+ * $Id$
+ *
+ *
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ ***************************************************************************/
+
+if($setmodules == 1)
+{
+ $file = basename(__FILE__);
+ $module['Styles']['Add_new'] = "$file?mode=addnew";
+ $module['Styles']['Create_new'] = "$file?mode=addnew";
+ $module['Styles']['Manage'] = "$file";
+ return;
+}
+
+//
+// Load default header
+//
+$phpbb_root_dir = "./../";
+require('pagestart.inc');
+
+if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
+{
+ $mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+}
+else
+{
+ $mode = "";
+}
+
+include('page_footer_admin.'.$phpEx);
+
+?> \ No newline at end of file
diff --git a/phpBB/admin/admin_user_ban.php b/phpBB/admin/admin_user_ban.php
index 8327215093..e270b9ac81 100644
--- a/phpBB/admin/admin_user_ban.php
+++ b/phpBB/admin/admin_user_ban.php
@@ -30,16 +30,23 @@ if($setmodules == 1)
}
//
-// Include required files, get $phpEx and check permissions
+// Load default header
//
+$phpbb_root_dir = "./../";
require('pagestart.inc');
+if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+{
+ $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+}
+else
+{
+ $mode = "unban";
+}
+
//
// Start program
//
-
-$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : "unban";
-
if( isset($HTTP_POST_VARS['submit']) && isset($HTTP_POST_VARS['bancontrol']) )
{
if($HTTP_POST_VARS['bancontrol'] == "ban")
@@ -348,7 +355,7 @@ else
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
- ORDER BY user_id ASC";
+ ORDER BY username ASC";
$u_result = $db->sql_query($sql);
$user_list = $db->sql_fetchrowset($u_result);
diff --git a/phpBB/admin/admin_userauth.php b/phpBB/admin/admin_userauth.php
index f34676ec6a..91edebb6f0 100644
--- a/phpBB/admin/admin_userauth.php
+++ b/phpBB/admin/admin_userauth.php
@@ -28,30 +28,23 @@ if($setmodules == 1)
return;
}
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
-
-//
-// Start session management
-//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
//
-// End session management
+// Load default header
//
+$phpbb_root_dir = "./../";
+$no_page_header = TRUE;
+require('pagestart.inc');
-//
-// Is user logged in? If yes are they an admin?
-//
-if( !$userdata['session_logged_in'] )
+
+if( isset($HTTP_POST_VARS[POST_USERS_URL]) || isset($HTTP_GET_VARS[POST_USERS_URL]) )
{
- header("Location: ../login.$phpEx?forward_page=admin/");
+ $user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL];
}
-else if( $userdata['user_level'] != ADMIN )
+else
{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
+ $user_id = "";
}
+
//
// Start program - define vars
@@ -130,8 +123,8 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin)
//
if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
{
- $user_id = $HTTP_POST_VARS[POST_USERS_URL];
- $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE;
+ $user_id = intval($HTTP_POST_VARS[POST_USERS_URL]);
+ $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : 0;
//
// This is where things become fun ...
@@ -223,7 +216,6 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
}
header("Location: " . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id"));
-
}
else
{
@@ -583,58 +575,19 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
}
}
}
-else if(empty($HTTP_GET_VARS[POST_USERS_URL]))
+else if( isset($HTTP_POST_VARS['username']) || $user_id)
{
- //
- // Default user selection box
- //
- // This should be altered on the final system
- //
-
- $sql = "SELECT user_id, username
- FROM " . USERS_TABLE . "
- WHERE user_id <> " . ANONYMOUS;
- $u_result = $db->sql_query($sql);
- $user_list = $db->sql_fetchrowset($u_result);
- $select_list = "<select name=\"" . POST_USERS_URL . "\">";
- for($i = 0; $i < count($user_list); $i++)
+ if( isset($HTTP_POST_VARS['username']) )
{
- $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
+ $this_userdata = get_userdata($HTTP_POST_VARS['username']);
+ $user_id = $this_userdata['user_id'];
}
- $select_list .= "</select>";
-
- include('page_header_admin.'.$phpEx);
- $template->set_filenames(array(
- "body" => "admin/auth_select_body.tpl")
- );
-
- $template->assign_vars(array(
- "L_AUTH_TITLE" => $lang['User'] . " " . $lang['Auth_Control'],
- "L_AUTH_EXPLAIN" => $lang['User_auth_explain'],
- "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['User'],
- "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'],
-
- "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),
- "S_AUTH_SELECT" => $select_list)
- );
-
-}
-else
-{
//
// Front end
//
- $user_id = $HTTP_GET_VARS[POST_USERS_URL];
- if( isset($HTTP_GET_VARS['adv']) )
- {
- $adv = $HTTP_GET_VARS['adv'];
- }
- else
- {
- $adv = FALSE;
- }
+ $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0;
include('page_header_admin.'.$phpEx);
@@ -948,8 +901,8 @@ else
}
}
- $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=");
- $switch_mode .= ( empty($adv) ) ? "1" : "0";
+ $adv_switch = ( empty($adv) ) ? 1 : 0;
+ $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=$adv_switch");
$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
@@ -972,11 +925,51 @@ else
"U_SWITCH_MODE" => $u_switch_mode,
"S_COLUMN_SPAN" => $s_column_span,
- "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),
+ "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields)
);
}
+else
+{
+ //
+ // Default user selection box
+ //
+ // This should be altered on the final system
+ //
+
+ $sql = "SELECT user_id, username
+ FROM " . USERS_TABLE . "
+ WHERE user_id <> " . ANONYMOUS;
+ $u_result = $db->sql_query($sql);
+ $user_list = $db->sql_fetchrowset($u_result);
+
+ $select_list = "<select name=\"" . POST_USERS_URL . "\">";
+ for($i = 0; $i < count($user_list); $i++)
+ {
+ $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
+ }
+ $select_list .= "</select>";
+
+ include('page_header_admin.'.$phpEx);
+
+ $template->set_filenames(array(
+ "body" => "admin/user_select_body.tpl")
+ );
+
+ $template->assign_vars(array(
+ "L_USER_TITLE" => $lang['User'] . " " . $lang['Auth_Control'],
+ "L_USER_EXPLAIN" => $lang['User_auth_explain'],
+ "L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'],
+ "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'],
+ "L_FIND_USERNAME" => $lang['Find_username'],
+
+ "U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"),
+
+ "S_USER_ACTION" => append_sid("admin_userauth.$phpEx"))
+ );
+
+}
$template->pparse("body");
diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php
index 54bc94c77d..5d59306d85 100644
--- a/phpBB/admin/admin_users.php
+++ b/phpBB/admin/admin_users.php
@@ -20,6 +20,8 @@
*
***************************************************************************/
+define("IN_ADMIN", true);
+
if($setmodules == 1)
{
$filename = basename(__FILE__);
@@ -29,16 +31,21 @@ if($setmodules == 1)
}
//
-// Include required files, get $phpEx and check permissions
+// Load default header
//
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
-include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
-include($phpbb_root_path . 'includes/post.'.$phpEx);
+$phpbb_root_dir = "./../";
+require('pagestart.inc');
+if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+{
+ $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+}
+else
+{
+ $mode = "";
+}
-//
+// ---------
// Functions
//
function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig)
@@ -112,35 +119,40 @@ function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$loca
// End Functions
//
-//
-// Start session management
-//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
-//
-// End session management
-//
-if( !$userdata['session_logged_in'] )
-{
- header("Location: ../login.$phpEx?forward_page=admin/");
-}
-else if( $userdata['user_level'] != ADMIN )
-{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
-}
//
// Begin program
//
-if ( isset($HTTP_GET_VARS['submit']) ) {
+if( $mode == "searchuser" )
+{
+ if( isset($HTTP_POST_VARS['search']) )
+ {
+ $username_list = username_search("admin_users.$phpEx", $HTTP_POST_VARS['search_author'], 1);
+ }
+ else
+ {
+ username_search("admin_users.$phpEx", "", 1);
+ }
+
//
- // This looks familiar doesn't it? It's the user profile page! :)
+ // Remove this later
//
-
+ exit;
+}
+else if ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) )
+{
//
// Let's find out a little about them...
//
- $this_userdata = get_userdata_from_id($HTTP_GET_VARS[POST_USERS_URL]);
+ if( isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) )
+ {
+ $user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL];
+ $this_userdata = get_userdata_from_id($user_id);
+ }
+ else
+ {
+ $this_userdata = get_userdata($HTTP_POST_VARS['username']);
+ }
//
// Now parse and display it as a template
@@ -195,13 +207,13 @@ if ( isset($HTTP_GET_VARS['submit']) ) {
switch( $user_avatar_type )
{
case USER_AVATAR_UPLOAD:
- $avatar = "<img src=\"" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />";
+ $avatar = "<img src=\"../" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />";
break;
case USER_AVATAR_REMOTE:
$avatar = "<img src=\"$user_avatar\" alt=\"\" />";
break;
case USER_AVATAR_GALLERY:
- $avatar = "<img src=\"" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />";
+ $avatar = "<img src=\"../" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />";
break;
}
}
@@ -319,16 +331,15 @@ if ( isset($HTTP_GET_VARS['submit']) ) {
"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx"))
);
- include('page_header_admin.'.$phpEx);
$template->pparse("body");
}
-else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
+else if( isset($HTTP_POST_VARS['submit']) && isset($HTTP_POST_VARS['user_id']) )
{
//
// Ok, the profile has been modified and submitted, let's update
//
+ $user_id = intval($HTTP_POST_VARS['user_id']);
- $user_id = $HTTP_POST_VARS['user_id'];
$username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags($HTTP_POST_VARS['username'])) : "";
$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : "";
@@ -450,8 +461,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
WHERE user_id = $user_id";
$result = @$db->sql_query($sql);
- include('page_header_admin.'. $phpEx);
-
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
@@ -479,7 +488,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
if( $error == TRUE )
{
- include('page_header_admin.' . $phpEx);
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
@@ -493,13 +501,11 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
}
else
{
- echo $sql = "UPDATE " . USERS_TABLE . "
+ $sql = "UPDATE " . USERS_TABLE . "
SET " . $username_sql . $passwd_sql . "user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occupation', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_lang = '$user_lang', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_active = $user_status, user_actkey = '$user_actkey'" . $avatar_sql . "
WHERE user_id = $user_id";
if($result = $db->sql_query($sql))
{
- include('page_header_admin.' . $phpEx);
-
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
@@ -512,8 +518,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
}
else
{
- include('page_header_admin.' . $phpEx);
-
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
@@ -528,8 +532,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
}
else
{
- include('page_header_admin.' . $phpEx);
-
$template->set_filenames(array(
"body" => "admin/admin_message_body.tpl")
);
@@ -562,8 +564,6 @@ else
}
$select_list .= "</select>";
- include('page_header_admin.'.$phpEx);
-
$template->set_filenames(array(
"body" => "admin/user_select_body.tpl")
);
@@ -573,6 +573,9 @@ else
"L_USER_EXPLAIN" => $lang['User_admin_explain'],
"L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'],
"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'],
+ "L_FIND_USERNAME" => $lang['Find_username'],
+
+ "U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"),
"S_USER_ACTION" => append_sid("admin_users.$phpEx"),
"S_USER_SELECT" => $select_list)
diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php
index 2b53198b49..f6af8d745a 100644
--- a/phpBB/admin/admin_words.php
+++ b/phpBB/admin/admin_words.php
@@ -28,8 +28,9 @@ if($setmodules == 1)
}
//
-// Include required files, get $phpEx and check permissions
+// Load default header
//
+$phpbb_root_dir = "./../";
require('pagestart.inc');
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php
index 8436fee577..65ea4b65f8 100644
--- a/phpBB/admin/index.php
+++ b/phpBB/admin/index.php
@@ -20,47 +20,33 @@
*
***************************************************************************/
-$phpbb_root_path = "./../";
-include($phpbb_root_path . 'extension.inc');
-include($phpbb_root_path . 'common.'.$phpEx);
-
-//
-// Start session management
-//
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
-init_userprefs($userdata);
-//
-// End session management
-//
-
//
-// Is user logged in? If yes are they an admin?
+// Load default header
//
-if( !$userdata['session_logged_in'] )
-{
- header("Location: ../login.$phpEx?forward_page=admin/");
-}
-else if( $userdata['user_level'] != ADMIN )
-{
- message_die(GENERAL_MESSAGE, $lang['Not_admin']);
-}
+$phpbb_root_dir = "./../";
+$no_page_header = TRUE;
+require('pagestart.inc');
//
// Generate relevant output
//
if( $HTTP_GET_VARS['pane'] == 'left' )
{
- $dir = opendir(".");
+ $dir = @opendir(".");
$setmodules = 1;
- while($file = readdir($dir))
+ while( $file = @readdir($dir) )
{
- if(preg_match("/^admin_.*/", $file))
+ if( preg_match("/^admin_.*?\.php$/", $file) )
{
include($file);
}
}
+ @closedir($dir);
+
+ unset($setmodules);
+
include('page_header_admin.'.$phpEx);
$template->set_filenames(array(
@@ -68,32 +54,34 @@ if( $HTTP_GET_VARS['pane'] == 'left' )
);
$template->assign_vars(array(
- "U_BOARD_INDEX" => append_sid("../index.$phpEx"),
+ "U_FORUM_INDEX" => append_sid("../index.$phpEx"),
"U_ADMIN_INDEX" => append_sid("index.$phpEx?pane=right"),
- "L_BOARD_INDEX" => "Board Index",
- "L_ADMIN_INDEX" => "Admin Index")
+ "L_FORUM_INDEX" => $lang['Forum_Index'],
+ "L_ADMIN_INDEX" => $lang['Admin_Index'],
+ "L_PREVIEW_FORUM" => $lang['Preview_forum'])
);
while( list($cat, $action_array) = each($module) )
{
$template->assign_block_vars("catrow", array(
- "CATNAME" => $cat)
+ "ADMIN_CATEGORY" => $cat)
);
$row_count = 0;
while( list($action, $file) = each($action_array) )
{
- $row_color = "#" . ( ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2']);
+ $row_color = ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($row_count%2) ) ? $theme['td_class1'] : $theme['td_class2'];
$action = preg_replace("'_'", " ", $action);
- $template->assign_block_vars("catrow.actionrow", array(
- "ROW_COLOR" => $row_color,
- "ROW_CLASS" => $row_class,
- "ACTIONNAME" => $action,
- "FILE" => $file)
+ $template->assign_block_vars("catrow.modulerow", array(
+ "ROW_COLOR" => "#" . $row_color,
+ "ROW_CLASS" => $row_class,
+
+ "ADMIN_MODULE" => $action,
+ "U_ADMIN_MODULE" => append_sid($file))
);
$row_count++;
}
@@ -101,8 +89,7 @@ if( $HTTP_GET_VARS['pane'] == 'left' )
$template->pparse("body");
- unset($setmodules);
- exit;
+ include('page_footer_admin.'.$phpEx);
}
elseif( $HTTP_GET_VARS['pane'] == 'right' )
{
@@ -131,7 +118,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
"L_USERS_PER_DAY" => $lang['Users_per_day'],
"L_BOARD_STARTED" => $lang['Board_started'],
"L_AVATAR_DIR_SIZE" => $lang['Avatar_dir_size'],
- "L_DB_SIZE" => $lang['Database_size'])
+ "L_DB_SIZE" => $lang['Database_size'],
+ "L_GZIP_COMPRESSION" => $lang['Gzip_compression'])
);
//
@@ -143,7 +131,7 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
$start_date = create_date($board_config['default_dateformat'], $board_config['board_startdate'], $board_config['board_timezone']);
- $boarddays = (time() - $board_config['board_startdate']) / (24*60*60);
+ $boarddays = ( time() - $board_config['board_startdate'] ) / 86400;
$posts_per_day = sprintf("%.2f", $total_posts / $boarddays);
$topics_per_day = sprintf("%.2f", $total_topics / $boarddays);
@@ -153,19 +141,19 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path']))
{
- while($file = readdir($avatar_dir))
+ while( $file = @readdir($avatar_dir) )
{
- if($file != "." && $file != "..")
+ if( $file != "." && $file != ".." )
{
- $avatar_dir_size += filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file);
+ $avatar_dir_size += @filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file);
}
}
- closedir($avatar_dir);
+ @closedir($avatar_dir);
}
else
{
// Couldn't open Avatar dir.
- $avatar_dir_size = '?';
+ $avatar_dir_size = $lang['Not_available'];
}
//
@@ -215,7 +203,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
list($version) = $db->sql_fetchrow($result);
if( ereg("^3\.23", $version) )
{
- $sql = "SHOW TABLE STATUS FROM " . $dbname;
+ $sql = "SHOW TABLE STATUS
+ FROM " . $dbname;
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Couldn't obtain table information.", "", __LINE__, __FILE__, $sql);
@@ -268,7 +257,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
"TOPICS_PER_DAY" => $topics_per_day,
"USERS_PER_DAY" => $users_per_day,
"AVATAR_DIR_SIZE" => $avatar_dir_size,
- "DB_SIZE" => $dbsize)
+ "DB_SIZE" => $dbsize,
+ "GZIP_COMPRESSION" => ( $board_config['gzip_compress'] ) ? $lang['ON'] : $lang['OFF'])
);
//
// End forum statistics
@@ -378,16 +368,12 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
$row_color = ( !($count % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($count % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
+
$count++;
$ip_address = decode_ip($onlinerow[$i]['session_ip']);
- //
- // This resolves the users IP to a host name, but it REALLY slows the page down
- //
- //$host_name = gethostbyaddr($ip_address);
- //$ip_address = $ip_address . " ($host_name)";
- if(empty($username))
+ if( empty($username) )
{
$username = $lang['Guest'];
}
@@ -420,8 +406,8 @@ else
);
$template->assign_vars(array(
- "S_FRAME_NAV" => "index.$phpEx?pane=left",
- "S_FRAME_MAIN" => "index.$phpEx?pane=right")
+ "S_FRAME_NAV" => append_sid("index.$phpEx?pane=left"),
+ "S_FRAME_MAIN" => append_sid("index.$phpEx?pane=right"))
);
header ("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
diff --git a/phpBB/admin/page_footer_admin.php b/phpBB/admin/page_footer_admin.php
index abfc0f989b..3bca8b0abe 100644
--- a/phpBB/admin/page_footer_admin.php
+++ b/phpBB/admin/page_footer_admin.php
@@ -44,11 +44,6 @@ $mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = ($endtime - $starttime);
-$gzip_text = ($board_config['gzip_compress']) ? "GZIP compression enabled" : "GZIP compression disabled";
-$debug_mode = (DEBUG) ? " : Debug Mode" : "";
-
-printf("<center><font size=-2>phpBB Created this page in %f seconds : " . $db->num_queries . " queries executed : $gzip_text".$debug_mode."</font></center>", $totaltime);
-
//
// Close our DB connection.
//
@@ -58,7 +53,7 @@ $db->sql_close();
// Compress buffered output if required
// and send to browser
//
-if($do_gzip_compress)
+if( $do_gzip_compress )
{
//
// Borrowed from php.net!
diff --git a/phpBB/admin/page_header_admin.php b/phpBB/admin/page_header_admin.php
index c17e9d61d9..e9bdcfc0d3 100644
--- a/phpBB/admin/page_header_admin.php
+++ b/phpBB/admin/page_header_admin.php
@@ -81,8 +81,8 @@ else
$template->assign_vars(array(
"SITENAME" => $board_config['sitename'],
"PAGE_TITLE" => $page_title,
- "META_INFO" => $meta_tags,
+ "L_ADMIN" => $lang['Admin'],
"L_USERNAME" => $lang['Username'],
"L_PASSWORD" => $lang['Password'],
"L_INDEX" => $lang['Forum_Index'],
diff --git a/phpBB/admin/pagestart.inc b/phpBB/admin/pagestart.inc
index a5960ed494..afd5d1d339 100644
--- a/phpBB/admin/pagestart.inc
+++ b/phpBB/admin/pagestart.inc
@@ -20,6 +20,8 @@
*
***************************************************************************/
+define("IN_ADMIN", true);
+
$phpbb_root_path = "../";
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
@@ -41,11 +43,11 @@ else if( $userdata['user_level'] != ADMIN )
message_die(GENERAL_MESSAGE, $lang['Not_admin']);
}
-if ($no_page_header != TRUE)
+if ( !$no_page_header )
{
// Not including the pageheader can be neccesarry if META tags are
// needed in the calling script.
include('page_header_admin.'.$phpEx);
}
-?>
+?> \ No newline at end of file