- adjust unread query a bit to cope with large topics (thanks bart!)

- fixing some bugs - more username_clean work git-svn-id: file:///svn/phpbb/trunk@6513 89ea8834-ac86-4346-8a33-228a782c2dd0
author: Meik Sievertsen <acydburn@phpbb.com> 2006-10-20 13:48:44 +0000
committer: Meik Sievertsen <acydburn@phpbb.com> 2006-10-20 13:48:44 +0000
commit: f4da66a9328d12a3a5cb3a36feb184a4686ca2f3 (patch)
tree: 85fe8abffa4507ce66c4a52e241a58bc5f454353 /phpBB/includes
parent: b572e0db8f18d36d71c7ad645839bb9b0cdb5f38 (diff)
download: forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar
forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar.gz
forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar.bz2
forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar.xz
forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.zip
14 files changed, 45 insertions, 24 deletions
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index b727829dc4..48ad8546d1 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -28,7 +28,7 @@ class acp_email
 		$submit = (isset($_POST['submit'])) ? true : false;
 		$error = array();
 
-		$usernames	= request_var('usernames', '');
+		$usernames	= request_var('usernames', '', true);
 		$group_id	= request_var('g', 0);
 		$subject	= request_var('subject', '', true);
 		$message	= request_var('message', '', true);
@@ -57,7 +57,7 @@ class acp_email
 				{
 					$sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang 
 						FROM ' . USERS_TABLE . '
-						WHERE ' . $db->sql_in_set('username', explode("\n", $usernames)) . '
+						WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . '
 							AND user_allow_massemail = 1
 						ORDER BY user_lang, user_notify_type'; // , SUBSTRING(user_email FROM INSTR(user_email, '@'))
 				}
diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php
index a390bd8212..9df1c52d65 100644
--- a/phpBB/includes/acp/acp_groups.php
+++ b/phpBB/includes/acp/acp_groups.php
@@ -30,7 +30,7 @@ class acp_groups
 		$action		= (isset($_POST['add'])) ? 'add' : ((isset($_POST['addusers'])) ? 'addusers' : request_var('action', ''));
 		$group_id	= request_var('g', 0);
 		$mark_ary	= request_var('mark', array(0));
-		$name_ary	= request_var('usernames', '');
+		$name_ary	= request_var('usernames', '', true);
 		$leader		= request_var('leader', 0);
 		$default	= request_var('default', 0);
 		$start		= request_var('start', 0);
diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php
index f9f08ee694..5fcf692735 100644
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@@ -59,8 +59,8 @@ class acp_permissions
 		$subforum_id = request_var('subforum_id', 0);
 		$forum_id = request_var('forum_id', array(0));
 
-		$username = request_var('username', array(''));
-		$usernames = request_var('usernames', '');
+		$username = request_var('username', array(''), true);
+		$usernames = request_var('usernames', '', true);
 		$user_id = request_var('user_id', array(0));
 
 		$group_id = request_var('group_id', array(0));
diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php
index 8fe9e10bae..e71fe33557 100644
--- a/phpBB/includes/acp/acp_prune.php
+++ b/phpBB/includes/acp/acp_prune.php
@@ -196,17 +196,18 @@ class acp_prune
 		{
 			if (confirm_box(true))
 			{
-				$users = request_var('users', '');
+				$users = request_var('users', '', true);
 				$action = request_var('action', 'deactivate');
 				$deleteposts = request_var('deleteposts', 0);
 		
 				if ($users)
 				{
-					$where_sql = ' AND ' . $db->sql_in_set('username', explode("\n", $users));
+					$users = explode("\n", $users);
+					$where_sql = ' AND ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', $users));
 				}
 				else
 				{
-					$username = request_var('username', '');
+					$username = request_var('username', '', true);
 					$email = request_var('email', '');
 
 					$joined_select = request_var('joined_select', 'lt');
@@ -224,7 +225,7 @@ class acp_prune
 					$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
 
 					$where_sql = '';
-					$where_sql .= ($username) ? " AND username LIKE '" . $db->sql_escape(str_replace('*', '%', $username)) . "'" : '';
+					$where_sql .= ($username) ? " AND username_clean LIKE '" . $db->sql_escape(str_replace('*', '%', utf8_clean_string($username))) . "'" : '';
 					$where_sql .= ($email) ? " AND user_email LIKE '" . $db->sql_escape(str_replace('*', '%', $email)) . "' " : '';
 					$where_sql .= (sizeof($joined)) ? " AND user_regdate " . $key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]) : '';
 					$where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . " $count " : '';
@@ -244,7 +245,8 @@ class acp_prune
 				$db->sql_freeresult($result);
 
 				// Do not prune founder members
-				$sql = 'SELECT username, user_id FROM ' . USERS_TABLE . '
+				$sql = 'SELECT user_id, username
+					FROM ' . USERS_TABLE . '
 					WHERE user_id <> ' . ANONYMOUS . '
 						AND user_type <> ' . USER_FOUNDER . "
 					$where_sql";
@@ -305,7 +307,7 @@ class acp_prune
 					'prune'			=> 1,
 
 					'users'			=> request_var('users', ''),
-					'username'		=> request_var('username', ''),
+					'username'		=> request_var('username', '', true),
 					'email'			=> request_var('email', ''),
 					'joined_select'	=> request_var('joined_select', ''),
 					'joined'		=> request_var('joined', ''),
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 7cdd86d612..c6700f3688 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -34,7 +34,7 @@ class acp_users
 		include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
 
 		$error		= array();
-		$username	= request_var('username', '');
+		$username	= request_var('username', '', true);
 		$user_id	= request_var('u', 0);
 		$action		= request_var('action', '');
 
@@ -86,7 +86,7 @@ class acp_users
 		{
 			$sql = 'SELECT user_id
 				FROM ' . USERS_TABLE . "
-				WHERE username = '" . $db->sql_escape($username) . "'";
+				WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 			$result = $db->sql_query($sql);
 			$user_id = (int) $db->sql_fetchfield('user_id');
 			$db->sql_freeresult($result);
@@ -736,6 +736,7 @@ class acp_users
 						if ($update_username !== false)
 						{
 							$sql_ary['username'] = $update_username;
+							$sql_ary['username_clean'] = utf8_clean_string($update_username);
 
 							add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
 						}
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index f851fde3e0..8f7aa4d78d 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -291,6 +291,23 @@ function user_delete($mode, $user_id, $post_username = false)
 				SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = ''
 				WHERE topic_last_poster_id = $user_id";
 			$db->sql_query($sql);
+
+			// Since we change every post by this author, we need to count this amount towards the anonymous user
+			$sql = 'SELECT user_posts
+				FROM ' . USERS_TABLE . '
+				WHERE user_id = ' . $user_id;
+			$result = $db->sql_query($sql);
+			$num_posts = (int) $db->sql_fetchfield('user_posts');
+			$db->sql_freeresult($result);
+
+			// Update the post count for the anonymous user
+			if ($num_posts)
+			{
+				$sql = 'UPDATE ' . USERS_TABLE . '
+					SET user_posts = user_posts + ' . $num_posts . '
+					WHERE user_id = ' . ANONYMOUS;
+				$db->sql_query($sql);
+			}
 		break;
 
 		case 'remove':
diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php
index 0a6beb60e2..302ace9755 100755
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@@ -68,13 +68,13 @@ class mcp_notes
 		global $template, $db, $user, $auth;
 
 		$user_id = request_var('u', 0);
-		$username = request_var('username', '');
+		$username = request_var('username', '', true);
 		$start = request_var('start', 0);
 		$st	= request_var('st', 0);
 		$sk	= request_var('sk', 'b');
 		$sd	= request_var('sd', 'd');
 
-		$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
+		$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 
 		$sql = 'SELECT *
 			FROM ' . USERS_TABLE . "
diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php
index d2b66871d4..30cbf918e8 100644
--- a/phpBB/includes/mcp/mcp_post.php
+++ b/phpBB/includes/mcp/mcp_post.php
@@ -59,8 +59,8 @@ function mcp_post_details($id, $mode, $action)
 
 			if ($action == 'chgposter')
 			{
-				$username = request_var('username', '');
-				$sql_where = "username = '" . $db->sql_escape($username) . "'";
+				$username = request_var('username', '', true);
+				$sql_where = "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 			}
 			else
 			{
diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php
index 02eb316ed8..da76dc8b58 100755
--- a/phpBB/includes/mcp/mcp_warn.php
+++ b/phpBB/includes/mcp/mcp_warn.php
@@ -310,11 +310,11 @@ function mcp_warn_user_view($id, $mode, $action)
 	global $template, $db, $user, $auth;
 
 	$user_id = request_var('u', 0);
-	$username = request_var('username', '');
+	$username = request_var('username', '', true);
 	$notify = (isset($_REQUEST['notify_user'])) ? true : false;
 	$warning = request_var('warning', '', true);
 
-	$sql_where = ($user_id) ? "user_id = $user_id" : "username = '" . $db->sql_escape($username) . "'";
+	$sql_where = ($user_id) ? "user_id = $user_id" : "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 
 	$sql = 'SELECT *
 		FROM ' . USERS_TABLE . '
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index 810fe4c7ee..47fd2f6d02 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -863,7 +863,7 @@ class ucp_groups
 
 						$user->add_lang(array('acp/groups', 'acp/common'));
 
-						$name_ary = request_var('usernames', '');
+						$name_ary = request_var('usernames', '', true);
 
 						if (!$group_id)
 						{
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index 3407a2f238..8f0c3e280d 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -884,8 +884,8 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
 		$user_id_ary = array();
 
 		// Build usernames to add
-		$usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '')) : array();
-		$username_list = request_var('username_list', '');
+		$usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '', true)) : array();
+		$username_list = request_var('username_list', '', true);
 		if ($username_list)
 		{
 			$usernames = array_merge($usernames, explode("\n", $username_list));
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 376573d059..537b47b5a4 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -98,6 +98,7 @@ class ucp_profile
 					{
 						$sql_ary = array(
 							'username'			=> ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
+							'username_clean'	=> ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($username) : $user->data['username_clean'],
 							'user_email'		=> ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
 							'user_email_hash'	=> ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
 							'user_password'		=> ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
index c1ea03f2c8..b9bc14e60a 100644
--- a/phpBB/includes/ucp/ucp_remind.php
+++ b/phpBB/includes/ucp/ucp_remind.php
@@ -22,7 +22,7 @@ class ucp_remind
 		global $config, $phpbb_root_path, $phpEx;
 		global $db, $user, $auth, $template;
 
-		$username	= request_var('username', '');
+		$username	= request_var('username', '', true);
 		$email		= request_var('email', '');
 		$submit		= (isset($_POST['submit'])) ? true : false;
 
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 10f93ba408..145d0f2e7e 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -22,7 +22,7 @@ class ucp_resend
 		global $config, $phpbb_root_path, $phpEx;
 		global $db, $user, $auth, $template;
 
-		$username	= request_var('username', '');
+		$username	= request_var('username', '', true);
 		$email		= request_var('email', '');
 		$submit		= (isset($_POST['submit'])) ? true : false;
author	Meik Sievertsen <acydburn@phpbb.com>	2006-10-20 13:48:44 +0000
committer	Meik Sievertsen <acydburn@phpbb.com>	2006-10-20 13:48:44 +0000
commit	f4da66a9328d12a3a5cb3a36feb184a4686ca2f3 (patch)
tree	85fe8abffa4507ce66c4a52e241a58bc5f454353 /phpBB/includes
parent	b572e0db8f18d36d71c7ad645839bb9b0cdb5f38 (diff)
download	forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar.gz forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar.bz2 forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.tar.xz forums-f4da66a9328d12a3a5cb3a36feb184a4686ca2f3.zip