aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/includes/functions_posting.php4
-rw-r--r--phpBB/memberlist.php9
2 files changed, 8 insertions, 5 deletions
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index 7f5e40e8bb..c15726e2c8 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -334,12 +334,12 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
$filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
// Check Image Size, if it is an image
- if (!$auth->acl_gets('m_', 'a_') && $cat_id == ATTACHMENT_CATEGORY_IMAGE)
+ if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id) && $cat_id == ATTACHMENT_CATEGORY_IMAGE)
{
$file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
}
- if (!$auth->acl_gets('a_', 'm_'))
+ if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id))
{
$allowed_filesize = ($extensions[$file->get('extension')]['max_filesize'] != 0) ? $extensions[$file->get('extension')]['max_filesize'] : (($is_message) ? $config['max_filesize_pm'] : $config['max_filesize']);
$file->upload->set_max_filesize($allowed_filesize);
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php
index 251c4c3153..d9c1192868 100644
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@@ -738,7 +738,7 @@ switch ($mode)
$count_select = request_var('count_select', 'eq');
$joined = explode('-', request_var('joined', ''));
$active = explode('-', request_var('active', ''));
- $count = (request_var('count', '')) ? request_var('count', 0) : '';
+ $count = (request_var('count', '') !== '') ? request_var('count', 0) : '';
$ipdomain = request_var('ip', '');
$find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
@@ -783,13 +783,15 @@ switch ($mode)
$sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
}
- if ($ipdomain && $auth->acl_get('m_info'))
+ if ($ipdomain && $auth->acl_getf_global('m_info'))
{
$ips = (preg_match('#[a-z]#', $ipdomain)) ? implode(', ', preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "'\\1'", gethostbynamel($ipdomain))) : "'" . str_replace('*', '%', $ipdomain) . "'";
+ $ip_forums = array_keys($auth->acl_getf('m_info', true));
$sql = 'SELECT DISTINCT poster_id
FROM ' . POSTS_TABLE . '
- WHERE poster_ip ' . ((preg_match('#%#', $ips)) ? 'LIKE' : 'IN') . " ($ips)";
+ WHERE poster_ip ' . ((preg_match('#%#', $ips)) ? 'LIKE' : 'IN') . " ($ips)
+ AND forum_id IN (0, " . implode(',', $ip_forums) . ')';
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
@@ -808,6 +810,7 @@ switch ($mode)
// A minor fudge but it does the job :D
$sql_where .= " AND u.user_id IN ('-1')";
}
+ unset($ip_forums);
}
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-22 08:51:27 +0000