diff options
| author | Henry Sudhof <kellanved@phpbb.com> | 2007-06-29 13:37:21 +0000 |
|---|---|---|
| committer | Henry Sudhof <kellanved@phpbb.com> | 2007-06-29 13:37:21 +0000 |
| commit | 3cb990df4d8d8d09b46a16918e10c6ba2d0fde19 (patch) | |
| tree | 9a4c917587cd288b09139c2361381e8cd5a815ce /phpBB/includes | |
| parent | 6f37638caee649060dc9f933af6773652a813035 (diff) | |
| download | forums-3cb990df4d8d8d09b46a16918e10c6ba2d0fde19.tar forums-3cb990df4d8d8d09b46a16918e10c6ba2d0fde19.tar.gz forums-3cb990df4d8d8d09b46a16918e10c6ba2d0fde19.tar.bz2 forums-3cb990df4d8d8d09b46a16918e10c6ba2d0fde19.tar.xz forums-3cb990df4d8d8d09b46a16918e10c6ba2d0fde19.zip | |
#12461
git-svn-id: file:///svn/phpbb/trunk@7809 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_bots.php | 67 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_icons.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/functions_convert.php | 2 |
3 files changed, 64 insertions, 11 deletions
diff --git a/phpBB/includes/acp/acp_bots.php b/phpBB/includes/acp/acp_bots.php index 3c7fe9f1f3..d75a29b748 100644 --- a/phpBB/includes/acp/acp_bots.php +++ b/phpBB/includes/acp/acp_bots.php @@ -162,7 +162,32 @@ class acp_bots { $error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA']; } + + $bot_name = false; + if ($bot_id) + { + $sql = 'SELECT u.username_clean + FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u + WHERE b.bot_id = $bot_id + AND u.user_id = b.user_id"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + if (!$bot_row) + { + $error[] = $user->lang['NO_BOT']; + } + else + { + $bot_name = $row['username_clean']; + } + } + if (!$this->validate_botname($bot_row['bot_name'], $bot_name)) + { + $error[] = $user->lang['BOT_NAME_TAKEN']; + } + if (!sizeof($error)) { // New bot? Create a new user and group entry @@ -180,6 +205,7 @@ class acp_bots { trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING); } + $user_id = user_add(array( 'user_type' => (int) USER_IGNORE, @@ -193,7 +219,7 @@ class acp_bots 'user_style' => (int) $bot_row['bot_style'], 'user_allow_massemail' => 0, )); - + $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => (int) $user_id, 'bot_name' => (string) $bot_row['bot_name'], @@ -202,7 +228,7 @@ class acp_bots 'bot_ip' => (string) $bot_row['bot_ip']) ); $db->sql_query($sql); - + $log = 'ADDED'; } else if ($bot_id) @@ -249,11 +275,13 @@ class acp_bots $log = 'UPDATED'; } - - $cache->destroy('_bots'); - - add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']); - trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action . "&id=$bot_id&action=$action")); + if ($bot_id) + { + $cache->destroy('_bots'); + + add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']); + trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action . "&id=$bot_id&action=$action")); + } } } else if ($bot_id) @@ -348,6 +376,31 @@ class acp_bots } $db->sql_freeresult($result); } + + function validate_botname($newname, $oldname = false) + { + global $db; + if ($oldname && utf8_clean_string($newname) === $oldname) + { + return true; + } + // Admins might want to use names otherwise forbidden, thus we only check for duplicates. + $sql = 'SELECT username + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + return false; + } + else + { + return true; + } + } } ?>
\ No newline at end of file diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 66bc377490..ebf058850f 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -276,14 +276,14 @@ class acp_icons $image_height = (isset($_POST['height'])) ? request_var('height', array('' => 0)) : array(); $image_add = (isset($_POST['add_img'])) ? request_var('add_img', array('' => 0)) : array(); $image_emotion = request_var('emotion', array('' => ''), true); - $image_code = request_var('code', array('' => '')); + $image_code = request_var('code', array('' => ''), true); $image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array('' => 0)) : array(); // Ok, add the relevant bits if we are adding new codes to existing emoticons... if (!empty($_POST['add_additional_code'])) { $add_image = request_var('add_image', ''); - $add_code = request_var('add_code', ''); + $add_code = request_var('add_code', '', true); $add_emotion = request_var('add_emotion', '', true); if ($add_image && $add_emotion && $add_code) @@ -336,7 +336,7 @@ class acp_icons } // Image_order holds the 'new' order value - if (!empty($image_order[$image])) + if (!empty($image_order[$image]) && !empty($$image_id[$image])) { $img_sql = array_merge($img_sql, array( $fields . '_order' => $image_order[$image]) diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index 0aa3c205f5..4037fb4872 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -227,7 +227,7 @@ function validate_website($url) if ($url === 'http://'){ return ''; } - else if (strstr('http://', $url) !== 0) + else if (strpos(strtolower($url), 'http://') !== 0) { return 'http://' . $url; } |