aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
authorMeik Sievertsen <acydburn@phpbb.com>2006-04-15 14:48:36 +0000
committerMeik Sievertsen <acydburn@phpbb.com>2006-04-15 14:48:36 +0000
commit84738055a25081070f570b40a19e05db21908237 (patch)
tree3bf59d91eba8d7b7b000ba5a5cd0e63e0e82b122 /phpBB/includes
parent0562395c27cd6cafcaacd3798f6a51d8cc703c7a (diff)
downloadforums-84738055a25081070f570b40a19e05db21908237.tar
forums-84738055a25081070f570b40a19e05db21908237.tar.gz
forums-84738055a25081070f570b40a19e05db21908237.tar.bz2
forums-84738055a25081070f570b40a19e05db21908237.tar.xz
forums-84738055a25081070f570b40a19e05db21908237.zip
- fixed some bugs
- made sql schemas consistent - added correct sequences and generators to sql schemas - extended some rows to hold more data. This solves issues with multibyte characters and too short topic titles, names, etc. - allow multibyte characters in usernames git-svn-id: file:///svn/phpbb/trunk@5784 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_forums.php2
-rw-r--r--phpBB/includes/acp/acp_permissions.php4
-rw-r--r--phpBB/includes/acp/acp_prune.php4
-rw-r--r--phpBB/includes/acp/acp_users.php2
-rw-r--r--phpBB/includes/db/oracle.php2
-rw-r--r--phpBB/includes/db/postgres.php2
-rw-r--r--phpBB/includes/functions.php11
-rw-r--r--phpBB/includes/functions_admin.php4
-rw-r--r--phpBB/includes/functions_display.php2
-rw-r--r--phpBB/includes/functions_messenger.php23
-rwxr-xr-xphpBB/includes/mcp/mcp_logs.php2
-rwxr-xr-xphpBB/includes/mcp/mcp_notes.php2
-rw-r--r--phpBB/includes/mcp/mcp_post.php2
-rwxr-xr-xphpBB/includes/mcp/mcp_warn.php2
-rw-r--r--phpBB/includes/ucp/ucp_pm_compose.php4
-rw-r--r--phpBB/includes/ucp/ucp_pm_viewfolder.php2
-rw-r--r--phpBB/includes/ucp/ucp_pm_viewmessage.php6
-rw-r--r--phpBB/includes/ucp/ucp_profile.php26
-rw-r--r--phpBB/includes/ucp/ucp_register.php4
-rw-r--r--phpBB/includes/ucp/ucp_remind.php2
-rw-r--r--phpBB/includes/ucp/ucp_resend.php2
21 files changed, 71 insertions, 39 deletions
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php
index 306f11ad8a..9defc15717 100644
--- a/phpBB/includes/acp/acp_forums.php
+++ b/phpBB/includes/acp/acp_forums.php
@@ -524,7 +524,7 @@ class acp_forums
$s_show_display_on_index = false;
- if ($action == 'edit' && $forum_data['parent_id'] > 0)
+ if ($forum_data['parent_id'] > 0)
{
// if this forum is a subforum put the "display on index" checkbox
if ($parent_info = $this->get_forum_info($forum_data['parent_id']))
diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php
index 2d855c0c08..e46a3ffaca 100644
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@@ -40,8 +40,8 @@ class acp_permissions
$subforum_id = request_var('subforum_id', 0);
$forum_id = request_var('forum_id', array(0));
- $username = request_var('username', array(''));
- $usernames = request_var('usernames', '');
+ $username = request_var('username', array(''), true);
+ $usernames = request_var('usernames', '', true);
$user_id = request_var('user_id', array(0));
$group_id = request_var('group_id', array(0));
diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php
index f263f7480f..913b338ad1 100644
--- a/phpBB/includes/acp/acp_prune.php
+++ b/phpBB/includes/acp/acp_prune.php
@@ -214,7 +214,7 @@ class acp_prune
}
else
{
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$email = request_var('email', '');
$joined_select = request_var('joined_select', 'lt');
@@ -315,7 +315,7 @@ class acp_prune
'prune' => 1,
'users' => request_var('users', ''),
- 'username' => request_var('username', ''),
+ 'username' => request_var('username', '', true),
'email' => request_var('email', ''),
'joined_select' => request_var('joined_select', ''),
'joined' => request_var('joined', ''),
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 89038ff2e6..29572b7147 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -28,7 +28,7 @@ class acp_users
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
$error = array();
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$user_id = request_var('u', 0);
$action = request_var('action', '');
diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php
index 35a5a6a87c..1431171f19 100644
--- a/phpBB/includes/db/oracle.php
+++ b/phpBB/includes/db/oracle.php
@@ -311,7 +311,7 @@ class dbal_oracle extends dbal
{
if (preg_match('#^INSERT[\t\n ]+INTO[\t\n ]+([a-z0-9\_\-]+)#is', $this->last_query_text, $tablename))
{
- $query = 'SELECT ' . $tablename[1] . '_id_seq.currval FROM DUAL';
+ $query = 'SELECT ' . $tablename[1] . '_seq.currval FROM DUAL';
$stmt = @ociparse($this->db_connect_id, $query);
@ociexecute($stmt, OCI_DEFAULT );
diff --git a/phpBB/includes/db/postgres.php b/phpBB/includes/db/postgres.php
index d4ec19d421..55f4e27eff 100644
--- a/phpBB/includes/db/postgres.php
+++ b/phpBB/includes/db/postgres.php
@@ -295,7 +295,7 @@ class dbal_postgres extends dbal
{
if (preg_match("/^INSERT[\t\n ]+INTO[\t\n ]+([a-z0-9\_\-]+)/is", $this->last_query_text, $tablename))
{
- $query = "SELECT currval('" . $tablename[1] . "_id_seq') AS last_value";
+ $query = "SELECT currval('" . $tablename[1] . "_seq') AS last_value";
$temp_q_id = @pg_query($this->db_connect_id, $query);
if (!$temp_q_id)
{
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 0a6bf8d126..52e0ab7cee 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -24,10 +24,13 @@ function set_var(&$result, $var, $type, $multibyte = false)
if ($type == 'string')
{
- $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\xFF"), array("\n", "\n", ' '), $result)));
+ $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result)));
$result = (STRIP) ? stripslashes($result) : $result;
- if ($multibyte)
+
+ // Check for possible multibyte characters to save a preg_replace call if nothing is in there...
+ if ($multibyte && strpos($result, '&amp;#') !== false)
{
+ echo "HERE";
$result = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $result);
}
}
@@ -1387,7 +1390,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
if (isset($_POST['login']))
{
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$password = request_var('password', '');
$autologin = (!empty($_POST['autologin'])) ? true : false;
$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
@@ -2510,7 +2513,7 @@ function page_header($page_title = '')
'L_INDEX' => $user->lang['FORUM_INDEX'],
'L_ONLINE_EXPLAIN' => $l_online_time,
- 'U_PRIVATEMSGS' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=" . (($user->data['user_new_privmsg'] || $l_privmsgs_text_unread) ? 'unread' : 'view'),
+ 'U_PRIVATEMSGS' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;folder=inbox",
'U_RETURN_INBOX' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;folder=inbox",
'U_JS_RETURN_INBOX' => "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&folder=inbox",
'U_POPUP_PM' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=popup",
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index 261cbe3f45..33afcc4920 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -1845,7 +1845,7 @@ function cache_moderators()
'user_id' => $user_id,
'username' => $usernames_ary[$user_id],
'group_id' => 0,
- 'groupname' => ''
+ 'group_name' => ''
);
}
}
@@ -1886,7 +1886,7 @@ function cache_moderators()
'user_id' => 0,
'username' => '',
'group_id' => $group_id,
- 'groupname' => $groupnames_ary[$group_id]
+ 'group_name' => $groupnames_ary[$group_id]
);
}
}
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php
index 5f4f8ed5f6..7384217c31 100644
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@@ -563,7 +563,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
while ($row = $db->sql_fetchrow($result))
{
- $forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="' . $phpbb_root_path . "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['user_id'] . '">' . $row['username'] . '</a>' : '<a href="' . $phpbb_root_path . "memberlist.$phpEx$SID&amp;mode=group&amp;g=" . $row['group_id'] . '">' . $row['groupname'] . '</a>';
+ $forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="' . $phpbb_root_path . "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['user_id'] . '">' . $row['username'] . '</a>' : '<a href="' . $phpbb_root_path . "memberlist.$phpEx$SID&amp;mode=group&amp;g=" . $row['group_id'] . '">' . $row['group_name'] . '</a>';
}
$db->sql_freeresult($result);
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index 74c3037bf0..c106d4d717 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -145,7 +145,7 @@ class messenger
// assign variables
function assign_vars($vars)
{
- $this->vars = (empty($this->vars)) ? $vars : $this->vars . $vars;
+ $this->vars = (empty($this->vars)) ? $vars : $this->vars + $vars;
}
// Send the mail out to the recipients set previously in var $this->address
@@ -209,14 +209,16 @@ class messenger
{
case NOTIFY_EMAIL:
$result = $this->msg_email();
- break;
+ break;
+
case NOTIFY_IM:
$result = $this->msg_jabber();
- break;
+ break;
+
case NOTIFY_BOTH:
$result = $this->msg_email();
$this->msg_jabber();
- break;
+ break;
}
$this->reset();
@@ -394,7 +396,7 @@ class messenger
foreach ($addresses as $address)
{
- $this->jabber->send_message($address, 'normal', NULL, array('body' => $this->msg));
+ $this->jabber->send_message($address, 'normal', NULL, array('body' => htmlentities($this->msg)));
}
sleep(1);
@@ -490,7 +492,7 @@ class queue
unset($this->queue_data['email']);
continue 2;
}
- break;
+ break;
case 'jabber':
if (!$config['jab_enable'])
@@ -520,7 +522,8 @@ class queue
continue 2;
}
$this->jabber->send_presence(NULL, NULL, 'online');
- break;
+
+ break;
default:
return;
@@ -547,14 +550,14 @@ class queue
messenger::error('EMAIL', $message);
continue 3;
}
- break;
+ break;
case 'jabber':
foreach ($addresses as $address)
{
$this->jabber->send_message($address, 'normal', NULL, array('body' => $msg));
}
- break;
+ break;
}
}
@@ -572,7 +575,7 @@ class queue
// handled, then disconnect
sleep(1);
$this->jabber->disconnect();
- break;
+ break;
}
}
diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php
index fe314eaac0..f77e65f003 100755
--- a/phpBB/includes/mcp/mcp_logs.php
+++ b/phpBB/includes/mcp/mcp_logs.php
@@ -116,7 +116,7 @@ class mcp_logs
'TOTAL_LOGS' => ($log_count == 1) ? $user->lang['TOTAL_LOG'] : sprintf($user->lang['TOTAL_LOGS'], $log_count),
'PAGINATION' => generate_pagination($this->u_action . "&amp;$u_sort_param", $log_count, $config['topics_per_page'], $start, true),
- 'U_POST_ACTION' => "mcp.$phpEx$SID&amp;i=$id&amp;mode=$mode&amp;u=$user_id",
+ 'U_POST_ACTION' => $this->u_action,
'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false,
'S_SELECT_SORT_DIR' => $s_sort_dir,
'S_SELECT_SORT_KEY' => $s_sort_key,
diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php
index c1620f778e..b8280d4a9b 100755
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@@ -64,7 +64,7 @@ function mcp_notes_user_view($id, $mode, $action)
global $template, $db, $user, $auth;
$user_id = request_var('u', 0);
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$start = request_var('start', 0);
$st = request_var('st', 0);
$sk = request_var('sk', 'b');
diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php
index 3880f036a8..3d9e743d9c 100644
--- a/phpBB/includes/mcp/mcp_post.php
+++ b/phpBB/includes/mcp/mcp_post.php
@@ -52,7 +52,7 @@ function mcp_post_details($id, $mode, $action)
case 'chgposter':
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php
index 6b6e809930..fd75a86d21 100755
--- a/phpBB/includes/mcp/mcp_warn.php
+++ b/phpBB/includes/mcp/mcp_warn.php
@@ -300,7 +300,7 @@ function mcp_warn_user_view($id, $mode, $action)
global $template, $db, $user, $auth;
$user_id = request_var('u', 0);
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$notify = (isset($_REQUEST['notify_user'])) ? true : false;
$warning = request_var('warning', '', true);
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index b6d95c0e9f..30e4c06f77 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -846,8 +846,8 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
$user_id_ary = array();
// Build usernames to add
- $usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '')) : array();
- $username_list = request_var('username_list', '');
+ $usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '', true)) : array();
+ $username_list = request_var('username_list', '', true);
if ($username_list)
{
$usernames = array_merge($usernames, explode("\n", $username_list));
diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php
index 17839ae674..dbc02d2a4a 100644
--- a/phpBB/includes/ucp/ucp_pm_viewfolder.php
+++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php
@@ -151,7 +151,7 @@ function view_folder($id, $mode, $folder_id, $folder)
// Generate all URIs ...
$message_author = "<a href=\"{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['author_id'] . '">' . $row['username'] . '</a>';
$view_message_url = "$url&amp;i=$id&amp;mode=view&amp;f=$folder_id&amp;p=$message_id";
- $remove_message_url = "$url&amp;i=compose&amp;action=delete&amp;p=$message_id";
+ $remove_message_url = "$url&amp;i=$id&amp;mode=compose&amp;action=delete&amp;p=$message_id";
$row_indicator = '';
foreach ($color_rows as $var)
diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php
index 200692d459..d8bfcc3ec7 100644
--- a/phpBB/includes/ucp/ucp_pm_viewmessage.php
+++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php
@@ -201,10 +201,14 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'],
'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] . "&amp;view=print" : '',
- 'U_EMAIL_PM' => ($config['email_pm'] && $config['email_enable'] && $auth->acl_get('u_pm_emailpm')) ? 'Email' : '',
+ 'U_EMAIL_PM' => ($config['email_pm'] && $config['email_enable'] && $auth->acl_get('u_pm_emailpm')) ? '' : '',
'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_pm_forward')) ? "$url&amp;mode=compose&amp;action=forward&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '')
);
+ /**
+ * @todo U_EMAIL_PM add ability to send PM's by email
+ */
+
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (isset($attachments) && sizeof($attachments))
{
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index b2a2d6d878..5e69e927a6 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -341,7 +341,9 @@ class ucp_profile
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
- if (!isset($bday_day))
+ $bday_day = $bday_month = $bday_year = 0;
+
+ if ($user->data['user_birthday'])
{
list($bday_day, $bday_month, $bday_year) = explode('-', $user->data['user_birthday']);
}
@@ -476,7 +478,27 @@ class ucp_profile
'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'],
'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'],)
);
- break;
+
+ // Build custom bbcodes array
+ $sql = 'SELECT bbcode_id, bbcode_tag
+ FROM ' . BBCODES_TABLE . '
+ WHERE display_on_posting = 1';
+ $result = $db->sql_query($sql);
+
+ $i = 0;
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $template->assign_block_vars('custom_tags', array(
+ 'BBCODE_NAME' => "'[{$row['bbcode_tag']}]', '[/" . str_replace('=', '', $row['bbcode_tag']) . "]'",
+ 'BBCODE_ID' => 22 + ($i * 2),
+ 'BBCODE_TAG' => $row['bbcode_tag'])
+ );
+
+ $i++;
+ }
+ $db->sql_freeresult($result);
+
+ break;
case 'avatar':
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 5970ac4d99..4b1aa41f25 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -99,7 +99,7 @@ class ucp_register
{
foreach ($var_ary as $var => $default)
{
- $$var = request_var($var, $default);
+ $$var = request_var($var, $default, true);
}
}
@@ -108,7 +108,7 @@ class ucp_register
{
foreach ($var_ary as $var => $default)
{
- $data[$var] = request_var($var, $default);
+ $data[$var] = request_var($var, $default, true);
}
$var_ary = array(
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
index 7308d9b9f8..6b2c6240ae 100644
--- a/phpBB/includes/ucp/ucp_remind.php
+++ b/phpBB/includes/ucp/ucp_remind.php
@@ -23,7 +23,7 @@ class ucp_remind
if ($submit)
{
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$email = request_var('email', '');
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 35cbed1522..8c2b55a04f 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -23,7 +23,7 @@ class ucp_resend
if ($submit)
{
- $username = request_var('username', '');
+ $username = request_var('username', '', true);
$email = request_var('email', '');
$sql = 'SELECT user_id, username, user_email, user_type, user_lang, user_actkey
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-09 18:14:22 +0000