diff options
Diffstat (limited to 'phpBB/admin')
| -rw-r--r-- | phpBB/admin/admin_ban.php | 34 | ||||
| -rw-r--r-- | phpBB/admin/admin_board.php | 36 | ||||
| -rw-r--r-- | phpBB/admin/admin_database.php | 26 | ||||
| -rw-r--r-- | phpBB/admin/admin_disallow.php | 12 | ||||
| -rw-r--r-- | phpBB/admin/admin_email.php | 12 | ||||
| -rw-r--r-- | phpBB/admin/admin_forums.php | 4 | ||||
| -rw-r--r-- | phpBB/admin/admin_groups.php | 34 | ||||
| -rw-r--r-- | phpBB/admin/admin_permissions.php | 93 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune.php | 44 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune_users.php | 42 | ||||
| -rw-r--r-- | phpBB/admin/admin_ranks.php | 28 | ||||
| -rw-r--r-- | phpBB/admin/admin_search.php | 14 | ||||
| -rw-r--r-- | phpBB/admin/admin_smilies.php | 73 | ||||
| -rw-r--r-- | phpBB/admin/admin_styles.php | 42 | ||||
| -rw-r--r-- | phpBB/admin/admin_users.php | 110 | ||||
| -rw-r--r-- | phpBB/admin/admin_viewlogs.php | 57 | ||||
| -rw-r--r-- | phpBB/admin/admin_words.php | 24 | ||||
| -rw-r--r-- | phpBB/admin/index.php | 2 | ||||
| -rw-r--r-- | phpBB/admin/pagestart.php | 67 |
19 files changed, 330 insertions, 424 deletions
diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index a4f22c2481..b03880c1ce 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('ban') ) + if ( !$auth->acl_get('a_ban') ) { return; } @@ -36,9 +36,7 @@ if( !empty($setmodules) ) return; } -// // Load default header -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); @@ -46,7 +44,7 @@ require('pagestart.' . $phpEx); // // Do we have ban permissions? // -if ( !$auth->get_acl_admin('ban') ) +if ( !$auth->acl_get('a_ban') ) { return; } @@ -54,9 +52,9 @@ if ( !$auth->get_acl_admin('ban') ) // // Mode setting // -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -68,21 +66,21 @@ $current_time = time(); // // Start program // -if ( isset($HTTP_POST_VARS['bansubmit']) ) +if ( isset($_POST['bansubmit']) ) { - $ban_reason = ( isset($HTTP_POST_VARS['banreason']) ) ? $HTTP_POST_VARS['banreason'] : ''; - $ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban'])); + $ban_reason = ( isset($_POST['banreason']) ) ? $_POST['banreason'] : ''; + $ban_list = array_unique(explode("\n", $_POST['ban'])); $ban_list_log = implode(', ', $ban_list); - if ( !empty($HTTP_POST_VARS['banlength']) ) + if ( !empty($_POST['banlength']) ) { - if ( $HTTP_POST_VARS['banlength'] != -1 || empty($HTTP_POST_VARS['banlengthother']) ) + if ( $_POST['banlength'] != -1 || empty($_POST['banlengthother']) ) { - $ban_end = max($current_time, $current_time + ( intval($HTTP_POST_VARS['banlength']) * 60 )); + $ban_end = max($current_time, $current_time + ( intval($_POST['banlength']) * 60 )); } else { - $ban_other = explode('-', $HTTP_POST_VARS['banlengthother']); + $ban_other = explode('-', $_POST['banlengthother']); $ban_end = max($current_time, gmmktime(0, 0, 0, $ban_other[1], $ban_other[2], $ban_other[0])); } } @@ -130,9 +128,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) { if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) ) { - // // Don't ask about all this, just don't ask ... ! - // $ip_1_counter = $ip_range_explode[1]; $ip_1_end = $ip_range_explode[5]; @@ -312,12 +308,12 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) message_die(MESSAGE, $message); } -else if ( isset($HTTP_POST_VARS['unbansubmit']) ) +else if ( isset($_POST['unbansubmit']) ) { $unban_sql = ''; - for($i = 0; $i < count($HTTP_POST_VARS['unban']); $i++ ) + for($i = 0; $i < count($_POST['unban']); $i++ ) { - $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($HTTP_POST_VARS['unban'][$i]); + $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($_POST['unban'][$i]); } if ( $unban_sql != '' ) @@ -326,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) ) WHERE ban_id IN ($unban_sql)"; $db->sql_query($sql); - add_admin_log('log_unban_' . $mode, sizeof($HTTP_POST_VARS['unban'])); + add_admin_log('log_unban_' . $mode, sizeof($_POST['unban'])); } message_die(MESSAGE, $lang['Ban_update_sucessful']); diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index e6d62fcfac..c326b41323 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -37,31 +37,29 @@ if ( !empty($setmodules) ) return; } -// // Let's set the root dir for phpBB -// define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -if ( !$auth->get_acl_admin('general') ) +// Are we authed? +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +// Get mod +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ''; } -// // Pull all config data -// $sql = "SELECT * FROM " . CONFIG_TABLE; $result = $db->sql_query($sql); @@ -72,9 +70,9 @@ while ( $row = $db->sql_fetchrow($result) ) $config_value = $row['config_value']; $default_config[$config_name] = $config_value; - $new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name]; + $new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name]; - if ( isset($HTTP_POST_VARS['submit']) ) + if ( isset($_POST['submit']) ) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . str_replace("\'", "''", $new[$config_name]) . "' @@ -83,7 +81,7 @@ while ( $row = $db->sql_fetchrow($result) ) } } -if ( isset($HTTP_POST_VARS['submit']) ) +if ( isset($_POST['submit']) ) { add_admin_log('log_' . $mode . '_config'); message_die(MESSAGE, $lang['Config_updated']); @@ -163,10 +161,6 @@ switch ( $mode ) <td class="row1"><?php echo $lang['Cookie_secure']; ?>: <br /><span class="gensmall"><?php echo $lang['Cookie_secure_explain']; ?></span></td> <td class="row2"><input type="radio" name="cookie_secure" value="0"<?php echo $cookie_secure_no; ?> /><?php echo $lang['Disabled']; ?> <input type="radio" name="cookie_secure" value="1"<?php echo $cookie_secure_yes; ?> /><?php echo $lang['Enabled']; ?></td> </tr> - <tr> - <td class="row1"><?php echo $lang['Session_length']; ?>: </td> - <td class="row2"><input type="text" maxlength="5" size="5" name="session_length" value="<?php echo $new['session_length']; ?>" /></td> - </tr> <?php break; @@ -491,6 +485,10 @@ switch ( $mode ) <td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td> </tr> <tr> + <td class="row1"><?php echo $lang['Session_length']; ?>: </td> + <td class="row2"><input type="text" maxlength="5" size="5" name="session_length" value="<?php echo $new['session_length']; ?>" /></td> + </tr> + <tr> <td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td> <td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td> </tr> @@ -512,18 +510,14 @@ switch ( $mode ) case 'auth': -?> - -<?php - $auth_plugins = array(); $dp = opendir($phpbb_root_path . 'includes/auth'); while ( $file = readdir($dp) ) { - if ( preg_match('/^auth_(.*?)\.' . $phpEx . '$/', $file) ) + if ( preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file) ) { - $auth_plugins[] = preg_replace('/^auth_(.*?)\.' . $phpEx . '$/', '\1', $file); + $auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file); } } diff --git a/phpBB/admin/admin_database.php b/phpBB/admin/admin_database.php index bedb91efff..41c7962062 100644 --- a/phpBB/admin/admin_database.php +++ b/phpBB/admin/admin_database.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -50,7 +50,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have DB backup/restore permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -61,7 +61,7 @@ if ( !$auth->get_acl_admin('general') ) // @set_time_limit(1200); -$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : ''; +$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : ''; // // Begin program proper @@ -89,13 +89,13 @@ switch( $mode ) break; } - $additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' ); - $backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' ); - $search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 ); - $store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' ); - $compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' ); + $additional_tables = ( isset($_POST['tables']) ) ? $_POST['tables'] : ( ( isset($_GET['tables']) ) ? $_GET['tables'] : '' ); + $backup_type = ( isset($_POST['type']) ) ? $_POST['type'] : ( ( isset($_GET['type']) ) ? $_GET['type'] : '' ); + $search = ( !empty($_POST['search']) ) ? intval($_POST['search']) : ( ( !empty($_GET['search']) ) ? intval($_GET['search']) : 0 ); + $store_path = ( isset($_POST['store']) ) ? $_POST['store'] : ( ( isset($_GET['store']) ) ? $_GET['store'] : '' ); + $compress = ( !empty($_POST['compress']) ) ? $_POST['compress'] : ( ( !empty($_GET['compress']) ) ? $_GET['compress'] : 'none' ); - if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) ) + if ( !isset($_POST['backupstart']) && !isset($_GET['backupstart']) ) { page_header($lang['DB_Backup']); @@ -166,7 +166,7 @@ switch( $mode ) break; } - else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) ) + else if ( !isset($_POST['startdownload']) && !isset($_GET['startdownload']) ) { $meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&type=$backup_type&tables=" . quotemeta($additional_tables) . "&search=$search&store=" . quotemeta($store_path) . "&compress=$compress&backupstart=1&startdownload=1\">"; @@ -309,15 +309,15 @@ switch( $mode ) case 'restore': - if ( isset($HTTP_POST_VARS['restorestart']) ) + if ( isset($_POST['restorestart']) ) { // // Handle the file upload .... // If no file was uploaded report an error... // - if ( !empty($HTTP_POST_VARS['local']) ) + if ( !empty($_POST['local']) ) { - $file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']); + $file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']); $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); } else diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php index 83f9a48a8e..dba6f28455 100644 --- a/phpBB/admin/admin_disallow.php +++ b/phpBB/admin/admin_disallow.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -45,16 +45,16 @@ require('pagestart.' . $phpEx); // // Do we have user admin permissions? // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } -if( isset($HTTP_POST_VARS['add_name']) ) +if( isset($_POST['add_name']) ) { include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); - $disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? $HTTP_POST_VARS['disallowed_user'] : $HTTP_GET_VARS['disallowed_user']; + $disallowed_user = ( isset($_POST['disallowed_user']) ) ? $_POST['disallowed_user'] : $_GET['disallowed_user']; $disallowed_user = str_replace('*', '%', $disallowed_user); if ( !validate_username($disallowed_user) ) @@ -76,9 +76,9 @@ if( isset($HTTP_POST_VARS['add_name']) ) message_die(MESSAGE, $message); } -else if( isset($HTTP_POST_VARS['delete_name']) ) +else if( isset($_POST['delete_name']) ) { - $disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] ); + $disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] ); $sql = "DELETE FROM " . DISALLOW_TABLE . " WHERE disallow_id = $disallowed_id"; diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index 27dd13e2db..775e013ae0 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have general admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { return; } @@ -57,7 +57,7 @@ $subject = ''; // // Do the job ... // -if ( isset($HTTP_POST_VARS['submit']) ) +if ( isset($_POST['submit']) ) { // // Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't @@ -65,7 +65,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) // @set_time_limit(1200); - $group_id = intval($HTTP_POST_VARS['g']); + $group_id = intval($_POST['g']); $sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; $result = $db->sql_query($sql); @@ -78,8 +78,8 @@ if ( isset($HTTP_POST_VARS['submit']) ) // } - $subject = stripslashes($HTTP_POST_VARS['subject']); - $message = stripslashes($HTTP_POST_VARS['message']); + $subject = stripslashes($_POST['subject']); + $message = stripslashes($_POST['message']); // // Error checking needs to go here ... if no subject and/or diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index 34e842b0fb..956bc010b6 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -21,7 +21,7 @@ if (!empty($setmodules)) { - if (!$auth->get_acl_admin('forum')) + if (!$auth->acl_get('a_forum')) { return; } @@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have forum admin permissions? // -if (!$auth->get_acl_admin('forum')) +if (!$auth->acl_get('a_forum')) { message_die(MESSAGE, $lang['No_admin']); } diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php index 3a7e7a95fe..048673d344 100644 --- a/phpBB/admin/admin_groups.php +++ b/phpBB/admin/admin_groups.php @@ -21,7 +21,7 @@ if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('group') ) + if ( !$auth->acl_get('a_group') ) { return; } @@ -45,14 +45,14 @@ require('pagestart.' . $phpEx); // // Do we have general permissions? // -if ( !$auth->get_acl_admin('group') ) +if ( !$auth->acl_get('a_group') ) { message_die(MESSAGE, $lang['No_admin']); } -if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) +if( isset($_POST[POST_GROUPS_URL]) || isset($_GET[POST_GROUPS_URL]) ) { - $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); + $group_id = ( isset($_POST[POST_GROUPS_URL]) ) ? intval($_POST[POST_GROUPS_URL]) : intval($_GET[POST_GROUPS_URL]); } else { @@ -62,16 +62,16 @@ else // // Mode setting // -if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ""; } -if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) +if( isset($_POST['edit']) || isset($_POST['new']) ) { // // Ok they are editing a group or creating a new group @@ -80,7 +80,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) "body" => "admin/group_edit_body.tpl") ); - if ( isset($HTTP_POST_VARS['edit']) ) + if ( isset($_POST['edit']) ) { // // They're editing. Grab the vars. @@ -105,7 +105,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) $template->assign_block_vars("group_edit", array()); } - else if( isset($HTTP_POST_VARS['new']) ) + else if( isset($_POST['new']) ) { $group_info = array ( "group_name" => "", @@ -152,7 +152,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) "GROUP_MODERATOR" => $group_moderator, "L_GROUP_TITLE" => $lang['Group_administration'], - "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], + "L_GROUP_EDIT_DELETE" => ( isset($_POST['new']) ) ? $lang['New_group'] : $lang['Edit_group'], "L_GROUP_NAME" => $lang['group_name'], "L_GROUP_DESCRIPTION" => $lang['group_description'], "L_GROUP_MODERATOR" => $lang['group_moderator'], @@ -184,12 +184,12 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) $template->pparse('body'); } -else if( isset($HTTP_POST_VARS['group_update']) ) +else if( isset($_POST['group_update']) ) { // // Ok, they are submitting a group, let's save the data based on if it's new or editing // - if( isset($HTTP_POST_VARS['group_delete']) ) + if( isset($_POST['group_delete']) ) { $sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = " . $group_id; @@ -218,11 +218,11 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } else { - $group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN; - $group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : ""; - $group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : ""; - $group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ""; - $delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? intval($HTTP_POST_VARS['delete_old_moderator']) : ""; + $group_type = isset($_POST['group_type']) ? intval($_POST['group_type']) : GROUP_OPEN; + $group_name = isset($_POST['group_name']) ? trim($_POST['group_name']) : ""; + $group_description = isset($_POST['group_description']) ? trim($_POST['group_description']) : ""; + $group_moderator = isset($_POST['username']) ? $_POST['username'] : ""; + $delete_old_moderator = isset($_POST['delete_old_moderator']) ? intval($_POST['delete_old_moderator']) : ""; if( $group_name == "" ) { diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 656ddcedcd..b3f0bb7740 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('auth') ) + if ( !$auth->acl_get('a_auth') ) { return; } @@ -42,21 +42,18 @@ define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->get_acl_admin('auth') ) +if ( !$auth->acl_get('a_auth') ) { message_die(MESSAGE, $lang['No_admin']); } -// // Define some vars -// -if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) ) +if ( isset($_GET['f']) || isset($_POST['f']) ) { - $forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']); + $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); $forum_sql = " WHERE forum_id = $forum_id"; } else @@ -65,9 +62,9 @@ else $forum_sql = ''; } -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -108,45 +105,49 @@ switch ( $mode ) // to all other options, e.g. Moderator and Forums across the board. // This is done via the acl class // -if ( isset($HTTP_POST_VARS['update']) ) +if ( isset($_POST['update']) ) { - switch ( $HTTP_POST_VARS['type'] ) + $auth_admin = new auth_admin(); + + switch ( $_POST['type'] ) { case 'user': - $set = 'set_acl_user'; + $set = 'acl_set_user'; break; case 'group': - $set = 'set_acl_group'; + $set = 'acl_set_group'; break; } - foreach ( $HTTP_POST_VARS['entries'] as $id ) + foreach ( $_POST['entries'] as $id ) { - $auth->$set($forum_id, $id, $HTTP_POST_VARS['option']); + $auth_admin->$set($forum_id, $id, $_POST['option']); } message_die(MESSAGE, 'Permissions updated successfully'); } -else if ( isset($HTTP_POST_VARS['delete']) ) +else if ( isset($_POST['delete']) ) { - switch ( $HTTP_POST_VARS['type'] ) + $auth_admin = new auth_admin(); + + switch ( $_POST['type'] ) { case 'user': - $set = 'delete_acl_user'; + $set = 'acl_delete_user'; break; case 'group': - $set = 'delete_acl_group'; + $set = 'acl_delete_group'; break; } $option_ids = false; - if ( !empty($HTTP_POST_VARS['option']) ) + if ( !empty($_POST['option']) ) { $sql = "SELECT auth_option_id FROM " . ACL_OPTIONS_TABLE . " - WHERE auth_value LIKE '" . $HTTP_POST_VARS['option'] . "_%'"; + WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; $result = $db->sql_query($sql); if ( $row = $db->sql_fetchrow($result) ) @@ -161,9 +162,9 @@ else if ( isset($HTTP_POST_VARS['delete']) ) $db->sql_freeresult($result); } - foreach ( $HTTP_POST_VARS['entries'] as $id ) + foreach ( $_POST['entries'] as $id ) { - $auth->$set($forum_id, $id, $option_ids); + $auth_admin->$set($forum_id, $id, $option_ids); } message_die(MESSAGE, 'Permissions updated successfully'); @@ -209,22 +210,22 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators switch ( $mode ) { case 'forums': - $type_sql = 'forum'; + $type_sql = 'f'; $forum_sql = "AND a.forum_id = $forum_id"; break; case 'moderators': - $type_sql = 'mod'; + $type_sql = 'm'; $forum_sql = "AND a.forum_id = $forum_id"; break; case 'supermoderators': - $type_sql = 'mod'; + $type_sql = 'm'; $forum_sql = ''; break; case 'administrators': - $type_sql = 'admin'; + $type_sql = 'a'; $forum_sql = ''; break; } @@ -241,7 +242,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } $db->sql_freeresult($result); - if ( empty($HTTP_POST_VARS['advanced']) || empty($HTTP_POST_VARS['entries']) ) + if ( empty($_POST['advanced']) || empty($_POST['entries']) ) { ?> @@ -351,15 +352,14 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators else { - // // Founder only operations ... these operations can // only be altered by someone with founder status - // $founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $type_sql . "_%' + AND auth_value <> '" . $type_sql . "_' $founder_sql"; $result = $db->sql_query($sql); @@ -370,29 +370,29 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } $db->sql_freeresult($result); - if ( $HTTP_POST_VARS['type'] == 'user' && !empty($HTTP_POST_VARS['new']) ) + if ( $_POST['type'] == 'user' && !empty($_POST['new']) ) { - $HTTP_POST_VARS['entries'] = explode("\n", $HTTP_POST_VARS['entries']); + $_POST['entries'] = explode("\n", $_POST['entries']); } $where_sql = ''; - foreach ( $HTTP_POST_VARS['entries'] as $value ) + foreach ( $_POST['entries'] as $value ) { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $HTTP_POST_VARS['type'] == 'user' && !empty($HTTP_POST_VARS['new']) ) ? '\'' . $value . '\'' : intval($value) ); + $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $_POST['type'] == 'user' && !empty($_POST['new']) ) ? '\'' . $value . '\'' : intval($value) ); } - switch ( $HTTP_POST_VARS['type'] ) + switch ( $_POST['type'] ) { case 'group': $l_type = 'Group'; - $sql = ( empty($HTTP_POST_VARS['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; + $sql = ( empty($_POST['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; break; case 'user': $l_type = 'User'; - $sql = ( empty($HTTP_POST_VARS['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; + $sql = ( empty($_POST['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; break; } @@ -460,7 +460,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td class="row1" colspan="5" align="center"><textarea cols="40" rows="3"><?php echo trim($ug); ?></textarea></td> </tr> <tr> - <td class="cat" colspan="5" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" /> <input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $HTTP_POST_VARS['type']; ?>" /><?php echo $ug_hidden; ?></td> + <td class="cat" colspan="5" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" /> <input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td> </tr> </table></form> @@ -471,19 +471,8 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } else { - $sql = "SELECT left_id, right_id, forum_id, forum_name - FROM " . FORUMS_TABLE . " - ORDER BY forum_id ASC"; - $result = $db->sql_query($sql); - $select_list = ''; - $sub_forum = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - $select_list .= '<option value="' . $row['forum_id'] . '">' . $sub_forum . $row['forum_name'] . '</option>'; - $sub_forum .= ( $row['right_id'] - $row['left_id'] > 1 ) ? ' ' : ''; - } - $db->sql_freeresult($result); + $select_list = make_forum_select('f'); page_header($l_title); @@ -498,7 +487,7 @@ else <th align="center"><?php echo $lang['Select_a_Forum']; ?></th> </tr> <tr> - <td class="row1" align="center"> <select name="f"><?php echo $select_list; ?></select> <input type="submit" value="<?php echo $lang['Look_up_Forum']; ?>" class="mainoption" /> </td> + <td class="row1" align="center"> <?php echo $select_list; ?> <input type="submit" value="<?php echo $lang['Look_up_Forum']; ?>" class="mainoption" /> </td> </tr> </table></form> diff --git a/phpBB/admin/admin_prune.php b/phpBB/admin/admin_prune.php index 12bebe7c0c..0281f1a398 100644 --- a/phpBB/admin/admin_prune.php +++ b/phpBB/admin/admin_prune.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('forum') ) + if ( !$auth->acl_get('a_forum') ) { return; } @@ -41,10 +41,8 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->get_acl_admin('forum') ) +if ( !$auth->acl_get('a_forum') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -52,9 +50,9 @@ if ( !$auth->get_acl_admin('forum') ) // // Get the forum ID for pruning // -if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) ) +if ( isset($_GET['f']) || isset($_POST['f']) ) { - $forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']); + $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); $forum_sql = ( $forum_id == -1 ) ? '' : "AND forum_id = $forum_id"; } else @@ -65,11 +63,9 @@ else // // Get a list of forum's or the data for the forum that we are pruning. // -$sql = "SELECT f.* - FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c - WHERE c.cat_id = f.cat_id - $forum_sql - ORDER BY c.cat_order ASC, f.forum_order ASC"; +$sql = "SELECT forum_id, forum_name, left_id, right_id + FROM " . FORUMS_TABLE . " + ORDER BY left_id ASC"; $result = $db->sql_query($sql); $forum_rows = array(); @@ -77,13 +73,14 @@ while( $row = $db->sql_fetchrow($result) ) { $forum_rows[] = $row; } +$db->sql_freeresult($result); // // Check for submit to be equal to Prune. If so then proceed with the pruning. // -if ( isset($HTTP_POST_VARS['doprune']) ) +if ( isset($_POST['doprune']) ) { - $prunedays = ( isset($HTTP_POST_VARS['prunedays']) ) ? intval($HTTP_POST_VARS['prunedays']) : 0; + $prunedays = ( isset($_POST['prunedays']) ) ? intval($_POST['prunedays']) : 0; // Convert days to seconds for timestamp functions... $prunedate = time() - ( $prunedays * 86400 ); @@ -133,10 +130,25 @@ else // // Output a selection table if no forum id has been specified. // - $select_list .= '<option value="-1">' . $lang['All_Forums'] . '</option>'; - for($i = 0; $i < count($forum_rows); $i++) + $select_list = '<option value="-1">' . $lang['All_Forums'] . '</option>'; + + $right = 0; + $subforum = ''; + $forum_list = ''; + foreach ( $forum_rows as $row ) { - $select_list .= '<option value="' . $forum_rows[$i]['forum_id'] . '">' . $forum_rows[$i]['forum_name'] . '</option>'; + if ( $row['left_id'] < $right ) + { + $subforum .= ' '; + } + else if ( $row['left_id'] > $right + 1 ) + { + $subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 )); + } + + $select_list .= '<option value="' . $row['forum_id'] . '">' . $subforum . $row['forum_name'] . '</option>'; + + $right = $row['right_id']; } ?> diff --git a/phpBB/admin/admin_prune_users.php b/phpBB/admin/admin_prune_users.php index ec744510a8..2dfdedfdfe 100644 --- a/phpBB/admin/admin_prune_users.php +++ b/phpBB/admin/admin_prune_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } @@ -51,9 +51,9 @@ if ( !$auth->get_acl_admin('user') ) // // Set mode // -if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) +if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) { - $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -63,9 +63,9 @@ else // // // -if ( isset($HTTP_POST_VARS['prune']) ) +if ( isset($_POST['prune']) ) { - if ( empty($HTTP_POST_VARS['confirm']) ) + if ( empty($_POST['confirm']) ) { $values = array('prune', 'deactivate', 'delete', 'users', 'username', 'email', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'deleteposts'); @@ -73,7 +73,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) foreach ( $values as $field ) { - $l_message .= ( !empty($HTTP_POST_VARS[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($HTTP_POST_VARS[$field]) . '" />' : ''; + $l_message .= ( !empty($_POST[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : ''; } $l_message .= '</form>'; @@ -92,11 +92,11 @@ if ( isset($HTTP_POST_VARS['prune']) ) page_footer(); } - else if ( isset($HTTP_POST_VARS['confirm']) ) + else if ( isset($_POST['confirm']) ) { - if ( !empty($HTTP_POST_VARS['users']) ) + if ( !empty($_POST['users']) ) { - $users = explode("\n", urldecode($HTTP_POST_VARS['users'])); + $users = explode("\n", urldecode($_POST['users'])); $where_sql = ''; foreach ( $users as $username ) @@ -107,15 +107,15 @@ if ( isset($HTTP_POST_VARS['prune']) ) } else { - $username = ( !empty($HTTP_POST_VARS['username']) ) ? urldecode($HTTP_POST_VARS['username']) : ''; - $email = ( !empty($HTTP_POST_VARS['email']) ) ? urldecode($HTTP_POST_VARS['email']) : ''; + $username = ( !empty($_POST['username']) ) ? urldecode($_POST['username']) : ''; + $email = ( !empty($_POST['email']) ) ? urldecode($_POST['email']) : ''; - $joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : 'lt'; - $active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] :'lt'; - $count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : 'eq'; - $joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : array(); - $active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) :array(); - $count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ''; + $joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : 'lt'; + $active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] :'lt'; + $count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : 'eq'; + $joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : array(); + $active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) :array(); + $count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ''; $key_match = array('lt' => '<', 'gt' => '>', 'eq' => '='); $sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit'); @@ -153,9 +153,9 @@ if ( isset($HTTP_POST_VARS['prune']) ) if ( $where_sql != '' ) { $sql = ''; - if ( !empty($HTTP_POST_VARS['delete']) ) + if ( !empty($_POST['delete']) ) { - if ( !empty($HTTP_POST_VARS['deleteposts']) ) + if ( !empty($_POST['deleteposts']) ) { $l_admin_log = 'log_prune_user_del_del'; @@ -178,7 +178,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) $sql = "DELETE FROM " . USERS_TABLE; } - else if ( !empty($HTTP_POST_VARS['deactivate']) ) + else if ( !empty($_POST['deactivate']) ) { $l_admin_log = 'log_prune_user_deac'; diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index 176aa50cf4..eadce13d11 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } @@ -51,20 +51,20 @@ if ( !$auth->get_acl_admin('user') ) // // // -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { // // These could be entered via a form button // - if ( isset($HTTP_POST_VARS['add']) ) + if ( isset($_POST['add']) ) { $mode = 'add'; } - else if ( isset($HTTP_POST_VARS['save']) ) + else if ( isset($_POST['save']) ) { $mode = 'save'; } @@ -84,7 +84,7 @@ if ( $mode != '' ) // // They want to add a new rank, show the form. // - $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; + $rank_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; $s_hidden_fields = '<input type="hidden" name="mode" value="save" />'; @@ -152,11 +152,11 @@ if ( $mode != '' ) // Ok, they sent us our info, let's update it. // - $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; - $rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : ''; - $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0; - $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1; - $rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) ) ? trim($HTTP_POST_VARS['rank_image']) : ''; + $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; + $rank_title = ( isset($_POST['title']) ) ? trim($_POST['title']) : ''; + $special_rank = ( $_POST['special_rank'] == 1 ) ? TRUE : 0; + $min_posts = ( isset($_POST['min_posts']) ) ? intval($_POST['min_posts']) : -1; + $rank_image = ( (isset($_POST['rank_image'])) ) ? trim($_POST['rank_image']) : ''; if ( $rank_title == '' ) { @@ -208,9 +208,9 @@ if ( $mode != '' ) // Ok, they want to delete their rank // - if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) + if ( isset($_POST['id']) || isset($_GET['id']) ) { - $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); + $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); } else { diff --git a/phpBB/admin/admin_search.php b/phpBB/admin/admin_search.php index 86d7b820b2..452f36a053 100644 --- a/phpBB/admin/admin_search.php +++ b/phpBB/admin/admin_search.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -52,11 +52,11 @@ if ( !$auth->get_acl_admin('general') ) // // Start indexing // -if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) +if ( isset($_POST['start']) || isset($_GET['batchstart']) ) { $batchsize = 200; // Process this many posts per batch - $batchstart = ( !isset($HTTP_GET_VARS['batchstart']) ) ? $row['min_post_id'] : $HTTP_GET_VARS['batchstart']; - $batchcount = ( !isset($HTTP_GET_VARS['batchcount']) ) ? 1 : $HTTP_GET_VARS['batchcount']; + $batchstart = ( !isset($_GET['batchstart']) ) ? $row['min_post_id'] : $_GET['batchstart']; + $batchcount = ( !isset($_GET['batchcount']) ) ? 1 : $_GET['batchcount']; $loopcount = 0; $batchend = $batchstart + $batchsize; @@ -108,7 +108,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) closedir($dir); - if ( !isset($HTTP_GET_VARS['batchstart']) ) + if ( !isset($_GET['batchstart']) ) { // // Take board offline @@ -312,7 +312,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) exit; } -else if ( isset($HTTP_POST_VARS['cancel']) ) +else if ( isset($_POST['cancel']) ) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '0' diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 0c832bb3ea..aacbb5dbcc 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have general permissions? // -if (!$auth->get_acl_admin('general')) +if (!$auth->acl_get('a_general')) { message_die(MESSAGE, $lang['No_admin']); } @@ -51,9 +51,9 @@ if (!$auth->get_acl_admin('general')) // // Check to see what mode we should operate in. // -if (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) +if (isset($_POST['mode']) || isset($_GET['mode'])) { - $mode = (!empty($HTTP_POST_VARS['mode'])) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; } else { @@ -62,10 +62,8 @@ else $delimiter = '=+:'; $smilies_images = $smilies_paks = array(); -$click_return = '<br /><br />' . sprintf($lang['Click_return_smileadmin'], '<a href="admin_smilies.' . $phpEx . $SID . '">', '</a>'); -$click_return .= '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="index.' . $phpEx . $SID . '&pane=right">', '</a>'); -if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['import_pak'])) +if ($mode == 'edit' || !empty($_POST['add']) || !empty($_POST['import_pak'])) { $dir = @opendir($phpbb_root_path . $board_config['smilies_path']); while ($file = @readdir($dir)) @@ -90,15 +88,15 @@ if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS[ // // Select main mode // -if (isset($HTTP_POST_VARS['import_pak'])) +if (isset($_POST['import_pak'])) { - if (!empty($HTTP_POST_VARS['smilies_pak'])) + if (!empty($_POST['smilies_pak'])) { $smile_order = 0; // // The user has already selected a smilies_pak file.. Import it. // - if (!empty($HTTP_POST_VARS['clear_current'])) + if (!empty($_POST['clear_current'])) { $db->sql_query('DELETE FROM ' . SMILIES_TABLE); } @@ -118,7 +116,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) if (empty($fcontents)) { - message_die(ERROR, 'Could not read smiley pak file' . $click_return); + message_die(ERROR, 'Could not read smiley pak file'); } foreach ($fcontents as $line) @@ -147,7 +145,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) if (!empty($smilies[$code])) { - if (!empty($HTTP_POST_VARS['replace_existing'])) + if (!empty($_POST['replace_existing'])) { $code_sql = str_replace("'", "''", str_replace('\\', '\\\\', $code)); $sql = array( @@ -175,7 +173,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) } } - message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return); + message_die(MESSAGE, $lang['Smilies_import_success']); } else { @@ -202,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) <form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> - <th class="thHead" colspan="2"><?php echo $lang['Smilies_import'] ?></th> + <th colspan="2"><?php echo $lang['Smilies_import'] ?></th> </tr> <tr> <td class="row2"><?php echo $lang['Select_package'] ?></td> @@ -228,7 +226,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) page_footer(); } } -elseif (isset($HTTP_GET_VARS['export_pak'])) +elseif (isset($_GET['export_pak'])) { $smilies_pak = ''; @@ -250,12 +248,12 @@ elseif (isset($HTTP_GET_VARS['export_pak'])) exit; } -elseif (isset($HTTP_POST_VARS['export_pak'])) +elseif (isset($_POST['export_pak'])) { page_header($lang['Export_smilies']); - message_die(MESSAGE, sprintf($lang['Export_smilies_explain'], '<a href="admin_smilies.' . $phpEx . $SID . '&export_pak=send">', '</a>') . $click_return); + message_die(MESSAGE, sprintf($lang['Export_smilies_explain'], '<a href="admin_smilies.' . $phpEx . $SID . '&export_pak=send">', '</a>')); } -elseif (isset($HTTP_POST_VARS['add'])) +elseif (isset($_POST['add'])) { $filename_list = ''; foreach ($smilies_images as $smile_url) @@ -290,7 +288,7 @@ function update_smile_dimensions() <form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&mode=create"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> - <th class="thHead" colspan="2"><?php echo $lang['smile_config'] ?></th> + <th colspan="2"><?php echo $lang['smile_config'] ?></th> </tr> <tr> <td class="row2"><?php echo $lang['Smile_code'] ?></td> @@ -324,20 +322,13 @@ function update_smile_dimensions() switch ($mode) { case 'delete': - $db->sql_query('DELETE FROM ' . SMILIES_TABLE . ' WHERE smilies_id = ' . intval($HTTP_GET_VARS['smile_id'])); - message_die(MESSAGE, $lang['Smile_deleted'] . $click_return); + $db->sql_query('DELETE FROM ' . SMILIES_TABLE . ' WHERE smilies_id = ' . intval($_GET['smile_id'])); + message_die(MESSAGE, $lang['Smile_deleted']); break; case 'edit': - $smile_id = intval($HTTP_GET_VARS['smile_id']); + $smile_id = intval($_GET['smile_id']); -/* - $sql = 'SELECT * - FROM ' . SMILIES_TABLE . " - WHERE smilies_id = $smile_id"; - $result = $db->sql_query($sql); - $smile_data = $db->sql_fetchrow($result); -*/ $order_list = ''; $result = $db->sql_query('SELECT * FROM ' . SMILIES_TABLE . ' ORDER BY smile_order DESC'); while ($row = $db->sql_fetchrow($result)) @@ -441,26 +432,26 @@ function update_smile_dimensions() case 'create': case 'modify': - $smile_width = intval($HTTP_POST_VARS['smile_width']); - $smile_height = intval($HTTP_POST_VARS['smile_height']); + $smile_width = intval($_POST['smile_width']); + $smile_height = intval($_POST['smile_height']); if ($smile_width == 0 || $smile_height == 0) { - $img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . stripslashes($HTTP_POST_VARS['smile_url'])); + $img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . stripslashes($_POST['smile_url'])); $smile_width = $img_size[0]; $smile_height = $img_size[1]; } $sql = array( - 'code' => htmlspecialchars(stripslashes($HTTP_POST_VARS['smile_code'])), - 'smile_url' => stripslashes($HTTP_POST_VARS['smile_url']), + 'code' => htmlspecialchars(stripslashes($_POST['smile_code'])), + 'smile_url' => stripslashes($_POST['smile_url']), 'smile_width' => $smile_width, 'smile_height' => $smile_height, 'smile_order' => $smile_order, - 'emoticon' => stripslashes($HTTP_POST_VARS['smile_emotion']), - 'smile_on_posting' => (!empty($HTTP_POST_VARS['smile_on_posting'])) ? 1 : 0 + 'emoticon' => stripslashes($_POST['smile_emotion']), + 'smile_on_posting' => (!empty($_POST['smile_on_posting'])) ? 1 : 0 ); - $smile_id = $HTTP_POST_VARS['smile_id']; - $smile_order = $HTTP_POST_VARS['smile_order']; + $smile_id = $_POST['smile_id']; + $smile_order = $_POST['smile_order']; if ($mode == 'modify') { @@ -500,18 +491,18 @@ function update_smile_dimensions() if ($mode == 'modify') { $db->sql_query_array('UPDATE ' . SMILIES_TABLE . " SET WHERE smilies_id = $smile_id", $sql); - message_die(MESSAGE, $lang['Smile_edited'] . $click_return); + message_die(MESSAGE, $lang['Smile_edited']); } else { $db->sql_query_array('INSERT INTO ' . SMILIES_TABLE, $sql); - message_die(MESSAGE, $lang['Smile_added'] . $click_return); + message_die(MESSAGE, $lang['Smile_added']); } break; case 'move_up': case 'move_down': - $smile_order = intval($HTTP_GET_VARS['smile_order']); + $smile_order = intval($_GET['smile_order']); $order_total = $smile_order * 2 + (($mode == 'move_up') ? -1 : 1); $sql = 'UPDATE ' . SMILIES_TABLE . " diff --git a/phpBB/admin/admin_styles.php b/phpBB/admin/admin_styles.php index 1f6a020b58..c7b5a8888c 100644 --- a/phpBB/admin/admin_styles.php +++ b/phpBB/admin/admin_styles.php @@ -2,7 +2,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('styles') ) + if ( !$auth->acl_get('a_styles') ) { return; } @@ -27,7 +27,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$auth->get_acl_admin('styles') ) +if ( !$auth->acl_get('a_styles') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -48,26 +48,26 @@ closedir($dp); // // // -$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; +$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; switch ( $mode ) { case 'editimageset': - $imgroot = ( isset($HTTP_POST_VARS['imgroot']) ) ? $HTTP_POST_VARS['imgroot'] : 'subSilver'; + $imgroot = ( isset($_POST['imgroot']) ) ? $_POST['imgroot'] : 'subSilver'; - if ( isset($HTTP_POST_VARS['img_root']) ) + if ( isset($_POST['img_root']) ) { $sql = "SELECT * FROM " . STYLES_IMAGE_TABLE . " - WHERE imageset_path LIKE '" . $HTTP_POST_VARS['imgroot'] . "'"; + WHERE imageset_path LIKE '" . $_POST['imgroot'] . "'"; $result = $db->sql_query($sql); $images = $db->sql_fetchrow($result); } - if ( isset($HTTP_POST_VARS['img_addconfig']) ) + if ( isset($_POST['img_addconfig']) ) { } - else if ( isset($HTTP_POST_VARS['img_addlocal']) ) + else if ( isset($_POST['img_addlocal']) ) { } @@ -142,15 +142,15 @@ switch ( $mode ) case 'edittemplate': - $tplcols = ( isset($HTTP_POST_VARS['tplcols']) ) ? max(60, intval($HTTP_POST_VARS['tplcols'])) : 90; - $tplrows = ( isset($HTTP_POST_VARS['tplrows']) ) ? max(4, intval($HTTP_POST_VARS['tplrows'])) : 30; - $tplname = ( isset($HTTP_POST_VARS['tplname']) ) ? $HTTP_POST_VARS['tplname'] : ''; - $tplroot = ( isset($HTTP_POST_VARS['tplroot']) ) ? $HTTP_POST_VARS['tplroot'] : 'subSilver'; + $tplcols = ( isset($_POST['tplcols']) ) ? max(60, intval($_POST['tplcols'])) : 90; + $tplrows = ( isset($_POST['tplrows']) ) ? max(4, intval($_POST['tplrows'])) : 30; + $tplname = ( isset($_POST['tplname']) ) ? $_POST['tplname'] : ''; + $tplroot = ( isset($_POST['tplroot']) ) ? $_POST['tplroot'] : 'subSilver'; $str = ''; - if ( isset($HTTP_POST_VARS['tpl_compile']) && !empty($HTTP_POST_VARS['decompile']) ) + if ( isset($_POST['tpl_compile']) && !empty($_POST['decompile']) ) { - $str = "<?php\n" . $template->compile(stripslashes($HTTP_POST_VARS['decompile'])) . "\n?".">"; + $str = "<?php\n" . $template->compile(stripslashes($_POST['decompile'])) . "\n?".">"; $fp = fopen($phpbb_root_path . 'templates/cache/' . $tplroot . '/' . $tplname . '.html.' . $phpEx, 'w+'); fwrite ($fp, $str); @@ -162,7 +162,7 @@ switch ( $mode ) exit; } - else if ( !empty($tplname) && isset($HTTP_POST_VARS['tpl_name']) ) + else if ( !empty($tplname) && isset($_POST['tpl_name']) ) { $fp = fopen($phpbb_root_path . 'templates/cache/' . $tplroot . '/' . $tplname . '.html.' . $phpEx, 'r'); while ( !feof($fp) ) @@ -175,10 +175,10 @@ switch ( $mode ) } else { - $str = ( !empty($HTTP_POST_VARS['decompile']) ) ? stripslashes($HTTP_POST_VARS['decompile']) : ''; + $str = ( !empty($_POST['decompile']) ) ? stripslashes($_POST['decompile']) : ''; } - if ( isset($HTTP_POST_VARS['tpl_download']) ) + if ( isset($_POST['tpl_download']) ) { header("Content-Type: text/html; name=\"" . $tplname . ".html\""); header("Content-disposition: attachment; filename=" . $tplname . ".html"); @@ -242,9 +242,9 @@ switch ( $mode ) case 'edittheme': - $theme_id = ( isset($HTTP_POST_VARS['themeroot']) ) ? $HTTP_POST_VARS['themeroot'] : ''; + $theme_id = ( isset($_POST['themeroot']) ) ? $_POST['themeroot'] : ''; - if ( isset($HTTP_POST_VARS['update']) ) + if ( isset($_POST['update']) ) { $sql = "SELECT theme_id, theme_name FROM " . STYLES_CSS_TABLE . " @@ -255,8 +255,8 @@ switch ( $mode ) { $theme_name = $row['theme_name']; - $css_data = ( !empty($HTTP_POST_VARS['css_data']) ) ? htmlentities($HTTP_POST_VARS['css_data']) : ''; - $css_external = ( !empty($HTTP_POST_VARS['css_data']) ) ? $HTTP_POST_VARS['css_data'] : ''; + $css_data = ( !empty($_POST['css_data']) ) ? htmlentities($_POST['css_data']) : ''; + $css_external = ( !empty($_POST['css_data']) ) ? $_POST['css_data'] : ''; $sql = "UPDATE " > STYLES_CSS_TABLE . " SET css_data = '$css_data', css_external = '$css_external' diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index 9776106e86..c260b1d7ad 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } @@ -54,9 +54,9 @@ if ( !$auth->get_acl_admin('user') ) // // Set mode // -if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) +if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) { - $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -66,14 +66,14 @@ else // // Begin program // -if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS['u']) || isset( $HTTP_POST_VARS['u']) ) ) +if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) ) { // // Ok, the profile has been modified and submitted, let's update // - if( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) + if( ( $mode == 'save' && isset( $_POST['submit'] ) ) || isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) { - $user_id = intval( $HTTP_POST_VARS['id'] ); + $user_id = intval( $_POST['id'] ); $this_userdata = get_userdata($user_id); if( !$this_userdata ) @@ -81,46 +81,46 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) message_die(MESSAGE, $lang['No_user_id_specified'] ); } - $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : ''; - $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : ''; + $username = ( !empty($_POST['username']) ) ? trim(strip_tags( $_POST['username'] ) ) : ''; + $email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars( $_POST['email'] ) )) : ''; - $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : ''; - $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : ''; + $password = ( !empty($_POST['password']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password'] ) )) : ''; + $password_confirm = ( !empty($_POST['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password_confirm'] ) )) : ''; - $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : ''; - $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : ''; - $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : ''; - $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : ''; + $icq = ( !empty($_POST['icq']) ) ? trim(strip_tags( $_POST['icq'] ) ) : ''; + $aim = ( !empty($_POST['aim']) ) ? trim(strip_tags( $_POST['aim'] ) ) : ''; + $msn = ( !empty($_POST['msn']) ) ? trim(strip_tags( $_POST['msn'] ) ) : ''; + $yim = ( !empty($_POST['yim']) ) ? trim(strip_tags( $_POST['yim'] ) ) : ''; - $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : ''; - $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : ''; - $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : ''; - $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : ''; - $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : ''; + $website = ( !empty($_POST['website']) ) ? trim(strip_tags( $_POST['website'] ) ) : ''; + $location = ( !empty($_POST['location']) ) ? trim(strip_tags( $_POST['location'] ) ) : ''; + $occupation = ( !empty($_POST['occupation']) ) ? trim(strip_tags( $_POST['occupation'] ) ) : ''; + $interests = ( !empty($_POST['interests']) ) ? trim(strip_tags( $_POST['interests'] ) ) : ''; + $signature = ( !empty($_POST['signature']) ) ? trim(str_replace('<br />', "\n", $_POST['signature'] ) ) : ''; validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); - $viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0; - $allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE; - $notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0; - $notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE; - $popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE; - $attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0; + $viewemail = ( isset( $_POST['viewemail']) ) ? ( ( $_POST['viewemail'] ) ? TRUE : 0 ) : 0; + $allowviewonline = ( isset( $_POST['hideonline']) ) ? ( ( $_POST['hideonline'] ) ? 0 : TRUE ) : TRUE; + $notifyreply = ( isset( $_POST['notifyreply']) ) ? ( ( $_POST['notifyreply'] ) ? TRUE : 0 ) : 0; + $notifypm = ( isset( $_POST['notifypm']) ) ? ( ( $_POST['notifypm'] ) ? TRUE : 0 ) : TRUE; + $popuppm = ( isset( $_POST['popup_pm']) ) ? ( ( $_POST['popup_pm'] ) ? TRUE : 0 ) : TRUE; + $attachsig = ( isset( $_POST['attachsig']) ) ? ( ( $_POST['attachsig'] ) ? TRUE : 0 ) : 0; - $allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html']; - $allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode']; - $allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies']; + $allowhtml = ( isset( $_POST['allowhtml']) ) ? intval( $_POST['allowhtml'] ) : $board_config['allow_html']; + $allowbbcode = ( isset( $_POST['allowbbcode']) ) ? intval( $_POST['allowbbcode'] ) : $board_config['allow_bbcode']; + $allowsmilies = ( isset( $_POST['allowsmilies']) ) ? intval( $_POST['allowsmilies'] ) : $board_config['allow_smilies']; - $user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style']; - $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; - $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone']; - $user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template']; - $user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat']; + $user_style = ( $_POST['style'] ) ? intval( $_POST['style'] ) : $board_config['default_style']; + $user_lang = ( $_POST['language'] ) ? $_POST['language'] : $board_config['default_lang']; + $user_timezone = ( isset( $_POST['timezone']) ) ? doubleval( $_POST['timezone'] ) : $board_config['board_timezone']; + $user_template = ( $_POST['template'] ) ? $_POST['template'] : $board_config['board_template']; + $user_dateformat = ( $_POST['dateformat'] ) ? trim( $_POST['dateformat'] ) : $board_config['default_dateformat']; - $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] ) ) ? $HTTP_POST_VARS['avatarlocal'] : '' ); + $user_avatar_local = ( isset( $_POST['avatarselect'] ) && !empty($_POST['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $_POST['avatarselect'] : ( ( isset( $_POST['avatarlocal'] ) ) ? $_POST['avatarlocal'] : '' ); - $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : ''; - $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : ''; + $user_avatar_remoteurl = ( !empty($_POST['avatarremoteurl']) ) ? trim( $_POST['avatarremoteurl'] ) : ''; + $user_avatar_url = ( !empty($_POST['avatarurl']) ) ? trim( $_POST['avatarurl'] ) : ''; $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : ''; $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ''; $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; @@ -129,12 +129,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; - $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; - $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0; - $user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0; - $user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0; + $user_status = ( !empty($_POST['user_status']) ) ? intval( $_POST['user_status'] ) : 0; + $user_allowpm = ( !empty($_POST['user_allowpm']) ) ? intval( $_POST['user_allowpm'] ) : 0; + $user_rank = ( !empty($_POST['user_rank']) ) ? intval( $_POST['user_rank'] ) : 0; + $user_allowavatar = ( !empty($_POST['user_allowavatar']) ) ? intval( $_POST['user_allowavatar'] ) : 0; - if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) + if( isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) { $username = stripslashes($username); $email = stripslashes($email); @@ -155,7 +155,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_lang = stripslashes($user_lang); $user_dateformat = stripslashes($user_dateformat); - if ( !isset($HTTP_POST_VARS['cancelavatar'])) + if ( !isset($_POST['cancelavatar'])) { $user_avatar = $user_avatar_local; $user_avatar_type = USER_AVATAR_GALLERY; @@ -163,7 +163,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } } - if( isset( $HTTP_POST_VARS['submit'] ) ) + if( isset( $_POST['submit'] ) ) { include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); @@ -250,7 +250,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) // Avatar stuff // $avatar_sql = ''; - if( isset($HTTP_POST_VARS['avatardel']) ) + if( isset($_POST['avatardel']) ) { if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) { @@ -518,7 +518,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) // if( !$error ) { - if( $HTTP_POST_VARS['deleteuser'] ) + if( $_POST['deleteuser'] ) { $sql = "SELECT g.group_id FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g @@ -621,11 +621,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_dateformat = stripslashes($user_dateformat); } } - else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) ) + else if( !isset( $_POST['submit'] ) && $mode != 'save' && !isset( $_POST['avatargallery'] ) && !isset( $_POST['submitavatar'] ) && !isset( $_POST['cancelavatar'] ) ) { - if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) + if( isset( $_GET[POST_USERS_URL]) || isset( $_POST[POST_USERS_URL]) ) { - $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]); + $user_id = ( isset( $_POST[POST_USERS_URL]) ) ? intval( $_POST[POST_USERS_URL]) : intval( $_GET[POST_USERS_URL]); $this_userdata = get_userdata($user_id); if( !$this_userdata ) { @@ -634,7 +634,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } else { - $this_userdata = get_userdata( $HTTP_POST_VARS['username'] ); + $this_userdata = get_userdata( $_POST['username'] ); if( !$this_userdata ) { message_die(MESSAGE, $lang['No_user_id_specified'] ); @@ -689,11 +689,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF']; } - if( isset($HTTP_POST_VARS['avatargallery']) && !$error ) + if( isset($_POST['avatargallery']) && !$error ) { if( !$error ) { - $user_id = intval($HTTP_POST_VARS['id']); + $user_id = intval($_POST['id']); $template->set_filenames(array( "body" => "admin/user_avatar_gallery.tpl") @@ -730,9 +730,9 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) @closedir($dir); - if( isset($HTTP_POST_VARS['avatarcategory']) ) + if( isset($_POST['avatarcategory']) ) { - $category = $HTTP_POST_VARS['avatarcategory']; + $category = $_POST['avatarcategory']; } else { @@ -769,7 +769,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } } - $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE; + $coppa = ( ( !$_POST['coppa'] && !$_GET['coppa'] ) || $mode == "register") ? 0 : TRUE; $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; $s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />'; diff --git a/phpBB/admin/admin_viewlogs.php b/phpBB/admin/admin_viewlogs.php index acc8844fe3..4fe5448bf4 100644 --- a/phpBB/admin/admin_viewlogs.php +++ b/phpBB/admin/admin_viewlogs.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -44,7 +44,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -52,11 +52,11 @@ if ( !$auth->get_acl_admin('general') ) // // Set some variables // -$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -73,12 +73,12 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M // // Delete entries if requested and able // -if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs')) +if ( ( isset($_POST['delmarked']) || isset($_POST['delall']) ) && $auth->acl_get('a_clearlogs')) { $where_sql = ''; - if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) ) + if ( isset($_POST['delmarked']) && isset($_POST['mark']) ) { - foreach ( $HTTP_POST_VARS['mark'] as $marked ) + foreach ( $_POST['mark'] as $marked ) { $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($marked); } @@ -95,11 +95,11 @@ if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) // // Sorting ... this could become a function // -if ( isset($HTTP_POST_VARS['sort']) || $start ) +if ( isset($_POST['sort']) || $start ) { - if ( !empty($HTTP_POST_VARS['sort_days']) || !empty($HTTP_GET_VARS['sort_days']) ) + if ( !empty($_POST['sort_days']) || !empty($_GET['sort_days']) ) { - $sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']); + $sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']); $where_sql = time() - ( $sort_days * 86400 ); } else @@ -107,8 +107,8 @@ if ( isset($HTTP_POST_VARS['sort']) || $start ) $where_sql = 0; } - $sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key']; - $sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir']; + $sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key']; + $sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir']; } else { @@ -144,30 +144,11 @@ $sort_sql = $sort_by[$sort_key] . ' ' . ( ( $sort_dir == 'd' ) ? 'DESC' : 'ASC' // // Define forum list if we're looking @ mod logs // -$forum_options = ''; +$forum_box = ''; if ( $mode == 'mod' ) { - $sql = "SELECT forum_id, forum_name - FROM " . FORUMS_TABLE . " - ORDER BY cat_id, forum_order"; - $result = $db->sql_query($sql); - - if ( $row = $db->sql_fetchrow($result) ) - { - $forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : $row['forum_id']; - - do - { - $selected = ( $row['forum_id'] == $forum_id ) ? ' selected="selected"' : ''; - $forum_options .= '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $row['forum_name'] . '</option>'; - } - while ( $row = $db->sql_fetchrow($result) ); - } - else - { - $forum_id = 0; - $forum_options = '<option>' . $lang['No_forums'] . '</option>'; - } + include($phpbb_root_path . '/includes/functions_admin.'.$phpEx); + $forum_box = make_forum_select('f'); } // @@ -190,7 +171,7 @@ if ( $mode == 'mod' ) ?> <table width="100%" cellpadding="1" cellspacing="1" border="0"> <tr> - <td align="right"><?php echo $lang['Select_forum']; ?>: <select name="f" onchange="this.form.submit()"><?php echo $forum_options; ?></select> <input class="liteoption" type="submit" value="<?php echo $lang['Go']; ?>" /></td> + <td align="right"><?php echo $lang['Select_forum']; ?>: <?php echo $forum_box; ?> <input class="liteoption" type="submit" value="<?php echo $lang['Go']; ?>" /></td> </tr> </table> <?php @@ -237,7 +218,7 @@ if ( $log_count ) } - if ( $auth->get_acl_admin('clearlogs') ) + if ( $auth->acl_get('a_clearlogs') ) { ?> @@ -266,7 +247,7 @@ else <td align="left" valign="top"> <span class="nav"><?php echo on_page($log_count, $board_config['topics_per_page'], $start); ?></span></td> <td align="right" valign="top" nowrap="nowrap"><?php - if ( $auth->get_acl_admin('clearlogs') ) + if ( $auth->acl_get('a_clearlogs') ) { diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php index ec152d47d7..08c3723ed0 100644 --- a/phpBB/admin/admin_words.php +++ b/phpBB/admin/admin_words.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -42,7 +42,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { return; } @@ -50,20 +50,20 @@ if ( !$auth->get_acl_admin('general') ) // // // -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; + $mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; } else { // // These could be entered via a form button // - if ( isset($HTTP_POST_VARS['add']) ) + if ( isset($_POST['add']) ) { $mode = 'add'; } - else if ( isset($HTTP_POST_VARS['save']) ) + else if ( isset($_POST['save']) ) { $mode = 'save'; } @@ -79,7 +79,7 @@ if( $mode != '' ) { case 'edit': case 'add': - $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; + $word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; $s_hidden_fields = ''; if ( $mode == 'edit' ) @@ -128,9 +128,9 @@ if( $mode != '' ) break; case 'save': - $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; - $word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : ''; - $replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : ''; + $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; + $word = ( isset($_POST['word']) ) ? trim($_POST['word']) : ''; + $replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : ''; if ( $word == '' || $replacement == '' ) { @@ -149,9 +149,9 @@ if( $mode != '' ) case 'delete': - if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) + if ( isset($_POST['id']) || isset($_GET['id']) ) { - $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); + $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); } else { diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index 3de4f0edeb..2580bccef7 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -37,7 +37,7 @@ require('pagestart.' . $phpEx); // // Do we have any admin permissions at all? // -if ( !$auth->get_acl_admin() ) +if ( !$auth->acl_get('a_') ) { message_die(MESSAGE, 'No_admin', '', true); } diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 9791d1a1e1..59df5b0f40 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -31,55 +31,26 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start($update); -$auth->acl($userdata); +$auth->acl($userdata, false, 'a_'); $user = new user($userdata); // // End session management // -// -// Configure style, language, etc. -// -//$session->configure($userdata); - // ----------------------------- // Functions -// function page_header($sub_title, $meta = '', $table_html = true) { - global $board_config, $db, $lang, $phpEx, $gzip_compress; - global $HTTP_SERVER_VARS; + global $board_config, $db, $lang, $phpEx; define('HEADER_INC', true); - // // gzip_compression - // - $gzip_compress = false; if ( $board_config['gzip_compress'] ) { - $phpver = phpversion(); - - if ( $phpver >= '4.0.4pl1' && strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'compatible') ) + if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() ) { - if ( extension_loaded('zlib') ) - { - ob_start('ob_gzhandler'); - } - } - else if ( $phpver > '4.0' ) - { - if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') ) - { - if ( extension_loaded('zlib') ) - { - $gzip_compress = true; - ob_start(); - ob_implicit_flush(0); - - header("Content-Encoding: gzip"); - } - } + ob_start('ob_gzhandler'); } } @@ -133,7 +104,7 @@ td.cat { background-image: url('images/cellpic1.gif') } function page_footer($copyright_html = true) { - global $board_config, $db, $lang, $phpEx, $gzip_compress; + global $board_config, $db, $lang, $phpEx; ?> @@ -157,37 +128,10 @@ function page_footer($copyright_html = true) } - // // Close our DB connection. - // $db->sql_close(); - // - // Compress buffered output if required - // and send to browser - // - if ( $gzip_compress ) - { - // - // Borrowed from php.net! - // - $gzip_contents = ob_get_contents(); - ob_end_clean(); - - $gzip_size = strlen($gzip_contents); - $gzip_crc = crc32($gzip_contents); - - $gzip_contents = gzcompress($gzip_contents, 9); - $gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4); - - echo "\x1f\x8b\x08\x00\x00\x00\x00\x00"; - echo $gzip_contents; - echo pack("V", $gzip_crc); - echo pack("V", $gzip_size); - } - exit; - } function page_message($title, $message, $show_header = false) @@ -305,7 +249,6 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id return; } -// // End Functions // ----------------------------- |