diff options
Diffstat (limited to 'phpBB/admin')
| -rw-r--r-- | phpBB/admin/admin_ban.php | 136 | ||||
| -rw-r--r-- | phpBB/admin/admin_board.php | 232 | ||||
| -rw-r--r-- | phpBB/admin/admin_database.php | 240 | ||||
| -rw-r--r-- | phpBB/admin/admin_disallow.php | 39 | ||||
| -rw-r--r-- | phpBB/admin/admin_email.php | 35 | ||||
| -rw-r--r-- | phpBB/admin/admin_forums.php | 48 | ||||
| -rw-r--r-- | phpBB/admin/admin_permissions.php | 154 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune.php | 43 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune_users.php | 96 | ||||
| -rw-r--r-- | phpBB/admin/admin_ranks.php | 94 | ||||
| -rw-r--r-- | phpBB/admin/admin_search.php | 93 | ||||
| -rw-r--r-- | phpBB/admin/admin_smilies.php | 34 | ||||
| -rw-r--r-- | phpBB/admin/admin_users.php | 107 | ||||
| -rw-r--r-- | phpBB/admin/admin_words.php | 105 | ||||
| -rw-r--r-- | phpBB/admin/index.php | 147 | ||||
| -rw-r--r-- | phpBB/admin/pagestart.php | 30 |
16 files changed, 768 insertions, 865 deletions
diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index bd4c9775d1..058e32102f 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -21,9 +21,9 @@ define('IN_PHPBB', 1); -if( !empty($setmodules) ) +if(!empty($setmodules)) { - if ( !$auth->acl_get('a_ban') ) + if (!$auth->acl_get('a_ban')) { return; } @@ -42,15 +42,15 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // Do we have ban permissions? -if ( !$auth->acl_get('a_ban') ) +if (!$auth->acl_get('a_ban')) { - return; + trigger_error($user->lang['NO_ADMIN']); } // Mode setting -if ( isset($_POST['mode']) || isset($_GET['mode']) ) +if (isset($_POST['mode']) || isset($_GET['mode'])) { - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; + $mode = (isset($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; } else { @@ -60,19 +60,19 @@ else $current_time = time(); // Start program -if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) +if (isset($_POST['bansubmit']) || isset($_GET['bansubmit'])) { - $ban = ( !empty($_POST['ban']) ) ? $_POST['ban'] : $_GET['ban']; + $ban = (!empty($_POST['ban'])) ? $_POST['ban'] : $_GET['ban']; $ban_list = array_unique(explode("\n", $ban)); $ban_list_log = implode(', ', $ban_list); - $ban_reason = ( isset($_POST['banreason']) ) ? $_POST['banreason'] : ''; + $ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : ''; - if ( !empty($_POST['banlength']) ) + if (!empty($_POST['banlength'])) { - if ( $_POST['banlength'] != -1 || empty($_POST['banlengthother']) ) + if ($_POST['banlength'] != -1 || empty($_POST['banlengthother'])) { - $ban_end = max($current_time, $current_time + ( intval($_POST['banlength']) * 60 )); + $ban_end = max($current_time, $current_time + (intval($_POST['banlength']) * 60)); } else { @@ -87,7 +87,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist = array(); - switch ( $mode ) + switch ($mode) { case 'user': $type = 'ban_userid'; @@ -95,7 +95,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist_tmp = array(); for($i = 0; $i < count($ban_list); $i++) { - if ( trim($ban_list[$i]) != '' ) + if (trim($ban_list[$i]) != '') { $banlist_tmp[] = '\'' . trim($ban_list[$i]) . '\''; } @@ -106,13 +106,13 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) WHERE username IN (" . implode(', ', $banlist_tmp) . ")"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banlist[] = $row['user_id']; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } unset($banlist_tmp); break; @@ -122,18 +122,18 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) for($i = 0; $i < count($ban_list); $i++) { - if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) ) + if (preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode)) { // Don't ask about all this, just don't ask ... ! $ip_1_counter = $ip_range_explode[1]; $ip_1_end = $ip_range_explode[5]; - while ( $ip_1_counter <= $ip_1_end ) + while ($ip_1_counter <= $ip_1_end) { - $ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0; + $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; - if( $ip_2_counter == 0 && $ip_2_end == 254 ) + if($ip_2_counter == 0 && $ip_2_end == 254) { $ip_2_counter = 256; $ip_2_fragment = 256; @@ -141,12 +141,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist[] = "'$ip_1_counter.*'"; } - while ( $ip_2_counter <= $ip_2_end ) + while ($ip_2_counter <= $ip_2_end) { - $ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0; + $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; - if ( $ip_3_counter == 0 && $ip_3_end == 254 ) + if ($ip_3_counter == 0 && $ip_3_end == 254) { $ip_3_counter = 256; $ip_3_fragment = 256; @@ -154,12 +154,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist[] = "'$ip_1_counter.$ip_2_counter.*'"; } - while ( $ip_3_counter <= $ip_3_end ) + while ($ip_3_counter <= $ip_3_end) { - $ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0; + $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; - if ( $ip_4_counter == 0 && $ip_4_end == 254 ) + if ($ip_4_counter == 0 && $ip_4_end == 254) { $ip_4_counter = 256; $ip_4_fragment = 256; @@ -167,7 +167,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'"; } - while ( $ip_4_counter <= $ip_4_end ) + while ($ip_4_counter <= $ip_4_end) { $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; $ip_4_counter++; @@ -179,19 +179,19 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $ip_1_counter++; } } - else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])) ) + else if (preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i]))) { $ip = gethostbynamel(trim($ban_list[$i])); for($j = 0; $j < count($ip); $j++) { - if ( !empty($ip[$j]) ) + if (!empty($ip[$j])) { $banlist[] = '\'' . $ip[$j] . '\''; } } } - else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) || preg_match('/^[a-f0-9:]+\*?$/i', trim($ban_list[$i])) ) + else if (preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) || preg_match('/^[a-f0-9:]+\*?$/i', trim($ban_list[$i]))) { $banlist[] = '\'' . trim($ban_list[$i]) . '\''; } @@ -206,7 +206,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) // This ereg match is based on one by php@unreelpro.com // contained in the annotated php manual at php.com (ereg // section) - if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])) ) + if (eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i]))) { $banlist[] = '\'' . trim($ban_list[$i]) . '\''; } @@ -219,12 +219,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) WHERE $type <> ''"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $banlist_tmp = array(); do { - switch ( $mode ) + switch ($mode) { case 'user': $banlist_tmp[] = $row['ban_userid']; @@ -239,13 +239,13 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) break; } } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); $banlist = array_unique(array_diff($banlist, $banlist_tmp)); unset($banlist_tmp); } - if ( sizeof($banlist) ) + if (sizeof($banlist)) { for($i = 0; $i < count($banlist); $i++) { @@ -255,7 +255,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) } $sql = ''; - switch ( $mode ) + switch ($mode) { case 'user': $sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")"; @@ -272,20 +272,20 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $result = $db->sql_query($sql); $sql = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - $sql .= ( ( $sql != '' ) ? ', ' : '' ) . $row['user_id']; + $sql .= (($sql != '') ? ', ' : '') . $row['user_id']; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); $sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")"; } break; } - if ( $sql != '' ) + if ($sql != '') { $sql = "DELETE FROM " . SESSIONS_TABLE . " $sql"; @@ -302,15 +302,15 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) message_die(MESSAGE, $message); } -else if ( isset($_POST['unbansubmit']) ) +else if (isset($_POST['unbansubmit'])) { $unban_sql = ''; - for($i = 0; $i < count($_POST['unban']); $i++ ) + for($i = 0; $i < count($_POST['unban']); $i++) { - $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($_POST['unban'][$i]); + $unban_sql .= (($unban_sql != '') ? ', ' : '') . intval($_POST['unban'][$i]); } - if ( $unban_sql != '' ) + if ($unban_sql != '') { $sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_id IN ($unban_sql)"; @@ -340,7 +340,7 @@ $db->sql_query($sql); $ban_end_text = array(0 => $user->lang['Permanent'], 30 => $user->lang['30_Mins'], 60 => $user->lang['1_Hour'], 360 => $user->lang['6_Hours'], 1440 => $user->lang['1_Day'], 10080 => $user->lang['7_Days'], 20160 => $user->lang['2_Weeks'], 40320 => $user->lang['1_Month'], -1 => $user->lang['Other']); $ban_end_options = ''; -foreach ( $ban_end_text as $length => $text ) +foreach ($ban_end_text as $length => $text) { $ban_end_options .= '<option value="' . $length . '">' . $text . '</option>'; } @@ -348,7 +348,7 @@ foreach ( $ban_end_text as $length => $text ) // // Title // -switch ( $mode ) +switch ($mode) { case 'user': $l_title = $user->lang['Ban_users']; @@ -372,13 +372,13 @@ page_header($l_title); <?php -switch ( $mode ) +switch ($mode) { case 'user': $sql = "SELECT b.*, u.user_id, u.username FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE ( b.ban_end >= " . time() . " - OR b.ban_end = 0 ) + WHERE (b.ban_end >= " . time() . " + OR b.ban_end = 0) AND u.user_id = b.ban_userid AND b.ban_userid <> 0 AND u.user_id <> " . ANONYMOUS . " @@ -388,15 +388,15 @@ switch ( $mode ) $banned_options = ''; $banned_length = ''; $banned_options = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>'; - $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; - $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + $banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\''; + $banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\''; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); @@ -414,23 +414,23 @@ switch ( $mode ) $sql = "SELECT * FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + WHERE (ban_end >= " . time() . " + OR ban_end = 0) AND ban_ip <> ''"; $result = $db->sql_query($sql); $banned_reasons = ''; $banned_length = ''; $banned_options = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_ip'] . '</option>'; - $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; - $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + $banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\''; + $banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\''; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); @@ -448,23 +448,23 @@ switch ( $mode ) $sql = "SELECT * FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + WHERE (ban_end >= " . time() . " + OR ban_end = 0) AND ban_email <> ''"; $result = $db->sql_query($sql); $banned_options = ''; $banned_length = ''; $banned_options = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_email'] . '</option>'; - $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; - $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + $banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\''; + $banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\''; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); @@ -509,7 +509,7 @@ switch ( $mode ) <td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td> </tr> <tr> - <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td> + <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td> </tr> </table> @@ -524,7 +524,7 @@ switch ( $mode ) <tr> <?php - if ( $banned_options != '' ) + if ($banned_options != '') { ?> @@ -545,7 +545,7 @@ switch ( $mode ) ?> </tr> <tr> - <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /></td> + <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /></td> </tr> </table></form> diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index 0656654d77..099514f680 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -19,45 +19,68 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) - { - return; - } - $file = basename(__FILE__); - $module['General']['Avatar_settings'] = "$file$SID&mode=avatar"; - $module['General']['Cookie_settings'] = "$file$SID&mode=cookie"; - $module['General']['Board_defaults'] = "$file$SID&mode=default"; - $module['General']['Board_settings'] = "$file$SID&mode=setting"; - $module['General']['Email_settings'] = "$file$SID&mode=email"; - $module['General']['Server_settings'] = "$file$SID&mode=server"; - $module['General']['Auth_settings'] = "$file$SID&mode=auth"; + $module['General']['Cookie_settings'] = ($auth->acl_get('a_cookies')) ? "$file$SID&mode=cookie" : ''; + $module['General']['Board_defaults'] = ($auth->acl_get('a_defaults')) ? "$file$SID&mode=default" : ''; + $module['General']['Board_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&mode=setting" : ''; + $module['General']['Avatar_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&mode=avatar" : ''; + $module['General']['Email_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&mode=email" : ''; + $module['General']['Server_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&mode=server" : ''; + $module['General']['Auth_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&mode=auth" : ''; return; } -// Let's set the root dir for phpBB define('IN_PHPBB', 1); +// Load default header $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.' . $phpEx); -// Are we authed? -if ( !$auth->acl_get('a_general') ) -{ - trigger_error($user->lang['No_admin']); -} +// Get mode +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; -// Get mod -if ( isset($_POST['mode']) || isset($_GET['mode']) ) +// Check permissions/set title +switch ($mode) { - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; + case 'cookie': + $l_title = 'Cookie_settings'; + $which_auth = 'a_cookies'; + break; + case 'default': + $l_title = 'Board_defaults'; + $which_auth = 'a_defaults'; + break; + case 'avatar': + $l_title = 'Avatar_settings'; + $which_auth = 'a_board'; + break; + case 'setting': + $l_title = 'Board_settings'; + $which_auth = 'a_board'; + break; + case 'email': + $l_title = 'Email_settings'; + $which_auth = 'a_server'; + break; + case 'server': + $l_title = 'Server_settings'; + $which_auth = 'a_server'; + break; + case 'auth': + $l_title = 'Auth_settings'; + $which_auth = 'a_server'; + break; + default: + return; } -else + +// Check permissions +if (!$auth->acl_get($which_acl)) { - $mode = ''; + trigger_error($user->lang['NO_ADMIN']); } // Pull all config data @@ -65,15 +88,15 @@ $sql = "SELECT * FROM " . CONFIG_TABLE; $result = $db->sql_query($sql); -while ( $row = $db->sql_fetchrow($result) ) +while ($row = $db->sql_fetchrow($result)) { $config_name = $row['config_name']; $config_value = $row['config_value']; $default_config[$config_name] = $config_value; - $new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name]; + $new[$config_name] = (isset($_POST[$config_name])) ? $_POST[$config_name] : $default_config[$config_name]; - if ( isset($_POST['submit']) ) + if (isset($_POST['submit'])) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . str_replace("\'", "''", $new[$config_name]) . "' @@ -82,7 +105,7 @@ while ( $row = $db->sql_fetchrow($result) ) } } -if ( isset($_POST['submit']) ) +if (isset($_POST['submit'])) { // Re-cache config data config_config($new); @@ -91,39 +114,6 @@ if ( isset($_POST['submit']) ) trigger_error($user->lang['Config_updated']); } -// -// Which title? -// -switch ( $mode ) -{ - case 'cookie': - $l_title = 'Cookie_settings'; - break; - case 'avatar': - $l_title = 'Avatar_settings'; - break; - case 'default': - $l_title = 'Board_defaults'; - break; - case 'setting': - $l_title = 'Board_settings'; - break; - case 'email': - $l_title = 'Email_settings'; - break; - case 'server': - $l_title = 'Server_settings'; - break; - case 'login': - $l_title = 'Server_settings'; - break; - case 'auth': - $l_title = 'Auth_settings'; - break; - default: - return; -} - page_header($user->lang[$l_title]); ?> @@ -141,12 +131,12 @@ page_header($user->lang[$l_title]); // // Output relevant page // -switch ( $mode ) +switch ($mode) { case 'cookie': - $cookie_secure_yes = ( $new['cookie_secure'] ) ? 'checked="checked"' : ''; - $cookie_secure_no = ( !$new['cookie_secure'] ) ? 'checked="checked"' : ''; + $cookie_secure_yes = ($new['cookie_secure']) ? 'checked="checked"' : ''; + $cookie_secure_no = (!$new['cookie_secure']) ? 'checked="checked"' : ''; ?> <tr> @@ -171,12 +161,12 @@ switch ( $mode ) case 'avatar': - $avatars_local_yes = ( $new['allow_avatar_local'] ) ? 'checked="checked"' : ''; - $avatars_local_no = ( !$new['allow_avatar_local'] ) ? 'checked="checked"' : ''; - $avatars_remote_yes = ( $new['allow_avatar_remote'] ) ? 'checked="checked"' : ''; - $avatars_remote_no = ( !$new['allow_avatar_remote'] ) ? 'checked="checked"' : ''; - $avatars_upload_yes = ( $new['allow_avatar_upload'] ) ? 'checked="checked"' : ''; - $avatars_upload_no = ( !$new['allow_avatar_upload'] ) ? 'checked="checked"' : ''; + $avatars_local_yes = ($new['allow_avatar_local']) ? 'checked="checked"' : ''; + $avatars_local_no = (!$new['allow_avatar_local']) ? 'checked="checked"' : ''; + $avatars_remote_yes = ($new['allow_avatar_remote']) ? 'checked="checked"' : ''; + $avatars_remote_no = (!$new['allow_avatar_remote']) ? 'checked="checked"' : ''; + $avatars_upload_yes = ($new['allow_avatar_upload']) ? 'checked="checked"' : ''; + $avatars_upload_no = (!$new['allow_avatar_upload']) ? 'checked="checked"' : ''; ?> <tr> @@ -217,29 +207,29 @@ switch ( $mode ) $lang_select = language_select($new['default_lang'], 'default_lang', '../language'); $timezone_select = tz_select($new['board_timezone'], 'board_timezone'); - $override_user_style_yes = ( $new['override_user_style'] ) ? 'checked="checked"' : ''; - $override_user_style_no = ( !$new['override_user_style'] ) ? 'checked="checked"' : ''; + $override_user_style_yes = ($new['override_user_style']) ? 'checked="checked"' : ''; + $override_user_style_no = (!$new['override_user_style']) ? 'checked="checked"' : ''; - $topic_notify_yes = ( $new['allow_topic_notify'] ) ? 'checked="checked"' : ''; - $topic_notify_no = ( !$new['allow_topic_notify'] ) ? 'checked="checked"' : ''; + $topic_notify_yes = ($new['allow_topic_notify']) ? 'checked="checked"' : ''; + $topic_notify_no = (!$new['allow_topic_notify']) ? 'checked="checked"' : ''; - $forum_notify_yes = ( $new['allow_forum_notify'] ) ? 'checked="checked"' : ''; - $forum_notify_no = ( !$new['allow_forum_notify'] ) ? 'checked="checked"' : ''; + $forum_notify_yes = ($new['allow_forum_notify']) ? 'checked="checked"' : ''; + $forum_notify_no = (!$new['allow_forum_notify']) ? 'checked="checked"' : ''; - $html_yes = ( $new['allow_html'] ) ? 'checked="checked"' : ''; - $html_no = ( !$new['allow_html'] ) ? 'checked="checked"' : ''; + $html_yes = ($new['allow_html']) ? 'checked="checked"' : ''; + $html_no = (!$new['allow_html']) ? 'checked="checked"' : ''; - $bbcode_yes = ( $new['allow_bbcode'] ) ? 'checked="checked"' : ''; - $bbcode_no = ( !$new['allow_bbcode'] ) ? 'checked="checked"' : ''; + $bbcode_yes = ($new['allow_bbcode']) ? 'checked="checked"' : ''; + $bbcode_no = (!$new['allow_bbcode']) ? 'checked="checked"' : ''; - $smile_yes = ( $new['allow_smilies'] ) ? 'checked="checked"' : ''; - $smile_no = ( !$new['allow_smilies'] ) ? 'checked="checked"' : ''; + $smile_yes = ($new['allow_smilies']) ? 'checked="checked"' : ''; + $smile_no = (!$new['allow_smilies']) ? 'checked="checked"' : ''; - $sig_yes = ( $new['allow_sig'] ) ? 'checked="checked"' : ''; - $sig_no = ( !$new['allow_sig'] ) ? 'checked="checked"' : ''; + $sig_yes = ($new['allow_sig']) ? 'checked="checked"' : ''; + $sig_no = (!$new['allow_sig']) ? 'checked="checked"' : ''; - $namechange_yes = ( $new['allow_namechange'] ) ? 'checked="checked"' : ''; - $namechange_no = ( !$new['allow_namechange'] ) ? 'checked="checked"' : ''; + $namechange_yes = ($new['allow_namechange']) ? 'checked="checked"' : ''; + $namechange_no = (!$new['allow_namechange']) ? 'checked="checked"' : ''; ?> <tr> @@ -312,22 +302,22 @@ switch ( $mode ) case 'setting': - $disable_board_yes = ( $new['board_disable'] ) ? 'checked="checked"' : ''; - $disable_board_no = ( !$new['board_disable'] ) ? 'checked="checked"' : ''; + $disable_board_yes = ($new['board_disable']) ? 'checked="checked"' : ''; + $disable_board_no = (!$new['board_disable']) ? 'checked="checked"' : ''; - $coppa_enable_yes = ( $new['coppa_enable'] ) ? 'checked="checked"' : ''; - $coppa_enable_no = ( !$new['coppa_enable'] ) ? 'checked="checked"' : ''; + $coppa_enable_yes = ($new['coppa_enable']) ? 'checked="checked"' : ''; + $coppa_enable_no = (!$new['coppa_enable']) ? 'checked="checked"' : ''; - $activation_none = ( $new['require_activation'] == USER_ACTIVATION_NONE ) ? 'checked="checked"' : ''; - $activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? 'checked="checked"' : ''; - $activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : ''; - $activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : ''; + $activation_none = ($new['require_activation'] == USER_ACTIVATION_NONE) ? 'checked="checked"' : ''; + $activation_user = ($new['require_activation'] == USER_ACTIVATION_SELF) ? 'checked="checked"' : ''; + $activation_admin = ($new['require_activation'] == USER_ACTIVATION_ADMIN) ? 'checked="checked"' : ''; + $activation_disable = ($new['require_activation'] == USER_ACTIVATION_DISABLE) ? 'checked="checked"' : ''; - $privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : ''; - $privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : ''; + $privmsg_on = (!$new['privmsg_disable']) ? 'checked="checked"' : ''; + $privmsg_off = ($new['privmsg_disable']) ? 'checked="checked"' : ''; - $prune_yes = ( $new['prune_enable'] ) ? 'checked="checked"' : ''; - $prune_no = ( !$new['prune_enable'] ) ? 'checked="checked"' : ''; + $prune_yes = ($new['prune_enable']) ? 'checked="checked"' : ''; + $prune_no = (!$new['prune_enable']) ? 'checked="checked"' : ''; ?> <tr> @@ -412,14 +402,14 @@ switch ( $mode ) case 'email': - $email_yes = ( $new['email_enable'] ) ? 'checked="checked"' : ''; - $email_no = ( !$new['email_enable'] ) ? 'checked="checked"' : ''; + $email_yes = ($new['email_enable']) ? 'checked="checked"' : ''; + $email_no = (!$new['email_enable']) ? 'checked="checked"' : ''; - $board_email_form_yes = ( $new['board_email_form'] ) ? 'checked="checked"' : ''; - $board_email_form_no = ( !$new['board_email_form'] ) ? 'checked="checked"' : ''; + $board_email_form_yes = ($new['board_email_form']) ? 'checked="checked"' : ''; + $board_email_form_no = (!$new['board_email_form']) ? 'checked="checked"' : ''; - $smtp_yes = ( $new['smtp_delivery'] ) ? 'checked="checked"' : ''; - $smtp_no = ( !$new['smtp_delivery'] ) ? 'checked="checked"' : ''; + $smtp_yes = ($new['smtp_delivery']) ? 'checked="checked"' : ''; + $smtp_no = (!$new['smtp_delivery']) ? 'checked="checked"' : ''; ?> <tr> @@ -460,13 +450,13 @@ switch ( $mode ) case 'server': - $ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : ''; - $ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : ''; - $ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : ''; - $ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : ''; + $ip_all = ($new['ip_check'] == 4) ? 'checked="checked"' : ''; + $ip_classc = ($new['ip_check'] == 3) ? 'checked="checked"' : ''; + $ip_classb = ($new['ip_check'] == 2) ? 'checked="checked"' : ''; + $ip_none = ($new['ip_check'] == 0) ? 'checked="checked"' : ''; - $gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : ''; - $gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : ''; + $gzip_yes = ($new['gzip_compress']) ? 'checked="checked"' : ''; + $gzip_no = (!$new['gzip_compress']) ? 'checked="checked"' : ''; ?> <tr> <td class="row1"><?php echo $user->lang['Server_name']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Server_name_explain']; ?></span></td> @@ -517,9 +507,9 @@ switch ( $mode ) $auth_plugins = array(); $dp = opendir($phpbb_root_path . 'includes/auth'); - while ( $file = readdir($dp) ) + while ($file = readdir($dp)) { - if ( preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file) ) + if (preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file)) { $auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file); } @@ -528,9 +518,9 @@ switch ( $mode ) sort($auth_plugins); $auth_select = ''; - foreach ( $auth_plugins as $method ) + foreach ($auth_plugins as $method) { - $selected = ( $config['auth_method'] == $method ) ? ' selected="selected"' : ''; + $selected = ($config['auth_method'] == $method) ? ' selected="selected"' : ''; $auth_select .= '<option value="' . $method . '"' . $selected . '>' . ucfirst($method) . '</option>'; } @@ -541,23 +531,23 @@ switch ( $mode ) </tr> <?php - foreach ( $auth_plugins as $method ) + foreach ($auth_plugins as $method) { - if ( $method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx) ) + if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx)) { include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); $method = 'admin_' . $method; - if ( function_exists($method) ) + if (function_exists($method)) { - if ( $config_fields = $method($new) ) + if ($config_fields = $method($new)) { // // Check if we need to create config fields for this plugin // - foreach( $config_fields as $field ) + foreach($config_fields as $field) { - if ( !isset($config[$field]) ) + if (!isset($config[$field])) { $sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value) VALUES ('$field', '')"; @@ -576,7 +566,7 @@ switch ( $mode ) ?> <tr> - <td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td> + <td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td> </tr> </table></form> diff --git a/phpBB/admin/admin_database.php b/phpBB/admin/admin_database.php index 162a7ae653..812e1050db 100644 --- a/phpBB/admin/admin_database.php +++ b/phpBB/admin/admin_database.php @@ -19,18 +19,13 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) - { - return; - } - $filename = basename(__FILE__); - $module['DB']['DB_Backup'] = $filename . "$SID&mode=backup"; + $module['DB']['DB_Backup'] = ($auth->acl_get('a_backup')) ? $filename . "$SID&mode=backup" : ''; $file_uploads = @ini_get('file_uploads'); - if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' ) + if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' && $auth->acl_get('a_restore')) { $module['DB']['DB_Restore'] = $filename . "$SID&mode=restore"; } @@ -39,40 +34,30 @@ if ( !empty($setmodules) ) } define('IN_PHPBB', 1); -// // Load default header -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// -// Do we have DB backup/restore permissions? -// -if ( !$auth->acl_get('a_general') ) -{ - message_die(MESSAGE, $user->lang['No_admin']); -} +$mode = (isset($_GET['mode'])) ? $_GET['mode'] : ''; -// // Increase maximum execution time, but don't complain about it if it isn't // allowed. -// @set_time_limit(1200); -$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : ''; - -// // Begin program proper -// -switch( $mode ) +switch($mode) { case 'backup': + if (!$auth->acl_get('a_backup')) + { + trigger_error($user->lang['NO_ADMIN']); + } - if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql') { - switch ( SQL_LAYER ) + switch (SQL_LAYER) { case 'oracle': $db_type = 'Oracle'; @@ -85,17 +70,17 @@ switch( $mode ) break; } - message_die(MESSAGE, $user->lang['Backups_not_supported']); + trigger_error($user->lang['Backups_not_supported']); break; } - $additional_tables = ( isset($_POST['tables']) ) ? $_POST['tables'] : ( ( isset($_GET['tables']) ) ? $_GET['tables'] : '' ); - $backup_type = ( isset($_POST['type']) ) ? $_POST['type'] : ( ( isset($_GET['type']) ) ? $_GET['type'] : '' ); - $search = ( !empty($_POST['search']) ) ? intval($_POST['search']) : ( ( !empty($_GET['search']) ) ? intval($_GET['search']) : 0 ); - $store_path = ( isset($_POST['store']) ) ? $_POST['store'] : ( ( isset($_GET['store']) ) ? $_GET['store'] : '' ); - $compress = ( !empty($_POST['compress']) ) ? $_POST['compress'] : ( ( !empty($_GET['compress']) ) ? $_GET['compress'] : 'none' ); + $additional_tables = (isset($_POST['tables'])) ? $_POST['tables'] : ((isset($_GET['tables'])) ? $_GET['tables'] : ''); + $backup_type = (isset($_POST['type'])) ? $_POST['type'] : ((isset($_GET['type'])) ? $_GET['type'] : ''); + $search = (!empty($_POST['search'])) ? intval($_POST['search']) : ((!empty($_GET['search'])) ? intval($_GET['search']) : 0); + $store_path = (isset($_POST['store'])) ? $_POST['store'] : ((isset($_GET['store'])) ? $_GET['store'] : ''); + $compress = (!empty($_POST['compress'])) ? $_POST['compress'] : ((!empty($_GET['compress'])) ? $_GET['compress'] : 'none'); - if ( !isset($_POST['backupstart']) && !isset($_GET['backupstart']) ) + if (!isset($_POST['backupstart']) && !isset($_GET['backupstart'])) { page_header($user->lang['DB_Backup']); @@ -127,7 +112,7 @@ switch( $mode ) </tr> <?php - if ( extension_loaded('zlib') || extension_loaded('bz2') ) + if (extension_loaded('zlib') || extension_loaded('bz2')) { ?> @@ -135,7 +120,7 @@ switch( $mode ) <td class="row1"><?php echo $user->lang['Compress_file']; ?>: </td> <td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $user->lang['None']; ?><?php - if ( extension_loaded('zlib') ) + if (extension_loaded('zlib')) { @@ -143,7 +128,7 @@ switch( $mode ) } - if ( extension_loaded('bz2') ) + if (extension_loaded('bz2')) { ?> <input type="radio" name="compress" value="bzip" />.bz2<?php @@ -166,21 +151,21 @@ switch( $mode ) break; } - else if ( !isset($_POST['startdownload']) && !isset($_GET['startdownload']) ) + else if (!isset($_POST['startdownload']) && !isset($_GET['startdownload'])) { $meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&type=$backup_type&tables=" . quotemeta($additional_tables) . "&search=$search&store=" . quotemeta($store_path) . "&compress=$compress&backupstart=1&startdownload=1\">"; - $message = ( empty($store_path) ) ? $user->lang['Backup_download'] : $user->lang['Backup_writing']; + $message = (empty($store_path)) ? $user->lang['Backup_download'] : $user->lang['Backup_writing']; page_header($user->lang['DB_Backup'], $meta); page_message($user->lang['DB_Backup'], $message); page_footer(); } - $tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables(); + $tables = (SQL_LAYER != 'postgresql') ? mysql_get_tables() : pg_get_tables(); @sort($tables); - if ( !empty($additional_tables) ) + if (!empty($additional_tables)) { $additional_tables = explode(',', $additional_tables); @@ -206,7 +191,7 @@ switch( $mode ) echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; echo "#\n"; - if ( SQL_LAYER == 'postgresql' ) + if (SQL_LAYER == 'postgresql') { echo "\n" . pg_get_sequences("\n", $backup_type); } @@ -215,7 +200,7 @@ switch( $mode ) { $table_name = $tables[$i]; - if ( SQL_LAYER != 'mysql4' ) + if (SQL_LAYER != 'mysql4') { $table_def_function = "get_table_def_" . SQL_LAYER; $table_content_function = "get_table_content_" . SQL_LAYER; @@ -226,18 +211,18 @@ switch( $mode ) $table_content_function = "get_table_content_mysql"; } - if ( $backup_type != 'data' ) + if ($backup_type != 'data') { echo "#\n# TABLE: " . $table_name . "\n#\n"; echo $table_def_function($table_name, "\n") . "\n"; } - if ( $backup_type != 'structure' ) + if ($backup_type != 'structure') { // // Skip search table data? // - if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) ) + if ($search || (!$search && !preg_match('/search_word/', $table_name))) { $table_content_function($table_name, "output_table_content"); } @@ -247,7 +232,7 @@ switch( $mode ) // // Flush the buffer, send the file // - switch ( $compress ) + switch ($compress) { case 'gzip': $extension = 'sql.gz'; @@ -258,7 +243,7 @@ switch( $mode ) case 'zip': $extension = 'zip'; $zip = new zipfile; - $zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time()); + $zip->add_file(ob_get_contents(), "phpbb_db_backup.sql", time()); ob_end_clean(); $contents = $zip->file(); break; @@ -277,7 +262,7 @@ switch( $mode ) add_admin_log('log_db_backup'); - if ( empty($store_path) ) + if (empty($store_path)) { header("Pragma: no-cache"); header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\""); @@ -288,12 +273,12 @@ switch( $mode ) } else { - if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) ) + if (!($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb'))) { message_die(ERROR, 'Could not open backup file'); } - if ( !fwrite($fp, $contents) ) + if (!fwrite($fp, $contents)) { message_die(ERROR, 'Could not write backup file content'); } @@ -301,54 +286,58 @@ switch( $mode ) fclose($fp); unset($contents); - message_die(MESSAGE, $user->lang['Backup_success']); + trigger_error($user->lang['Backup_success']); } exit; break; case 'restore': + if (!$auth->acl_get('a_restore')) + { + trigger_error($user->lang['No_admin']); + } - if ( isset($_POST['restorestart']) ) + if (isset($_POST['restorestart'])) { // // Handle the file upload .... // If no file was uploaded report an error... // - if ( !empty($_POST['local']) ) + if (!empty($_POST['local'])) { $file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']); $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); } else { - $filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : ''; - $file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; + $filename = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : ''; + $file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != 'none') ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; } - if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) ) + if ($file_tmpname == '' || $filename == '' || !file_exists($file_tmpname)) { - message_die(MESSAGE, $user->lang['Restore_Error_no_file']); + trigger_error($user->lang['Restore_Error_no_file']); } $ext = substr($filename, strrpos($filename, '.') + 1); - if ( !preg_match('/^(sql|gz|bz2)$/', $ext) ) + if (!preg_match('/^(sql|gz|bz2)$/', $ext)) { - message_die(MESSAGE, $user->lang['Restore_Error_filename']); + trigger_error($user->lang['Restore_Error_filename']); } - if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) ) + if ((!extension_loaded('zlib') && $ext == 'gz') || (!extension_loaded('zip') && $ext == 'zip') || ($ext == 'bz2' && !extension_loaded('bz2'))) { - message_die(MESSAGE, $user->lang['Compress_unsupported']); + trigger_error($user->lang['Compress_unsupported']); } $sql_query = ''; - switch ( $ext ) + switch ($ext) { case 'gz': $fp = gzopen($file_tmpname, 'rb'); - while ( !gzeof($fp) ) + while (!gzeof($fp)) { $sql_query .= gzgets($fp, 100000); } @@ -359,11 +348,14 @@ switch( $mode ) $sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname))); break; + case 'zip': + + default; $sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname)); } - if ( $sql_query != '' ) + if ($sql_query != '') { // Strip out sql comments... $sql_query = remove_remarks($sql_query); @@ -374,7 +366,7 @@ switch( $mode ) { $sql = trim($pieces[$i]); - if ( !empty($sql) && $sql[0] != '#' ) + if (!empty($sql) && $sql[0] != '#') { $db->sql_query($sql); } @@ -383,7 +375,7 @@ switch( $mode ) add_admin_log('log_db_restore'); - message_die(MESSAGE, $user->lang['Restore_success']); + trigger_error($user->lang['Restore_success']); } // @@ -406,11 +398,11 @@ switch( $mode ) echo $user->lang['Supported_extensions']; $types = ': <u>sql</u>'; - if ( extension_loaded('zlib') ) + if (extension_loaded('zlib')) { $types .= ', <u>sql.gz</u>'; } - if ( extension_loaded('bz2') ) + if (extension_loaded('bz2')) { $types .= ', <u>bz2</u>'; } @@ -434,6 +426,7 @@ switch( $mode ) break; default: + trigger_error($user->lang['No_admin']); exit; } @@ -454,16 +447,16 @@ function mysql_get_tables() $tables = array(); $result = mysql_list_tables($db->dbname, $db->db_connect_id); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - if ( preg_match('/^' . $table_prefix . '/', $row[0]) ) + if (preg_match('/^' . $table_prefix . '/', $row[0])) { $tables[] = $row[0]; } } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } return $tables; @@ -483,7 +476,7 @@ function pg_get_sequences($crlf, $backup_type) $seq = $db->sql_query($get_seq_sql); - if( !$num_seq = $db->sql_numrows($seq) ) + if (!$num_seq = $db->sql_numrows($seq)) { $return_val = "# No Sequences Found $crlf"; @@ -502,11 +495,11 @@ function pg_get_sequences($crlf, $backup_type) $get_props_sql = "SELECT * FROM $sequence"; $seq_props = $db->sql_query($get_props_sql); - if($db->sql_numrows($seq_props) > 0) + if ($db->sql_numrows($seq_props) > 0) { $row1 = $db->sql_fetchrow($seq_props); - if($backup_type == 'structure') + if ($backup_type == 'structure') { $row['last_value'] = 1; } @@ -515,7 +508,7 @@ function pg_get_sequences($crlf, $backup_type) } // End if numrows > 0 - if(($row['last_value'] > 1) && ($backup_type != 'structure')) + if (($row['last_value'] > 1) && ($backup_type != 'structure')) { $return_val .= "SELECT NEXTVALE('$sequence'); $crlf"; unset($row['last_value']); @@ -555,7 +548,7 @@ function get_table_def_postgresql($table, $crlf) ORDER BY a.attnum"; $result = $db->sql_query($field_query); - if(!$result) + if (!$result) { message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); } // end if.. @@ -641,12 +634,12 @@ function get_table_def_postgresql($table, $crlf) ORDER BY index_name, tab_name, column_name "; $result = $db->sql_query($sql_pri_keys); - if(!$result) + if (!$result) { message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_pri_keys); } - while ( $row = $db->sql_fetchrow($result)) + while ($row = $db->sql_fetchrow($result)) { if ($row['primary_key'] == 't') { @@ -743,37 +736,29 @@ function get_table_def_mysql($table, $crlf) $field_query = "SHOW FIELDS FROM $table"; $key_query = "SHOW KEYS FROM $table"; - // // If the user has selected to drop existing tables when doing a restore. // Then we add the statement to drop the tables.... - // $schema_create .= "DROP TABLE IF EXISTS $table;$crlf"; $schema_create .= "CREATE TABLE $table($crlf"; - // // Ok lets grab the fields... - // $result = $db->sql_query($field_query); - if(!result) - { - message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); - } while ($row = $db->sql_fetchrow($result)) { $schema_create .= ' ' . $row['Field'] . ' ' . $row['Type']; - if(!empty($row['Default'])) + if (!empty($row['Default'])) { $schema_create .= ' DEFAULT \'' . $row['Default'] . '\''; } - if($row['Null'] != "YES") + if ($row['Null'] != "YES") { $schema_create .= ' NOT NULL'; } - if($row['Extra'] != "") + if ($row['Extra'] != "") { $schema_create .= ' ' . $row['Extra']; } @@ -794,12 +779,12 @@ function get_table_def_mysql($table, $crlf) { $kname = $row['Key_name']; - if(($kname != 'PRIMARY') && ($row['Non_unique'] == 0)) + if (($kname != 'PRIMARY') && ($row['Non_unique'] == 0)) { $kname = "UNIQUE|$kname"; } - if(!is_array($index[$kname])) + if (!is_array($index[$kname])) { $index[$kname] = array(); } @@ -807,11 +792,11 @@ function get_table_def_mysql($table, $crlf) $index[$kname][] = $row['Column_name']; } - while(list($x, $columns) = @each($index)) + foreach ($index as $x => $columns) { $schema_create .= ", $crlf"; - if($x == 'PRIMARY') + if ($x == 'PRIMARY') { $schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')'; } @@ -827,7 +812,7 @@ function get_table_def_mysql($table, $crlf) $schema_create .= "$crlf);"; - if(get_magic_quotes_runtime()) + if (get_magic_quotes_runtime()) { return(stripslashes($schema_create)); } @@ -856,10 +841,7 @@ function get_table_content_postgresql($table, $handler) { global $db; - // // Grab all of the data from current table. - // - $result = $db->sql_query("SELECT * FROM $table"); $i_num_fields = $db->sql_numfields($result); @@ -872,24 +854,23 @@ function get_table_content_postgresql($table, $handler) $iRec = 0; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { unset($schema_vals); unset($schema_fields); unset($schema_insert); - // + // Build the SQL statement to recreate the data. - // for($i = 0; $i < $i_num_fields; $i++) { $strVal = $row[$aryName[$i]]; - if (eregi("char|text|bool", $aryType[$i])) + if (preg_match('#char|text|bool#i', $aryType[$i])) { $strQuote = "'"; $strEmpty = ""; $strVal = addslashes($strVal); } - elseif (eregi("date|timestamp", $aryType[$i])) + elseif (preg_match('#date|timestamp#i', $aryType[$i])) { if ($empty($strVal)) { @@ -913,18 +894,15 @@ function get_table_content_postgresql($table, $handler) $schema_vals .= " $strQuote$strVal$strQuote,"; $schema_fields .= " $aryName[$i],"; - } - $schema_vals = ereg_replace(",$", "", $schema_vals); - $schema_vals = ereg_replace("^ ", "", $schema_vals); - $schema_fields = ereg_replace(",$", "", $schema_fields); - $schema_fields = ereg_replace("^ ", "", $schema_fields); + $schema_vals = preg_replace('#,$#', '', $schema_vals); + $schema_vals = preg_replace('#^ #', '', $schema_vals); + $schema_fields = preg_replace('#,$#', '', $schema_fields); + $schema_fields = preg_replace('#^ #', '', $schema_fields); - // // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. - // $schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);"; $handler(trim($schema_insert)); @@ -941,16 +919,13 @@ function get_table_content_postgresql($table, $handler) function get_table_content_mysql($table, $handler) { global $db; - // + // Grab the data from the table. - // $result = $db->sql_query("SELECT * FROM $table"); - // // Loop through the resulting rows and build the sql statement. - // $schema_insert = ""; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $schema_insert = "\n#\n# Table Data for $table\n#\n"; @@ -970,7 +945,7 @@ function get_table_content_mysql($table, $handler) // // Get rid of the last comma // - $table_list = ereg_replace(', $', '', $table_list); + $table_list = preg_replace('#, $#', '', $table_list); $table_list .= ')'; // // Start building the SQL statement. @@ -981,7 +956,7 @@ function get_table_content_mysql($table, $handler) // for ($j = 0; $j < $num_fields; $j++) { - if(!isset($row[$j])) + if (!isset($row[$j])) { // // If there is no data for the column set it to null. @@ -1003,14 +978,14 @@ function get_table_content_mysql($table, $handler) // // Get rid of the the last comma. // - $schema_insert = ereg_replace(',$', '', $schema_insert); + $schema_insert = preg_replace('#,$#', '', $schema_insert); $schema_insert .= ');'; // // Go ahead and send the insert statement to the handler function. // $handler(trim($schema_insert)); } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } return true; @@ -1041,9 +1016,9 @@ class zipfile var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; - function unix2DosTime($unixtime = 0) + function unix_to_dos_time($unixtime = 0) { - $timearray = ( $unixtime == 0 ) ? getdate() : getdate($unixtime); + $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] < 1980) { @@ -1055,15 +1030,15 @@ class zipfile $timearray['seconds'] = 0; } - return ( ( $timearray['year'] - 1980) << 25 ) | ( $timearray['mon'] << 21 ) | ( $timearray['mday'] << 16 ) | - ( $timearray['hours'] << 11 ) | ( $timearray['minutes'] << 5 ) | ( $timearray['seconds'] >> 1 ); + return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | + ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); } - function addFile($data, $name, $time = 0) + function add_file($data, $name, $time = 0) { $name = str_replace('\\', '/', $name); - $dtime = dechex($this->unix2DosTime($time)); + $dtime = dechex($this->unix_to_dos_time($time)); $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] @@ -1111,14 +1086,14 @@ class zipfile $cdrec .= pack('V', $crc); // crc32 $cdrec .= pack('V', $c_len); // compressed filesize $cdrec .= pack('V', $unc_len); // uncompressed filesize - $cdrec .= pack('v', strlen($name) ); // length of filename - $cdrec .= pack('v', 0 ); // extra field length - $cdrec .= pack('v', 0 ); // file comment length - $cdrec .= pack('v', 0 ); // disk number start - $cdrec .= pack('v', 0 ); // internal file attributes - $cdrec .= pack('V', 32 ); // external file attributes - 'archive' bit set - - $cdrec .= pack('V', $this -> old_offset ); // relative offset of local header + $cdrec .= pack('v', strlen($name)); // length of filename + $cdrec .= pack('v', 0); // extra field length + $cdrec .= pack('v', 0); // file comment length + $cdrec .= pack('v', 0); // disk number start + $cdrec .= pack('v', 0); // internal file attributes + $cdrec .= pack('V', 32); // external file attributes - 'archive' bit set + + $cdrec .= pack('V', $this -> old_offset); // relative offset of local header $this -> old_offset = $new_offset; $cdrec .= $name; @@ -1140,7 +1115,6 @@ class zipfile pack('V', strlen($data)) . // offset to start of central dir "\x00\x00"; // .zip file comment length } - } // diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php index 4bd6a88170..3061a069fa 100644 --- a/phpBB/admin/admin_disallow.php +++ b/phpBB/admin/admin_disallow.php @@ -21,43 +21,36 @@ define('IN_PHPBB', 1); -if( !empty($setmodules) ) +if(!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_get('a_names')) { return; } - $filename = basename(__FILE__); - $module['Users']['Disallow'] = $filename . $SID; + $module['Users']['Disallow'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// -// Do we have user admin permissions? -// -if ( !$auth->acl_get('a_user') ) +// Check permissions +if (!$auth->acl_get('a_names')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -if( isset($_POST['add_name']) ) +if (isset($_POST['add_name'])) { - include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); - - $disallowed_user = ( isset($_POST['disallowed_user']) ) ? $_POST['disallowed_user'] : $_GET['disallowed_user']; + $disallowed_user = (isset($_POST['disallowed_user'])) ? $_POST['disallowed_user'] : $_GET['disallowed_user']; $disallowed_user = str_replace('*', '%', $disallowed_user); - if ( !validate_username($disallowed_user) ) + if (validate_username($disallowed_user)) { $message = $user->lang['Disallowed_already']; } @@ -65,7 +58,7 @@ if( isset($_POST['add_name']) ) { $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) VALUES('" . str_replace("\'", "''", $disallowed_user) . "')"; - $result = $db->sql_query( $sql ); + $result = $db->sql_query($sql); $message = $user->lang['Disallow_successful']; } @@ -76,9 +69,9 @@ if( isset($_POST['add_name']) ) message_die(MESSAGE, $message); } -else if( isset($_POST['delete_name']) ) +else if (isset($_POST['delete_name'])) { - $disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] ); + $disallowed_id = (isset($_POST['disallowed_id'])) ? intval($_POST['disallowed_id']) : intval($_GET['disallowed_id']); $sql = "DELETE FROM " . DISALLOW_TABLE . " WHERE disallow_id = $disallowed_id"; @@ -92,21 +85,19 @@ else if( isset($_POST['delete_name']) ) } -// // Grab the current list of disallowed usernames... -// $sql = "SELECT * FROM " . DISALLOW_TABLE; $result = $db->sql_query($sql); $disallow_select = ''; -if ( $row = $db->sql_fetchrow($result) ) +if ($row = $db->sql_fetchrow($result)) { do { $disallow_select .= '<option value="' . $row['disallow_id'] . '">' . str_replace('%', '*', $row['disallow_username']) . '</option>'; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } // @@ -133,7 +124,7 @@ page_header($user->lang['Users']); </tr> <tr> <td class="row1"><?php echo $user->lang['Username']; ?><br /><span class="gensmall"><?php echo $user->lang['Delete_disallow_explain']; ?></span></td> - <td class="row2"><?php if ( $disallow_select != '' ) { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select> <input type="submit" name="delete_name" value="<?php echo $user->lang['Delete']; ?>" class="liteoption" /><?php } else { echo $user->lang['No_disallowed']; } ?></td> + <td class="row2"><?php if ($disallow_select != '') { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select> <input type="submit" name="delete_name" value="<?php echo $user->lang['Delete']; ?>" class="liteoption" /><?php } else { echo $user->lang['No_disallowed']; } ?></td> </tr> </table></form> diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index 41e3ca55cd..ada237a912 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -19,33 +19,28 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_email')) { return; } - $filename = basename(__FILE__); - $module['General']['Mass_Email'] = $filename . $SID; + $module['General']['Mass_Email'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// -// Do we have general admin permissions? -// -if ( !$auth->acl_get('a_general') ) +// Check permissions +if (!$auth->acl_get('a_email')) { - return; + trigger_error($user->lang['NO_ADMIN']); } // @@ -57,7 +52,7 @@ $subject = ''; // // Do the job ... // -if ( isset($_POST['submit']) ) +if (isset($_POST['submit'])) { // // Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't @@ -67,10 +62,10 @@ if ( isset($_POST['submit']) ) $group_id = intval($_POST['g']); - $sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; + $sql = ($group_id != -1) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; $result = $db->sql_query($sql); - if ( !($email_list = $db->sql_fetchrowset($g_result)) ) + if (!($email_list = $db->sql_fetchrowset($g_result))) { // // Output a relevant GENERAL_MESSAGE about users/group @@ -87,14 +82,14 @@ if ( isset($_POST['submit']) ) // $error = FALSE; - if ( !$error ) + if (!$error) { include($phpbb_root_path . 'includes/emailer.'.$phpEx); // // Let's do some checking to make sure that mass mail functions // are working in win32 versions of php. // - if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$config['smtp_delivery']) + if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$config['smtp_delivery']) { // We are running on windows, force delivery to use // our smtp functions since php's are broken by default @@ -108,7 +103,7 @@ if ( isset($_POST['submit']) ) $bcc_list = ''; for($i = 0; $i < count($email_list); $i++) { - $bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $email_list[$i]['user_email']; + $bcc_list .= (($bcc_list != '') ? ', ' : '') . $email_list[$i]['user_email']; } $email_headers .= "Bcc: $bcc_list\n"; @@ -145,13 +140,13 @@ $sql = "SELECT group_id, group_name $result = $db->sql_query($sql); $select_list = '<select name = "g"><option value = "-1">' . $user->lang['All_users'] . '</option>'; -if ( $row = $db->sql_fetchrow($result) ) +if ($row = $db->sql_fetchrow($result)) { do { $select_list .= '<option value = "' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $select_list .= '</select>'; @@ -163,7 +158,7 @@ page_header($user->lang['Mass_Email']); <p><?php echo $user->lang['Mass_email_explain']; ?></p> -<form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1"> +<form method="post" action="admin_mass_email.<?php echo $phpEx.$SID; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1"> <tr> <th colspan="2"><?php echo $user->lang['Compose']; ?></th> </tr> diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index 3e79720dff..17fea8fac4 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -21,45 +21,47 @@ if (!empty($setmodules)) { - if (!$auth->acl_get('a_forum')) + if (!$auth->acl_gets('a_forum', 'a_forumadd', 'a_forumdel')) { return; } - $file = basename(__FILE__); - $module['Forums']['Manage'] = $file . $SID; + $module['Forums']['Manage'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// -// Do we have forum admin permissions? -// -if (!$auth->acl_get('a_forum')) -{ - message_die(MESSAGE, $user->lang['No_admin']); -} +// Get mode +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; -// -// Mode setting -// -if (isset($_POST['mode']) || isset($_GET['mode'])) -{ - $mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; -} -else +// Do we have permissions? +switch ($mode) { - $mode = ''; + case 'add': + if (!$auth->acl_get('a_forumadd')) + { + trigger_error($user->lang['NO_ADMIN']); + } + case 'del': + if (!$auth->acl_get('a_forumdel')) + { + trigger_error($user->lang['NO_ADMIN']); + } + + default: + if (!$auth->acl_get('a_forum')) + { + trigger_error($user->lang['NO_ADMIN']); + } } +// Major routines switch ($mode) { case 'move_up': @@ -355,15 +357,13 @@ switch ($mode) break; case 'forum_sync': - sync('forum', intval($_GET[POST_FORUM_URL])); + sync('forum', intval($_GET['f'])); $show_index = TRUE; break; case 'add': case 'edit': - // // Show form to create/modify a forum - // if ($mode == 'edit') { $forum_id = intval($_GET['f']); diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 7eec84da2e..048e8bf52b 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -19,18 +19,13 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_auth') ) - { - return; - } - $filename = basename(__FILE__); - $module['Forums']['Permissions'] = $filename . $SID . '&mode=forums'; - $module['Forums']['Moderators'] = $filename . $SID . '&mode=moderators'; - $module['Forums']['Super_Moderators'] = $filename . $SID . '&mode=supermoderators'; - $module['General']['Administrators'] = $filename . $SID . '&mode=administrators'; + $module['Forums']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&mode=forums' : ''; + $module['Forums']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=moderators' : ''; + $module['Forums']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=supermoderators' : ''; + $module['General']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&mode=administrators' : ''; return; } @@ -43,16 +38,10 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// Do we have forum admin permissions? -if ( !$auth->acl_get('a_auth') ) -{ - trigger_error($user->lang['No_admin']); -} - // Define some vars -if ( isset($_GET['f']) || isset($_POST['f']) ) +if (isset($_REQUEST['f'])) { - $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); + $forum_id = intval($_REQUEST['f']); $forum_sql = " WHERE forum_id = $forum_id"; } else @@ -61,88 +50,87 @@ else $forum_sql = ''; } -if ( isset($_GET['mode']) || isset($_POST['mode']) ) -{ - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = ''; -} +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; // Start program proper -switch ( $mode ) +switch ($mode) { case 'forums': - $l_title = $user->lang['Permissions']; - $l_title_explain = $user->lang['Permissions_explain']; - $l_can = '_can'; + $l_title = $user->lang['PERMISSIONS']; + $l_title_explain = $user->lang['PERMISSIONS_EXPLAIN']; + $which_acl = 'a_auth'; break; case 'moderators': - $l_title = $user->lang['Moderators']; - $l_title_explain = $user->lang['Moderators_explain']; - $l_can = '_can'; + $l_title = $user->lang['MODERATORS']; + $l_title_explain = $user->lang['MODERATORS_EXPLAIN']; + $which_acl = 'a_authmods'; break; case 'supermoderators': - $l_title = $user->lang['Super_Moderators']; - $l_title_explain = $user->lang['Super_Moderators_explain']; - $l_can = '_can'; + $l_title = $user->lang['SUPER_MODERATORS']; + $l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN']; + $which_acl = 'a_authmods'; break; case 'administrators': - $l_title = $user->lang['Administrators']; - $l_title_explain = $user->lang['Administrators_explain']; - $l_can = '_can_admin'; + $l_title = $user->lang['ADMINISTRATORS']; + $l_title_explain = $user->lang['ADMINISTRATORS_EXPLAIN']; + $which_acl = 'a_authadmins'; break; } +// Permission check +if (!$auth->acl_get($which_acl)) +{ + trigger_error($user->lang['NO_ADMIN']); +} + // Call update or delete, both can take multiple user/group // ids. Additionally inheritance is handled (by the auth API) -if ( isset($_POST['update']) ) +if (isset($_POST['update'])) { $auth_admin = new auth_admin(); // Admin wants subforums to inherit permissions ... so handle this - if ( !empty($_POST['inherit']) ) + if (!empty($_POST['inherit'])) { array_push($_POST['inherit'], $forum_id); $forum_id = $_POST['inherit']; } - foreach ( $_POST['entries'] as $id ) + foreach ($_POST['entries'] as $id) { $auth_admin->acl_set($_POST['type'], $forum_id, $id, $_POST['option']); } trigger_error('Permissions updated successfully'); } -else if ( isset($_POST['delete']) ) +else if (isset($_POST['delete'])) { $auth_admin = new auth_admin(); $option_ids = false; - if ( !empty($_POST['option']) ) + if (!empty($_POST['option'])) { $sql = "SELECT auth_option_id FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $option_ids = array(); do { $option_ids[] = $row['auth_option_id']; } - while( $row = $db->sql_fetchrow($result) ); + while($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); } - foreach ( $_POST['entries'] as $id ) + foreach ($_POST['entries'] as $id) { $auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids); } @@ -152,12 +140,12 @@ else if ( isset($_POST['delete']) ) // Get required information, either all forums if no id was // specified or just the requsted if it was -if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' ) +if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators') { // Clear some vars, grab some info if relevant ... $s_hidden_fields = ''; - if ( !empty($forum_id) ) + if (!empty($forum_id)) { $sql = "SELECT forum_name FROM " . FORUMS_TABLE . " @@ -179,7 +167,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <?php - switch ( $mode ) + switch ($mode) { case 'forums': $type_sql = 'f'; @@ -204,17 +192,17 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " - ORDER BY group_name"; + ORDER BY group_type DESC, group_name"; $result = $db->sql_query($sql); $group_list = ''; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - $group_list .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>'; + $group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); - if ( empty($_POST['advanced']) || empty($_POST['entries']) ) + if (empty($_POST['advanced']) || empty($_POST['entries'])) { ?> @@ -241,7 +229,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $result = $db->sql_query($sql); $users = ''; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>'; } @@ -268,13 +256,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $forum_sql AND a.auth_option_id = o.auth_option_id AND g.group_id = a.group_id - ORDER BY g.group_name ASC"; + ORDER BY g.group_type DESC, g.group_name ASC"; $result = $db->sql_query($sql); $groups = ''; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - $groups .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>'; + $groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); @@ -301,7 +289,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td> </tr> <tr> - <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> + <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> </tr> </table></form></td> @@ -313,7 +301,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td> </tr> <tr> - <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> + <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> </tr> </table></form></td> @@ -328,7 +316,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators // Founder only operations ... these operations can // only be altered by someone with founder status - $founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : ''; + $founder_sql = (!$userdata['user_founder']) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " @@ -338,35 +326,35 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $result = $db->sql_query($sql); $auth_options = array(); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $auth_options[] = $row; } $db->sql_freeresult($result); - if ( $_POST['type'] == 'user' && !empty($_POST['new']) ) + if ($_POST['type'] == 'user' && !empty($_POST['new'])) { $_POST['entries'] = explode("\n", $_POST['entries']); } $where_sql = ''; - foreach ( $_POST['entries'] as $value ) + foreach ($_POST['entries'] as $value) { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $_POST['type'] == 'user' && !empty($_POST['new']) ) ? '\'' . $value . '\'' : intval($value) ); + $where_sql .= (($where_sql != '') ? ', ' : '') . (($_POST['type'] == 'user' && !empty($_POST['new'])) ? '\'' . $value . '\'' : intval($value)); } - switch ( $_POST['type'] ) + switch ($_POST['type']) { case 'group': $l_type = 'Group'; - $sql = ( empty($_POST['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; + $sql = (empty($_POST['new'])) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; break; case 'user': $l_type = 'User'; - $sql = ( empty($_POST['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; + $sql = (empty($_POST['new'])) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; break; } @@ -375,15 +363,15 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $ug = '';; $ug_hidden = ''; $auth = array(); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - $ug_test = ( !empty($user->lang[$row['name']]) ) ? $user->lang[$row['name']] : $row['name']; - $ug .= ( !strstr($ug, $ug_test) ) ? $ug_test . "\n" : ''; + $ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name']; + $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; $ug_test = '<input type="hidden" name="entries[]" value="' . $row['id'] . '" />'; - $ug_hidden .= ( !strstr($ug_hidden, $ug_test) ) ? $ug_test : ''; + $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; - $auth[$row['auth_value']] = ( isset($auth_group[$row['auth_value']]) ) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; + $auth[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; } $db->sql_freeresult($result); @@ -451,7 +439,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators //--> </script> -<p><?php echo $user->lang['ACL_explain']; ?></p> +<p><?php echo $user->lang['ACL_EXPLAIN']; ?></p> <form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table cellspacing="1" cellpadding="0" border="0" align="center"> <tr> @@ -469,13 +457,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators for($i = 0; $i < sizeof($auth_options); $i++) { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; - $l_can_cell = ( !empty($user->lang['acl_' . $auth_options[$i]['auth_value']]) ) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value'])); + $l_can_cell = (!empty($user->lang['acl_' . $auth_options[$i]['auth_value']])) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value'])); - $allow_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_ALLOW ) ? ' checked="checked"' : ''; - $deny_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_DENY ) ? ' checked="checked"' : ''; - $inherit_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_INHERIT ) ? ' checked="checked"' : ''; + $allow_type = ($auth[$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; + $deny_type = ($auth[$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; + $inherit_type = ($auth[$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; ?> <tr> @@ -488,11 +476,11 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } - if ( $type_sql == 'f' || $type_sql == 'm' ) + if ($type_sql == 'f' || $type_sql == 'm') { $children = get_forum_branch($forum_id, 'children', 'descending', false); - if ( !empty($children) ) + if (!empty($children)) { ?> <tr> @@ -504,7 +492,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td colspan="4" height="16"><span class="gensmall"><?php echo $user->lang['Inheritance_explain']; ?></span></td> </tr> <?php - foreach ( $children as $row ) + foreach ($children as $row) { ?> @@ -528,7 +516,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators ?> <tr> - <td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" /> <input class="liteoption" type="submit" name="cancel" value="<?php echo $user->lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td> + <td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" /> <input class="liteoption" type="submit" name="CANCEL" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td> </tr> </table></td> </tr> diff --git a/phpBB/admin/admin_prune.php b/phpBB/admin/admin_prune.php index fadcf1e0a5..8ad2806569 100644 --- a/phpBB/admin/admin_prune.php +++ b/phpBB/admin/admin_prune.php @@ -19,41 +19,38 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_forum') ) + if (!$auth->acl_get('a_prune')) { return; } - $filename = basename(__FILE__); - $module['Forums']['Prune'] = $filename . $SID . '&mode=forums'; + $module['Forums']['Prune'] = basename(__FILE__) . $SID . '&mode=forums'; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// Do we have forum admin permissions? -if ( !$auth->acl_get('a_forum') ) +// Do we have permission? +if (!$auth->acl_get('a_prune')) { - message_die(MESSAGE, $user->lang['No_admin']); + trigger_error($user->lang['NO_ADMIN']); } // // Get the forum ID for pruning // -if ( isset($_GET['f']) || isset($_POST['f']) ) +if (isset($_REQUEST['f'])) { - $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); - $forum_sql = ( $forum_id == -1 ) ? '' : "AND forum_id = $forum_id"; + $forum_id = intval($_REQUEST['f']); + $forum_sql = ($forum_id == -1) ? '' : "AND forum_id = $forum_id"; } else { @@ -69,7 +66,7 @@ $sql = "SELECT forum_id, forum_name, left_id, right_id $result = $db->sql_query($sql); $forum_rows = array(); -while( $row = $db->sql_fetchrow($result) ) +while($row = $db->sql_fetchrow($result)) { $forum_rows[] = $row; } @@ -78,12 +75,12 @@ $db->sql_freeresult($result); // // Check for submit to be equal to Prune. If so then proceed with the pruning. // -if ( isset($_POST['doprune']) ) +if (isset($_POST['doprune'])) { - $prunedays = ( isset($_POST['prunedays']) ) ? intval($_POST['prunedays']) : 0; + $prunedays = (isset($_POST['prunedays'])) ? intval($_POST['prunedays']) : 0; // Convert days to seconds for timestamp functions... - $prunedate = time() - ( $prunedays * 86400 ); + $prunedate = time() - ($prunedays * 86400); $template->set_filenames(array( 'body' => 'admin/forum_prune_result_body.tpl') @@ -103,7 +100,7 @@ if ( isset($_POST['doprune']) ) 'FORUM_POSTS' => $p_result['posts']) ); - $log_data .= ( ( $log_data != '' ) ? ', ' : '' ) . $forum_rows[$i]['forum_name']; + $log_data .= (($log_data != '') ? ', ' : '') . $forum_rows[$i]['forum_name']; } $template->assign_vars(array( @@ -125,7 +122,7 @@ else // If they haven't selected a forum for pruning yet then // display a select box to use for pruning. // - if ( empty($forum_id) ) + if (empty($forum_id)) { // // Output a selection table if no forum id has been specified. @@ -135,15 +132,15 @@ else $right = 0; $subforum = ''; $forum_list = ''; - foreach ( $forum_rows as $row ) + foreach ($forum_rows as $row) { - if ( $row['left_id'] < $right ) + if ($row['left_id'] < $right ) { $subforum .= ' '; } - else if ( $row['left_id'] > $right + 1 ) + else if ($row['left_id'] > $right + 1) { - $subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 )); + $subforum = substr($subforum, 0, -18 * ($row['left_id'] - $right + 1)); } $select_list .= '<option value="' . $row['forum_id'] . '">' . $subforum . $row['forum_name'] . '</option>'; @@ -171,7 +168,7 @@ else } else { - $forum_name = ( $forum_id == -1 ) ? $user->lang['All_Forums'] : $forum_rows[0]['forum_name']; + $forum_name = ($forum_id == -1) ? $user->lang['All_Forums'] : $forum_rows[0]['forum_name']; $prune_data = $user->lang['Prune_topics_not_posted'] . " "; $prune_data .= '<input type="text" name="prunedays" size="4"> ' . $user->lang['Days']; diff --git a/phpBB/admin/admin_prune_users.php b/phpBB/admin/admin_prune_users.php index 7bd0e59160..8d2b57b418 100644 --- a/phpBB/admin/admin_prune_users.php +++ b/phpBB/admin/admin_prune_users.php @@ -19,61 +19,45 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_get('a_userdel')) { return; } - $filename = basename(__FILE__); - $module['Users']['Prune_users'] = $filename . $SID; + $module['Users']['Prune_users'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->acl_get('a_user') ) +if (!$auth->acl_get('a_userdel')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -// // Set mode -// -if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) -{ - $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = ''; -} +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; -// -// -// -if ( isset($_POST['prune']) ) +// Do prune +if (isset($_POST['prune'])) { - if ( empty($_POST['confirm']) ) + if (empty($_POST['confirm'])) { $values = array('prune', 'deactivate', 'delete', 'users', 'username', 'email', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'deleteposts'); $l_message = '<form method="post" action="admin_prune_users.' . $phpEx . $SID . '">' . $user->lang['Confirm_prune_users'] . '<br /><br /><input class="liteoption" type="submit" name="confirm" value="' . $user->lang['Yes'] . '" /> <input class="liteoption" type="submit" name="cancel" value="' . $user->lang['No'] . '" />'; - foreach ( $values as $field ) + foreach ($values as $field) { - $l_message .= ( !empty($_POST[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : ''; + $l_message .= (!empty($_POST[$field])) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : ''; } $l_message .= '</form>'; @@ -92,40 +76,40 @@ if ( isset($_POST['prune']) ) page_footer(); } - else if ( isset($_POST['confirm']) ) + else if (isset($_POST['confirm'])) { - if ( !empty($_POST['users']) ) + if (!empty($_POST['users'])) { $users = explode("\n", urldecode($_POST['users'])); $where_sql = ''; - foreach ( $users as $username ) + foreach ($users as $username) { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . '\'' . trim($username) . '\''; + $where_sql .= (($where_sql != '') ? ', ' : '') . '\'' . trim($username) . '\''; } $where_sql = " AND username IN ($where_sql)"; } else { - $username = ( !empty($_POST['username']) ) ? urldecode($_POST['username']) : ''; - $email = ( !empty($_POST['email']) ) ? urldecode($_POST['email']) : ''; + $username = (!empty($_POST['username'])) ? urldecode($_POST['username']) : ''; + $email = (!empty($_POST['email'])) ? urldecode($_POST['email']) : ''; - $joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : 'lt'; - $active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] :'lt'; - $count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : 'eq'; - $joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : array(); - $active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) :array(); - $count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ''; + $joined_select = (!empty($_POST['joined_select'])) ? $_POST['joined_select'] : 'lt'; + $active_select = (!empty($_POST['active_select'])) ? $_POST['active_select'] :'lt'; + $count_select = (!empty($_POST['count_select'])) ? $_POST['count_select'] : 'eq'; + $joined = (!empty($_POST['joined'])) ? explode('-', $_POST['joined']) : array(); + $active = (!empty($_POST['active'])) ? explode('-', $_POST['active']) :array(); + $count = (!empty($_POST['count'])) ? intval($_POST['count']) : ''; $key_match = array('lt' => '<', 'gt' => '>', 'eq' => '='); $sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit'); $where_sql = ''; - $where_sql .= ( $username ) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : ''; - $where_sql .= ( $email ) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : ''; - $where_sql .= ( $joined ) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : ''; - $where_sql .= ( $count ) ? " AND user_posts " . $key_match[$count_select] . " $count " : ''; - $where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; + $where_sql .= ($username) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : ''; + $where_sql .= ($email) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : ''; + $where_sql .= ($joined) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : ''; + $where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . " $count " : ''; + $where_sql .= ($active) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; } $sql = "SELECT username, user_id FROM " . USERS_TABLE . " @@ -136,26 +120,26 @@ if ( isset($_POST['prune']) ) $where_sql = ''; $user_ids = array(); $usernames = array(); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $row['user_id']; + $where_sql .= (($where_sql != '') ? ', ' : '') . $row['user_id']; $user_ids[] = $row['user_id']; $usernames[] = $row['username']; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); $where_sql = " AND user_id IN ($where_sql)"; } $db->sql_freeresult($result); - if ( $where_sql != '' ) + if ($where_sql != '') { $sql = ''; - if ( !empty($_POST['delete']) ) + if (!empty($_POST['delete'])) { - if ( !empty($_POST['deleteposts']) ) + if (!empty($_POST['deleteposts'])) { $l_admin_log = 'log_prune_user_del_del'; @@ -178,7 +162,7 @@ if ( isset($_POST['prune']) ) $sql = "DELETE FROM " . USERS_TABLE; } - else if ( !empty($_POST['deactivate']) ) + else if (!empty($_POST['deactivate'])) { $l_admin_log = 'log_prune_user_deac'; @@ -203,20 +187,20 @@ if ( isset($_POST['prune']) ) // $find_count = array('lt' => $user->lang['Less_than'], 'eq' => $user->lang['Equal_to'], 'gt' => $user->lang['More_than']); $s_find_count = ''; -foreach ( $find_count as $key => $value ) +foreach ($find_count as $key => $value) { - $selected = ( $key == 'eq' ) ? ' selected="selected"' : ''; + $selected = ($key == 'eq') ? ' selected="selected"' : ''; $s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; } $find_time = array('lt' => $user->lang['Before'], 'gt' => $user->lang['After']); $s_find_join_time = ''; -foreach ( $find_time as $key => $value ) +foreach ($find_time as $key => $value) { $s_find_join_time .= '<option value="' . $key . '">' . $value . '</option>'; } $s_find_active_time = ''; -foreach ( $find_time as $key => $value ) +foreach ($find_time as $key => $value) { $s_find_active_time .= '<option value="' . $key . '">' . $value . '</option>'; } @@ -237,7 +221,7 @@ page_header($user->lang['Prune_users']); <th colspan="2"><?php echo $user->lang['Prune_users']; ?></th> </tr> <tr> - <td class="row1"><?php echo $user->lang['Username']; ?>: </td> + <td class="row1"><?php echo $user->lang['USERNAME']; ?>: </td> <td class="row2"><input class="post" type="text" name="username" /></td> </tr> <tr> diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index ff3424f9f2..52c5d4e98b 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -19,52 +19,42 @@ * ***************************************************************************/ -define('IN_PHPBB', 1); - -if( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_get('a_ranks')) { return; } - $file = basename(__FILE__); - $module['Users']['Ranks'] = "$file$SID"; + $module['Users']['Ranks'] = basename(__FILE__) . $SID; return; } -// +define('IN_PHPBB', 1); // Let's set the root dir for phpBB -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// -// -// -if ( !$auth->acl_get('a_user') ) +// Do we have permission? +if (!$auth->acl_get('a_ranks')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -// -// -// -if ( isset($_GET['mode']) || isset($_POST['mode']) ) +// Check mode +if (isset($_REQUEST['mode'])) { - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; + $mode = $_REQUEST['mode']; } else { - // // These could be entered via a form button - // - if ( isset($_POST['add']) ) + if (isset($_POST['add'])) { $mode = 'add'; } - else if ( isset($_POST['save']) ) + else if (isset($_POST['save'])) { $mode = 'save'; } @@ -74,23 +64,21 @@ else } } -// -// -// -if ( $mode != '' ) +// Process mode +if ($mode != '') { - if ( $mode == 'edit' || $mode == 'add' ) + if ($mode == 'edit' || $mode == 'add') { // // They want to add a new rank, show the form. // - $rank_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; + $rank_id = (isset($_GET['id'])) ? intval($_GET['id']) : 0; $s_hidden_fields = '<input type="hidden" name="mode" value="save" />'; - if ( $mode == 'edit' ) + if ($mode == 'edit') { - if ( empty($rank_id) ) + if (empty($rank_id)) { message_die(MESSAGE, $user->lang['Must_select_rank']); } @@ -126,15 +114,15 @@ if ( $mode != '' ) </tr> <tr> <td class="row1" width="40%"><?php echo $user->lang['Rank_special']; ?>: </td> - <td class="row2"><input type="radio" name="special_rank" value="1"<?php echo ( $rank_info['rank_special'] ) ? ' checked="checked"' : ''; ?> /><?php echo $user->lang['Yes']; ?> <input type="radio" name="special_rank" value="0"<?php echo ( !$rank_info['rank_special'] ) ? ' checked="checked"' : ''; ?> /> <?php echo $user->lang['No']; ?></td> + <td class="row2"><input type="radio" name="special_rank" value="1"<?php echo ($rank_info['rank_special']) ? ' checked="checked"' : ''; ?> /><?php echo $user->lang['Yes']; ?> <input type="radio" name="special_rank" value="0"<?php echo (!$rank_info['rank_special']) ? ' checked="checked"' : ''; ?> /> <?php echo $user->lang['No']; ?></td> </tr> <tr> <td class="row1" width="40%"><?php echo $user->lang['Rank_minimum']; ?>: </td> - <td class="row2"><input type="text" name="min_posts" size="5" maxlength="10" value="<?php echo ( $rank_info['rank_special'] ) ? '' : $rank_info['rank_min']; ?>" /></td> + <td class="row2"><input type="text" name="min_posts" size="5" maxlength="10" value="<?php echo ($rank_info['rank_special']) ? '' : $rank_info['rank_min']; ?>" /></td> </tr> <tr> <td class="row1" width="40%"><?php echo $user->lang['Rank_image']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Rank_image_explain']; ?></span></td> - <td class="row2"><input type="text" name="rank_image" size="40" maxlength="255" value="<?php echo ( $rank_info['rank_image'] != '' ) ? $rank_info['rank_image'] : ''; ?>" /><br /><?php echo ( $rank_info['rank_image'] != '' ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : ''; ?></td> + <td class="row2"><input type="text" name="rank_image" size="40" maxlength="255" value="<?php echo ($rank_info['rank_image'] != '') ? $rank_info['rank_image'] : ''; ?>" /><br /><?php echo ($rank_info['rank_image'] != '') ? '<img src="../' . $rank_info['rank_image'] . '" />' : ''; ?></td> </tr> <tr> <td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td> @@ -146,24 +134,24 @@ if ( $mode != '' ) page_footer(); } - else if ( $mode == 'save' ) + else if ($mode == 'save') { // // Ok, they sent us our info, let's update it. // - $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; - $rank_title = ( isset($_POST['title']) ) ? trim($_POST['title']) : ''; - $special_rank = ( $_POST['special_rank'] == 1 ) ? TRUE : 0; - $min_posts = ( isset($_POST['min_posts']) ) ? intval($_POST['min_posts']) : -1; - $rank_image = ( (isset($_POST['rank_image'])) ) ? trim($_POST['rank_image']) : ''; + $rank_id = (isset($_POST['id'])) ? intval($_POST['id']) : 0; + $rank_title = (isset($_POST['title'])) ? trim($_POST['title']) : ''; + $special_rank = ($_POST['special_rank'] == 1) ? TRUE : 0; + $min_posts = (isset($_POST['min_posts'])) ? intval($_POST['min_posts']) : -1; + $rank_image = ((isset($_POST['rank_image']))) ? trim($_POST['rank_image']) : ''; - if ( $rank_title == '' ) + if ($rank_title == '') { message_die(MESSAGE, $user->lang['Must_select_rank']); } - if ( $special_rank == 1 ) + if ($special_rank == 1) { $min_posts = -1; } @@ -171,15 +159,15 @@ if ( $mode != '' ) // // The rank image has to be a jpg, gif or png // - if ( $rank_image != '' ) + if ($rank_image != '') { - if ( !preg_match('/(\.gif|\.png|\.jpg|\.jpeg)$/is', $rank_image)) + if (!preg_match('/(\.gif|\.png|\.jpg|\.jpeg)$/is', $rank_image)) { $rank_image = ''; } } - if ( $rank_id ) + if ($rank_id) { $sql = "UPDATE " . RANKS_TABLE . " SET rank_title = '" . str_replace("\'", "''", $rank_title) . "', rank_special = $special_rank, rank_min = $min_posts, rank_image = '" . str_replace("\'", "''", $rank_image) . "' @@ -202,22 +190,22 @@ if ( $mode != '' ) message_die(MESSAGE, $message); } - else if ( $mode == 'delete' ) + else if ($mode == 'delete') { // // Ok, they want to delete their rank // - if ( isset($_POST['id']) || isset($_GET['id']) ) + if (isset($_POST['id']) || isset($_GET['id'])) { - $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); + $rank_id = (isset($_POST['id'])) ? intval($_POST['id']) : intval($_GET['id']); } else { $rank_id = 0; } - if ( $rank_id ) + if ($rank_id) { $sql = "DELETE FROM " . RANKS_TABLE . " WHERE rank_id = $rank_id"; @@ -265,23 +253,23 @@ $sql = "SELECT * FROM " . RANKS_TABLE . " ORDER BY rank_min ASC, rank_special ASC"; $result = $db->sql_query($sql); -if ( $row = $db->sql_fetchrow($result) ) +if ($row = $db->sql_fetchrow($result)) { do { - $row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2'; + $row_class = ($row_class != 'row1') ? 'row1' : 'row2'; ?> <tr> <td class="<?php echo $row_class; ?>" align="center"><?php echo $row['rank_title']; ?></td> - <td class="<?php echo $row_class; ?>" align="center"><?php echo ( $row['rank_special'] ) ? '-' : $row['rank_min']; ?></td> - <td class="<?php echo $row_class; ?>" align="center"><?php echo ( $row['rank_special'] ) ? $user->lang['Yes'] : $user->lang['No']; ?></td> + <td class="<?php echo $row_class; ?>" align="center"><?php echo ($row['rank_special']) ? '-' : $row['rank_min']; ?></td> + <td class="<?php echo $row_class; ?>" align="center"><?php echo ($row['rank_special']) ? $user->lang['Yes'] : $user->lang['No']; ?></td> <td class="<?php echo $row_class; ?>" align="center"><a href="<?php echo "admin_ranks.$phpEx$SID&mode=edit&id=" . $row['rank_id']; ?>"><?php echo $user->lang['Edit']; ?></a></td> <td class="<?php echo $row_class; ?>" align="center"><a href="<?php echo "admin_ranks.$phpEx$SID&mode=delete&id=" . $row['rank_id']; ?>"><?php echo $user->lang['Delete']; ?></a></td> </tr> <?php } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } ?> diff --git a/phpBB/admin/admin_search.php b/phpBB/admin/admin_search.php index 158e13a96e..07b150c89f 100644 --- a/phpBB/admin/admin_search.php +++ b/phpBB/admin/admin_search.php @@ -19,59 +19,50 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_search')) { return; } - $filename = basename(__FILE__); - $module['DB']['Search_indexing'] = $filename . $SID; + $module['DB']['Search_indexing'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); -// -// Do we have forum admin permissions? -// -if ( !$auth->acl_get('a_general') ) +// Check permissions +if (!$auth->acl_get('a_search')) { - message_die(MESSAGE, $user->lang['No_admin']); + trigger_error($user->lang['NO_ADMIN']); } -// // Start indexing -// -if ( isset($_POST['start']) || isset($_GET['batchstart']) ) +if (isset($_POST['start']) || isset($_GET['batchstart'])) { $batchsize = 200; // Process this many posts per batch - $batchstart = ( !isset($_GET['batchstart']) ) ? $row['min_post_id'] : $_GET['batchstart']; - $batchcount = ( !isset($_GET['batchcount']) ) ? 1 : $_GET['batchcount']; + $batchstart = (!isset($_GET['batchstart'])) ? $row['min_post_id'] : $_GET['batchstart']; + $batchcount = (!isset($_GET['batchcount'])) ? 1 : $_GET['batchcount']; $loopcount = 0; $batchend = $batchstart + $batchsize; - // // Search re-indexing is tough on the server ... so we'll check the load // each loop and if we're on a 1min load of 3 or more we'll re-load the page // and try again. No idea how well this will work in practice so we'll see ... - // - if ( file_exists('/proc/loadavg') ) + if (file_exists('/proc/loadavg')) { - if ( $load = @file('/proc/loadavg') ) + if ($load = @file('/proc/loadavg')) { list($load) = explode(' ', $load[0]); - if ( $load > 3 ) + if ($load > 3) { header("Location: admin_search.$phpEx$SID&batchstart=$batchstart&batchcount=$batch_count"); exit; @@ -79,27 +70,25 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - // // Try and load stopword and synonym files - // $stopword_array = array(); $synonym_array = array(); $dir = opendir($phpbb_root_path . 'language/'); - while ( $file = readdir($dir) ) + while ($file = readdir($dir)) { - if ( preg_match('#^lang_#', $file) && !is_file($phpbb_root_path . 'language/' . $file) && !is_link($phpbb_root_path . 'language/' . $file) ) + if (preg_match('#^lang_#', $file) && !is_file($phpbb_root_path . 'language/' . $file) && !is_link($phpbb_root_path . 'language/' . $file)) { unset($tmp_array); $tmp_array = @file($phpbb_root_path . 'language/' . $file . '/search_stopwords.txt'); - if ( is_array($tmp_array) ) + if (is_array($tmp_array)) { $stopword_array = array_unique(array_merge($stopword_array, $tmp_array)); } unset($tmp_array); $tmp_array = @file($phpbb_root_path . 'language/' . $file . '/search_synonyms.txt'); - if ( is_array($tmp_array) ) + if (is_array($tmp_array)) { $synonym_array = array_unique(array_merge($synonym_array, $tmp_array)); } @@ -108,7 +97,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) closedir($dir); - if ( !isset($_GET['batchstart']) ) + if (!isset($_GET['batchstart'])) { // // Take board offline @@ -146,7 +135,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) AND $batchend"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { @@ -158,36 +147,36 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) $word = array(); $word_insert_sql = array(); - foreach ( $search_raw_words as $word_in => $search_matches ) + foreach ($search_raw_words as $word_in => $search_matches) { $word_insert_sql[$word_in] = ''; - if ( !empty($search_matches) ) + if (!empty($search_matches)) { for ($i = 0; $i < count($search_matches); $i++) { $search_matches[$i] = trim($search_matches[$i]); - if ( $search_matches[$i] != '' ) + if ($search_matches[$i] != '') { $word[] = $search_matches[$i]; - $word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; + $word_insert_sql[$word_in] .= ($word_insert_sql[$word_in] != '') ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; } } } } - if ( count($word) ) + if (count($word)) { $word_text_sql = ''; $word = array_unique($word); for($i = 0; $i < count($word); $i++) { - $word_text_sql .= ( ( $word_text_sql != '' ) ? ', ' : '' ) . "'" . $word[$i] . "'"; + $word_text_sql .= (($word_text_sql != '') ? ', ' : '') . "'" . $word[$i] . "'"; } $check_words = array(); - switch( SQL_LAYER ) + switch(SQL_LAYER) { case 'postgresql': case 'msaccess': @@ -199,7 +188,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) WHERE word_text IN ($word_text_sql)"; $result = $db->sql_query($sql); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $check_words[$row['word_text']] = $row['word_id']; } @@ -211,21 +200,21 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) for ($i = 0; $i < count($word); $i++) { $new_match = true; - if ( isset($check_words[$word[$i]]) ) + if (isset($check_words[$word[$i]])) { $new_match = false; } - if ( $new_match ) + if ($new_match) { - switch( SQL_LAYER ) + switch(SQL_LAYER) { case 'mysql': case 'mysql4': - $value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\')'; + $value_sql .= (($value_sql != '') ? ', ' : '') . '(\'' . $word[$i] . '\')'; break; case 'mssql': - $value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'"; + $value_sql .= (($value_sql != '') ? ' UNION ALL ' : '') . "SELECT '" . $word[$i] . "'"; break; default: $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) @@ -236,9 +225,9 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - if ( $value_sql != '' ) + if ($value_sql != '') { - switch ( SQL_LAYER ) + switch (SQL_LAYER) { case 'mysql': case 'mysql4': @@ -255,11 +244,11 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - foreach ( $word_insert_sql as $word_in => $match_sql ) + foreach ($word_insert_sql as $word_in => $match_sql) { - $title_match = ( $word_in == 'title' ) ? 1 : 0; + $title_match = ($word_in == 'title') ? 1 : 0; - if ( $match_sql != '' ) + if ($match_sql != '') { $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) SELECT $post_id, word_id, $title_match @@ -270,22 +259,22 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); // Remove common words after the first 2 batches and after every 4th batch after that. - if ( $batchcount % 4 == 3 ) + if ($batchcount % 4 == 3) { // remove_common('global', $config['common_search']); } $batchcount++; - if ( ( $batchstart + $batchsize ) < $max_post_id ) + if (($batchstart + $batchsize) < $max_post_id) { - header("Location: admin_search.$phpEx$SID&batchstart=" . ( $batchstart + $batchsize ) . "&batchcount=$batch_count"); + header("Location: admin_search.$phpEx$SID&batchstart=" . ($batchstart + $batchsize) . "&batchcount=$batch_count"); exit; } else @@ -312,7 +301,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) exit; } -else if ( isset($_POST['cancel']) ) +else if (isset($_POST['cancel'])) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '0' diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 0aa6d7a9c1..b3fdb8071b 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -19,9 +19,9 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_icons')) { return; } @@ -34,42 +34,22 @@ if ( !empty($setmodules) ) } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// // Do we have general permissions? -// -if (!$auth->acl_get('a_general')) +if (!$auth->acl_get('a_icons')) { message_die(MESSAGE, $user->lang['No_admin']); } -// // Check to see what mode we should operate in. -// -if (isset($_POST['type']) || isset($_GET['type'])) -{ - $type = (!empty($_POST['type'])) ? $_POST['type'] : $_GET['type']; -} -else -{ - $type = ''; -} - -if (isset($_POST['mode']) || isset($_GET['mode'])) -{ - $mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = ''; -} +$type = (!empty($_REQUEST['type'])) ? $_REQUEST['type'] : ''; +$mode = (!empty($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; +// What are we doing? switch ($type) { case 'emoticons': @@ -603,7 +583,7 @@ function update_smile_dimensions() </tr> <?php } - $row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2'; + $row_class = ($row_class != 'row1') ? 'row1' : 'row2'; ?> <tr> <?php diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index bbc5a29bb4..dde955e3ca 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -19,71 +19,57 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_gets('a_user', 'a_useradd', 'a_userdel')) { return; } - $filename = basename(__FILE__); - $module['Users']['Manage'] = $filename . $SID; + $module['Users']['Manage'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); - // Include files $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); - -// Do we have forum admin permissions? -if ( !$auth->acl_get('a_user') ) -{ - trigger_error($user->lang['No_admin']); -} - -echo $mode; // Set mode -if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) -{ - $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = 'main'; -} +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main'; // Begin program -if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) +if (isset($_POST['username']) || isset($_GET['u']) || isset($_POST['u'])) { - // Grab relevant userdata - if( isset( $_GET['u']) || isset( $_POST['u']) ) + if(isset($_REQUEST['u'])) { - $user_id = ( isset( $_POST['u']) ) ? intval( $_POST['u']) : intval( $_GET['u']); + $user_id = intval($_REQUEST['u']); - if( !($userdata = get_userdata($user_id)) ) + if(!($userdata = get_userdata($user_id))) { - trigger_error($user->lang['No_user_id_specified'] ); + trigger_error($user->lang['No_user_id_specified']); } } else { - if( !$userdata = get_userdata( $_POST['username'] ) ) + if(!$userdata = get_userdata($_POST['username'])) { - trigger_error($user->lang['No_user_id_specified'] ); + trigger_error($user->lang['No_user_id_specified']); } } // Update entry in DB - if( $_POST['deleteuser'] && !$userdata['user_founder'] && $auth->acl_get('a_userdel') ) + if ($_POST['deleteuser'] && !$userdata['user_founder']) { + if (!$auth->acl_get('a_userdel')) + { + trigger_error($user->lang['NO_ADMIN']); + } + $db->sql_transaction(); $sql = "UPDATE " . POSTS_TABLE . " @@ -108,6 +94,10 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) WHERE user_id = $user_id"; $db->sql_query($sql); + $sql = "DELETE FROM " . FORUMS_WATCH_TABLE . " + WHERE user_id = $user_id"; + $db->sql_query($sql); + $sql = "DELETE FROM " . ACL_USERS_TABLE . " WHERE user_id = $user_id"; $db->sql_query($sql); @@ -149,13 +139,13 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) </tr> <tr> <td class="row1">Registered from IP: </td> - <td class="row2"><?php if ( $userdata['user_ip'] ) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=main&do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&mode=ip&ban=<?php echo $userdata['user_ip']; ?>&bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td> + <td class="row2"><?php if ($userdata['user_ip']) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=main&do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&mode=ip&ban=<?php echo $userdata['user_ip']; ?>&bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td> </tr> <?php - if ( isset($_GET['do']) && $_GET['do'] == 'iplookup' ) + if (isset($_GET['do']) && $_GET['do'] == 'iplookup') { - if ( $userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip']) ) + if ($userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip'])) { ?> <tr> @@ -164,7 +154,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) <tr> <td class="row1" colspan="2"><?php - if ( $ipwhois = ipwhois($userdata['user_ip']) ) + if ($ipwhois = ipwhois($userdata['user_ip'])) { echo '<br /><pre align="left">' . trim($ipwhois) . '</pre>'; } @@ -199,7 +189,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) foreach ($acl_options['global'] as $option_name => $option_id) { - $type = substr($option_name, 0, strpos('_', $option_name) +1 ); + $type = substr($option_name, 0, strpos('_', $option_name) +1); $global[$type][$option_name] = $userauth->acl_get($option_name); } @@ -209,7 +199,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) $result = $db->sql_query($sql); $permissions = array(); - while( $row = $db->sql_fetchrow($result) ) + while($row = $db->sql_fetchrow($result)) { $forum_data[$row['forum_id']] = $row['forum_name']; @@ -245,14 +235,14 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) foreach ($auth_ary as $option => $allow) { - if ( $option != $type .'_' ) + if ($option != $type .'_') { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; - $l_can_cell = ( !empty($user->lang['acl_' . $option]) ) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option)); + $l_can_cell = (!empty($user->lang['acl_' . $option])) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option)); - $allow_type = ( $allow == ACL_ALLOW ) ? ' checked="checked"' : ''; - $deny_type = ( $allow == ACL_DENY ) ? ' checked="checked"' : ''; + $allow_type = ($allow == ACL_ALLOW) ? ' checked="checked"' : ''; + $deny_type = ($allow == ACL_DENY) ? ' checked="checked"' : ''; ?> <tr> <td class="<?php echo $row_class; ?>"><?php echo $l_can_cell; ?></td> @@ -280,7 +270,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) foreach ($auth_ary as $option => $allow) { - echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . ( ( $allow ) ? 'Allowed' : 'Denied' ) . '</td></tr>'; + echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . (($allow) ? 'Allowed' : 'Denied') . '</td></tr>'; } ?> @@ -297,10 +287,14 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) page_footer(); } -else + +// Do we have permission? +if (!$auth->acl_get('a_user')) { + trigger_error($user->lang['No_admin']); +} - page_header($user->lang['Manage']); +page_header($user->lang['Manage']); ?> @@ -308,7 +302,7 @@ else <p><?php echo $user->lang['User_admin_explain']; ?></p> -<form method="post" name="post" action="<?php echo "admin_users.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> +<form method="post" name="post" action="admin_users.<?php echo $phpEx.$SID; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> <th align="center"><?php echo $user->lang['Select_a_User']; ?></th> </tr> @@ -319,12 +313,11 @@ else <?php -} page_footer(); -// -// +// --------- +// FUNCTIONS function ipwhois($ip) { $ipwhois = ''; @@ -336,25 +329,25 @@ function ipwhois($ip) '#whois\.registro\.br#is' => 'whois.registro.br' ); - if ( ($fsk = fsockopen('whois.arin.net', 43)) ) + if (($fsk = fsockopen('whois.arin.net', 43))) { @fputs($fsk, "$ip\n"); - while (!feof($fsk) ) + while (!feof($fsk)) { $ipwhois .= fgets($fsk, 1024); } fclose($fsk); } - foreach ( array_keys($match) as $server ) + foreach (array_keys($match) as $server) { - if ( preg_match($server, $ipwhois) ) + if (preg_match($server, $ipwhois)) { $ipwhois = ''; - if ( ($fsk = fsockopen($match[$server], 43)) ) + if (($fsk = fsockopen($match[$server], 43))) { @fputs($fsk, "$ip\n"); - while (!feof($fsk) ) + while (!feof($fsk)) { $ipwhois .= fgets($fsk, 1024); } @@ -366,7 +359,7 @@ function ipwhois($ip) return $ipwhois; } -// -// +// FUNCTIONS +// --------- ?>
\ No newline at end of file diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php index 579014b52e..d4599191af 100644 --- a/phpBB/admin/admin_words.php +++ b/phpBB/admin/admin_words.php @@ -19,51 +19,43 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_words')) { return; } - $file = basename(__FILE__); - $module['Posts']['Word_Censor'] = "$file$SID"; + $module['Posts']['Word_Censor'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +require($phpbb_root_path . 'includes/functions_admin.' . $phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->acl_get('a_general') ) +if (!$auth->acl_get('a_words')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -// -// -// -if ( isset($_GET['mode']) || isset($_POST['mode']) ) +// What do we want to do? +if (isset($_REQUEST['mode'])) { - $mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; + $mode = $_REQUEST['mode']; } else { - // // These could be entered via a form button - // - if ( isset($_POST['add']) ) + if (isset($_POST['add'])) { $mode = 'add'; } - else if ( isset($_POST['save']) ) + else if (isset($_POST['save'])) { $mode = 'save'; } @@ -73,20 +65,20 @@ else } } -if( $mode != '' ) +if ($mode != '') { - switch ( $mode ) + switch ($mode) { case 'edit': case 'add': - $word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; + $word_id = (isset($_GET['id'])) ? intval($_GET['id']) : 0; $s_hidden_fields = ''; - if ( $mode == 'edit' ) + if ($mode == 'edit') { - if ( !$word_id ) + if (!$word_id) { - message_die(MESSAGE, $user->lang['No_word_selected']); + trigger_error($user->lang['No_word_selected']); } $sql = "SELECT * @@ -119,43 +111,43 @@ if( $mode != '' ) <td class="row2"><input type="text" name="replacement" value="<?php echo $word_info['replacement']; ?>" /></td> </tr> <tr> - <td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['Submit']; ?>" /></td> + <td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['SUBMIT']; ?>" /></td> </tr> </table></form> <?php + page_footer(); break; case 'save': - $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; - $word = ( isset($_POST['word']) ) ? trim($_POST['word']) : ''; - $replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : ''; + $word_id = (isset($_POST['id'])) ? intval($_POST['id']) : 0; + $word = (isset($_POST['word'])) ? trim($_POST['word']) : ''; + $replacement = (isset($_POST['replacement'])) ? trim($_POST['replacement']) : ''; - if ( $word == '' || $replacement == '' ) + if ($word == '' || $replacement == '') { - message_die(MESSAGE, $user->lang['Must_enter_word']); + trigger_error($user->lang['Must_enter_word']); } - $sql = ( $word_id ) ? "UPDATE " . WORDS_TABLE . " SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')"; + $sql = ($word_id) ? "UPDATE " . WORDS_TABLE . " SET word = '" . sql_quote($word) . "', replacement = '" . sql_quote($replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . sql_quote($word) . "', '" . sql_quote($replacement) . "')"; $db->sql_query($sql); - $log_action = ( $word_id ) ? 'log_edit_word' : 'log_add_word'; + $log_action = ($word_id) ? 'log_edit_word' : 'log_add_word'; add_admin_log($log_action, stripslashes($word)); - $message = ( $word_id ) ? $user->lang['Word_updated'] : $user->lang['Word_added']; - message_die(MESSAGE, $message); + $message = ($word_id) ? $user->lang['Word_updated'] : $user->lang['Word_added']; break; case 'delete': - if ( isset($_POST['id']) || isset($_GET['id']) ) + if (isset($_POST['id']) || isset($_GET['id'])) { - $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); + $word_id = (isset($_POST['id'])) ? intval($_POST['id']) : intval($_GET['id']); } else { - message_die(MESSAGE, $user->lang['Must_specify_word']); + trigger_error($user->lang['Must_specify_word']); } $sql = "DELETE FROM " . WORDS_TABLE . " @@ -164,10 +156,34 @@ if( $mode != '' ) add_admin_log('log_delete_word'); - message_die(MESSAGE, $user->lang['Word_removed']); + $message = $user->lang['Word_remove']; break; + } + $sql = "SELECT * + FROM " . WORDS_TABLE . " + ORDER BY word"; + $result = $db->sql_query($sql); + + $cache_str = "\$word_censors = array(\n"; + $cache_str_match = $cache_str_replace = ''; + if ($row = $db->sql_fetchrow($result)) + { + do + { + $cache_str_match .= "\t\t'" . addslashes('#\b' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . '\b#i') . "',\n"; + $cache_str_replace .= "\t\t'" . addslashes($row['replacement']) . "',\n"; + } + while ($row = $db->sql_fetchrow($result)); + + $cache_str .= "\t'match' => array(\n$cache_str_match\t),\n\t'replace' => array(\n$cache_str_replace\t)\n);"; + } + $db->sql_freeresult($result); + + config_cache_write('\$word_censors = array\(.*?\);', $cache_str); + trigger_error($message); + } else { @@ -194,11 +210,11 @@ else ORDER BY word"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> @@ -210,8 +226,9 @@ else <?php } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } + $db->sql_freeresult($result); ?> <tr> @@ -221,8 +238,8 @@ else <?php -} + page_footer(); -page_footer() +} ?>
\ No newline at end of file diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index b2fea163b4..4cfb0591e9 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -22,8 +22,8 @@ define('IN_PHPBB', 1); // Define some vars -$pane = ( isset($_GET['pane']) ) ? $_GET['pane'] : ''; -$update = ( $pane == 'right' ) ? true : false; +$pane = (isset($_GET['pane'])) ? $_GET['pane'] : ''; +$update = ($pane == 'right') ? true : false; // Include files $phpbb_root_path = '../'; @@ -31,13 +31,13 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // Do we have any admin permissions at all? -if ( !$auth->acl_get('a_') ) +if (!$auth->acl_get('a_')) { - trigger_error('No_admin'); + trigger_error($user->lang['NO_ADMIN']); } // Generate relevant output -if ( isset($_GET['pane']) && $_GET['pane'] == 'top' ) +if (isset($_GET['pane']) && $_GET['pane'] == 'top') { page_header('', '', false); @@ -55,7 +55,7 @@ if ( isset($_GET['pane']) && $_GET['pane'] == 'top' ) page_footer(false); } -else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) +else if (isset($_GET['pane']) && $_GET['pane'] == 'left') { // Cheat and use the meta tag to change some stylesheet info page_header('', '<style type="text/css">body {background-color: #98AAB1}</style>', false); @@ -64,9 +64,9 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) $dir = @opendir('.'); $setmodules = 1; - while ( $file = @readdir($dir) ) + while ($file = @readdir($dir)) { - if ( preg_match('/^admin_(.*?)\.' . $phpEx . '$/', $file) ) + if (preg_match('/^admin_(.*?)\.' . $phpEx . '$/', $file)) { include($file); } @@ -92,12 +92,12 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) </tr> <?php - if ( is_array($module) ) + if (is_array($module)) { @ksort($module); - foreach ( $module as $cat => $action_ary ) + foreach ($module as $cat => $action_ary) { - $cat = ( !empty($user->lang[$cat . '_cat']) ) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat); + $cat = (empty($user->lang[$cat . '_cat'])) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat); ?> <tr> @@ -107,17 +107,20 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) @ksort($action_ary); - foreach ( $action_ary as $action => $file ) + foreach ($action_ary as $action => $file) { - $action = ( !empty($user->lang[$action]) ) ? $user->lang[$action] : preg_replace('/_/', ' ', $action); + if (!empty($file)) + { + $action = (!empty($user->lang[$action])) ? $user->lang[$action] : preg_replace('/_/', ' ', $action); - $cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> - <td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td> + <td class="<?php echo $row_class; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td> </tr> <?php + } } } } @@ -134,24 +137,29 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) page_footer(false); } -elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) +elseif (isset($_GET['pane']) && $_GET['pane'] == 'right') { - if ( ( isset($_POST['activate']) || isset($_POST['delete']) ) && !empty($_POST['mark']) ) + if ((isset($_POST['activate']) || isset($_POST['delete'])) && !empty($_POST['mark'])) { - if ( is_array($_POST['mark']) ) + if (!$auth->acl_get('a_user')) + { + trigger_error($user->lang['NO_ADMIN']); + } + + if (is_array($_POST['mark'])) { $in_sql = ''; - foreach( $_POST['mark'] as $user_id ) + foreach ($_POST['mark'] as $user_id) { - $in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $user_id; + $in_sql .= (($in_sql != '') ? ', ' : '') . intval($user_id); } - if ( $in_sql != '' ) + if ($in_sql != '') { - $sql = ( isset($_POST['activate']) ) ? "UPDATE " . USERS_TABLE . " SET user_active = 1 WHERE user_id IN ($in_sql)" : "DELETE FROM " . USERS_TABLE . " WHERE user_id IN ($in_sql)"; + $sql = (isset($_POST['activate'])) ? "UPDATE " . USERS_TABLE . " SET user_active = 1 WHERE user_id IN ($in_sql)" : "DELETE FROM " . USERS_TABLE . " WHERE user_id IN ($in_sql)"; $db->sql_query($sql); - if ( isset($_POST['delete']) ) + if (isset($_POST['delete'])) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = config_value - " . sizeof($_POST['mark']) . " @@ -159,16 +167,20 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $db->sql_query($sql); } - $log_action = ( isset($_POST['activate']) ) ? 'log_index_activate' : 'log_index_delete'; + $log_action = (isset($_POST['activate'])) ? 'log_index_activate' : 'log_index_delete'; add_admin_log($log_action, sizeof($_POST['mark'])); } } } - else if ( isset($_POST['remind']) ) + else if (isset($_POST['remind'])) { + if (!$auth->acl_get('a_user')) + { + trigger_error($user->lang['NO_ADMIN']); + } } - else if ( isset($_POST['resetonline']) ) + else if (isset($_POST['resetonline'])) { } @@ -180,7 +192,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $start_date = $user->format_date($config['board_startdate']); - $boarddays = ( time() - $config['board_startdate'] ) / 86400; + $boarddays = (time() - $config['board_startdate']) / 86400; $posts_per_day = sprintf('%.2f', $total_posts / $boarddays); $topics_per_day = sprintf('%.2f', $total_topics / $boarddays); @@ -188,11 +200,11 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $avatar_dir_size = 0; - if ( $avatar_dir = @opendir($phpbb_root_path . $config['avatar_path']) ) + if ($avatar_dir = @opendir($phpbb_root_path . $config['avatar_path'])) { - while ( $file = @readdir($avatar_dir) ) + while ($file = @readdir($avatar_dir)) { - if ( $file != '.' && $file != '..' ) + if ($file != '.' && $file != '..') { $avatar_dir_size += @filesize($phpbb_root_path . $config['avatar_path'] . '/' . $file); } @@ -202,11 +214,11 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) // This bit of code translates the avatar directory size into human readable format // Borrowed the code from the PHP.net annoted manual, origanally written by: // Jesse (jesse@jess.on.ca) - if ( $avatar_dir_size >= 1048576 ) + if ($avatar_dir_size >= 1048576) { $avatar_dir_size = round($avatar_dir_size / 1048576 * 100) / 100 . ' MB'; } - else if ( $avatar_dir_size >= 1024 ) + else if ($avatar_dir_size >= 1024) { $avatar_dir_size = round($avatar_dir_size / 1024 * 100) / 100 . ' KB'; } @@ -222,17 +234,17 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $avatar_dir_size = $user->lang['Not_available']; } - if ( $posts_per_day > $total_posts ) + if ($posts_per_day > $total_posts) { $posts_per_day = $total_posts; } - if ( $topics_per_day > $total_topics ) + if ($topics_per_day > $total_topics) { $topics_per_day = $total_topics; } - if ( $users_per_day > $total_users ) + if ($users_per_day > $total_users) { $users_per_day = $total_users; } @@ -240,30 +252,30 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) // DB size ... MySQL only // This code is heavily influenced by a similar routine // in phpMyAdmin 2.2.0 - if ( preg_match('/^mysql/', SQL_LAYER) ) + if (preg_match('/^mysql/', SQL_LAYER)) { $result = $db->sql_query('SELECT VERSION() AS mysql_version'); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $version = $row['mysql_version']; - if ( preg_match('/^(3\.23|4\.)/', $version) ) + if (preg_match('/^(3\.23|4\.)/', $version)) { - $db_name = ( preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version) ) ? "`$dbname`" : $dbname; + $db_name = (preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version)) ? "`$dbname`" : $dbname; $sql = "SHOW TABLE STATUS FROM " . $db_name; $result = $db->sql_query($sql); $dbsize = 0; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - if ( $row['Type'] != 'MRG_MyISAM' ) + if ($row['Type'] != 'MRG_MyISAM') { - if ( $table_prefix != '' ) + if ($table_prefix != '') { - if ( strstr($row['Name'], $table_prefix) ) + if (strstr($row['Name'], $table_prefix)) { $dbsize += $row['Data_length'] + $row['Index_length']; } @@ -285,22 +297,22 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $dbsize = $user->lang['Not_available']; } } - else if ( preg_match('/^mssql/', SQL_LAYER) ) + else if (preg_match('/^mssql/', SQL_LAYER)) { $sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize FROM sysfiles"; $result = $db->sql_query($sql); - $dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $user->lang['Not_available']; + $dbsize = ($row = $db->sql_fetchrow($result)) ? intval($row['dbsize']) : $user->lang['Not_available']; } else { $dbsize = $user->lang['Not_available']; } - if ( is_int($dbsize) ) + if (is_int($dbsize)) { - $dbsize = ( $dbsize >= 1048576 ) ? sprintf('%.2f MB', ( $dbsize / 1048576 )) : ( ( $dbsize >= 1024 ) ? sprintf('%.2f KB', ( $dbsize / 1024 )) : sprintf('%.2f Bytes', $dbsize) ); + $dbsize = ($dbsize >= 1048576) ? sprintf('%.2f MB', ($dbsize / 1048576)) : (($dbsize >= 1024) ? sprintf('%.2f KB', ($dbsize / 1024)) : sprintf('%.2f Bytes', $dbsize)); } page_header($user->lang['Admin_Index']); @@ -360,7 +372,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) <td class="row1" nowrap="nowrap"><?php echo $user->lang['Database_size']; ?>:</td> <td class="row2"><b><?php echo $dbsize; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $user->lang['Gzip_compression']; ?>:</td> - <td class="row2"><b><?php echo ( $config['gzip_compress'] ) ? $user->lang['ON'] : $user->lang['OFF']; ?></b></td> + <td class="row2"><b><?php echo ($config['gzip_compress']) ? $user->lang['ON'] : $user->lang['OFF']; ?></b></td> </tr> <!-- tr> <td class="row1" colspan="4"><?php echo sprintf($user->lang['Record_online_users'], $config['record_online_users'], $user->format_date($config['record_online_date'])); ?></td> @@ -384,7 +396,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) for($i = 0; $i < sizeof($log_data); $i++) { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> @@ -397,6 +409,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) } + if ($auth->acl_get('a_user')) + { + ?> </table> @@ -412,18 +427,18 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - $sql = "SELECT user_id, username, user_regdate - FROM " . USERS_TABLE . " - WHERE user_active = 0 - AND user_id <> " . ANONYMOUS . " - ORDER BY user_regdate ASC"; - $result = $db->sql_query($sql); + $sql = "SELECT user_id, username, user_regdate + FROM " . USERS_TABLE . " + WHERE user_active = 0 + AND user_id <> " . ANONYMOUS . " + ORDER BY user_regdate ASC"; + $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) - { - do + if ($row = $db->sql_fetchrow($result)) { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + do + { + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> @@ -433,8 +448,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - } - while ( $row = $db->sql_fetchrow($result) ); + } + while ($row = $db->sql_fetchrow($result)); ?> <tr> @@ -442,9 +457,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - } - else - { + } + else + { ?> <tr> @@ -452,7 +467,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - } + } ?> </table> @@ -465,6 +480,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) <?php + } + page_footer(); } diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 37aaa9c899..8b4e2aa535 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -19,7 +19,7 @@ * ***************************************************************************/ -if ( !defined('IN_PHPBB') ) +if (!defined('IN_PHPBB')) { die('Hacking attempt'); } @@ -53,9 +53,9 @@ function page_header($sub_title, $meta = '', $table_html = true) define('HEADER_INC', true); // gzip_compression - if ( $config['gzip_compress'] ) + if ($config['gzip_compress']) { - if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() ) + if (extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent()) { ob_start('ob_gzhandler'); } @@ -87,7 +87,7 @@ td.cat { background-image: url('images/cellpic1.gif') } <?php - if ( $table_html ) + if ($table_html) { ?> @@ -122,7 +122,7 @@ function page_footer($copyright_html = true) </table> <?php - if ( $copyright_html ) + if ($copyright_html) { ?> @@ -144,7 +144,7 @@ function page_message($title, $message, $show_header = false) { global $phpEx, $SID, $user; - if ( $show_header ) + if ($show_header) { ?> @@ -186,7 +186,7 @@ function add_admin_log() $arguments = func_get_args(); $action = array_shift($arguments); - $data = ( !sizeof($arguments) ) ? '' : addslashes(serialize($arguments)); + $data = (!sizeof($arguments)) ? '' : addslashes(serialize($arguments)); $sql = "INSERT INTO " . LOG_ADMIN_TABLE . " (user_id, log_ip, log_time, log_operation, log_data) VALUES (" . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')"; @@ -199,9 +199,9 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id { global $db, $user, $phpEx, $SID; - $table_sql = ( $mode == 'admin' ) ? LOG_ADMIN_TABLE : LOG_MOD_TABLE; - $forum_sql = ( $mode == 'mod' && $forum_id ) ? "AND l.forum_id = $forum_id" : ''; - $limit_sql = ( $limit ) ? ( ( $offset ) ? "LIMIT $offset, $limit" : "LIMIT $limit" ) : ''; + $table_sql = ($mode == 'admin') ? LOG_ADMIN_TABLE : LOG_MOD_TABLE; + $forum_sql = ($mode == 'mod' && $forum_id) ? "AND l.forum_id = $forum_id" : ''; + $limit_sql = ($limit) ? (($offset) ? "LIMIT $offset, $limit" : "LIMIT $limit") : ''; $sql = "SELECT l.log_id, l.user_id, l.log_ip, l.log_time, l.log_operation, l.log_data, u.username FROM $table_sql l, " . USERS_TABLE . " u @@ -213,7 +213,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $result = $db->sql_query($sql); $log = array(); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $i = 0; do @@ -223,13 +223,13 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $log[$i]['ip'] = $row['log_ip']; $log[$i]['time'] = $row['log_time']; - $log[$i]['action'] = ( !empty($user->lang[$row['log_operation']]) ) ? $user->lang[$row['log_operation']] : ucfirst(str_replace('_', ' ', $row['log_operation'])); + $log[$i]['action'] = (!empty($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : ucfirst(str_replace('_', ' ', $row['log_operation'])); - if ( !empty($row['log_data']) ) + if (!empty($row['log_data'])) { $log_data_ary = unserialize(stripslashes($row['log_data'])); - foreach ( $log_data_ary as $log_data ) + foreach ($log_data_ary as $log_data) { $log[$i]['action'] = preg_replace('#%s#', $log_data, $log[$i]['action'], 1); } @@ -237,7 +237,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $i++; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); |