diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-10-04 13:09:10 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-10-04 13:09:10 +0000 |
| commit | 30aeac65dccceab18e19318e5981118f150c0647 (patch) | |
| tree | 409e1a742796ff1c988593c43f19a9533c258742 /phpBB/includes | |
| parent | b5bbc005a51658c7496abdcad9b23e978fb7db68 (diff) | |
| download | forums-30aeac65dccceab18e19318e5981118f150c0647.tar forums-30aeac65dccceab18e19318e5981118f150c0647.tar.gz forums-30aeac65dccceab18e19318e5981118f150c0647.tar.bz2 forums-30aeac65dccceab18e19318e5981118f150c0647.tar.xz forums-30aeac65dccceab18e19318e5981118f150c0647.zip | |
Well, here are all my changes ... don't blame me if things break :D
git-svn-id: file:///svn/phpbb/trunk@2923 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/auth/auth_ldap.php | 34 | ||||
| -rwxr-xr-x | phpBB/includes/emailer.php | 70 | ||||
| -rw-r--r-- | phpBB/includes/forums_display.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 92 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 1221 | ||||
| -rw-r--r-- | phpBB/includes/page_header.php | 51 | ||||
| -rw-r--r-- | phpBB/includes/page_tail.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 279 | ||||
| -rw-r--r-- | phpBB/includes/template.php | 13 | ||||
| -rw-r--r-- | phpBB/includes/usercp_viewprofile.php | 26 |
10 files changed, 898 insertions, 896 deletions
diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index c897f90cf0..d715dc837e 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -2,7 +2,7 @@ // // Authentication plug-ins is largely down to -// Sergey Kanareykin, our thanks to him. +// Sergey Kanareykin, our thanks to him. // function login_ldap(&$username, &$password) { @@ -13,7 +13,7 @@ function login_ldap(&$username, &$password) return 'LDAP extension not available'; } - if ( !($ldap = @ldap_connect($board_config['ldap_server'])) ) + if ( !($ldap = @ldap_connect($board_config['ldap_server'])) ) { return 'Could not connect to LDAP server'; } @@ -21,26 +21,30 @@ function login_ldap(&$username, &$password) $search = @ldap_search($ldap, $board_config['ldap_base_dn'], $board_config['ldap_uid'] . '=' . $username, array($board_config['ldap_uid'])); $result = @ldap_get_entries($ldap, $search); - if ( is_array($result) && count($result) > 1 ) + if ( is_array($result) && count($result) > 1 ) { - if ( @ldap_bind($ldap, $result[0]['dn'], $password) ) + if ( @ldap_bind($ldap, $result[0]['dn'], $password) ) { @ldap_close($ldap); - $sql = "SELECT user_id, username, user_password, user_email, user_active + $sql = "SELECT user_id, username, user_password, user_email, user_active FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\'", "''", $username) . "'"; $result = $db->sql_query($sql); return ( $row = $db->sql_fetchrow($result) ) ? $row : false; } - } - + } + @ldap_close($ldap); - + return false; } +// +// This function is used to output any required fields in the authentication +// admin panel. It also defines any required configuration table fields. +// function admin_ldap(&$new) { global $lang; @@ -59,7 +63,7 @@ function admin_ldap(&$new) <td class="row2"><input type="text" size="40" name="ldap_uid" value="<?php echo $new['ldap_uid']; ?>" /></td> </tr> <?php - + // // These are fields required in the config table // @@ -67,4 +71,16 @@ function admin_ldap(&$new) } +// +// Would be nice to allow syncing of 'appropriate' data when user updates +// their username, password, etc. ... should be up to the plugin what data +// is updated. +// +// $mode perhaps being one of NEW, UPDATE, DELETE +// +function usercp_ldap($mode) +{ + +} + ?>
\ No newline at end of file diff --git a/phpBB/includes/emailer.php b/phpBB/includes/emailer.php index c52b2df0dc..cabe89b944 100755 --- a/phpBB/includes/emailer.php +++ b/phpBB/includes/emailer.php @@ -88,7 +88,7 @@ class emailer $template_lang = $board_config['default_lang']; } - $this->tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.tpl'; + $this->tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.txt'; if ( !file_exists($this->tpl_file) ) { message_die(ERROR, 'Could not find email template file ' . $template_file); @@ -177,7 +177,7 @@ class emailer // Add date and encoding type // $universal_extra = "MIME-Version: 1.0\nContent-type: text/plain; charset=" . $this->encoding . "\nContent-transfer-encoding: 8bit\nDate: " . gmdate('D, d M Y H:i:s', time()) . " UT\n"; - $this->extra_headers = $universal_extra . $this->extra_headers; + $this->extra_headers = $universal_extra . $this->extra_headers; $result = ( $this->use_smtp ) ? smtpmail($this->address, $this->subject, $this->msg, $this->extra_headers) : @mail($this->address, $this->subject, $this->msg, $this->extra_headers); @@ -295,24 +295,24 @@ class emailer // // This function has been modified as provided -// by SirSir to allow multiline responses when +// by SirSir to allow multiline responses when // using SMTP Extensions // -function server_parse($socket, $response) -{ - while ( substr($server_response,3,1) != ' ' ) - { - if( !( $server_response = fgets($socket, 256) ) ) - { - message_die(ERROR, 'Could not get mail server response codes'); - } - } - - if( !( substr($server_response, 0, 3) == $response ) ) - { - message_die(ERROR, "Ran into problems sending Mail. Response: $server_response"); - } -} +function server_parse($socket, $response) +{ + while ( substr($server_response,3,1) != ' ' ) + { + if( !( $server_response = fgets($socket, 256) ) ) + { + message_die(ERROR, 'Could not get mail server response codes'); + } + } + + if( !( substr($server_response, 0, 3) == $response ) ) + { + message_die(ERROR, "Ran into problems sending Mail. Response: $server_response"); + } +} /**************************************************************************** * Function: smtpmail @@ -403,25 +403,25 @@ function smtpmail($mail_to, $subject, $message, $headers = '') server_parse($socket, "220"); if( !empty($board_config['smtp_username']) && !empty($board_config['smtp_password']) ) - { - // Send the RFC2554 specified EHLO. + { + // Send the RFC2554 specified EHLO. // This improved as provided by SirSir to accomodate // both SMTP AND ESMTP capable servers - fputs($socket, "EHLO " . $board_config['smtp_host'] . "\r\n"); - server_parse($socket, "250"); - - fputs($socket, "AUTH LOGIN\r\n"); - server_parse($socket, "334"); - fputs($socket, base64_encode($board_config['smtp_username']) . "\r\n"); - server_parse($socket, "334"); - fputs($socket, base64_encode($board_config['smtp_password']) . "\r\n"); - server_parse($socket, "235"); - } - else - { - // Send the RFC821 specified HELO. - fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n"); - server_parse($socket, "250"); + fputs($socket, "EHLO " . $board_config['smtp_host'] . "\r\n"); + server_parse($socket, "250"); + + fputs($socket, "AUTH LOGIN\r\n"); + server_parse($socket, "334"); + fputs($socket, base64_encode($board_config['smtp_username']) . "\r\n"); + server_parse($socket, "334"); + fputs($socket, base64_encode($board_config['smtp_password']) . "\r\n"); + server_parse($socket, "235"); + } + else + { + // Send the RFC821 specified HELO. + fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n"); + server_parse($socket, "250"); } // From this point onward most server response codes should be 250 diff --git a/phpBB/includes/forums_display.php b/phpBB/includes/forums_display.php index b6fa96a073..8120576aea 100644 --- a/phpBB/includes/forums_display.php +++ b/phpBB/includes/forums_display.php @@ -44,8 +44,8 @@ foreach ($forum_rows as $row) )); unset($stored_cat); } - - if ($acl->get_acl($forum_id, 'forum', 'list')) + + if ($auth->get_acl($forum_id, 'forum', 'list')) { switch ($forum_status) { diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 9b3d079e31..7ba27c61c2 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -165,15 +165,15 @@ function get_moderators(&$forum_moderators, $forum_id = false) // function get_forum_rules($mode, &$rules, &$forum_id) { - global $SID, $acl, $lang, $phpEx; + global $SID, $auth, $lang, $phpEx; - $rules .= ( ( $acl->get_acl($forum_id, 'forum', 'post') ) ? $lang['Rules_post_can'] : $lang['Rules_post_cannot'] ) . '<br />'; - $rules .= ( ( $acl->get_acl($forum_id, 'forum', 'reply') ) ? $lang['Rules_reply_can'] : $lang['Rules_reply_cannot'] ) . '<br />'; - $rules .= ( ( $acl->get_acl($forum_id, 'forum', 'edit') ) ? $lang['Rules_edit_can'] : $lang['Rules_edit_cannot'] ) . '<br />'; - $rules .= ( ( $acl->get_acl($forum_id, 'forum', 'delete') || $acl->get_acl($forum_id, 'mod', 'delete') ) ? $lang['Rules_delete_can'] : $lang['Rules_delete_cannot'] ) . '<br />'; - $rules .= ( ( $acl->get_acl($forum_id, 'forum', 'attach') ) ? $lang['Rules_attach_can'] : $lang['Rules_attach_cannot'] ) . '<br />'; + $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'post') ) ? $lang['Rules_post_can'] : $lang['Rules_post_cannot'] ) . '<br />'; + $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'reply') ) ? $lang['Rules_reply_can'] : $lang['Rules_reply_cannot'] ) . '<br />'; + $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'edit') ) ? $lang['Rules_edit_can'] : $lang['Rules_edit_cannot'] ) . '<br />'; + $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'delete') || $auth->get_acl($forum_id, 'mod', 'delete') ) ? $lang['Rules_delete_can'] : $lang['Rules_delete_cannot'] ) . '<br />'; + $rules .= ( ( $auth->get_acl($forum_id, 'forum', 'attach') ) ? $lang['Rules_attach_can'] : $lang['Rules_attach_cannot'] ) . '<br />'; - if ( $acl->get_acl($forum_id, 'mod') ) + if ( $auth->get_acl($forum_id, 'mod') ) { $rules .= sprintf($lang['Rules_moderate'], '<a href="modcp.' . $phpEx . $SID . '&f=' . $forum_id . '">', '</a>'); } @@ -183,7 +183,7 @@ function get_forum_rules($mode, &$rules, &$forum_id) function make_jumpbox($action, $match_forum_id = 0) { - global $SID, $acl, $template, $lang, $db, $nav_links, $phpEx; + global $SID, $auth, $template, $lang, $db, $nav_links, $phpEx; // $sql = "SELECT f.*, p.post_time, p.post_username, u.username, u.user_id // FROM (( " . FORUMS_TABLE . " f @@ -209,7 +209,7 @@ function make_jumpbox($action, $match_forum_id = 0) { if ( $row['forum_left_id'] > $last_forum_right_id ) { - if ( $acl->get_acl($row['forum_id'], 'forum', 'list') ) + if ( $auth->get_acl($row['forum_id'], 'forum', 'list') ) { $selected = ( $row['forum_id'] == $match_forum_id ) ? 'selected="selected"' : ''; $boxstring .= '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $row['forum_name'] . '</option>'; @@ -496,80 +496,41 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add $on_page = floor($start_item / $per_page) + 1; - $page_string = ''; - if ( $total_pages > 10 ) + $page_string = ( $on_page == 1 ) ? '<b>1</b>' : '<a href="' . $base_url . "&start=" . ( ( $on_page - 2 ) * $per_page ) . '">' . $lang['Previous'] . '</a> <a href="' . $base_url . '">1</a>'; + + if ( $total_pages > 5 ) { - $init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages; + $start_cnt = min(max(1, $on_page - 4), $total_pages - 5); + $end_cnt = max(min($total_pages, $on_page + 4), 6); + + $page_string .= ( $start_cnt > 1 ) ? ' ... ' : ', '; - for($i = 1; $i < $init_page_max + 1; $i++) + for($i = $start_cnt + 1; $i < $end_cnt; $i++) { $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>'; - if ( $i < $init_page_max ) + if ( $i < $end_cnt - 1 ) { - $page_string .= ", "; + $page_string .= ', '; } } - if ( $total_pages > 3 ) - { - if ( $on_page > 1 && $on_page < $total_pages ) - { - $page_string .= ( $on_page > 5 ) ? ' ... ' : ', '; - - $init_page_min = ( $on_page > 4 ) ? $on_page : 5; - $init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4; - - for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++) - { - $page_string .= ($i == $on_page) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>'; - if ( $i < $init_page_max + 1 ) - { - $page_string .= ', '; - } - } - - $page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', '; - } - else - { - $page_string .= ' ... '; - } - - for($i = $total_pages - 2; $i < $total_pages + 1; $i++) - { - $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>'; - if( $i < $total_pages ) - { - $page_string .= ", "; - } - } - } + $page_string .= ( $end_cnt < $total_pages ) ? ' ... ' : ', '; } else { - for($i = 1; $i < $total_pages + 1; $i++) + $page_string .= ', '; + + for($i = 2; $i < $total_pages; $i++) { $page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>'; - if ( $i < $total_pages ) + if ( $i < $total_pages ) { $page_string .= ', '; } } } - if ( $add_prevnext_text ) - { - if ( $on_page > 1 ) - { - $page_string = ' <a href="' . $base_url . "&start=" . ( ( $on_page - 2 ) * $per_page ) . '">' . $lang['Previous'] . '</a> ' . $page_string; - } - - if ( $on_page < $total_pages ) - { - $page_string .= ' <a href="' . $base_url . "&start=" . ( $on_page * $per_page ) . '">' . $lang['Next'] . '</a>'; - } - - } + $page_string .= ( $on_page == $total_pages ) ? '<b>' . $total_pages . '</b>' : '<a href="' . $base_url . '&start=' . ( ( $total_pages - 1 ) * $per_page ) . '">' . $total_pages . '</a> <a href="' . $base_url . "&start=" . ( $on_page * $per_page ) . '">' . $lang['Next'] . '</a>'; $page_string = $lang['Goto_page'] . ' ' . $page_string; @@ -640,9 +601,10 @@ function obtain_word_list(&$orig_word, &$replacement_word) // failures, etc. // -> ERROR : Use for any error, a simple page will be output // +// $errno, $errstr, $errfile, $errline function message_die($msg_code, $msg_text = '', $msg_title = '') { - global $db, $session, $acl, $template, $board_config, $theme, $lang, $userdata, $user_ip; + global $db, $session, $auth, $template, $board_config, $theme, $lang, $userdata, $user_ip; global $phpEx, $phpbb_root_path, $nav_links, $starttime; switch ( $msg_code ) diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index bae5a9674c..fcbb40894d 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -19,6 +19,539 @@ * ***************************************************************************/ +// Main message parser for posting, pm, etc. takes raw message +// and parses it for attachments, html, bbcode and smilies +class parse_message +{ + var $bbcode_tpl = null; + + function parse(&$message, $html, $bbcode, $uid, $url, $smilies) + { + global $board_config, $db, $lang; + + $warn_msg = ''; + + // Do some general 'cleanup' first before processing message, + // e.g. remove excessive newlines(?), smilies(?) + $match = array(); + $replace = array(); + + $match[] = '#sid=[a-z0-9]+&?#'; + $replace[] = ''; + $match[] = "#([\r\n][\s]+){3,}#"; + $replace[] = "\n\n"; + + $message = preg_replace($match, $replace, $message); + + // Message length check + if ( !strlen($message) || ( $board_config['max_post_chars'] && strlen($message) > $board_config['max_post_chars'] ) ) + { + $warn_msg .= ( !strlen($message) ) ? $lang['Too_few_chars'] . '<br />' : $lang['Too_many_chars'] . '<br />'; + } + + // Smiley check + if ( $board_config['max_post_smilies'] && $smilies ) + { + $sql = "SELECT code + FROM " . SMILIES_TABLE; + $result = $db->sql_query($sql); + + $match = 0; + while ( $row = $db->sql_fetchrow($result)) + { + if ( preg_match_all('#('. preg_quote($row['code'], '#') . ')#', $message, $matches) ) + { + $match++; + } + + if ( $match > $board_config['max_post_smilies'] ) + { + $warn_msg .= $lang['Too_many_smilies'] . '<br />'; + break; + } + } + $db->sql_freeresult($result); + unset($matches); + } + + // Specialchars message here ... ? + $message = htmlspecialchars($message, ENT_COMPAT, $lang['ENCODING']); + + if ( $warn_msg ) + { +// return $warn_msg; + } + + $warn_msg .= $this->html($message, $html); + $warn_msg .= $this->bbcode($message, $bbcode, $uid); + $warn_msg .= $this->magic_url($message, $url); + $warn_msg .= $this->attach($_FILE); + + return $warn_msg; + } + + function html(&$message, $html) + { + global $board_config, $lang; + + if ( $html ) + { + // If $html is true then "allowed_tags" are converted back from entity + // form, others remain + $allowed_tags = split(',', str_replace(' ', '', $board_config['allow_html_tags'])); + + $match = array(); + $replace = array(); + + foreach ( $allowed_tags as $tag ) + { + $match[] = '#<(\/?' . str_replace('*', '.*?', $tag) . ')>#i'; + $replace[] = '<\1>'; + } + + $message = preg_replace($match, $replace, $message); + } + + return; + } + + function bbcode(&$message, $bbcode, $uid) + { + global $board_config; + + } + + // Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx. + // Cuts down displayed size of link if over 50 chars, turns absolute links + // into relative versions when the server/script path matches the link + function magic_url(&$message, $url) + { + global $board_config; + + if ( $url ) + { + $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://'; + $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/'; + + $match = array(); + $replace = array(); + + // relative urls for this board + $match[] = '#' . $server_protocol . trim($board_config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($board_config['script_path'])) . '/([^\t <\n\r\"]+)#i'; + $replace[] = '<a href="\1" target="_blank">\1</a>'; + + // matches a xxxx://aaaaa.bbb.cccc. ... + $match[] = '#([\n ])([\w]+?://.*?)([\t\n\r <"\'])#ie'; + $replace[] = "'\\1<!-- m --><a href=\"\\2\" target=\"_blank\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- m -->\\3'"; + + // matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing + $match[] = '#(^|[\n ])(www\.[\w\-]+\.[\w\-.\~]+(?:/[^\t <\n\r\"]*)?)#ie'; + $replace[] = "'\\1<!-- m --><a href=\"http://\\2\" target=\"_blank\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- m -->'"; + + // matches an email@domain type address at the start of a line, or after a space. + $match[] = '#(^|[\n ])([a-z0-9\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)#ie'; + $replace[] = "'\\1<!-- m --><a href=\"mailto:\\2\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- m -->'"; + + $message = preg_replace($match, $replace, $message); + } + } + + // Based off of Acyd Burns Mod + function attach($file_ary) + { + global $board_config; + + $allowed_ext = explode(',', $board_config['attach_ext']); + } +} + +// Will parse poll info ... probably +class parse_poll extends parse_message +{ + function parse_poll() + { + global $board_config; + + } +} + +// Parses a given message and updates/maintains +// the fulltext word indexes NOTE this is not complete +// nor 'entirely' (!) functional ... +class fulltext_search +{ + function split_words(&$text) + { + global $phpbb_root_path, $board_config; + + static $drop_char_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!', '*'); + static $drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ' , ' ', ' ', ' ', ' ', ' ', ' ', ' '); + $stopwords_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_stopwords.txt'); + $synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt'); + + $match = array(); + // New lines, carriage returns + $match[] = "#[\n\r]+#"; + // HTML and NCRs like etc. + $match[] = '#<(.*?)>.*?<\/\1>#'; // BAD! + $match[] = '#\b&\#?[a-z0-9]+;\b#'; + // URL's + $match[] = '#\b[\w]+:\/\/[a-z0-9\.\-]+(\/[a-z0-9\?\.%_\-\+=&\/]+)?#'; + // BBcode + $match[] = '#\[img:[a-z0-9]{10,}\].*?\[\/img:[a-z0-9]{10,}\]#'; + $match[] = '#\[\/?url(=.*?)?\]#'; + $match[] = '#\[\/?[a-z\*=\+\-]+(\:?[0-9a-z]+)?:[a-z0-9]{10,}(\:[a-z0-9]+)?=?.*?\]#'; + // Sequences < min_search_chars & < max_search_chars + $match[] = '#\b([a-z0-9]{1,' . $board_config['min_search_chars'] . '}|[a-z0-9]{' . $board_config['max_search_chars'] . ',})\b#'; + + $text = preg_replace($match, ' ', ' ' . strtolower($text) . ' '); + + // Filter out non-alphabetical chars + for($i = 0; $i < count($drop_char_match); $i++) + { + $text = str_replace($drop_char_match[$i], $drop_char_replace[$i], $text); + } + + if ( !empty($stopword_list) ) + { + $text = str_replace($stopword_list, '', $text); + } + + if ( !empty($synonym_list) ) + { + for ($j = 0; $j < count($synonym_list); $j++) + { + list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j]))); + if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) ) + { + $text = preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $text); + } + } + } + + echo "<br /><br />\n\n"; + echo "cleaned_text => " . htmlentities($text); + echo "<br /><br />\n\n"; + preg_match_all('/\b([\w]+)\b/', $text, $split_entries); + + return array_unique($split_entries[1]); + } + + function add(&$post_id, &$new_msg, &$new_title, $old_msg = '', $old_title = '') + { + global $board_config, $db; + + $mtime = explode(' ', microtime()); + $starttime = $mtime[1] + $mtime[0]; + + // + // Split old and new post/subject to obtain array of 'words' + // + $split_text_new = $this->split_words($new_msg); + $split_text_old = $this->split_words(addslashes($old_msg)); + $split_title_new = ( $new_title ) ? $this->split_words($new_title) : array(); + $split_title_old = ( $old_title ) ? $this->split_words(addslashes($old_title)) : array(); + + // + // Define new words to be added and old words to be removed + // + $words = array(); + $words['add']['text'] = array_diff($split_text_new, $split_text_old); + $words['del']['text'] = array_diff($split_text_old, $split_text_new); + $words['add']['title'] = array_diff($split_title_new, $split_title_old); + $words['del']['title'] = array_diff($split_title_old, $split_title_new); + + // + // Get unique words from the above arrays + // + $unique_add_words = array_unique(array_merge($words['add']['text'], $words['add']['title'])); + + // + // We now have unique arrays of all words to be added and removed and + // individual arrays of added and removed words for text and title. What + // we need to do now is add the new words (if they don't already exist) + // and then add (or remove) matches between the words and this post + // + if ( sizeof($unique_add_words) ) + { + $word_id = array(); + $new_word = array(); + + $sql = "SELECT word_id, word_text + FROM " . SEARCH_WORD_TABLE . " + WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_words)) . ")"; + $result = $db->sql_query($sql); + + while ( $row = $db->sql_fetchrow($result) ) + { + $word_id[$row['word_text']] = $row['word_id']; + } + $db->sql_freeresult($result); + + foreach ( $unique_words as $word ) + { + if ( empty($word_id[$word]) ) + { + $new_words[] = $row['word_text']; + } + } + unset($unique_words); + + switch( SQL_LAYER ) + { + case 'postgresql': + case 'msaccess': + case 'mssql-odbc': + case 'oracle': + case 'db2': + foreach ( $new_words as $word ) + { + $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) + VALUES ('" . $word . "')"; + $db->sql_query($sql); + } + + break; + + default: + switch( SQL_LAYER ) + { + case 'mysql': + case 'mysql4': + $value_sql = implode(', ', preg_replace('#^(.*)$#', '(\'\1\')', $new_words)); + break; + + case mssql: + $value_sql = implode(' UNION ALL ', preg_replace('#^(.*)$#', 'SELECT \'\1\'', $new_words)); + break; + + } + + if ( $value_sql ) + { + $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) + VALUES $value_sql"; + $db->sql_query($sql); + } + } + } + + $unique_words = array_unique(array_merge($words['del']['text'], $words['del']['title'])); + + $word_id = array(); + if ( count($unique_words) ) + { + $sql = "SELECT word_id, word_text + FROM " . SEARCH_WORD_TABLE . " + WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_words)) . ")"; + $result = $db->sql_query($sql); + + while ( $row = $db->sql_fetchrow($result) ) + { + if ( !empty($words['del']['title']) ) + { + $words['del']['title'][] = $row['word_id']; + } + + if ( !empty($words['del']['text']) ) + { + $words['del']['text'][] = $row['word_id']; + } + } + $db->sql_freeresult($result); + + unset($unique_words); + } + + foreach ( $words as $sql_type => $word_in_ary ) + { + foreach ( $word_in_ary as $word_in => $word_ary ) + { + $word_sql = ( $sql_type == 'add' ) ? implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $word_ary)) : implode(', ', $word_id); + $title_match = ( $word_in == 'title' ) ? 1 : 0; + + if ( $word_sql != '' ) + { + echo "<br />" . $sql = ( $sql_type == 'add' ) ? "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) SELECT $post_id, word_id, $title_match FROM " . SEARCH_WORD_TABLE . " WHERE word_text IN ($word_sql)" : "DELETE FROM " . SEARCH_MATCH_TABLE . " WHERE post_id = $post_id AND title_match = $title_match AND word_id IN ($word_sql)"; + $db->sql_query($sql); + } + } + } + + unset($words); + unset($word_in_ary); + + $mtime = explode(' ', microtime()); + echo "<br /><br />"; + echo $mtime[1] + $mtime[0] - $starttime; + echo "<br /><br />"; + print_r($new_words); + echo "<br /><br />"; + print_r($del_words); + echo "<br /><br />"; + + // Run the cleanup infrequently, once per session cleanup + if ( $board_config['session_last_gc'] < time - ( $board_config['session_gc'] / 2 ) ) + { + $this->search_tidy(); + } + } + + // + // Tidy up indexes, tag 'common words', remove + // words no longer referenced in the match table, etc. + // + function search_tidy() + { + global $db; + + // Remove common (> 60% of posts ) words + $result = $db->sql_query("SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE); + + $row = $db->sql_fetchrow($result); + + if ( $row['total_posts'] >= 100 ) + { + $sql = "SELECT word_id + FROM " . SEARCH_MATCH_TABLE . " + GROUP BY word_id + HAVING COUNT(word_id) > " . floor($row['total_posts'] * 0.6); + $result = $db->sql_query($sql); + + $in_sql = ''; + while ( $row = $db->sql_fetchrow($result) ) + { + $in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $row['word_id']; + } + $db->sql_freeresult($result); + + if ( $in_sql ) + { + $sql = "UPDATE " . SEARCH_WORD_TABLE . " + SET word_common = " . TRUE . " + WHERE word_id IN ($in_sql)"; + $db->sql_query($sql); + + $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " + WHERE word_id IN ($in_sql)"; + $db->sql_query($sql); + } + } + + // Remove words with no matches ... this is a potentially nasty query + $sql = "SELECT w.word_id + FROM ( " . SEARCH_WORD_TABLE . " w + LEFT JOIN " . SEARCH_MATCH_TABLE . " m ON w.word_id = m.word_id + AND m.word_id IS NULL + GROUP BY m.word_id"; + $result = $db->sql_query($sql); + + if ( $row = $db->sql_fetchrow($result) ) + { + $in_sql = ''; + while ( $row = $db->sql_fetchrow($result) ) + { + $in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $row['word_id']; + } + $db->sql_freeresult($result); + + if ( $in_sql ) + { + $sql = "DELETE FROM " . SEARCH_WORD_TABLE . " + WHERE word_id IN ($in_sql)"; + $db->sql_query($sql); + } + } + } +} + +// +// Fill smiley templates (or just the variables) with smileys +// Either in a window or inline +// +function generate_smilies($mode) +{ + global $SID, $auth, $db, $session, $board_config, $template, $theme, $lang; + global $user_ip, $starttime; + global $phpEx, $phpbb_root_path; + global $userdata; + + if ( $mode == 'window' ) + { + $page_title = $lang['Review_topic'] . " - $topic_title"; + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + $template->set_filenames(array( + 'smiliesbody' => 'posting_smilies.html') + ); + } + + $where_sql = ( $mode == 'inline' ) ? 'WHERE smile_on_posting = 1 ' : ''; + $sql = "SELECT emoticon, code, smile_url, smile_width, smile_height + FROM " . SMILIES_TABLE . " + $where_sql + ORDER BY smile_order, smile_width, smile_height, smilies_id"; + $result = $db->sql_query($sql); + + $num_smilies = 0; + $smile_array = array(); + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + if ( !in_array($row['smile_url'], $smile_array) ) + { + if ( $mode == 'window' || ( $mode == 'inline' && $num_smilies < 20 ) ) + { + $template->assign_block_vars('emoticon', array( + 'SMILEY_CODE' => $row['code'], + 'SMILEY_IMG' => $board_config['smilies_path'] . '/' . $row['smile_url'], + 'SMILEY_WIDTH' => $row['smile_width'], + 'SMILEY_HEIGHT' => $row['smile_height'], + 'SMILEY_DESC' => $row['emoticon']) + ); + } + + $smile_array[] = $row['smile_url']; + $num_smilies++; + } + } + while ( ( $row = $db->sql_fetchrow($result) ) ); + + $db->sql_freeresult($result); + + if ( $mode == 'inline' && $num_smilies >= 20 ) + { + $template->assign_vars(array( + 'S_SHOW_EMOTICON_LINK' => true, + 'L_MORE_SMILIES' => $lang['More_emoticons'], + 'U_MORE_SMILIES' => "posting.$phpEx$SID&mode=smilies") + ); + } + + $template->assign_vars(array( + 'L_EMOTICONS' => $lang['Emoticons'], + 'L_CLOSE_WINDOW' => $lang['Close_window'], + 'S_SMILIES_COLSPAN' => $s_colspan) + ); + } + + if ( $mode == 'window' ) + { + $template->display('smiliesbody'); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + } +} +// +// END NEW CODE +// --------------------------------------------- + +// --------------------------------------------- +// OLD CODE FROM 2.0.x +// +define('BBCODE_UID_LEN', 10); + $html_entities_match = array('#&#', '#<#', '#>#'); $html_entities_replace = array('&', '<', '>'); @@ -42,13 +575,17 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid if ( $html_on ) { - $allowed_html_tags = split(',', $board_config['allow_html_tags']); + $end_html = 0; $start_html = 1; $tmp_message = ''; $message = ' ' . $message . ' '; + + + + while ( $start_html = strpos($message, '<', $start_html) ) { $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ( $start_html - $end_html - 1 ))); @@ -109,7 +646,7 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid $code_entities_replace = array('<', '>', '"', ':', '[', ']', '(', ')', '{', '}'); $message = ''; - + for($i = 0; $i < $match_count; $i++) { $message .= $match[1][$i] . '[code]' . preg_replace($code_entities_match, $code_entities_replace, $match[2][$i]) . '[/code]'; @@ -118,7 +655,7 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid $message .= $tmp_message; } - + $message = bbencode_first_pass($message, $bbcode_uid); } @@ -134,7 +671,7 @@ function unprepare_message($message) // // Prepare a message for posting -// +// function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length) { global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path; @@ -172,7 +709,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, $bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : ''; $message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid); } - else if ( $mode != 'delete' && $mode != 'polldelete' ) + else if ( $mode != 'delete' && $mode != 'polldelete' ) { $error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message']; } @@ -206,7 +743,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, { $error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options']; } - else if ( count($poll_options) > $board_config['max_poll_options'] ) + else if ( count($poll_options) > $board_config['max_poll_options'] ) { $error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options']; } @@ -230,7 +767,7 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ $current_time = time(); - if ( $mode == 'newtopic' || $mode == 'reply' ) + if ( $mode == 'newtopic' || $mode == 'reply' ) { // // Flood control @@ -292,7 +829,7 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ // // Add poll - // + // if ( ( $mode == 'newtopic' || $mode == 'editpost' ) && !empty($poll_title) && count($poll_options) >= 2 ) { $sql = ( !$post_data['has_poll'] ) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ( $poll_length * 86400 ) . " WHERE topic_id = $topic_id"; @@ -305,9 +842,9 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ $old_poll_result = array(); if ( $mode == 'editpost' && $post_data['has_poll'] ) { - $sql = "SELECT vote_option_id, vote_result - FROM " . VOTE_RESULTS_TABLE . " - WHERE vote_id = $poll_id + $sql = "SELECT vote_option_id, vote_result + FROM " . VOTE_RESULTS_TABLE . " + WHERE vote_id = $poll_id ORDER BY vote_option_id ASC"; if ( !($result = $db->sql_query($sql)) ) { @@ -350,7 +887,7 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ if( $delete_option_sql != '' ) { - $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " + $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_option_id IN ($delete_option_sql)"; if ( !($result = $db->sql_query($sql)) ) { @@ -390,7 +927,7 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i $topic_update_sql .= "topic_replies = topic_replies - 1"; $sql = "SELECT MAX(post_id) AS post_id - FROM " . POSTS_TABLE . " + FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id"; if ( !($db->sql_query($sql)) ) { @@ -406,8 +943,8 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i if ( $post_data['last_topic'] ) { $sql = "SELECT MAX(post_id) AS post_id - FROM " . POSTS_TABLE . " - WHERE forum_id = $forum_id"; + FROM " . POSTS_TABLE . " + WHERE forum_id = $forum_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); @@ -419,10 +956,10 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i } } } - else if ( $post_data['first_post'] ) + else if ( $post_data['first_post'] ) { $sql = "SELECT MIN(post_id) AS post_id - FROM " . POSTS_TABLE . " + FROM " . POSTS_TABLE . " WHERE topic_id = $topic_id"; if ( !($db->sql_query($sql)) ) { @@ -441,16 +978,16 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i } else if ( $mode != 'poll_delete' ) { - $forum_update_sql .= ", forum_last_post_id = $post_id" . ( ( $mode == 'newtopic' ) ? ", forum_topics = forum_topics $sign" : "" ); + $forum_update_sql .= ", forum_last_post_id = $post_id" . ( ( $mode == 'newtopic' ) ? ", forum_topics = forum_topics $sign" : "" ); $topic_update_sql = "topic_last_post_id = $post_id" . ( ( $mode == 'reply' ) ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id" ); } - else + else { $topic_update_sql .= 'topic_vote = 0'; } - $sql = "UPDATE " . FORUMS_TABLE . " SET - $forum_update_sql + $sql = "UPDATE " . FORUMS_TABLE . " SET + $forum_update_sql WHERE forum_id = $forum_id"; if ( !($result = $db->sql_query($sql)) ) { @@ -459,8 +996,8 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i if ( $topic_update_sql != '' ) { - $sql = "UPDATE " . TOPICS_TABLE . " SET - $topic_update_sql + $sql = "UPDATE " . TOPICS_TABLE . " SET + $topic_update_sql WHERE topic_id = $topic_id"; if ( !($result = $db->sql_query($sql)) ) { @@ -471,7 +1008,7 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i if ( $mode != 'poll_delete' ) { $sql = "UPDATE " . USERS_TABLE . " - SET user_posts = user_posts $sign + SET user_posts = user_posts $sign WHERE user_id = $user_id"; if ( !($result = $db->sql_query($sql, END_TRANSACTION)) ) { @@ -493,35 +1030,35 @@ function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ $topic_update_sql = ''; if ( $mode != 'poll_delete' ) { - $sql = "DELETE FROM " . POSTS_TABLE . " + $sql = "DELETE FROM " . POSTS_TABLE . " WHERE post_id = $post_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } - $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " + $sql = "DELETE FROM " . POSTS_TEXT_TABLE . " WHERE post_id = $post_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } - $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " + $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " WHERE post_id = $post_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); } - $forum_update_sql = 'forum_posts = forum_posts - 1'; + $forum_update_sql = 'forum_posts = forum_posts - 1'; $topic_update_sql .= 'topic_replies = topic_replies - 1'; if ( $post_data['last_post'] ) { if ( $post_data['first_post'] ) { - $sql = "DELETE FROM " . TOPICS_TABLE . " - WHERE topic_id = $topic_id + $sql = "DELETE FROM " . TOPICS_TABLE . " + WHERE topic_id = $topic_id OR topic_moved_id = $topic_id"; if ( !($db->sql_query($sql)) ) { @@ -540,21 +1077,21 @@ function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ if( $mode == 'poll_delete' || ( $mode == 'delete' && $post_data['first_post'] && $post_data['last_post'] ) && $post_data['has_poll'] && $post_data['edit_poll'] ) { - $sql = "DELETE FROM " . VOTE_DESC_TABLE . " + $sql = "DELETE FROM " . VOTE_DESC_TABLE . " WHERE vote_id = $poll_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } - $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " + $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " WHERE vote_id = $poll_id"; if ( !($db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql); } - $sql = "DELETE FROM " . VOTE_USERS_TABLE . " + $sql = "DELETE FROM " . VOTE_USERS_TABLE . " WHERE vote_id = $poll_id"; if ( !($db->sql_query($sql)) ) { @@ -599,11 +1136,11 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql); } } - else + else { if ( $mode == 'reply' || $mode == 'newtopic' ) { - $sql = "SELECT ban_userid + $sql = "SELECT ban_userid FROM " . BANLIST_TABLE; if ( !($result = $db->sql_query($sql)) ) { @@ -619,12 +1156,12 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id } } - $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, f.forum_name - FROM " . FORUMS_WATCH_TABLE . " w, " . FORUMS_TABLE . " f, " . USERS_TABLE . " u - WHERE w.forum_id = $forum_id - AND w.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) - AND w.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " - AND f.forum_id = w.forum_id + $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, f.forum_name + FROM " . FORUMS_WATCH_TABLE . " w, " . FORUMS_TABLE . " f, " . USERS_TABLE . " u + WHERE w.forum_id = $forum_id + AND w.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) + AND w.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " + AND f.forum_id = w.forum_id AND u.user_id = w.user_id"; if ( !($result = $db->sql_query($sql)) ) { @@ -664,7 +1201,7 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 'USERNAME' => $row['username'], 'SITENAME' => $board_config['sitename'], - 'FORUM_NAME' => $forum_name, + 'FORUM_NAME' => $forum_name, 'U_FORUM' => $server_protocol . $server_name . $server_port . $script_name_f . '?' . POST_FORUM_URL . "=$forum_id", 'U_STOP_WATCHING_FORUM' => $server_protocol . $server_name . $server_port . $script_name_f . '?' . POST_FORUM_URL . "=$forum_id&unwatch=forum") @@ -690,12 +1227,12 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id if ( $mode == 'reply' ) { - $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title - FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u - WHERE tw.topic_id = $topic_id - AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) - AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " - AND t.topic_id = tw.topic_id + $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title + FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u + WHERE tw.topic_id = $topic_id + AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) + AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " + AND t.topic_id = tw.topic_id AND u.user_id = tw.user_id"; if ( !($result = $db->sql_query($sql)) ) { @@ -723,7 +1260,7 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 'USERNAME' => $row['username'], 'SITENAME' => $board_config['sitename'], - 'TOPIC_TITLE' => $topic_title, + 'TOPIC_TITLE' => $topic_title, 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name_t . '?' . POST_POST_URL . "=$post_id#$post_id", 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name_t . '?' . POST_TOPIC_URL . "=$topic_id&unwatch=topic") @@ -750,7 +1287,7 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id } - $sql = "SELECT topic_id + $sql = "SELECT topic_id FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id AND user_id = " . $userdata['user_id']; @@ -783,588 +1320,4 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id } } -function clean_words($mode, &$entry, &$stopword_list, &$synonym_list) -{ - // Weird, $init_match doesn't work with static when double quotes (") are used... - static $drop_char_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!'); - static $drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ' , ' ', ' ', ' ', ' ', ' ', ' '); - - $entry = ' ' . strip_tags(strtolower($entry)) . ' '; - - if ( $mode == 'post' ) - { - // Replace line endings by a space - $entry = preg_replace('/[\n\r]/is', ' ', $entry); - // HTML entities like - $entry = preg_replace('/\b&[a-z]+;\b/', ' ', $entry); - // Remove URL's - $entry = preg_replace('/\b[a-z0-9]+:\/\/[a-z0-9\.\-]+(\/[a-z0-9\?\.%_\-\+=&\/]+)?/', ' ', $entry); - // Quickly remove BBcode. - $entry = preg_replace('/\[img:[a-z0-9]{10,}\].*?\[\/img:[a-z0-9]{10,}\]/', ' ', $entry); - $entry = preg_replace('/\[\/?url(=.*?)?\]/', ' ', $entry); - $entry = preg_replace('/\[\/?[a-z\*=\+\-]+(\:?[0-9a-z]+)?:[a-z0-9]{10,}(\:[a-z0-9]+)?=?.*?\]/', ' ', $entry); - } - else if ( $mode == 'search' ) - { - $entry = str_replace('+', ' and ', $entry); - $entry = str_replace('-', ' not ', $entry); - } - - // - // Filter out strange characters like ^, $, &, change "it's" to "its" - // - for($i = 0; $i < count($drop_char_match); $i++) - { - $entry = str_replace($drop_char_match[$i], $drop_char_replace[$i], $entry); - } - - if ( $mode == 'post' ) - { - $entry = str_replace('*', ' ', $entry); - - // 'words' that consist of <=2 or >=20 characters are removed. - $entry = preg_replace('/\b([a-z0-9]{1,2}|[a-z0-9]{20,})\b/',' ', $entry); - } - - if ( !empty($stopword_list) ) - { - for ($j = 0; $j < count($stopword_list); $j++) - { - $stopword = trim($stopword_list[$j]); - - if ( $mode == 'post' || ( $stopword != 'not' && $stopword != 'and' && $stopword != 'or' ) ) - { - $entry = preg_replace('#\b' . preg_quote($stopword) . '\b#', ' ', $entry); - } - } - } - - if ( !empty($synonym_list) ) - { - for ($j = 0; $j < count($synonym_list); $j++) - { - list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j]))); - if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) ) - { - $entry = preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $entry); - } - } - } - - return $entry; -} - -function split_words(&$entry, $mode = 'post') -{ - $match = ( $mode == 'post' ) ? '/\b(\w[\w\']*\w+|\w+?)\b/' : '/(\*?[\w]+\*?)|\b([\w]+)\b/'; - preg_match_all($match, $entry, $split_entries); - - return array_unique($split_entries[1]); -} - -function add_search_words($post_id, $post_text, $post_title = '') -{ - global $db, $phpbb_root_path, $board_config, $lang; - - $stopwords_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_stopwords.txt'); - $synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt'); - - $search_raw_words = array(); - $search_raw_words['text'] = split_words(clean_words('post', $post_text, $stopword_array, $synonym_array)); - $search_raw_words['title'] = split_words(clean_words('post', $post_title, $stopword_array, $synonym_array)); - - $word = array(); - $word_insert_sql = array(); - foreach ( $search_raw_words as $word_in => $search_matches ) - { - $word_insert_sql[$word_in] = ''; - if ( !empty($search_matches) ) - { - for ($i = 0; $i < count($search_matches); $i++) - { - $search_matches[$i] = trim($search_matches[$i]); - - if( $search_matches[$i] != '' ) - { - $word[] = $search_matches[$i]; - if ( !strstr($word_insert_sql[$word_in], "'" . $search_matches[$i] . "'") ) - { - $word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; - } - } - } - } - } - - if ( count($word) ) - { - sort($word); - - $prev_word = ''; - $word_text_sql = ''; - $temp_word = array(); - for($i = 0; $i < count($word); $i++) - { - if ( $word[$i] != $prev_word ) - { - $temp_word[] = $word[$i]; - $word_text_sql .= ( ( $word_text_sql != '' ) ? ', ' : '' ) . "'" . $word[$i] . "'"; - } - $prev_word = $word[$i]; - } - $word = $temp_word; - - $check_words = array(); - switch( SQL_LAYER ) - { - case 'postgresql': - case 'msaccess': - case 'mssql-odbc': - case 'oracle': - case 'db2': - $sql = "SELECT word_id, word_text - FROM " . SEARCH_WORD_TABLE . " - WHERE word_text IN ($word_text_sql)"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select words', '', __LINE__, __FILE__, $sql); - } - - while ( $row = $db->sql_fetchrow($result) ) - { - $check_words[$row['word_text']] = $row['word_id']; - } - break; - } - - $value_sql = ''; - $match_word = array(); - for ($i = 0; $i < count($word); $i++) - { - $new_match = true; - if ( isset($check_words[$word[$i]]) ) - { - $new_match = false; - } - - if ( $new_match ) - { - switch( SQL_LAYER ) - { - case 'mysql': - case 'mysql4': - $value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\')'; - break; - case 'mssql': - $value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'"; - break; - default: - $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) - VALUES ('" . $word[$i] . "')"; - if( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not insert new word', '', __LINE__, __FILE__, $sql); - } - break; - } - } - } - - if ( $value_sql != '' ) - { - switch ( SQL_LAYER ) - { - case 'mysql': - case 'mysql4': - $sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text) - VALUES $value_sql"; - break; - case 'mssql': - $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) - $value_sql"; - break; - } - - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not insert new word', '', __LINE__, __FILE__, $sql); - } - } - } - - while( list($word_in, $match_sql) = @each($word_insert_sql) ) - { - $title_match = ( $word_in == 'title' ) ? 1 : 0; - - if ( $match_sql != '' ) - { - $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) - SELECT $post_id, word_id, $title_match - FROM " . SEARCH_WORD_TABLE . " - WHERE word_text IN ($match_sql)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not insert new word matches', '', __LINE__, __FILE__, $sql); - } - } - } - - if ( $mode == 'single' ) - { - remove_common('single', 0.4, $word); - } - - return; -} - -// -// Check if specified words are too common now -// -function remove_common($mode, $fraction, $word_id_list = array()) -{ - global $db; - - $sql = ( $mode == 'global' ) ? "SELECT COUNT(post_id) AS total_posts FROM " . SEARCH_MATCH_TABLE . " GROUP BY post_id" : "SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain post count', '', __LINE__, __FILE__, $sql); - } - - $row = $db->sql_fetchrow($result); - - if ( $row['total_posts'] >= 100 ) - { - $common_threshold = floor($row['total_posts'] * $fraction); - - if ( $mode == 'single' && count($word_id_list) ) - { - $word_id_sql = ''; - for($i = 0; $i < count($word_id_list); $i++) - { - $word_id_sql .= ( ( $word_id_sql != '' ) ? ', ' : '' ) . "'" . $word_id_list[$i] . "'"; - } - - $sql = "SELECT m.word_id - FROM " . SEARCH_MATCH_TABLE . " m, " . SEARCH_WORD_TABLE . " w - WHERE w.word_text IN ($word_id_sql) - AND m.word_id = w.word_id - GROUP BY m.word_id - HAVING COUNT(m.word_id) > $common_threshold"; - } - else - { - $sql = "SELECT word_id - FROM " . SEARCH_MATCH_TABLE . " - GROUP BY word_id - HAVING COUNT(word_id) > $common_threshold"; - } - - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain common word list', '', __LINE__, __FILE__, $sql); - } - - $common_word_id = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - $common_word_id .= ( ( $common_word_id != '' ) ? ', ' : '' ) . $row['word_id']; - } - $db->sql_freeresult($result); - - if ( $common_word_id != '' ) - { - $sql = "UPDATE " . SEARCH_WORD_TABLE . " - SET word_common = " . TRUE . " - WHERE word_id IN ($common_word_id)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete word list entry', '', __LINE__, __FILE__, $sql); - } - - $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " - WHERE word_id IN ($common_word_id)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete word match entry', '', __LINE__, __FILE__, $sql); - } - } - } - - return $word_count; -} - -function remove_search_post($post_id_sql) -{ - global $db; - - $words_removed = false; - - switch ( SQL_LAYER ) - { - case 'mysql': - case 'mysql4': - $sql = "SELECT word_id - FROM " . SEARCH_MATCH_TABLE . " - WHERE post_id IN ($post_id_sql) - GROUP BY word_id"; - if ( $result = $db->sql_query($sql) ) - { - $word_id_sql = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - $word_id_sql .= ( $word_id_sql != '' ) ? ', ' . $row['word_id'] : $row['word_id']; - } - - $sql = "SELECT word_id - FROM " . SEARCH_MATCH_TABLE . " - WHERE word_id IN ($word_id_sql) - GROUP BY word_id - HAVING COUNT(word_id) = 1"; - if ( $result = $db->sql_query($sql) ) - { - $word_id_sql = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - $word_id_sql .= ( $word_id_sql != '' ) ? ', ' . $row['word_id'] : $row['word_id']; - } - - if ( $word_id_sql != '' ) - { - $sql = "DELETE FROM " . SEARCH_WORD_TABLE . " - WHERE word_id IN ($word_id_sql)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete word list entry', '', __LINE__, __FILE__, $sql); - } - - $words_removed = $db->sql_affectedrows(); - } - } - } - break; - - default: - $sql = "DELETE FROM " . SEARCH_WORD_TABLE . " - WHERE word_id IN ( - SELECT word_id - FROM " . SEARCH_MATCH_TABLE . " - WHERE word_id IN ( - SELECT word_id - FROM " . SEARCH_MATCH_TABLE . " - WHERE post_id IN ($post_id_sql) - GROUP BY word_id - ) - GROUP BY word_id - HAVING COUNT(word_id) = 1 - )"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete old words from word table', '', __LINE__, __FILE__, $sql); - } - - $words_removed = $db->sql_affectedrows(); - - break; - } - - $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " - WHERE post_id IN ($post_id_sql)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql); - } - - return $words_removed; -} - -// -// Fill smiley templates (or just the variables) with smileys -// Either in a window or inline -// -function generate_smilies($mode, $page_id) -{ - global $db, $session, $board_config, $template, $lang, $theme, $phpEx, $phpbb_root_path; - global $user_ip, $starttime; - global $userdata; - - $inline_columns = 4; - $inline_rows = 5; - $window_columns = 8; - - if ( $mode == 'window' ) - { - $userdata = $session->start(); - $session->configure($userdata); - - $page_title = $lang['Review_topic'] . " - $topic_title"; - include($phpbb_root_path . 'includes/page_header.'.$phpEx); - - $template->set_filenames(array( - 'smiliesbody' => 'posting_smilies.tpl') - ); - } - - $sql = "SELECT emoticon, code, smile_url - FROM " . SMILIES_TABLE . " - ORDER BY smilies_id"; - $result = $db->sql_query($sql); - - $num_smilies = 0; - $rowset = array(); - while ( $row = $db->sql_fetchrow($result) ) - { - if ( empty($rowset[$row['smile_url']]) ) - { - $rowset[$row['smile_url']]['code'] = str_replace('\\', '\\\\', str_replace("'", "\\'", $row['code'])); - $rowset[$row['smile_url']]['emoticon'] = $row['emoticon']; - $num_smilies++; - } - } - - if ( $num_smilies ) - { - $smilies_count = ( $mode == 'inline' ) ? min(19, $num_smilies) : $num_smilies; - $smilies_split_row = ( $mode == 'inline' ) ? $inline_columns - 1 : $window_columns - 1; - - $s_colspan = 0; - $row = 0; - $col = 0; - - foreach( $rowset as $smile_url => $data ) - { - if ( !$col ) - { - $template->assign_block_vars('smilies_row', array()); - } - - $template->assign_block_vars('smilies_row.smilies_col', array( - 'SMILEY_CODE' => $data['code'], - 'SMILEY_IMG' => $board_config['smilies_path'] . '/' . $smile_url, - 'SMILEY_DESC' => $data['emoticon']) - ); - - $s_colspan = max($s_colspan, $col + 1); - - if ( $col == $smilies_split_row ) - { - if ( $mode == 'inline' && $row == $inline_rows - 1 ) - { - break; - } - $col = 0; - $row++; - } - else - { - $col++; - } - } - - if ( $mode == 'inline' && $num_smilies > $inline_rows * $inline_columns ) - { - $template->assign_block_vars('switch_smilies_extra', array()); - - $template->assign_vars(array( - 'L_MORE_SMILIES' => $lang['More_emoticons'], - 'U_MORE_SMILIES' => "posting.$phpEx$SID&mode=smilies") - ); - } - - $template->assign_vars(array( - 'L_EMOTICONS' => $lang['Emoticons'], - 'L_CLOSE_WINDOW' => $lang['Close_window'], - 'S_SMILIES_COLSPAN' => $s_colspan) - ); - } - - if ( $mode == 'window' ) - { - $template->display('smiliesbody'); - - include($phpbb_root_path . 'includes/page_tail.'.$phpEx); - } -} - -// -// -// -define('BBCODE_UID_LEN', 10); - -// -// -// -class parse_message -{ - var $message; - var $bbcode_tpl = null; - - function parse_message($message, $html, $bbcode, $emoticons) - { - global $board_config; - - $this->message = $message; - unset($message); - - $this->html($html); - $this->bbcode($bbcode); - $this->emoticons($emoticons); - - return $this->message; - } - - function html($html) - { - global $board_config; - - } - - function bbcode($bbcode) - { - global $board_config; - - } - - function emoticons($emoticons) - { - global $board_config; - - } - - function attachments() - { - - } -} - -class parse_poll -{ - - function parse_poll() - { - global $board_config; - - } - -} - -class parse_search -{ - - function parse_search() - { - - } - - function add() - { - - } - - function delete() - { - - } - -} - ?>
\ No newline at end of file diff --git a/phpBB/includes/page_header.php b/phpBB/includes/page_header.php index fe33ff252c..176df6cb17 100644 --- a/phpBB/includes/page_header.php +++ b/phpBB/includes/page_header.php @@ -26,9 +26,7 @@ if ( !defined('IN_PHPBB') ) define('HEADER_INC', TRUE); -// // gzip_compression -// if ( $board_config['gzip_compress'] ) { if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() ) @@ -37,35 +35,25 @@ if ( $board_config['gzip_compress'] ) } } -// // Generate logged in/logged out status -// -if ( $userdata['user_id'] != ANONYMOUS ) +if ( $userdata['user_id'] ) { - $u_login_logout = 'login.'.$phpEx.'?logout=true'; + $u_login_logout = 'login.'.$phpEx. $SID . '&logout=true'; $l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]'; } else { - $u_login_logout = 'login.'.$phpEx; + $u_login_logout = 'login.'.$phpEx . $SID; $l_login_logout = $lang['Login']; } -$s_last_visit = ( $userdata['user_id'] != ANONYMOUS ) ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : ''; +// Last visit date/time +$s_last_visit = ( $userdata['user_id'] ) ? create_date($board_config['default_dateformat'], $userdata['session_last_visit'], $board_config['board_timezone']) : ''; -// -// Get basic (usernames + totals) online -// situation -// -$user_forum_sql = ( !empty($forum_id) ) ? "AND s.session_page LIKE '%f=$forum_id%'" : ''; -$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_colour, s.session_ip - FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE ." s - WHERE u.user_id = s.session_user_id - AND s.session_time >= ".( time() - 300 ) . " - $user_forum_sql - ORDER BY u.username ASC, s.session_ip ASC"; -$result = $db->sql_query($sql); +// Timezone : $user->dst +$s_timezone = ( $userdata['user_dst'] ) ? sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])], $lang['tz']['dst']) : sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])], ''); +// Get users online list $userlist_ary = array(); $userlist_visible = array(); @@ -76,11 +64,20 @@ $online_userlist = ''; $prev_user_id = 0; $prev_user_ip = ''; +// && $auth->get_acl('forum', 'read', $forum_id) +$user_forum_sql = ( is_int($forum_id)) ? '' : "AND s.session_page LIKE '%f=$forum_id%'"; +$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_colour, s.session_ip + FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE ." s + WHERE s.session_time >= ".( time() - 300 ) . " + $user_forum_sql + AND u.user_id = s.session_user_id + ORDER BY u.username ASC, s.session_ip ASC"; +$result = $db->sql_query($sql, false); while( $row = $db->sql_fetchrow($result) ) { // User is logged in and therefor not a guest - if ( $row['user_id'] != ANONYMOUS ) + if ( $row['user_id'] ) { // Skip multiple sessions for one user if ( $row['user_id'] != $prev_user_id ) @@ -101,7 +98,7 @@ while( $row = $db->sql_fetchrow($result) ) $logged_hidden_online++; } - if ( $row['user_allow_viewonline'] || $acl->get_acl_admin() ) + if ( $row['user_allow_viewonline'] || $auth->get_acl_admin() ) { $online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link; } @@ -215,17 +212,17 @@ $l_online_users .= sprintf($l_g_user_s, $guests_online); // Obtain number of new private messages // if user is logged in // -if ( $userdata['user_id'] != ANONYMOUS ) +if ( $userdata['user_id'] ) { if ( $userdata['user_new_privmsg'] ) { $l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms']; $l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']); - if ( $userdata['user_last_privmsg'] > $userdata['user_lastvisit'] ) + if ( $userdata['user_last_privmsg'] > $userdata['session_last_visit'] ) { $sql = "UPDATE " . USERS_TABLE . " - SET user_last_privmsg = " . $userdata['user_lastvisit'] . " + SET user_last_privmsg = " . $userdata['session_last_visit'] . " WHERE user_id = " . $userdata['user_id']; $db->sql_query($sql); @@ -341,14 +338,14 @@ $template->assign_vars(array( 'U_MEMBERSLIST' => 'memberlist.'.$phpEx.$SID, 'U_GROUP_CP' => 'groupcp.'.$phpEx.$SID, - 'S_USER_LOGGED_IN' => ( $userdata['user_id'] == ANONYMOUS ) ? false : true, + 'S_USER_LOGGED_IN' => ( $userdata['user_id'] ) ? true : false, 'S_USER_PM_POPUP' => ( !empty($userdata['user_popup_pm']) ) ? true : false, 'S_USER_BROWSER' => $userdata['session_browser'], 'S_CONTENT_DIRECTION' => $lang['DIRECTION'], 'S_CONTENT_ENCODING' => $lang['ENCODING'], 'S_CONTENT_DIR_LEFT' => $lang['LEFT'], 'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'], - 'S_TIMEZONE' => sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])]), + 'S_TIMEZONE' => $s_timezone, 'S_LOGIN_ACTION' => 'login.'.$phpEx.$SID, 'T_STYLESHEET_DATA' => $theme['css_data'], diff --git a/phpBB/includes/page_tail.php b/phpBB/includes/page_tail.php index 1c91e48399..80742d05f7 100644 --- a/phpBB/includes/page_tail.php +++ b/phpBB/includes/page_tail.php @@ -40,12 +40,12 @@ if (defined('DEBUG')) exit; } - $debug_output = sprintf('<br /><br />[ Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $board_config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . ( ( $session->load ) ? $session->load : 'N/A') . ' | <a href="' . $_SERVER['REQUEST_URI'] . '&explain=1">Explain</a> ]', $totaltime); + $debug_output = sprintf('<br /><br />[ Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $board_config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . ( ( $session->load ) ? $session->load : 'N/A') . ' | <a href="' . $_SERVER['REQUEST_URI'] . '&explain=1">Explain</a> ]', $totaltime); } $template->assign_vars(array( 'PHPBB_VERSION' => $board_config['version'], - 'ADMIN_LINK' => ( $acl->get_acl_admin() ) ? '<a href="' . "admin/index.$phpEx$SID" . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '', + 'ADMIN_LINK' => ( $auth->get_acl_admin() ) ? '<a href="' . "admin/index.$phpEx$SID" . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '', 'DEBUG_OUTPUT' => ( defined('DEBUG') ) ? $debug_output : '') ); diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 3d69043e61..779244a32d 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -22,34 +22,34 @@ class session { var $session_id = ''; + var $browser = ''; + var $page = ''; var $load; + // Called at each page start ... checks for, updates and/or creates a session function start($update = true) { global $SID, $db, $board_config, $user_ip; - global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_GET_VARS; - $user_browser = ( !empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']) ) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : $HTTP_ENV_VARS['HTTP_USER_AGENT']; - $user_page = ( !empty($HTTP_SERVER_VARS['PHP_SELF']) ) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF']; - $user_page .= '&' . ( ( !empty($HTTP_SERVER_VARS['QUERY_STRING']) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : $HTTP_ENV_VARS['QUERY_STRING'] ); $current_time = time(); + $this->browser = ( !empty($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT']; + $this->page = ( !empty($_SERVER['PHP_SELF']) ) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; + $this->page .= '&' . ( ( !empty($_SERVER['QUERY_STRING']) ) ? $_SERVER['QUERY_STRING'] : $_ENV['QUERY_STRING'] ); - if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data']) ) + if ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) || isset($_COOKIE[$board_config['cookie_name'] . '_data']) ) { - $sessiondata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data'])) : ''; - $this->session_id = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) ) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid'] : ''; + $sessiondata = ( isset($_COOKIE[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_data'])) : ''; + $this->session_id = ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) ) ? $_COOKIE[$board_config['cookie_name'] . '_sid'] : ''; $SID = '?sid='; } else { $sessiondata = ''; - $this->session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : ''; + $this->session_id = ( isset($_GET['sid']) ) ? $_GET['sid'] : ''; $SID = '?sid=' . $this->session_id; } - // // Load limit check (if applicable) - // if ( !empty($board_config['limit_load']) && file_exists('/proc/loadavg') ) { if ( $load = @file('/proc/loadavg') ) @@ -63,18 +63,7 @@ class session { } } - // - // Garbage collection ... remove old sessions updating user information - // if necessary. It means (potentially) lots of queries but only infrequently - // - if ( $current_time - $board_config['session_gc'] > $board_config['session_last_gc'] ) - { - $this->gc($current_time); - } - - // // session_id exists so go ahead and attempt to grab all data in preparation - // if ( !empty($this->session_id) ) { $sql = "SELECT u.*, s.* @@ -86,28 +75,27 @@ class session { $userdata = $db->sql_fetchrow($result); $db->sql_freeresult($result); - // // Did the session exist in the DB? - // if ( isset($userdata['user_id']) ) { - // - // Do not check IP assuming equivalence, if IPv4 we'll check only first 24 - // bits ... I've been told (by vHiker) this should alleviate problems with - // load balanced et al proxies while retaining some reliance on IP security. - // + // Validate IP length according to admin ... has no effect on IPv6 $ip_check_s = explode('.', $userdata['session_ip']); $ip_check_u = explode('.', $user_ip); - if ( $ip_check_s[0].'.'.$ip_check_s[1].'.'.$ip_check_s[2] == $ip_check_u[0].'.'.$ip_check_u[1].'.'.$ip_check_u[2] ) + $u_ip = $s_ip = ''; + for($i = 0; $i < $board_config['ip_check']; $i++) + { + $u_ip .= $ip_check_u[$i] . '.'; + $s_ip .= $ip_check_s[$i] . '.'; + } + + if ( $u_ip == $s_ip ) { - // // Only update session DB a minute or so after last update or if page changes - // if ( ( $current_time - $userdata['session_time'] > 60 || $userdata['session_page'] != $user_page ) && $update ) { $sql = "UPDATE " . SESSIONS_TABLE . " - SET session_time = $current_time, session_page = '$user_page' + SET session_time = $current_time, session_page = '$this->page' WHERE session_id = '" . $this->session_id . "'"; $db->sql_query($sql); } @@ -117,29 +105,23 @@ class session { } } - // // If we reach here then no (valid) session exists. So we'll create a new one, // using the cookie user_id if available to pull basic user prefs. - // $autologin = ( isset($sessiondata['autologinid']) ) ? $sessiondata['autologinid'] : ''; $user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS; - return $this->create($user_id, $autologin, $user_page, $user_browser); + return $this->create($user_id, $autologin); } - // // Create a new session - // - function create(&$user_id, &$autologin, &$user_page, &$user_browser) + function create(&$user_id, &$autologin) { global $SID, $db, $board_config, $user_ip; $sessiondata = array(); $current_time = time(); - // // Limit sessions in 1 minute period - // $sql = "SELECT COUNT(*) AS sessions FROM " . SESSIONS_TABLE . " WHERE session_time >= " . ( $current_time - 60 ); @@ -153,9 +135,14 @@ class session { message_die(MESSAGE, 'Board_unavailable'); } - // + // Garbage collection ... remove old sessions updating user information + // if necessary. It means (potentially) 22 queries but only infrequently + if ( $current_time - $board_config['session_gc'] > $board_config['session_last_gc'] ) + { + $this->gc($current_time); + } + // Grab user data - // $sql = "SELECT * FROM " . USERS_TABLE . " WHERE user_id = $user_id"; @@ -164,9 +151,7 @@ class session { $userdata = $db->sql_fetchrow($result); $db->sql_freeresult($result); - // // Check autologin request, is it valid? - // if ( $userdata['user_password'] != $autologin || !$userdata['user_active'] || $user_id == ANONYMOUS ) { $autologin = ''; @@ -195,13 +180,11 @@ class session { } $db->sql_freeresult($result); - // // Create or update the session - // $db->sql_return_on_error(true); $sql = "UPDATE " . SESSIONS_TABLE . " - SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_browser = '$user_browser', session_page = '$user_page' + SET session_user_id = $user_id, session_last_visit = " . $userdata['user_lastvisit'] . ", session_start = $current_time, session_time = $current_time, session_browser = '$this->browser', session_page = '$this->page' WHERE session_id = '" . $this->session_id . "'"; if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() ) { @@ -209,8 +192,8 @@ class session { $this->session_id = md5(uniqid($user_ip)); $sql = "INSERT INTO " . SESSIONS_TABLE . " - (session_id, session_user_id, session_start, session_time, session_ip, session_browser, session_page) - VALUES ('" . $this->session_id . "', $user_id, $current_time, $current_time, '$user_ip', '$user_browser', '$user_page')"; + (session_id, session_user_id, session_last_visit, session_start, session_time, session_ip, session_browser, session_page) + VALUES ('" . $this->session_id . "', $user_id, " . $userdata['user_lastvisit'] . ", $current_time, $current_time, '$user_ip', '$this->browser', '$this->page')"; $db->sql_query($sql); } $db->sql_return_on_error(false); @@ -220,29 +203,31 @@ class session { $sessiondata['autologinid'] = ( $autologin && $user_id != ANONYMOUS ) ? $autologin : ''; $sessiondata['userid'] = $user_id; - setcookie($board_config['cookie_name'] . '_data', serialize($sessiondata), $current_time + 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); - setcookie($board_config['cookie_name'] . '_sid', $this->session_id, 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); + $this->set_cookie('data', serialize($sessiondata), $current_time + 31536000); + $this->set_cookie('sid', $this->session_id, 0); $SID = '?sid=' . $this->session_id; + // Events ... + if ( $userdata['user_id'] ) + { +// do_events(); + } + return $userdata; } - // // Destroy a session - // function destroy(&$userdata) { global $SID, $db, $board_config; - global $HTTP_COOKIE_VARS, $HTTP_GET_VARS; $current_time = time(); - setcookie($board_config['cookie_name'] . '_data', '', $current_time - 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); - setcookie($board_config['cookie_name'] . '_sid', '', $current_time - 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); + $this->set_cookie('data', '', $current_time - 31536000); + $this->set_cookie('sid', '', $current_time - 31536000); + $SID = '?sid='; - // // Delete existing session, update last visit info first! - // $sql = "UPDATE " . USERS_TABLE . " SET user_lastvisit = " . $userdata['session_time'] . ", user_session_page = '" . $userdata['session_page'] . "' WHERE user_id = " . $userdata['user_id']; @@ -253,15 +238,34 @@ class session { AND session_user_id = " . $userdata['user_id']; $db->sql_query($sql); - $SID = '?sid='; $this->session_id = ''; return true; } + // Set a cookie + function set_cookie($name, $cookiedata, $cookietime) + { + global $board_config; + + setcookie($board_config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); + } + + // This just won't work correctly as it stands ... if a user has more than one session in + // the DB and gc subsequently runs, updating their user_lastvisit time it will screw up + // marking of forums, etc. since it will be reflected immediately in the users current session // + // One way around this would be to store the last visit time within each session and use + // that rather than user_lastvisit in the relevant places. However, the 'problem' still + // persists of a user creating a new session (after leaving the board) before gc has run + // and not having their "true" last visit time be used (i.e. their user_lastvisit won't + // have yet been updated). This behaviour seems to be that of vB and our users seemed to + // dislike this approach when a similar issue arose during 2.0.0 development ... could + // possibly check sessions table before creating new session to see if user is already + // listed ... if they are then use the last session_time from there ... adds another + // query during create though + // Garbage collection - // function gc(&$current_time) { global $db, $board_config, $user_ip; @@ -269,6 +273,7 @@ class session { $sql = "SELECT * FROM " . SESSIONS_TABLE . " WHERE session_time < " . ( $current_time - $board_config['session_length'] ) . " + ORDER BY session_user_id, session_time LIMIT 10"; $result = $db->sql_query($sql); @@ -290,9 +295,7 @@ class session { if ( $del_session_id != '' ) { - // // Delete expired sessions - // $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_id IN ($del_session_id)"; $db->sql_query($sql); @@ -300,10 +303,8 @@ class session { if ( $del_sessions < 10 ) { - // // Less than 10 sessions, update gc timer ... else we want gc // called again to delete other sessions - // $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '$current_time' WHERE config_name = 'session_last_gc'"; @@ -313,9 +314,7 @@ class session { return; } - // - // - // + // Taken over by user class ... for now at least function configure($userdata, $lang_set = false) { global $db, $template, $lang, $board_config, $theme, $images; @@ -323,25 +322,14 @@ class session { if ( $userdata['user_id'] ) { - $board_config['default_lang'] = $userdata['user_lang']; + $board_config['default_lang'] = ( file_exists($phpbb_root_path . 'language/lang_' . $userdata['user_lang']) ) ? $userdata['user_lang'] : $board_config['default_lang']; $board_config['default_dateformat'] = $userdata['user_dateformat']; $board_config['board_timezone'] = $userdata['user_timezone']; } - if ( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx) ) - { - $board_config['default_lang'] = 'english'; - } - include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx); - if ( defined('IN_ADMIN') ) { - if ( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx) ) - { - $board_config['default_lang'] = 'english'; - } - include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx); } @@ -369,22 +357,128 @@ class session { $i10n = array('post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_quote', 'icon_edit', 'icon_search', 'icon_profile', 'icon_pm', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_delete', 'icon_ip', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm'); - for($i = 0; $i < sizeof($i10n); $i++) + foreach ( $i10n as $icon ) { - $theme[$i10n[$i]] = str_replace('{LANG}', 'lang_' . $img_lang, $theme[$i10n[$i]]); + $theme[$icon] = str_replace('{LANG}', 'lang_' . $img_lang, $theme[$icon]); } return; } } +// Contains (at present) basic user methods such as configuration +// creating date/time ... keep this? +class user +{ + var $lang_name; + var $lang_path; + + var $date_format; + var $timezone; + var $dst; + + function user(&$userdata, $lang_set = false, $style = false) + { + global $db, $template, $lang, $board_config, $theme, $images; + global $phpEx, $phpbb_root_path; + + if ( $userdata['user_id'] ) + { + $this->lang_name = ( file_exists($phpbb_root_path . 'language/' . $userdata['user_lang']) ) ? $userdata['user_lang'] : $board_config['default_lang']; + $this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name; + + $this->date_format = $userdata['user_dateformat']; + $this->timezone = $userdata['user_timezone']; + $this->dst = $userdata['user_dst'] * 3600; + } + else if ( isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ) + { + $accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']); + foreach ( $accept_lang_ary as $accept_lang ) + { + // Set correct format ... guess full xx_YY form + $accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2)); + if ( file_exists($phpbb_root_path . 'language/' . $accept_lang) ) + { + $this->lang_name = $accept_lang; + $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang; + break; + } + else + { + // No match on xx_YY so try xx + $accept_lang = substr($accept_lang, 0, 2); + if ( file_exists($phpbb_root_path . 'language/' . $accept_lang) ) + { + $this->lang_name = $accept_lang; + $this->lang_path = $phpbb_root_path . 'language/' . $accept_lang; + break; + } + } + } + + $this->date_format = $board_config['default_dateformat']; + $this->timezone = $board_config['board_timezone']; + $this->dst = 0; + } + + include($this->lang_path . '/lang_main.' . $phpEx); + if ( defined('IN_ADMIN') ) + { + include($this->lang_path . '/lang_admin.' . $phpEx); + } + + // Set up style + $style = ( $style ) ? $style : ( ( !$board_config['override_user_style'] && $userdata['user_id'] ) ? $userdata['user_style'] : $board_config['default_style'] ); + + $sql = "SELECT t.template_path, t.poll_length, t.pm_box_length, c.css_data, c.css_external, i.* + FROM " . STYLES_TABLE . " s, " . STYLES_TPL_TABLE . " t, " . STYLES_CSS_TABLE . " c, " . STYLES_IMAGE_TABLE . " i + WHERE s.style_id = $style + AND t.template_id = s.template_id + AND c.theme_id = s.style_id + AND i.imageset_id = s.imageset_id"; + $result = $db->sql_query($sql); + + if ( !($theme = $db->sql_fetchrow($result)) ) + { + message_die(ERROR, 'Could not get style data'); + } + + $template->set_template($theme['template_path']); + + $img_lang = ( file_exists('imageset/' . $theme['imageset_path'] . '/' . $this->lang_name) ) ? $this->lang_name : $board_config['default_lang']; + + $i10n = array('post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_quote', 'icon_edit', 'icon_search', 'icon_profile', 'icon_pm', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_delete', 'icon_ip', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm'); + foreach ( $i10n as $icon ) + { + $theme[$icon] = str_replace('{LANG}', $img_lang, $theme[$icon]); + } + + return; + } + + function format_date($gmepoch) + { + global $lang; + static $lang_dates; + + if ( empty($lang_dates) ) + { + foreach ( $lang['datetime'] as $match => $replace ) + { + $lang_dates[$match] = $replace; + } + } + + return strtr(@gmdate($this->date_format, $gmepoch + (3600 * $this->timezone) + $this->dst), $lang_dates); + } + +} -// // Will be keeping my eye of 'other products' to ensure these things don't // mysteriously appear elsewhere, think up your own solutions! -// -class acl +class auth { var $founder = false; var $acl = false; @@ -636,22 +730,11 @@ class acl $auth_sql"; $db->sql_query($sql); } -} -// -// Authentication plug-ins is largely down to -// Sergey Kanareykin, our thanks to him. -// -class login -{ + // Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. function login($username, $password, $autologin = false) { - global $SID, $db, $board_config, $lang, $user_ip, $session; - global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $phpEx; - - $user_page = ( !empty($HTTP_SERVER_VARS['PHP_SELF']) ) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF']; - $user_page .= '&' . ( ( !empty($HTTP_SERVER_VARS['QUERY_STRING']) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : $HTTP_ENV_VARS['QUERY_STRING'] ); - $this_browser = ( !empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']) ) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : $HTTP_ENV_VARS['HTTP_USER_AGENT']; + global $board_config, $session, $phpEx; $method = trim($board_config['auth_method']); @@ -669,7 +752,7 @@ class login $autologin = ( isset($autologin) ) ? md5($password) : ''; - return ( $user['user_active'] ) ? $session->create($user['user_id'], $autologin, $user_page, $this_browser) : false; + return ( $user['user_active'] ) ? $session->create($user['user_id'], $autologin) : false; } } diff --git a/phpBB/includes/template.php b/phpBB/includes/template.php index acb4b357ed..60f6551ce5 100644 --- a/phpBB/includes/template.php +++ b/phpBB/includes/template.php @@ -138,11 +138,7 @@ class Template { } $str = ''; - while ( !feof($fp) ) - { - $str .= fread($fp, 4096); - } - + $str = fread($fp, filesize($this->files[$handle])); @fclose($fp); $this->uncompiled_code[$handle] = trim($str); @@ -177,6 +173,7 @@ class Template { echo $db->sql_report; return TRUE; } + $_str = ''; if (!$this->compile_load($_str, $handle, true)) @@ -186,9 +183,7 @@ class Template { message_die("Template->pparse(): Couldn't load template file for handle $handle"); } - // // Actually compile the code now. - // $this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]); $this->compile_write($handle, $this->compiled_code[$handle]); @@ -561,9 +556,7 @@ class Template { return "include('" . $this->root . '/' . $tag_args . "');\n"; } - // // This is from Smarty - // function _parse_is_expr($is_arg, $tokens) { $expr_end = 0; @@ -697,9 +690,7 @@ class Template { $filename = $this->cachedir . $this->filename[$handle] . '.' . $phpEx; - // // Recompile page if the original template is newer, otherwise load the compiled version - // if ( file_exists($filename) && @filemtime($filename) >= @filemtime($this->files[$handle]) ) { $_str = ''; diff --git a/phpBB/includes/usercp_viewprofile.php b/phpBB/includes/usercp_viewprofile.php index a280a6ae5e..05e899da00 100644 --- a/phpBB/includes/usercp_viewprofile.php +++ b/phpBB/includes/usercp_viewprofile.php @@ -113,7 +113,7 @@ else } } -if ( $profiledata['user_viewemail'] || $acl->get_acl_admin() ) +if ( $profiledata['user_viewemail'] || $auth->get_acl_admin() ) { $email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&mode=email&u=" . $profiledata['user_id'] : 'mailto:' . $profiledata['user_email']; @@ -177,9 +177,9 @@ $template->assign_vars(array( 'RANK_IMAGE' => $rank_image, 'POSTS_PER_DAY' => $posts_per_day, 'POSTS' => $profiledata['user_posts'], - 'PERCENTAGE' => $percentage . '%', - 'POST_DAY_STATS' => sprintf($lang['User_post_day_stats'], $posts_per_day), - 'POST_PERCENT_STATS' => sprintf($lang['User_post_pct_stats'], $percentage), + 'PERCENTAGE' => $percentage . '%', + 'POST_DAY_STATS' => sprintf($lang['User_post_day_stats'], $posts_per_day), + 'POST_PERCENT_STATS' => sprintf($lang['User_post_pct_stats'], $percentage), 'SEARCH_IMG' => $search_img, 'SEARCH' => $search, @@ -190,8 +190,8 @@ $template->assign_vars(array( 'WWW_IMG' => $www_img, 'WWW' => $www, 'ICQ_STATUS_IMG' => $icq_status_img, - 'ICQ_IMG' => $icq_img, - 'ICQ' => $icq, + 'ICQ_IMG' => $icq_img, + 'ICQ' => $icq, 'AIM_IMG' => $aim_img, 'AIM' => $aim, 'MSN_IMG' => $msn_img, @@ -204,13 +204,13 @@ $template->assign_vars(array( 'INTERESTS' => ( $profiledata['user_interests'] ) ? $profiledata['user_interests'] : ' ', 'AVATAR_IMG' => $avatar_img, - 'L_VIEWING_PROFILE' => sprintf($lang['Viewing_user_profile'], $profiledata['username']), - 'L_ABOUT_USER' => sprintf($lang['About_user'], $profiledata['username']), - 'L_AVATAR' => $lang['Avatar'], - 'L_POSTER_RANK' => $lang['Poster_rank'], - 'L_JOINED' => $lang['Joined'], - 'L_TOTAL_POSTS' => $lang['Total_posts'], - 'L_SEARCH_USER_POSTS' => sprintf($lang['Search_user_posts'], $profiledata['username']), + 'L_VIEWING_PROFILE' => sprintf($lang['Viewing_user_profile'], $profiledata['username']), + 'L_ABOUT_USER' => sprintf($lang['About_user'], $profiledata['username']), + 'L_AVATAR' => $lang['Avatar'], + 'L_POSTER_RANK' => $lang['Poster_rank'], + 'L_JOINED' => $lang['Joined'], + 'L_TOTAL_POSTS' => $lang['Total_posts'], + 'L_SEARCH_USER_POSTS' => sprintf($lang['Search_user_posts'], $profiledata['username']), 'L_CONTACT' => $lang['Contact'], 'L_EMAIL_ADDRESS' => $lang['Email_address'], 'L_EMAIL' => $lang['Email'], |