diff options
author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-10-14 15:46:53 +0000 |
---|---|---|
committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-10-14 15:46:53 +0000 |
commit | 4aeb685d3cba6c46642d2ba6105b706434fcee49 (patch) | |
tree | da3a9fb6736dfb939f2f0bcd989d13e68bf9b4db /phpBB/admin | |
parent | e31466a42f03d25d7a9e650f6e0b88b1ff0bb6c3 (diff) | |
download | forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.gz forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.bz2 forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.xz forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.zip |
Various updates, cleanups and support for URI based sessions ... more to come at some point
git-svn-id: file:///svn/phpbb/trunk@1179 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin')
-rw-r--r-- | phpBB/admin/admin_board.php | 7 | ||||
-rw-r--r-- | phpBB/admin/admin_db_utilities.php | 35 | ||||
-rw-r--r-- | phpBB/admin/admin_forum_prune.php | 3 | ||||
-rw-r--r-- | phpBB/admin/admin_forumauth.php | 41 | ||||
-rw-r--r-- | phpBB/admin/admin_forums.php | 272 | ||||
-rw-r--r-- | phpBB/admin/admin_groupauth.php | 129 | ||||
-rw-r--r-- | phpBB/admin/admin_groups.php | 214 | ||||
-rw-r--r-- | phpBB/admin/admin_mass_email.php | 30 | ||||
-rw-r--r-- | phpBB/admin/admin_ranks.php | 205 | ||||
-rw-r--r-- | phpBB/admin/admin_smilies.php | 87 | ||||
-rw-r--r-- | phpBB/admin/admin_styles.php | 49 | ||||
-rw-r--r-- | phpBB/admin/admin_user_ban.php | 17 | ||||
-rw-r--r-- | phpBB/admin/admin_userauth.php | 127 | ||||
-rw-r--r-- | phpBB/admin/admin_users.php | 91 | ||||
-rw-r--r-- | phpBB/admin/admin_words.php | 3 | ||||
-rw-r--r-- | phpBB/admin/index.php | 94 | ||||
-rw-r--r-- | phpBB/admin/page_footer_admin.php | 7 | ||||
-rw-r--r-- | phpBB/admin/page_header_admin.php | 2 | ||||
-rw-r--r-- | phpBB/admin/pagestart.inc | 6 |
19 files changed, 691 insertions, 728 deletions
diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index e89e6aeb84..da780cac3f 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -22,12 +22,11 @@ if($setmodules == 1) // Let's set the root dir for phpBB // $phpbb_root_dir = "./../"; +require('pagestart.inc'); // -// Include required files, get $phpEx and check permissions // -require('pagestart.inc'); - +// $sql = "SELECT * FROM " . CONFIG_TABLE; if(!$result = $db->sql_query($sql)) @@ -97,7 +96,7 @@ $smtp_yes = ($new['smtp_delivery']) ? "checked=\"checked\"" : ""; $smtp_no = (!$new['smtp_delivery']) ? "checked=\"checked\"" : ""; $template->set_filenames(array( - "body" => "admin/admin_config_body.tpl") + "body" => "admin/board_config_body.tpl") ); $template->assign_vars(array( diff --git a/phpBB/admin/admin_db_utilities.php b/phpBB/admin/admin_db_utilities.php index 4d983f19bd..e4045a79af 100644 --- a/phpBB/admin/admin_db_utilities.php +++ b/phpBB/admin/admin_db_utilities.php @@ -37,29 +37,13 @@ if($setmodules == 1) return; } -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); // -// Start session management +// Load default header // -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); -// -// End session management -// - -// -// Is user logged in? If yes are they an admin? -// -if( !$userdata['session_logged_in'] ) -{ - header("Location: ../login.$phpEx?forward_page=admin/"); -} -else if( $userdata['user_level'] != ADMIN ) -{ - message_die(GENERAL_MESSAGE, $lang['Not_admin']); -} +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; +require('pagestart.inc'); +include($phpbb_root_path . 'includes/sql_parse.'.$phpEx); // // Set VERBOSE to 1 for debugging info.. @@ -72,16 +56,9 @@ define("VERBOSE", 0); // @set_time_limit(1200); -// -// Pull in the functions for splitting an sql file into individual statements -// - -include($phpbb_root_path . 'includes/sql_parse.'.$phpEx); - -// +// ----------------------- // The following functions are adapted from phpMyAdmin and upgrade_20.php // - // // This function is used for grabbing the sequences for postgres... // diff --git a/phpBB/admin/admin_forum_prune.php b/phpBB/admin/admin_forum_prune.php index b8f4242188..f22ecffd45 100644 --- a/phpBB/admin/admin_forum_prune.php +++ b/phpBB/admin/admin_forum_prune.php @@ -41,8 +41,9 @@ if( $setmodules == 1 ) } // -// Include required files, get $phpEx and check permissions +// Load default header // +$phpbb_root_dir = "./../"; require('pagestart.inc'); include($phpbb_root_path . 'includes/prune.php'); diff --git a/phpBB/admin/admin_forumauth.php b/phpBB/admin/admin_forumauth.php index 350f0031e4..6ea86354fb 100644 --- a/phpBB/admin/admin_forumauth.php +++ b/phpBB/admin/admin_forumauth.php @@ -20,6 +20,8 @@ * ***************************************************************************/ +define("IN_ADMIN", true); + if($setmodules == 1) { $filename = basename(__FILE__); @@ -29,10 +31,13 @@ if($setmodules == 1) } // -// Include required files, get $phpEx and check permissions +// Load default header // +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; require('pagestart.inc'); + // // Start program - define vars // @@ -67,7 +72,7 @@ $forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN); if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL])) { - $forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL]; + $forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? intval($HTTP_POST_VARS[POST_FORUM_URL]) : intval($HTTP_GET_VARS[POST_FORUM_URL]); $forum_sql = "AND forum_id = $forum_id"; } else @@ -78,7 +83,7 @@ else if( isset($HTTP_GET_VARS['adv']) ) { - $adv = $HTTP_GET_VARS['adv']; + $adv = intval($HTTP_GET_VARS['adv']); } else { @@ -88,7 +93,7 @@ else // // Start program proper // -if(isset($HTTP_POST_VARS['submit'])) +if( isset($HTTP_POST_VARS['submit']) ) { $sql = ""; @@ -124,6 +129,15 @@ if(isset($HTTP_POST_VARS['submit'])) $value = $HTTP_POST_VARS['auth_view']; } } + + if($forum_auth_fields[$i] == 'auth_vote') + { + if( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL ) + { + $value = AUTH_REG; + } + } + $sql .= $forum_auth_fields[$i] . " = " . $value; if($i < count($forum_auth_fields) - 1) { @@ -143,11 +157,16 @@ if(isset($HTTP_POST_VARS['submit'])) } } - unset($forum_id); $forum_sql = ""; $adv = 0; - } + + $template->assign_vars(array( + "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">') + ); + $message = $lang['Forum_auth_updated'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> " . $lang['return_forum_auth_admin']; + message_die(GENERAL_MESSAGE, $message); + } // @@ -164,7 +183,7 @@ $f_result = $db->sql_query($sql); $forum_rows = $db->sql_fetchrowset($f_result); -if(empty($forum_id)) +if( empty($forum_id) ) { // // Output the selection table if no forum id was @@ -234,7 +253,7 @@ else if( empty($adv) ) { - $simple_auth = " <select name=\"simpleauth\">"; + $simple_auth = "<select name=\"simpleauth\">"; for($j = 0; $j < count($simple_auth_types); $j++) { @@ -250,7 +269,7 @@ else } } - $simple_auth .= "</select> "; + $simple_auth .= "</select>"; $template->assign_block_vars("forum_auth_titles", array( "CELL_TITLE" => $lang['Simple_mode']) @@ -299,7 +318,7 @@ else } } - $switch_mode = "admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv="; + $switch_mode = append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv="); $switch_mode .= ( empty($adv) ) ? "1" : "0"; $switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode']; $u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>'; @@ -323,6 +342,8 @@ else } +include('page_header_admin.'.$phpEx); + $template->pparse("body"); include('page_footer_admin.'.$phpEx); diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index 7efe772510..6fe927c24b 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -22,9 +22,24 @@ if($setmodules==1) { - $file = basename(__FILE__); - $module['Forums']['Manage'] = $file; - return; + $file = basename(__FILE__); + $module['Forums']['Manage'] = $file; + return; +} + +// +// Load default header +// +$phpbb_root_dir = "./../"; +require('pagestart.inc'); + +if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +{ + $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; +} +else +{ + $mode = ""; } // ------------------ @@ -189,106 +204,121 @@ function renumber_order($mode, $cat = 0) // ------------------ // -// Include required files, get $phpEx and check permissions +// Begin program proper // -require('pagestart.inc'); - -if (isset($HTTP_POST_VARS['mode'])) +if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory']) ) { - $mode = $HTTP_POST_VARS['mode']; -} -elseif (isset($HTTP_GET_VARS['mode'])) -{ - $mode = $HTTP_GET_VARS['mode']; -} -else -{ - unset($mode); + $mode = ( isset($HTTP_POST_VARS['addforum']) ) ? "addforum" : "addcat"; + + if( $mode == "addforum" ) + { + list($cat_id) = each($HTTP_POST_VARS['addforum']); + $forumname = $HTTP_POST_VARS['forumname'][$cat_id]; + } } -if(isset($mode)) // Are we supposed to do something? +if( !empty($mode) ) { switch($mode) { case 'addforum': case 'editforum': + // // Show form to create/modify a forum + // if ($mode == 'editforum') { // $newmode determines if we are going to INSERT or UPDATE after posting? + + $l_title = $lang['Edit_forum']; $newmode = 'modforum'; - $buttonvalue = 'Change'; + $buttonvalue = $lang['Update']; - $forum_id = $HTTP_GET_VARS['forum_id']; + $forum_id = intval($HTTP_GET_VARS['forum_id']); $row = get_info('forum', $forum_id); - $forumname = $row['forum_name']; + $cat_id = $row['cat_id']; + $forumname = $row['forum_name']; $forumdesc = $row['forum_desc']; $forumstatus = $row['forum_status']; + // // start forum prune stuff. // - if( $row['prune_enable'] == 1 ) + if( $row['prune_enable'] ) { $prune_enabled = "checked=\"checked\""; $sql = "SELECT * - FROM " . PRUNE_TABLE . " - WHERE forum_id = $forum_id"; + FROM " . PRUNE_TABLE . " + WHERE forum_id = $forum_id"; if(!$pr_result = $db->sql_query($sql)) { message_die(GENERAL_ERROR, "Auto-Prune: Couldn't read auto_prune table.", __LINE__, __FILE__); } + $pr_row = $db->sql_fetchrow($pr_result); } + else + { + $prune_enabled = ''; + } } else { + $l_title = $lang['Create_forum']; $newmode = 'createforum'; - $buttonvalue = 'Create'; + $buttonvalue = $lang['Create_forum']; - $forumname = stripslashes($HTTP_POST_VARS['forumname']); - $cat_id = $HTTP_POST_VARS['cat_id']; $forumdesc = ''; $forumstatus = FORUM_UNLOCKED; - $forum_id = ''; + $forum_id = ''; + $prune_enabled = ''; } $catlist = get_list('category', $cat_id, TRUE); - $forumstatus == FORUM_LOCKED ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\""; - $statuslist = "<option value=\"".FORUM_UNLOCKED."\" $forumunlocked>Unlocked</option>\n"; - $statuslist .= "<option value=\"".FORUM_LOCKED."\" $forumlocked>Locked</option>\n"; + $forumstatus == ( FORUM_LOCKED ) ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\""; + $statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>Unlocked</option>\n"; + $statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>Locked</option>\n"; $template->set_filenames(array( "body" => "admin/forum_edit_body.tpl") ); + $template->assign_vars(array( - 'FORUMNAME' => $forumname, - 'DESCRIPTION' => $forumdesc, - 'S_FORUM_ACTION' => $PHP_SELF, + 'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"), 'S_CATLIST' => $catlist, 'S_STATUSLIST' => $statuslist, 'S_FORUMID' => $forum_id, 'S_NEWMODE' => $newmode, - 'S_PRUNE_EN' => $prune_enabled, - 'S_PRUNE_DAYS' => $pr_row['prune_days'], - 'S_PRUNE_FREQ' => $pr_row['prune_freq'], + 'S_PRUNE_ENABLED' => $prune_enabled, + 'S_PRUNE_DAYS' => ( isset($pr_row['prune_days']) ) ? $pr_row['prune_days'] : 7, + 'S_PRUNE_FREQ' => ( isset($pr_row['prune_freq']) ) ? $pr_row['prune_freq'] : 1, + + "L_FORUM_TITLE" => $l_title, + "L_FORUM_EXPLAIN" => $lang['Forum_edit_delete_explain'], 'L_ENABLED' => $lang['Enabled'], 'L_PRUNE_DAYS' => $lang['prune_days'], 'L_PRUNE_FREQ' => $lang['prune_freq'], 'L_DAYS' => $lang['days'], + + 'FORUMNAME' => $forumname, + 'DESCRIPTION' => $forumdesc, 'BUTTONVALUE' => $buttonvalue) ); $template->pparse("body"); break; case 'createforum': + // // Create a forum in the DB - if( trim($HTTP_POST_VARS['forumname']) == '') + // + if( trim($HTTP_POST_VARS['forumname']) == "" ) { message_die(GENERAL_ERROR, "Can't create a forum without a name"); } + $sql = "SELECT MAX(forum_order) AS max_order FROM " . FORUMS_TABLE . " WHERE cat_id = " . $HTTP_POST_VARS['cat_id']; @@ -302,23 +332,24 @@ if(isset($mode)) // Are we supposed to do something? $next_order = $max_order + 1; // There is no problem having duplicate forum names so we won't check for it. - $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status) - VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . $HTTP_POST_VARS['cat_id'] . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . $HTTP_POST_VARS['forumstatus'] . ")"; + $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable) + VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . intval($HTTP_POST_VARS['cat_id']) . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . intval($HTTP_POST_VARS['forumstatus']) . ", " . intval($HTTP_POST_VARS['prune_enable']) . ")"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql); } - if( $HTTP_POST_VARS['prune_enable'] == TRUE ) + if( $HTTP_POST_VARS['prune_enable'] ) { $new_forum_id = $db->sql_nextid(); + if($HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "") { - message_die(GENERAL_ERROR, $lang['Set_prune_data'], $lang['Error']); + message_die(GENERAL_MESSAGE, $lang['Set_prune_data']); } $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq) - VALUES($new_forum_id, " . $HTTP_POST_VARS['prune_days'] . ", " . $HTTP_POST_VARS['prune_freq'] . ")"; + VALUES($new_forum_id, " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't insert row in prune table", "", __LINE__, __FILE__, $sql); @@ -334,6 +365,7 @@ if(isset($mode)) // Are we supposed to do something? { $HTTP_POST_VARS['prune_enable'] = 0; } + $sql = "UPDATE " . FORUMS_TABLE . " SET forum_name = '" . $HTTP_POST_VARS['forumname'] . "', cat_id = " . $HTTP_POST_VARS['cat_id'] . ", forum_desc = '" . $HTTP_POST_VARS['forumdesc'] . "', forum_status = " . $HTTP_POST_VARS['forumstatus'] . ", prune_enable = " . $HTTP_POST_VARS['prune_enable'] . " WHERE forum_id = ".$HTTP_POST_VARS['forum_id']; @@ -346,7 +378,7 @@ if(isset($mode)) // Are we supposed to do something? { if($HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "") { - message_die(GENERAL_ERROR, $lang['Set_prune_data'], $lang['Error']); + message_die(GENERAL_MESSAGE, $lang['Set_prune_data']); } $sql = "SELECT * @@ -379,10 +411,11 @@ if(isset($mode)) // Are we supposed to do something? case 'addcat': // Create a category in the DB - if( trim($HTTP_POST_VARS['catname']) == '') + if( trim($HTTP_POST_VARS['categoryname']) == '') { message_die(GENERAL_ERROR, "Can't create a category without a name"); } + $sql = "SELECT MAX(cat_order) AS max_order FROM " . CATEGORIES_TABLE; if( !$result = $db->sql_query($sql) ) @@ -398,7 +431,7 @@ if(isset($mode)) // Are we supposed to do something? // There is no problem having duplicate forum names so we won't check for it. // $sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order) - VALUES ('" . $HTTP_POST_VARS['catname'] . "', $next_order)"; + VALUES ('" . $HTTP_POST_VARS['categoryname'] . "', $next_order)"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql); @@ -467,10 +500,12 @@ if(isset($mode)) // Are we supposed to do something? break; case 'movedelforum': + // // Move or delete a forum in the DB - $from_id = $HTTP_POST_VARS['from_id']; - $to_id = $HTTP_POST_VARS['to_id']; - $delete_old = $HTTP_POST_VARS['delete_old']; + // + $from_id = intval($HTTP_POST_VARS['from_id']); + $to_id = intval($HTTP_POST_VARS['to_id']); + $delete_old = intval($HTTP_POST_VARS['delete_old']); // Either delete or move all posts in a forum @@ -517,11 +552,15 @@ if(isset($mode)) // Are we supposed to do something? } $show_index = TRUE; + break; case 'deletecat': + // // Show form to delete a category - $cat_id = $HTTP_GET_VARS['cat_id']; + // + $cat_id = intval($HTTP_GET_VARS['cat_id']); + $buttonvalue = "Move&Delete"; $newmode = 'movedelcat'; $catinfo = get_info('category', $cat_id); @@ -537,7 +576,7 @@ if(isset($mode)) // Are we supposed to do something? } $count = $db->sql_fetchrow($result); $count = $count['total']; - print "count = $count"; + if ($count > 0) { message_die(GENERAL_ERROR, "You need to delete all forums before you can delete this category"); @@ -559,7 +598,7 @@ if(isset($mode)) // Are we supposed to do something? ); $template->assign_vars(array( 'NAME' => $name, - 'S_FORUM_ACTION' => $PHP_SELF, + 'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"), 'S_FROM_ID' => $cat_id, 'S_SELECT_TO' => $select_to, 'S_NEWMODE' => $newmode, @@ -569,9 +608,11 @@ if(isset($mode)) // Are we supposed to do something? break; case 'movedelcat': + // // Move or delete a category in the DB - $from_id = $HTTP_POST_VARS['from_id']; - $to_id = $HTTP_POST_VARS['to_id']; + // + $from_id = intval($HTTP_POST_VARS['from_id']); + $to_id = intval($HTTP_POST_VARS['to_id']); if (isset($to_id)) { @@ -604,13 +645,18 @@ if(isset($mode)) // Are we supposed to do something? } $show_index = TRUE; + break; case 'forum_order': + // // Change order of forums in the DB - $move = $HTTP_GET_VARS['move']; - $forum_id = $HTTP_GET_VARS['forum_id']; + // + $move = intval($HTTP_GET_VARS['move']); + $forum_id = intval($HTTP_GET_VARS['forum_id']); + $forum_info = get_info('forum', $forum_id); + $cat_id = $forum_info['cat_id']; $sql = "UPDATE " . FORUMS_TABLE . " @@ -620,14 +666,18 @@ if(isset($mode)) // Are we supposed to do something? { message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql); } + renumber_order('forum', $forum_info['cat_id']); $show_index = TRUE; + break; case 'cat_order': + // // Change order of categories in the DB - $move = $HTTP_GET_VARS['move']; - $cat_id = $HTTP_GET_VARS['cat_id']; + // + $move = intval($HTTP_GET_VARS['move']); + $cat_id = intval($HTTP_GET_VARS['cat_id']); $sql = "UPDATE " . CATEGORIES_TABLE . " SET cat_order = cat_order + $move @@ -636,17 +686,20 @@ if(isset($mode)) // Are we supposed to do something? { message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql); } + renumber_order('category'); $show_index = TRUE; + break; case 'forum_sync': - sync('forum', $HTTP_GET_VARS['forum_id']); + sync('forum', intval($HTTP_GET_VARS['forum_id'])); $show_index = TRUE; + break; default: - message_die(GENERAL_ERROR, "Oops! Wrong mode.."); + message_die(GENERAL_MESSAGE, $lang['No_mode']); break; } if ($show_index != TRUE) @@ -660,18 +713,30 @@ if(isset($mode)) // Are we supposed to do something? // Start page proper // $template->set_filenames(array( - "body" => "admin/forums_body.tpl") + "body" => "admin/forum_admin_body.tpl") +); + +$template->assign_vars(array( + "L_FORUM_TITLE" => $lang['Forum_admin'], + "L_FORUM_EXPLAIN" => $lang['Forum_admin_explain'], + "L_CREATE_FORUM" => $lang['Create_forum'], + "L_CREATE_CATEGORY" => $lang['Create_category'], + "L_EDIT" => $lang['Edit'], + "L_DELETE" => $lang['Delete'], + "L_MOVE_UP" => $lang['Move_up'], + "L_MOVE_DOWN" => $lang['Move_down'], + "L_RESYNC" => $lang['Resync']) ); $sql = "SELECT cat_id, cat_title, cat_order FROM " . CATEGORIES_TABLE . " ORDER BY cat_order"; -if(!$q_categories = $db->sql_query($sql)) +if( !$q_categories = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Could not query categories list", "", __LINE__, __FILE__, $sql); } -if($total_categories = $db->sql_numrows($q_categories)) +if( $total_categories = $db->sql_numrows($q_categories) ) { $category_rows = $db->sql_fetchrowset($q_categories); @@ -685,9 +750,12 @@ if($total_categories = $db->sql_numrows($q_categories)) if( !$total_forums = $db->sql_numrows($q_forums) ) { - // We don't have any forums - + $lang['No_forums']; + + $template->assign_block_vars("no_forums", array()); + } + $forum_rows = $db->sql_fetchrowset($q_forums); // @@ -695,76 +763,56 @@ if($total_categories = $db->sql_numrows($q_categories)) // $gen_cat = array(); - for($i = 0; $i < $total_categories; $i++) { $cat_id = $category_rows[$i]['cat_id']; - $template->assign_block_vars("catrow", array( - "CAT_ID" => $cat_id, - "CAT_DESC" => stripslashes($category_rows[$i]['cat_title']), - "CAT_EDIT" => "<a href='".append_sid("$PHP_SELF?mode=editcat&cat_id=$cat_id")."'>Edit</a>", - "CAT_DELETE" => "<a href='".append_sid("$PHP_SELF?mode=deletecat&cat_id=$cat_id")."'>Delete</a>", - "CAT_UP" => "<a href='".append_sid("$PHP_SELF?mode=cat_order&move=-15&cat_id=$cat_id")."'>Move up</a>", - "CAT_DOWN" => "<a href='".append_sid("$PHP_SELF?mode=cat_order&move=15&cat_id=$cat_id")."'>Move down</a>", - "U_VIEWCAT" => append_sid($phpbb_root_path."index.$phpEx?viewcat=$cat_id"), - "U_ADDFORUM" => append_sid("$PHP_SELF?mode=addforum&cat_id=$cat_id"), - "ADDFORUM" => "Add Forum") - ); + + $template->assign_block_vars("catrow", array( + "S_ADD_FORUM_SUBMIT" => "addforum[$cat_id]", + "S_ADD_FORUM_NAME" => "forumname[$cat_id]", + + "CAT_ID" => $cat_id, + "CAT_DESC" => $category_rows[$i]['cat_title'], + + "U_CAT_EDIT" => append_sid("admin_forums.$phpEx?mode=editcat&cat_id=$cat_id"), + "U_CAT_DELETE" => append_sid("admin_forums.$phpEx?mode=deletecat&cat_id=$cat_id"), + "U_CAT_MOVE_UP" => append_sid("admin_forums.$phpEx?mode=cat_order&move=-15&cat_id=$cat_id"), + "U_CAT_MOVE_DOWN" => append_sid("admin_forums.$phpEx?mode=cat_order&move=15&cat_id=$cat_id"), + "U_VIEWCAT" => append_sid($phpbb_root_path."index.$phpEx?viewcat=$cat_id")) + ); for($j = 0; $j < $total_forums; $j++) { $forum_id = $forum_rows[$j]['forum_id']; - // Don't display this forum unless it's in this category.. if ($forum_rows[$j]['cat_id'] == $cat_id) { - // - // This should end up in the template using IF...ELSE...ENDIF - // - $row_color == "#DDDDDD" ? $row_color = "#CCCCCC" : $row_color = "#DDDDDD"; - + $template->assign_block_vars("catrow.forumrow", array( - "FORUM_NAME" => stripslashes($forum_rows[$j]['forum_name']), - "FORUM_DESC" => stripslashes($forum_rows[$j]['forum_desc']), + "FORUM_NAME" => $forum_rows[$j]['forum_name'], + "FORUM_DESC" => $forum_rows[$j]['forum_desc'], "ROW_COLOR" => $row_color, "NUM_TOPICS" => $forum_rows[$j]['forum_topics'], "NUM_POSTS" => $forum_rows[$j]['forum_posts'], - "U_VIEWFORUM" => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&" . $forum_rows[$j]['forum_posts']), - "FORUM_EDIT" => "<a href='".append_sid("$PHP_SELF?mode=editforum&forum_id=$forum_id")."'>Edit</a>", - "FORUM_DELETE" => "<a href='".append_sid("$PHP_SELF?mode=deleteforum&forum_id=$forum_id")."'>Delete</a>", - "FORUM_UP" => "<a href='".append_sid("$PHP_SELF?mode=forum_order&move=-15&forum_id=$forum_id")."'>Move up</a>", - "FORUM_DOWN" => "<a href='".append_sid("$PHP_SELF?mode=forum_order&move=15&forum_id=$forum_id")."'>Move down</a>", - "FORUM_SYNC" => "<a href='".append_sid("$PHP_SELF?mode=forum_sync&forum_id=$forum_id")."'>Sync</a>") + + "U_VIEWFORUM" => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&" . $forum_rows[$j]['forum_posts']), + "U_FORUM_EDIT" => append_sid("admin_forums.$phpEx?mode=editforum&forum_id=$forum_id"), + "U_FORUM_DELETE" => append_sid("admin_forums.$phpEx?mode=deleteforum&forum_id=$forum_id"), + "U_FORUM_MOVE_UP" => append_sid("admin_forums.$phpEx?mode=forum_order&move=-15&forum_id=$forum_id"), + "U_FORUM_MOVE_DOWN" => append_sid("admin_forums.$phpEx?mode=forum_order&move=15&forum_id=$forum_id"), + "U_FORUM_RESYNC" => append_sid("admin_forums.$phpEx?mode=forum_sync&forum_id=$forum_id")) ); + }// if ... forumid == catid } // for ... forums - $template->assign_block_vars("catrow.forumrow", array( - "S_ADDFORUM" => '<FORM METHOD="POST" ACTION="'.append_sid($PHP_SELF).'"> - <INPUT TYPE="text" NAME="forumname"> - <INPUT TYPE="hidden" NAME="cat_id" VALUE="'.$cat_id.'"> - <INPUT TYPE="hidden" NAME="mode" VALUE="addforum"> - <INPUT TYPE="submit" NAME="submit" VALUE="Create new Forum">', - "S_ADDFORUM_ENDFORM" => "</FORM>") - ); + } // for ... categories -}// if ... total_categories -$template->assign_block_vars("catrow", array( - "S_ADDCAT" => '<FORM METHOD="POST" ACTION="'.append_sid($PHP_SELF).'"> - <INPUT TYPE="text" NAME="catname"> - <INPUT TYPE="hidden" NAME="mode" VALUE="addcat"> - <INPUT TYPE="submit" NAME="submit" VALUE="Create new category">', - "S_ADDCAT_ENDFORM" => "</FORM>") -); +}// if ... total_categories -// -// Generate the page -// $template->pparse("body"); -// -// Page Footer -// include('page_footer_admin.'.$phpEx); + ?>
\ No newline at end of file diff --git a/phpBB/admin/admin_groupauth.php b/phpBB/admin/admin_groupauth.php index 4a36bbf932..c51e797eba 100644 --- a/phpBB/admin/admin_groupauth.php +++ b/phpBB/admin/admin_groupauth.php @@ -28,30 +28,12 @@ if($setmodules == 1) return; } -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); - -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); -// -// End session management -// - // -// Is user logged in? If yes are they an admin? +// Load default header // -if( !$userdata['session_logged_in'] ) -{ - header("Location: ../login.$phpEx?forward_page=admin/"); -} -else if( $userdata['user_level'] != ADMIN ) -{ - message_die(GENERAL_MESSAGE, $lang['Not_admin']); -} +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; +require('pagestart.inc'); // // Start program - define vars @@ -126,10 +108,13 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin) // ------------- -if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL])) +if( isset($HTTP_POST_VARS['submit']) && ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) ) ) { - $group_id = $HTTP_POST_VARS[POST_GROUPS_URL]; - $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE; + // + // Front end + // + $group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); + $adv = ( isset($HTTP_POST_VARS['adv']) ) ? TRUE : 0; // // This is where things become fun ... @@ -163,14 +148,9 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL])) AND u.user_id = ug2.user_id AND g2.group_id = ug2.group_id AND aa2.group_id = g2.group_id"; -/* - $sql = "SELECT aa.*, g.group_single_user, g.group_id, g.group_name - FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g - WHERE g.group_id = $group_id - AND aa.group_id = g.group_id";*/ $ag_result = $db->sql_query($sql); - if($num_g_access = $db->sql_numrows($ag_result)) + if( $num_g_access = $db->sql_numrows($ag_result) ) { $g_access = $db->sql_fetchrowset($ag_result); } @@ -519,58 +499,13 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL])) } } -else if(empty($HTTP_GET_VARS[POST_GROUPS_URL])) -{ - // - // Default user selection box - // - // This should be altered on the final system - // - - $sql = "SELECT group_id, group_name - FROM " . GROUPS_TABLE . " - WHERE group_single_user <> " . TRUE; - $g_result = $db->sql_query($sql); - $group_list = $db->sql_fetchrowset($g_result); - - $select_list = "<select name=\"" . POST_GROUPS_URL . "\">"; - for($i = 0; $i < count($group_list); $i++) - { - $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>"; - } - $select_list .= "</select>"; - - include('page_header_admin.'.$phpEx); - - $template->set_filenames(array( - "body" => "admin/auth_select_body.tpl") - ); - - $template->assign_vars(array( - "L_AUTH_TITLE" => $lang['Group'] . " " . $lang['Auth_Control'], - "L_AUTH_EXPLAIN" => $lang['Group_auth_explain'], - "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['Group'], - "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'], - - "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"), - "S_AUTH_SELECT" => $select_list) - ); - -} -else +else if( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) ) { // // Front end // - $group_id = $HTTP_GET_VARS[POST_GROUPS_URL]; - if( isset($HTTP_GET_VARS['adv']) ) - { - $adv = $HTTP_GET_VARS['adv']; - } - else - { - $adv = FALSE; - } + $group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); + $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0; include('page_header_admin.'.$phpEx); @@ -902,7 +837,43 @@ else "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"), "S_HIDDEN_FIELDS" => $s_hidden_fields) ); +} +else +{ + // + // Default user selection box + // + // This should be altered on the final system + // + $sql = "SELECT group_id, group_name + FROM " . GROUPS_TABLE . " + WHERE group_single_user <> " . TRUE; + $g_result = $db->sql_query($sql); + $group_list = $db->sql_fetchrowset($g_result); + + $select_list = "<select name=\"" . POST_GROUPS_URL . "\">"; + for($i = 0; $i < count($group_list); $i++) + { + $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>"; + } + $select_list .= "</select>"; + + include('page_header_admin.'.$phpEx); + + $template->set_filenames(array( + "body" => "admin/auth_group_select_body.tpl") + ); + + $template->assign_vars(array( + "L_AUTH_TITLE" => $lang['Group'] . " " . $lang['Auth_Control'], + "L_AUTH_EXPLAIN" => $lang['Group_auth_explain'], + "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['Group'], + "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'], + + "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"), + "S_AUTH_SELECT" => $select_list) + ); } $template->pparse("body"); diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php index 9361bab9e0..c9f8653e53 100644 --- a/phpBB/admin/admin_groups.php +++ b/phpBB/admin/admin_groups.php @@ -29,39 +29,27 @@ if($setmodules == 1) } // -// Include required files, get $phpEx and check permissions +// Load default header // -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); +$phpbb_root_dir = "./../"; +require('pagestart.inc'); -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); -// -// End session management -// -if( !$userdata['session_logged_in'] ) +if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) { - header("Location: ../login.$phpEx?forward_page=admin/"); + $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? $HTTP_POST_VARS[POST_GROUPS_URL] : $HTTP_GET_VARS[POST_GROUPS_URL]; } -else if( $userdata['user_level'] != ADMIN ) +else { - message_die(GENERAL_MESSAGE, $lang['Not_admin']); + $group_id = ""; } -$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : ((isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : ""); -if($mode && empty($HTTP_POST_VARS['updategroup'])) +if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) { - // // Ok they are editing a group or creating a new group // - include("page_header_admin." . $phpEx); - if ( $mode == "editgroup" ) + if ( isset($HTTP_POST_VARS['edit']) ) { // // They're editing. Grab the vars. @@ -69,7 +57,7 @@ if($mode && empty($HTTP_POST_VARS['updategroup'])) $sql = "SELECT * FROM " . GROUPS_TABLE . " WHERE group_single_user <> " . TRUE . " - AND group_id = " . $g; + AND group_id = $group_id"; if(!$result = $db->sql_query($sql)) { message_die(GENERAL_ERROR, "Error getting group information", "", __LINE__, __FILE__, $sql); @@ -79,8 +67,11 @@ if($mode && empty($HTTP_POST_VARS['updategroup'])) message_die(GENERAL_MESSAGE, "That user group does not exist"); } $group_info = $db->sql_fetchrow($result); + + $mode = "editgroup"; + } - else if ($mode == "newgroup") + else if( isset($HTTP_POST_VARS['new']) ) { $group_info = array ( "group_name" => "", @@ -89,6 +80,9 @@ if($mode && empty($HTTP_POST_VARS['updategroup'])) "group_type" => "1" ); $group_open = "checked=\"checked\""; + + $mode = "newgroup"; + } // // Ok, now we know everything about them, let's show the page. @@ -98,34 +92,36 @@ if($mode && empty($HTTP_POST_VARS['updategroup'])) WHERE user_id <> " . ANONYMOUS . " ORDER BY username"; $u_result = $db->sql_query($sql); + if( !$u_result ) + { + message_die(GENERAL_ERROR, "Couldn't obtain user info for moderator list", "", __LINE__, __FILE__, $sql); + } + $user_list = $db->sql_fetchrowset($u_result); $select_list = "<select name=\"group_moderator\">"; for($i = 0; $i < count($user_list); $i++) { - if( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) - { - $select_list .= "<option selected value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>"; - } - else - { - $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>"; - } + $selected = ( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) ? "selected=\"selected\"" : ""; + $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\"$selected>" . $user_list[$i]['username'] . "</option>"; } $select_list .= "</select>"; + + $group_open = ( !empty($group_info['group_type']) ) ? "checked=\"checked\"" : ""; + $group_closed = ( empty($group_info['group_type']) ) ? "checked=\"checked\"" : ""; + $template->set_filenames(array( "body" => "admin/group_edit_body.tpl") ); - if( !empty($group_info['group_type']) ) - { - $group_open = "checked=\"checked\""; - } - else - { - $group_closed = "checked=\"checked\""; - } + + $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />'; + $template->assign_vars(array( - "L_GROUP_INFO" => $lang['Group_edit_explain'], + "GROUP_NAME" => $group_info['group_name'], + "GROUP_DESCRIPTION" => $group_info['group_description'], + + "L_GROUP_TITLE" => $lang['Group'] . " " . $lang['Admin'], + "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], "L_GROUP_NAME" => $lang['group_name'], "L_GROUP_DESCRIPTION" => $lang['group_description'], "L_GROUP_MODERATOR" => $lang['group_moderator'], @@ -137,108 +133,95 @@ if($mode && empty($HTTP_POST_VARS['updategroup'])) "L_SUBMIT" => $lang['submit_group_changes'], "L_RESET" => $lang['reset_group_changes'], - "S_GROUP_NAME" => $group_info['group_name'], - "S_GROUP_DESCRIPTION" => $group_info['group_description'], - "S_GROUP_MODERATOR" => $select_list, + "S_SELECT_MODERATORS" => $select_list, "S_GROUP_OPEN_CHECKED" => $group_open, "S_GROUP_CLOSED_CHECKED" => $group_closed, "S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"), - "S_GROUP_MODE" => $mode, - "GROUP_ID" => $g) + "S_HIDDEN_FIELDS" => $s_hidden_fields) ); + $template->pparse('body'); + } -else if($mode && $HTTP_POST_VARS['updategroup'] == "update" ) +else if( isset($HTTP_POST_VARS['group_update']) ) { // // Ok, they are submitting a group, let's save the data based on if it's new or editing // - if( isset($HTTP_POST_VARS['deletegroup']) ) + if( isset($HTTP_POST_VARS['group_delete']) ) { $sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = " . $group_id; + if ( !$result = $db->sql_query($sql) ) + { + message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql); + } + + message_die(GENERAL_MESSAGE, $lang['Deleted_group']); } else { $group_type = isset($HTTP_POST_VARS['group_type']) ? $HTTP_POST_VARS['group_type'] : ""; $group_name = isset($HTTP_POST_VARS['group_name']) ? $HTTP_POST_VARS['group_name'] : ""; $group_description = isset($HTTP_POST_VARS['group_description']) ? $HTTP_POST_VARS['group_description'] : ""; - $group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? $HTTP_POST_VARS['group_moderator'] : ""; - $group_id = isset($HTTP_POST_VARS['group_id']) ? $HTTP_POST_VARS['group_id'] : ""; + $group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? intval($HTTP_POST_VARS['group_moderator']) : ""; + + if( $group_name == "" ) + { + message_die(GENERAL_MESSAGE, $lang['No_group_name']); + } + else if( $group_moderator == "" ) + { + message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); + } + else if( $group_type == "" ) + { + message_die(GENERAL_MESSAGE, $lang['No_group_mode']); + } - switch($mode) + if( $mode == "editgroup" ) { - case 'editgroup': - $sql = "UPDATE " . GROUPS_TABLE . " - SET group_type = '" . $group_type . "', - group_name = '" . $group_name . "', - group_description = '" . $group_description . "', - group_moderator = '" . $group_moderator . "' - WHERE group_id = '" . $group_id . "'"; - break; - - case 'newgroup': - $sql = "INSERT INTO " . GROUPS_TABLE . " - ( - group_type, - group_name, - group_description, - group_moderator, - group_single_user - ) - VALUES - ( - '" . $group_type . "', - '" . $group_name . "', - '" . $group_description . "', - '" . $group_moderator . "', - '0' - )"; - break; - - case 'default': - message_die(GENERAL_ERROR, $lang['Group_mode_not_selected']); - break; + + echo $sql = "UPDATE " . GROUPS_TABLE . " + SET group_type = $group_type, group_name = '" . $group_name . "', group_description = '" . $group_description . "', group_moderator = $group_moderator + WHERE group_id = $group_id"; + if ( !$result = $db->sql_query($sql) ) + { + message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql); + } + + message_die(GENERAL_MESSAGE, $lang['Updated_group']); } - } - if ( !$result = $db->sql_query($sql) ) - { - $error = TRUE; - } - if ( $mode == "newgroup" ) - { - $new_group_id = $db->sql_nextid($result); - - $sql = "INSERT INTO " . USER_GROUP_TABLE . " - ( - group_id, - user_id, - user_pending - ) - VALUES - ( - '" . $new_group_id . "', - '" . $group_moderator . "', - '0' - )"; - if ( !$result = $db->sql_query($sql) ) + else if( $mode == "newgroup" ) { - $error = TRUE; + + $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user) + VALUES ($group_type, '" . $group_name . "', '" . $group_description . "', $group_moderator, '0')"; + if ( !$result = $db->sql_query($sql) ) + { + message_die(GENERAL_ERROR, "Couldn't insert new group", "", __LINE__, __FILE__, $sql); + } + + $new_group_id = $db->sql_nextid($result); + + $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) + VALUES ($new_group_id, $group_moderator, 0)"; + if ( !$result = $db->sql_query($sql) ) + { + message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql); + } + + message_die(GENERAL_MESSAGE, $lang['Added_new_group']); + + } + else + { + message_die(GENERAL_MESSAGE, $lang['Group_mode_not_selected']); } - } - if ( isset($error) ) - { - message_die(GENERAL_ERROR, $lang['Error_updating_groups'], $lang['Error'], __LINE__, __FILE__, $sql); - } - else - { - message_die(GENERAL_MESSAGE, $lang['Success_updating_groups'], $lang['Success']); } } else { - include("page_header_admin." . $phpEx); - $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " WHERE group_single_user <> " . TRUE . " @@ -262,7 +245,7 @@ else "L_GROUP_EXPLAIN" => $lang['Group_admin_explain'], "L_GROUP_SELECT" => $lang['Select_a'] . " " . $lang['Group'], "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'], - "L_GROUP_NEW" => $lang['New_group'], + "L_CREATE_NEW_GROUP" => $lang['New_group'], "S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"), "S_GROUP_SELECT" => $select_list) @@ -270,6 +253,7 @@ else $template->pparse('body'); } + include('page_footer_admin.'.$phpEx); ?>
\ No newline at end of file diff --git a/phpBB/admin/admin_mass_email.php b/phpBB/admin/admin_mass_email.php index 38d5cfd101..a3e3b0657a 100644 --- a/phpBB/admin/admin_mass_email.php +++ b/phpBB/admin/admin_mass_email.php @@ -32,30 +32,13 @@ if($setmodules == 1) return; } -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); - -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); // -// End session management +// Load default header // +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; +require('pagestart.inc'); -// -// Is user logged in? If yes are they an admin? -// -if( !$userdata['session_logged_in'] ) -{ - header("Location: ../login.$phpEx?forward_page=admin/"); -} -else if( $userdata['user_level'] != ADMIN ) -{ - message_die(GENERAL_MESSAGE, $lang['Not_admin']); -} // // Set VERBOSE to 1 for debugging info.. @@ -67,7 +50,10 @@ define("VERBOSE", 0); // allowed. // @set_time_limit(600); -//Set form names + +// +// Set form names +// $f_title = 'e_title'; $f_msg = 'e_msg'; diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index 18a2dd7c22..04d6c31474 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -31,12 +31,9 @@ if($setmodules == 1) // Let's set the root dir for phpBB // $phpbb_root_dir = "./../"; - -// -// Include required files, get $phpEx and check permissions -// require('pagestart.inc'); + if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; @@ -69,65 +66,50 @@ if( $mode != "" ) // They want to add a new rank, show the form. // - $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : 0; - - $template->set_filenames(array( - "body" => "admin/ranks_edit_body.tpl") - ); + $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; - $s_hidden_fields = ''; + $s_hidden_fields = ""; if( $mode == "edit" ) { - if( $rank_id ) + if( empty($rank_id) ) { - $sql = "SELECT * FROM " . RANKS_TABLE . " - WHERE rank_id = $rank_id"; - if(!$result = $db->sql_query($sql)) - { - - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => "Error querying ranks table") - ); - } - - $rank_info = $db->sql_fetchrow($result); - $s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />'; + message_die(GENERAL_MESSAGE, $lang['Must_select_rank']); } - else + + $sql = "SELECT * FROM " . RANKS_TABLE . " + WHERE rank_id = $rank_id"; + if(!$result = $db->sql_query($sql)) { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => $lang['Must_select_rank']) - ); - + message_die(GENERAL_ERROR, "Couldn't obtain rank data", "", __LINE__, __FILE__, $sql); } + + $rank_info = $db->sql_fetchrow($result); + $s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />'; + } else { $rank_info['rank_special'] = 0; } + $s_hidden_fields .= '<input type="hidden" name="mode" value="save" />'; - $rank_is_special = ( $rank_info['rank_special'] == 1 ) ? "checked=\"checked\"" : ""; - $rank_is_not_special = ( !($rank_info['rank_special'] == 1) ) ? "checked=\"checked\"" : ""; + + $rank_is_special = ( $rank_info['rank_special'] ) ? "checked=\"checked\"" : ""; + $rank_is_not_special = ( !$rank_info['rank_special'] ) ? "checked=\"checked\"" : ""; + $template->set_filenames(array( + "body" => "admin/ranks_edit_body.tpl") + ); + $template->assign_vars(array( "RANK" => $rank_info['rank_title'], "SPECIAL_RANK" => $rank_is_special, "NOT_SPECIAL_RANK" => $rank_is_not_special, "MINIMUM" => $rank_info['rank_min'], "MAXIMUM" => $rank_info['rank_max'], - "IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "http://", - "IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="'.$rank_info['rank_image'].'" />' : "", + "IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "", + "IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="' . $rank_info['rank_image'] . '" />' : "", "L_RANKS_TITLE" => $lang['Ranks_title'], "L_RANKS_TEXT" => $lang['Ranks_explain'], @@ -153,42 +135,35 @@ if( $mode != "" ) // Ok, they sent us our info, let's update it. // - $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : 0; + $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; $rank_title = ( isset($HTTP_POST_VARS['title']) ) ? $HTTP_POST_VARS['title'] : ""; - $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? 1 : 0; - $max_posts = ( isset($HTTP_POST_VARS['max_posts']) ) ? $HTTP_POST_VARS['max_posts'] : -1; - $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? $HTTP_POST_VARS['min_posts'] : -1; + $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0; + $max_posts = ( isset($HTTP_POST_VARS['max_posts']) ) ? intval($HTTP_POST_VARS['max_posts']) : -1; + $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1; $rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) || $HTTP_POST_VARS['rank_image'] != "http://" ) ? $HTTP_POST_VARS['rank_image'] : ""; + if( $rank_title == "" ) { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => $lang['Must_select_rank']) - ); + message_die(GENERAML_MESSAGE, $lang['Must_select_rank']); } + if( $special_rank == 1 ) { $max_posts = -1; $min_posts = -1; } - // The rank image has to start with http://, followed by something with length at least 3 that - // contains at least one dot. + + // + // The rank image has to be a jpg, gif or png + // if($rank_image != "") { - if( !ereg("^http\:\/\/", $rank_image) ) - { - $rank_image = "http://" . $rank_image; - } - - if (!preg_match("#^http\\:\\/\\/[a-z0-9\-]+\.[a-z0-9\-]+#i", $rank_image)) + if ( !preg_match("/(\.gif|\.png|\.jpg)$/is", $rank_image)) { $rank_image = ""; } } + if( $rank_id ) { $sql = "UPDATE " . RANKS_TABLE . " @@ -199,7 +174,7 @@ if( $mode != "" ) rank_min = '$min_posts', rank_image = '$rank_image' WHERE rank_id = $rank_id"; - $message_success = $lang['Rank_updated']; + $message = $lang['Rank_updated']; } else { @@ -207,31 +182,20 @@ if( $mode != "" ) (rank_title, rank_special, rank_max, rank_min, rank_image) VALUES ('$rank_title', '$special_rank', '$max_posts', '$min_posts', '$rank_image')"; - $message_success = $lang['Rank_added']; + $message = $lang['Rank_added']; } - if(!$result = $db->sql_query($sql)) - { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => "Couldn't update ranks table<br>SQL: ".$sql) - ); - } - else + if( !$result = $db->sql_query($sql) ) { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Success'], - "MESSAGE_TEXT" => $message_success) - ); + message_die(GENERAL_ERROR, "Couldn't update/insert into ranks table", "", __LINE__, __FILE__, $sql); } + + $template->assign_vars(array( + "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">') + ); + $message .= "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_ranks.$phpEx") . "\">" . $lang['Here'] . "</a> " . $lang['return_rank_admin']; + message_die(GENERAL_MESSAGE, $message); + } else if( $mode == "delete" ) { @@ -241,7 +205,7 @@ if( $mode != "" ) if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) { - $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id']; + $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); } else { @@ -255,37 +219,22 @@ if( $mode != "" ) if( !$result = $db->sql_query($sql)) { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => "Could not remove data from ranks table.") - ); - } - else - { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Success'], - "MESSAGE_TEXT" => $lang['Rank_removed']) - ); + message_die(GENERAL_ERROR, "Couldn't delete rank data", "", __LINE__, __FILE__, $sql); } + + $template->assign_vars(array( + "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">') + ); + $message = $lang['Rank_removed'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_ranks.$phpEx") . "\">" . $lang['Here'] . "</a> " . $lang['return_rank_admin']; + message_die(GENERAL_MESSAGE, $message); + } else { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => $lang['Must_select_rank']) + "META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">') ); + message_die(GENERAL_MESSAGE, $lang['Must_select_rank']); } } else @@ -302,14 +251,7 @@ if( $mode != "" ) ORDER BY rank_title"; if( !$result = $db->sql_query($sql) ) { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => "Could not query ranks table") - ); + message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql); } $rank_rows = $db->sql_fetchrowset($result); @@ -341,9 +283,10 @@ if( $mode != "" ) "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, "RANK" => $rank, - "SPECIAL_RANK" => ( $special_rank == 1 ) ? "Yes" : "No", - "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), - "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) + "SPECIAL_RANK" => ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'], + + "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), + "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) ); } } @@ -362,18 +305,11 @@ else ORDER BY rank_title"; if( !$result = $db->sql_query($sql) ) { - $template->set_filenames(array( - "body" => "admin/admin_message_body.tpl") - ); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Error'], - "MESSAGE_TEXT" => "Could not query ranks table.") - ); + message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql); } + $rank_count = $db->sql_numrows($result); $rank_rows = $db->sql_fetchrowset($result); - $rank_count = count($rank_rows); $template->assign_vars(array( "L_RANKS_TITLE" => $lang['Ranks_title'], @@ -396,15 +332,16 @@ else $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; - $rank_is_special = ( $special_rank == 1 ) ? "Yes" : "No"; + $rank_is_special = ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No']; $template->assign_block_vars("ranks", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, "RANK" => $rank, "SPECIAL_RANK" => $rank_is_special, - "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), - "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) + + "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"), + "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id")) ); } } @@ -413,4 +350,4 @@ $template->pparse("body"); include('page_footer_admin.'.$phpEx); -?> +?>
\ No newline at end of file diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index d867d1ce81..946116da4a 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -35,27 +35,41 @@ if($setmodules == 1) } // -// Include required files register $phpEx, and check permisions +// Load default header // +$phpbb_root_dir = "./../"; require('pagestart.inc'); // // Check to see what mode we should operate in. // -$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; +if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +{ + $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; +} +else +{ + $mode = ""; +} // // Read a listing of uploaded smilies for use in the add or edit smliey code... // -$dir = opendir($phpbb_root_path . $board_config['smilies_path']); -while($file = readdir($dir)) +$dir = @opendir($phpbb_root_path . $board_config['smilies_path']); + +while($file = @readdir($dir)) { - if(!is_dir($phpbb_root_path . $board_config['smilies_path'] . '/' . $file)) + if( !@is_dir($phpbb_root_path . $board_config['smilies_path'] . '/' . $file) ) { $smiley_images[] = $file; } } +@closedir($dir); + +// +// Select main mode +// switch($mode) { case 'delete': @@ -63,30 +77,24 @@ switch($mode) // Admin has selected to delete a smiley. // - $smiley_id = ( !empty($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id']; + $smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id']; $sql = "DELETE FROM " . SMILIES_TABLE . " WHERE smilies_id = " . $smiley_id; $result = $db->sql_query($sql); if( !$result ) { - message_die(GENERAL_ERROR, $lang['smile_remove_err'], "", __LINE__, __FILE__, $sql); + message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql); } $template->set_filenames(array( - "body" => "admin/smile_result_body.tpl") + "body" => "admin/admin_message_body.tpl") ); $template->assign_vars(array( - "U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"), - - "L_SMILEY_TITLE" => $lang['smiley_title'], - "L_SMILEY_TEXT" => $lang['smiley_return'], - "L_SMILEY_ACTION" => $lang['smiley_del_success']) + "MESSAGE_TITLE" => $lang['smiley_title'], + "MESSAGE_TEXT" => $lang['smiley_del_success']) ); - // - // Spit out some feedback to the user. - // $template->pparse("body"); break; @@ -95,7 +103,7 @@ switch($mode) // Admin has selected to edit a smiley. // - $smiley_id = ( !empty($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id']; + $smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id']; $sql = "SELECT * FROM " . SMILIES_TABLE . " @@ -135,7 +143,7 @@ switch($mode) "L_SMILEY_TITLE" => $lang['smiley_title'], "L_SMILEY_CONFIG" => $lang['smiley_config'], - "L_SMILEY_EXPLAIN" => $lang['smiley_instr'], + "L_SMILEY_EXPLAIN" => $lang['smile_desc'], "L_SMILEY_CODE" => $lang['smiley_code'], "L_SMILEY_URL" => $lang['smiley_url'], "L_SMILEY_EMOTION" => $lang['smiley_emot'], @@ -200,10 +208,10 @@ switch($mode) // Get the submitted data, being careful to ensure that we only // accept the data we are looking for. // - $smile_code = ($HTTP_POST_VARS['smile_code']) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code']; - $smile_url = ($HTTP_POST_VARS['smile_url']) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; - $smile_emotion = ($HTTP_POST_VARS['smile_emotion']) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; - $smile_id = intval(($HTTP_POST_VARS['smile_id']) ? $HTTP_POST_VARS['smile_id'] : $HTTP_GET_VARS['smile_id']); + $smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code']; + $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; + $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; + $smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']); // // Proceed with updating the smiley table. @@ -214,21 +222,17 @@ switch($mode) $result = $db->sql_query($sql); if( !$result ) { - message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql); + message_die(GENERAL_ERROR, "Couldn't update smilies info", "", __LINE__, __FILE__, $sql); } $template->set_filenames(array( - "body" => "admin/smile_result_body.tpl") + "body" => "admin/admin_message_body.tpl") ); $template->assign_vars(array( - "U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"), - - "L_SMILEY_TITLE" => $lang['smiley_title'], - "L_SMILEY_TEXT" => $lang['smiley_return'], - "L_SMILEY_ACTION" => $lang['smiley_edit_success']) + "MESSAGE_TITLE" => $lang['smiley_title'], + "MESSAGE_TEXT" => $lang['smiley_edit_success']) ); - $template->pparse("body"); break; @@ -241,9 +245,9 @@ switch($mode) // Get the submitted data being careful to ensure the the data // we recieve and process is only the data we are looking for. // - $smile_code = ($HTTP_POST_VARS['smile_code']) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code']; - $smile_url = ($HTTP_POST_VARS['smile_url']) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; - $smile_emotion = ($HTTP_POST_VARS['smile_emotion']) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; + $smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code']; + $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url']; + $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion']; // // Save the data to the smiley table. @@ -253,21 +257,17 @@ switch($mode) $result = $db->sql_query($sql); if( !$result ) { - message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql); + message_die(GENERAL_ERROR, "Couldn't insert new smiley", "", __LINE__, __FILE__, $sql); } $template->set_filenames(array( - "body" => "admin/smile_result_body.tpl") + "body" => "admin/admin_message_body.tpl") ); $template->assign_vars(array( - "U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"), - - "L_SMILEY_TITLE" => $lang['smiley_title'], - "L_SMILEY_TEXT" => $lang['smiley_return'], - "L_SMILEY_ACTION" => $lang['smiley_add_success']) + "MESSAGE_TITLE" => $lang['smiley_title'], + "MESSAGE_TEXT" => $lang['smiley_add_success']) ); - $template->pparse("body"); break; @@ -281,7 +281,7 @@ switch($mode) $result = $db->sql_query($sql); if( !$result ) { - message_die(GENERAL_ERROR, $lang['smile_load_err'], "", __LINE__, __FILE__, $sql); + message_die(GENERAL_ERROR, "Couldn't obtain smileys from database", "", __LINE__, __FILE__, $sql); } $smilies = $db->sql_fetchrowset($result); @@ -318,6 +318,7 @@ switch($mode) $template->assign_block_vars("smiles", array( "ROW_COLOR" => "#" . $row_color, "ROW_CLASS" => $row_class, + "SMILEY_IMG" => $phpbb_root_path . '/' . $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'], "CODE" => $smilies[$i]['code'], "EMOT" => $smilies[$i]['emoticon'], @@ -326,12 +327,14 @@ switch($mode) "U_SMILEY_DELETE" => append_sid("admin_smilies.$phpEx?mode=delete&id=" . $smilies[$i]['smilies_id'])) ); } + // // Spit out the page. // $template->pparse("body"); break; } + // // Page Footer // diff --git a/phpBB/admin/admin_styles.php b/phpBB/admin/admin_styles.php new file mode 100644 index 0000000000..eacdfa33e7 --- /dev/null +++ b/phpBB/admin/admin_styles.php @@ -0,0 +1,49 @@ +<?php +/*************************************************************************** + * admin_words.php + * ------------------- + * begin : Thursday, Jul 12, 2001 + * copyright : (C) 2001 The phpBB Group + * email : support@phpbb.com + * + * $Id$ + * + * + ***************************************************************************/ + +/*************************************************************************** + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + ***************************************************************************/ + +if($setmodules == 1) +{ + $file = basename(__FILE__); + $module['Styles']['Add_new'] = "$file?mode=addnew"; + $module['Styles']['Create_new'] = "$file?mode=addnew"; + $module['Styles']['Manage'] = "$file"; + return; +} + +// +// Load default header +// +$phpbb_root_dir = "./../"; +require('pagestart.inc'); + +if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +{ + $mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; +} +else +{ + $mode = ""; +} + +include('page_footer_admin.'.$phpEx); + +?>
\ No newline at end of file diff --git a/phpBB/admin/admin_user_ban.php b/phpBB/admin/admin_user_ban.php index 8327215093..e270b9ac81 100644 --- a/phpBB/admin/admin_user_ban.php +++ b/phpBB/admin/admin_user_ban.php @@ -30,16 +30,23 @@ if($setmodules == 1) } // -// Include required files, get $phpEx and check permissions +// Load default header // +$phpbb_root_dir = "./../"; require('pagestart.inc'); +if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +{ + $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; +} +else +{ + $mode = "unban"; +} + // // Start program // - -$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : "unban"; - if( isset($HTTP_POST_VARS['submit']) && isset($HTTP_POST_VARS['bancontrol']) ) { if($HTTP_POST_VARS['bancontrol'] == "ban") @@ -348,7 +355,7 @@ else $sql = "SELECT user_id, username FROM " . USERS_TABLE . " WHERE user_id <> " . ANONYMOUS . " - ORDER BY user_id ASC"; + ORDER BY username ASC"; $u_result = $db->sql_query($sql); $user_list = $db->sql_fetchrowset($u_result); diff --git a/phpBB/admin/admin_userauth.php b/phpBB/admin/admin_userauth.php index f34676ec6a..91edebb6f0 100644 --- a/phpBB/admin/admin_userauth.php +++ b/phpBB/admin/admin_userauth.php @@ -28,30 +28,23 @@ if($setmodules == 1) return; } -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); - -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); // -// End session management +// Load default header // +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; +require('pagestart.inc'); -// -// Is user logged in? If yes are they an admin? -// -if( !$userdata['session_logged_in'] ) + +if( isset($HTTP_POST_VARS[POST_USERS_URL]) || isset($HTTP_GET_VARS[POST_USERS_URL]) ) { - header("Location: ../login.$phpEx?forward_page=admin/"); + $user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL]; } -else if( $userdata['user_level'] != ADMIN ) +else { - message_die(GENERAL_MESSAGE, $lang['Not_admin']); + $user_id = ""; } + // // Start program - define vars @@ -130,8 +123,8 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin) // if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL])) { - $user_id = $HTTP_POST_VARS[POST_USERS_URL]; - $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE; + $user_id = intval($HTTP_POST_VARS[POST_USERS_URL]); + $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : 0; // // This is where things become fun ... @@ -223,7 +216,6 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL])) } header("Location: " . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id")); - } else { @@ -583,58 +575,19 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL])) } } } -else if(empty($HTTP_GET_VARS[POST_USERS_URL])) +else if( isset($HTTP_POST_VARS['username']) || $user_id) { - // - // Default user selection box - // - // This should be altered on the final system - // - - $sql = "SELECT user_id, username - FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS; - $u_result = $db->sql_query($sql); - $user_list = $db->sql_fetchrowset($u_result); - $select_list = "<select name=\"" . POST_USERS_URL . "\">"; - for($i = 0; $i < count($user_list); $i++) + if( isset($HTTP_POST_VARS['username']) ) { - $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>"; + $this_userdata = get_userdata($HTTP_POST_VARS['username']); + $user_id = $this_userdata['user_id']; } - $select_list .= "</select>"; - - include('page_header_admin.'.$phpEx); - $template->set_filenames(array( - "body" => "admin/auth_select_body.tpl") - ); - - $template->assign_vars(array( - "L_AUTH_TITLE" => $lang['User'] . " " . $lang['Auth_Control'], - "L_AUTH_EXPLAIN" => $lang['User_auth_explain'], - "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['User'], - "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'], - - "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"), - "S_AUTH_SELECT" => $select_list) - ); - -} -else -{ // // Front end // - $user_id = $HTTP_GET_VARS[POST_USERS_URL]; - if( isset($HTTP_GET_VARS['adv']) ) - { - $adv = $HTTP_GET_VARS['adv']; - } - else - { - $adv = FALSE; - } + $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0; include('page_header_admin.'.$phpEx); @@ -948,8 +901,8 @@ else } } - $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv="); - $switch_mode .= ( empty($adv) ) ? "1" : "0"; + $adv_switch = ( empty($adv) ) ? 1 : 0; + $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=$adv_switch"); $switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode']; $u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>'; @@ -972,11 +925,51 @@ else "U_SWITCH_MODE" => $u_switch_mode, "S_COLUMN_SPAN" => $s_column_span, - "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"), + "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"), "S_HIDDEN_FIELDS" => $s_hidden_fields) ); } +else +{ + // + // Default user selection box + // + // This should be altered on the final system + // + + $sql = "SELECT user_id, username + FROM " . USERS_TABLE . " + WHERE user_id <> " . ANONYMOUS; + $u_result = $db->sql_query($sql); + $user_list = $db->sql_fetchrowset($u_result); + + $select_list = "<select name=\"" . POST_USERS_URL . "\">"; + for($i = 0; $i < count($user_list); $i++) + { + $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>"; + } + $select_list .= "</select>"; + + include('page_header_admin.'.$phpEx); + + $template->set_filenames(array( + "body" => "admin/user_select_body.tpl") + ); + + $template->assign_vars(array( + "L_USER_TITLE" => $lang['User'] . " " . $lang['Auth_Control'], + "L_USER_EXPLAIN" => $lang['User_auth_explain'], + "L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'], + "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'], + "L_FIND_USERNAME" => $lang['Find_username'], + + "U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"), + + "S_USER_ACTION" => append_sid("admin_userauth.$phpEx")) + ); + +} $template->pparse("body"); diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index 54bc94c77d..5d59306d85 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -20,6 +20,8 @@ * ***************************************************************************/ +define("IN_ADMIN", true); + if($setmodules == 1) { $filename = basename(__FILE__); @@ -29,16 +31,21 @@ if($setmodules == 1) } // -// Include required files, get $phpEx and check permissions +// Load default header // -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); -include($phpbb_root_path . 'includes/bbcode.'.$phpEx); -include($phpbb_root_path . 'includes/post.'.$phpEx); +$phpbb_root_dir = "./../"; +require('pagestart.inc'); +if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +{ + $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; +} +else +{ + $mode = ""; +} -// +// --------- // Functions // function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig) @@ -112,35 +119,40 @@ function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$loca // End Functions // -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); -// -// End session management -// -if( !$userdata['session_logged_in'] ) -{ - header("Location: ../login.$phpEx?forward_page=admin/"); -} -else if( $userdata['user_level'] != ADMIN ) -{ - message_die(GENERAL_MESSAGE, $lang['Not_admin']); -} // // Begin program // -if ( isset($HTTP_GET_VARS['submit']) ) { +if( $mode == "searchuser" ) +{ + if( isset($HTTP_POST_VARS['search']) ) + { + $username_list = username_search("admin_users.$phpEx", $HTTP_POST_VARS['search_author'], 1); + } + else + { + username_search("admin_users.$phpEx", "", 1); + } + // - // This looks familiar doesn't it? It's the user profile page! :) + // Remove this later // - + exit; +} +else if ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) ) +{ // // Let's find out a little about them... // - $this_userdata = get_userdata_from_id($HTTP_GET_VARS[POST_USERS_URL]); + if( isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) ) + { + $user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL]; + $this_userdata = get_userdata_from_id($user_id); + } + else + { + $this_userdata = get_userdata($HTTP_POST_VARS['username']); + } // // Now parse and display it as a template @@ -195,13 +207,13 @@ if ( isset($HTTP_GET_VARS['submit']) ) { switch( $user_avatar_type ) { case USER_AVATAR_UPLOAD: - $avatar = "<img src=\"" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />"; + $avatar = "<img src=\"../" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />"; break; case USER_AVATAR_REMOTE: $avatar = "<img src=\"$user_avatar\" alt=\"\" />"; break; case USER_AVATAR_GALLERY: - $avatar = "<img src=\"" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />"; + $avatar = "<img src=\"../" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />"; break; } } @@ -319,16 +331,15 @@ if ( isset($HTTP_GET_VARS['submit']) ) { "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx")) ); - include('page_header_admin.'.$phpEx); $template->pparse("body"); } -else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id']) +else if( isset($HTTP_POST_VARS['submit']) && isset($HTTP_POST_VARS['user_id']) ) { // // Ok, the profile has been modified and submitted, let's update // + $user_id = intval($HTTP_POST_VARS['user_id']); - $user_id = $HTTP_POST_VARS['user_id']; $username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags($HTTP_POST_VARS['username'])) : ""; $email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : ""; @@ -450,8 +461,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id']) WHERE user_id = $user_id"; $result = @$db->sql_query($sql); - include('page_header_admin.'. $phpEx); - $template->set_filenames(array( "body" => "admin/admin_message_body.tpl") ); @@ -479,7 +488,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id']) if( $error == TRUE ) { - include('page_header_admin.' . $phpEx); $template->set_filenames(array( "body" => "admin/admin_message_body.tpl") ); @@ -493,13 +501,11 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id']) } else { - echo $sql = "UPDATE " . USERS_TABLE . " + $sql = "UPDATE " . USERS_TABLE . " SET " . $username_sql . $passwd_sql . "user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occupation', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_lang = '$user_lang', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_active = $user_status, user_actkey = '$user_actkey'" . $avatar_sql . " WHERE user_id = $user_id"; if($result = $db->sql_query($sql)) { - include('page_header_admin.' . $phpEx); - $template->set_filenames(array( "body" => "admin/admin_message_body.tpl") ); @@ -512,8 +518,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id']) } else { - include('page_header_admin.' . $phpEx); - $template->set_filenames(array( "body" => "admin/admin_message_body.tpl") ); @@ -528,8 +532,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id']) } else { - include('page_header_admin.' . $phpEx); - $template->set_filenames(array( "body" => "admin/admin_message_body.tpl") ); @@ -562,8 +564,6 @@ else } $select_list .= "</select>"; - include('page_header_admin.'.$phpEx); - $template->set_filenames(array( "body" => "admin/user_select_body.tpl") ); @@ -573,6 +573,9 @@ else "L_USER_EXPLAIN" => $lang['User_admin_explain'], "L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'], "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'], + "L_FIND_USERNAME" => $lang['Find_username'], + + "U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"), "S_USER_ACTION" => append_sid("admin_users.$phpEx"), "S_USER_SELECT" => $select_list) diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php index 2b53198b49..f6af8d745a 100644 --- a/phpBB/admin/admin_words.php +++ b/phpBB/admin/admin_words.php @@ -28,8 +28,9 @@ if($setmodules == 1) } // -// Include required files, get $phpEx and check permissions +// Load default header // +$phpbb_root_dir = "./../"; require('pagestart.inc'); if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index 8436fee577..65ea4b65f8 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -20,47 +20,33 @@ * ***************************************************************************/ -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); - -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); -// -// End session management -// - // -// Is user logged in? If yes are they an admin? +// Load default header // -if( !$userdata['session_logged_in'] ) -{ - header("Location: ../login.$phpEx?forward_page=admin/"); -} -else if( $userdata['user_level'] != ADMIN ) -{ - message_die(GENERAL_MESSAGE, $lang['Not_admin']); -} +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; +require('pagestart.inc'); // // Generate relevant output // if( $HTTP_GET_VARS['pane'] == 'left' ) { - $dir = opendir("."); + $dir = @opendir("."); $setmodules = 1; - while($file = readdir($dir)) + while( $file = @readdir($dir) ) { - if(preg_match("/^admin_.*/", $file)) + if( preg_match("/^admin_.*?\.php$/", $file) ) { include($file); } } + @closedir($dir); + + unset($setmodules); + include('page_header_admin.'.$phpEx); $template->set_filenames(array( @@ -68,32 +54,34 @@ if( $HTTP_GET_VARS['pane'] == 'left' ) ); $template->assign_vars(array( - "U_BOARD_INDEX" => append_sid("../index.$phpEx"), + "U_FORUM_INDEX" => append_sid("../index.$phpEx"), "U_ADMIN_INDEX" => append_sid("index.$phpEx?pane=right"), - "L_BOARD_INDEX" => "Board Index", - "L_ADMIN_INDEX" => "Admin Index") + "L_FORUM_INDEX" => $lang['Forum_Index'], + "L_ADMIN_INDEX" => $lang['Admin_Index'], + "L_PREVIEW_FORUM" => $lang['Preview_forum']) ); while( list($cat, $action_array) = each($module) ) { $template->assign_block_vars("catrow", array( - "CATNAME" => $cat) + "ADMIN_CATEGORY" => $cat) ); $row_count = 0; while( list($action, $file) = each($action_array) ) { - $row_color = "#" . ( ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2']); + $row_color = ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($row_count%2) ) ? $theme['td_class1'] : $theme['td_class2']; $action = preg_replace("'_'", " ", $action); - $template->assign_block_vars("catrow.actionrow", array( - "ROW_COLOR" => $row_color, - "ROW_CLASS" => $row_class, - "ACTIONNAME" => $action, - "FILE" => $file) + $template->assign_block_vars("catrow.modulerow", array( + "ROW_COLOR" => "#" . $row_color, + "ROW_CLASS" => $row_class, + + "ADMIN_MODULE" => $action, + "U_ADMIN_MODULE" => append_sid($file)) ); $row_count++; } @@ -101,8 +89,7 @@ if( $HTTP_GET_VARS['pane'] == 'left' ) $template->pparse("body"); - unset($setmodules); - exit; + include('page_footer_admin.'.$phpEx); } elseif( $HTTP_GET_VARS['pane'] == 'right' ) { @@ -131,7 +118,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' ) "L_USERS_PER_DAY" => $lang['Users_per_day'], "L_BOARD_STARTED" => $lang['Board_started'], "L_AVATAR_DIR_SIZE" => $lang['Avatar_dir_size'], - "L_DB_SIZE" => $lang['Database_size']) + "L_DB_SIZE" => $lang['Database_size'], + "L_GZIP_COMPRESSION" => $lang['Gzip_compression']) ); // @@ -143,7 +131,7 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' ) $start_date = create_date($board_config['default_dateformat'], $board_config['board_startdate'], $board_config['board_timezone']); - $boarddays = (time() - $board_config['board_startdate']) / (24*60*60); + $boarddays = ( time() - $board_config['board_startdate'] ) / 86400; $posts_per_day = sprintf("%.2f", $total_posts / $boarddays); $topics_per_day = sprintf("%.2f", $total_topics / $boarddays); @@ -153,19 +141,19 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' ) if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path'])) { - while($file = readdir($avatar_dir)) + while( $file = @readdir($avatar_dir) ) { - if($file != "." && $file != "..") + if( $file != "." && $file != ".." ) { - $avatar_dir_size += filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file); + $avatar_dir_size += @filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file); } } - closedir($avatar_dir); + @closedir($avatar_dir); } else { // Couldn't open Avatar dir. - $avatar_dir_size = '?'; + $avatar_dir_size = $lang['Not_available']; } // @@ -215,7 +203,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' ) list($version) = $db->sql_fetchrow($result); if( ereg("^3\.23", $version) ) { - $sql = "SHOW TABLE STATUS FROM " . $dbname; + $sql = "SHOW TABLE STATUS + FROM " . $dbname; if(!$result = $db->sql_query($sql)) { message_die(GENERAL_ERROR, "Couldn't obtain table information.", "", __LINE__, __FILE__, $sql); @@ -268,7 +257,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' ) "TOPICS_PER_DAY" => $topics_per_day, "USERS_PER_DAY" => $users_per_day, "AVATAR_DIR_SIZE" => $avatar_dir_size, - "DB_SIZE" => $dbsize) + "DB_SIZE" => $dbsize, + "GZIP_COMPRESSION" => ( $board_config['gzip_compress'] ) ? $lang['ON'] : $lang['OFF']) ); // // End forum statistics @@ -378,16 +368,12 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' ) $row_color = ( !($count % 2) ) ? $theme['td_color1'] : $theme['td_color2']; $row_class = ( !($count % 2) ) ? $theme['td_class1'] : $theme['td_class2']; + $count++; $ip_address = decode_ip($onlinerow[$i]['session_ip']); - // - // This resolves the users IP to a host name, but it REALLY slows the page down - // - //$host_name = gethostbyaddr($ip_address); - //$ip_address = $ip_address . " ($host_name)"; - if(empty($username)) + if( empty($username) ) { $username = $lang['Guest']; } @@ -420,8 +406,8 @@ else ); $template->assign_vars(array( - "S_FRAME_NAV" => "index.$phpEx?pane=left", - "S_FRAME_MAIN" => "index.$phpEx?pane=right") + "S_FRAME_NAV" => append_sid("index.$phpEx?pane=left"), + "S_FRAME_MAIN" => append_sid("index.$phpEx?pane=right")) ); header ("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); diff --git a/phpBB/admin/page_footer_admin.php b/phpBB/admin/page_footer_admin.php index abfc0f989b..3bca8b0abe 100644 --- a/phpBB/admin/page_footer_admin.php +++ b/phpBB/admin/page_footer_admin.php @@ -44,11 +44,6 @@ $mtime = $mtime[1] + $mtime[0]; $endtime = $mtime; $totaltime = ($endtime - $starttime); -$gzip_text = ($board_config['gzip_compress']) ? "GZIP compression enabled" : "GZIP compression disabled"; -$debug_mode = (DEBUG) ? " : Debug Mode" : ""; - -printf("<center><font size=-2>phpBB Created this page in %f seconds : " . $db->num_queries . " queries executed : $gzip_text".$debug_mode."</font></center>", $totaltime); - // // Close our DB connection. // @@ -58,7 +53,7 @@ $db->sql_close(); // Compress buffered output if required // and send to browser // -if($do_gzip_compress) +if( $do_gzip_compress ) { // // Borrowed from php.net! diff --git a/phpBB/admin/page_header_admin.php b/phpBB/admin/page_header_admin.php index c17e9d61d9..e9bdcfc0d3 100644 --- a/phpBB/admin/page_header_admin.php +++ b/phpBB/admin/page_header_admin.php @@ -81,8 +81,8 @@ else $template->assign_vars(array( "SITENAME" => $board_config['sitename'], "PAGE_TITLE" => $page_title, - "META_INFO" => $meta_tags, + "L_ADMIN" => $lang['Admin'], "L_USERNAME" => $lang['Username'], "L_PASSWORD" => $lang['Password'], "L_INDEX" => $lang['Forum_Index'], diff --git a/phpBB/admin/pagestart.inc b/phpBB/admin/pagestart.inc index a5960ed494..afd5d1d339 100644 --- a/phpBB/admin/pagestart.inc +++ b/phpBB/admin/pagestart.inc @@ -20,6 +20,8 @@ * ***************************************************************************/ +define("IN_ADMIN", true); + $phpbb_root_path = "../"; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); @@ -41,11 +43,11 @@ else if( $userdata['user_level'] != ADMIN ) message_die(GENERAL_MESSAGE, $lang['Not_admin']); } -if ($no_page_header != TRUE) +if ( !$no_page_header ) { // Not including the pageheader can be neccesarry if META tags are // needed in the calling script. include('page_header_admin.'.$phpEx); } -?> +?>
\ No newline at end of file |