aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp')
-rw-r--r--phpBB/includes/acp/acp_attachments.php14
-rw-r--r--phpBB/includes/acp/acp_board.php2
-rw-r--r--phpBB/includes/acp/acp_extensions.php18
-rw-r--r--phpBB/includes/acp/acp_permissions.php5
-rw-r--r--phpBB/includes/acp/acp_profile.php10
-rw-r--r--phpBB/includes/acp/acp_search.php23
-rw-r--r--phpBB/includes/acp/acp_users.php19
7 files changed, 62 insertions, 29 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php
index 816387967a..e4650455c4 100644
--- a/phpBB/includes/acp/acp_attachments.php
+++ b/phpBB/includes/acp/acp_attachments.php
@@ -42,7 +42,7 @@ class acp_attachments
function main($id, $mode)
{
- global $db, $user, $auth, $template, $cache, $phpbb_container;
+ global $db, $user, $auth, $template, $cache, $phpbb_container, $phpbb_dispatcher;
global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx;
$this->id = $id;
@@ -162,6 +162,18 @@ class acp_attachments
)
);
+ /**
+ * Event to add and/or modify acp_attachement configurations
+ *
+ * @event core.acp_attachments_config_edit_add
+ * @var array display_vars Array of config values to display and process
+ * @var string mode Mode of the config page we are displaying
+ * @var boolean submit Do we display the form or process the submission
+ * @since 3.1.11-RC1
+ */
+ $vars = array('display_vars', 'mode', 'submit');
+ extract($phpbb_dispatcher->trigger_event('core.acp_attachments_config_edit_add', compact($vars)));
+
$this->new_config = $config;
$cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : $this->new_config;
$error = array();
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index e004d2e81f..c8f6f426c6 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -1017,7 +1017,7 @@ class acp_board
$user->timezone = $old_tz;
return "<select name=\"dateoptions\" id=\"dateoptions\" onchange=\"if (this.value == 'custom') { document.getElementById('" . addslashes($key) . "').value = '" . addslashes($value) . "'; } else { document.getElementById('" . addslashes($key) . "').value = this.value; }\">$dateformat_options</select>
- <input type=\"text\" name=\"config[$key]\" id=\"$key\" value=\"$value\" maxlength=\"30\" />";
+ <input type=\"text\" name=\"config[$key]\" id=\"$key\" value=\"$value\" maxlength=\"64\" />";
}
/**
diff --git a/phpBB/includes/acp/acp_extensions.php b/phpBB/includes/acp/acp_extensions.php
index f97711d69d..5a2ded91e2 100644
--- a/phpBB/includes/acp/acp_extensions.php
+++ b/phpBB/includes/acp/acp_extensions.php
@@ -34,7 +34,7 @@ class acp_extensions
function main()
{
// Start the page
- global $config, $user, $template, $request, $phpbb_extension_manager, $db, $phpbb_root_path, $phpEx, $phpbb_log, $cache;
+ global $config, $user, $template, $request, $phpbb_extension_manager, $db, $phpbb_root_path, $phpEx, $phpbb_log, $cache, $phpbb_dispatcher;
$this->db = $db;
$this->config = $config;
@@ -43,6 +43,7 @@ class acp_extensions
$this->cache = $cache;
$this->request = $request;
$this->log = $phpbb_log;
+ $this->phpbb_dispatcher = $phpbb_dispatcher;
$user->add_lang(array('install', 'acp/extensions', 'migrator'));
@@ -55,6 +56,21 @@ class acp_extensions
$safe_time_limit = (ini_get('max_execution_time') / 2);
$start_time = time();
+ /**
+ * Event to run a specific action on extension
+ *
+ * @event core.acp_extensions_run_action
+ * @var string action Action to run
+ * @var string u_action Url we are at
+ * @var string ext_name Extension name from request
+ * @var int safe_time_limit Safe limit of execution time
+ * @var int start_time Start time
+ * @since 3.1.11-RC1
+ */
+ $u_action = $this->u_action;
+ $vars = array('action', 'u_action', 'ext_name', 'safe_time_limit', 'start_time');
+ extract($this->phpbb_dispatcher->trigger_event('core.acp_extensions_run_action', compact($vars)));
+
// Cancel action
if ($request->is_set_post('cancel'))
{
diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php
index 660afb4e93..62e75a2db7 100644
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@@ -755,6 +755,7 @@ class acp_permissions
$this->log_action($mode, 'add', $permission_type, $ug_type, $ug_id, $forum_id);
+ meta_refresh(5, $this->u_action);
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
}
@@ -825,10 +826,12 @@ class acp_permissions
if ($mode == 'setting_forum_local' || $mode == 'setting_mod_local')
{
+ meta_refresh(5, $this->u_action . '&amp;forum_id[]=' . implode('&amp;forum_id[]=', $forum_ids));
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action . '&amp;forum_id[]=' . implode('&amp;forum_id[]=', $forum_ids)));
}
else
{
+ meta_refresh(5, $this->u_action);
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
}
}
@@ -899,10 +902,12 @@ class acp_permissions
if ($mode == 'setting_forum_local' || $mode == 'setting_mod_local')
{
+ meta_refresh(5, $this->u_action . '&amp;forum_id[]=' . implode('&amp;forum_id[]=', $forum_id));
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action . '&amp;forum_id[]=' . implode('&amp;forum_id[]=', $forum_id)));
}
else
{
+ meta_refresh(5, $this->u_action);
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
}
}
diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php
index 2d4897c47d..9e6cc49522 100644
--- a/phpBB/includes/acp/acp_profile.php
+++ b/phpBB/includes/acp/acp_profile.php
@@ -597,13 +597,13 @@ class acp_profile
if (!sizeof($error))
{
- if (!check_form_key($form_key))
- {
- trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
- }
-
if (($step == 3 && (sizeof($this->lang_defs['iso']) == 1 || $save)) || ($action == 'edit' && $save))
{
+ if (!check_form_key($form_key))
+ {
+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
$this->save_profile_field($cp, $field_type, $action);
}
}
diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php
index f15a75e9a1..cc1e5df084 100644
--- a/phpBB/includes/acp/acp_search.php
+++ b/phpBB/includes/acp/acp_search.php
@@ -50,14 +50,12 @@ class acp_search
function settings($id, $mode)
{
- global $db, $user, $auth, $template, $cache;
+ global $db, $user, $auth, $template, $cache, $request;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
$submit = (isset($_POST['submit'])) ? true : false;
- $form_key = 'acp_search';
- add_form_key($form_key);
- if ($submit && !check_form_key($form_key))
+ if ($submit && !check_link_hash($request->variable('hash', ''), 'acp_search'))
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -233,7 +231,7 @@ class acp_search
'S_YES_SEARCH' => (bool) $config['load_search'],
'S_SETTINGS' => true,
- 'U_ACTION' => $this->u_action)
+ 'U_ACTION' => $this->u_action . '&amp;hash=' . generate_link_hash('acp_search'))
);
}
@@ -253,10 +251,7 @@ class acp_search
}
$submit = $request->is_set_post('submit', false);
- $form_key = 'acp_search';
- add_form_key($form_key);
-
- if (!check_form_key($form_key) && in_array($action, array('delete', 'create')))
+ if (!check_link_hash($request->variable('hash', ''), 'acp_search') && in_array($action, array('create', 'delete')))
{
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -310,7 +305,7 @@ class acp_search
if (method_exists($this->search, 'delete_index'))
{
// pass a reference to myself so the $search object can make use of save_state() and attributes
- if ($error = $this->search->delete_index($this, append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=delete", false)))
+ if ($error = $this->search->delete_index($this, append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=delete&hash=" . generate_link_hash('acp_search'), false)))
{
$this->state = array('');
$this->save_state();
@@ -355,7 +350,7 @@ class acp_search
$mtime = explode(' ', microtime());
$totaltime = $mtime[0] + $mtime[1] - $starttime;
$rows_per_second = $row_count / $totaltime;
- meta_refresh(1, append_sid($this->u_action . '&amp;action=delete&amp;skip_rows=' . $post_counter));
+ meta_refresh(1, append_sid($this->u_action . '&amp;action=delete&amp;skip_rows=' . $post_counter . '&amp;hash=' . generate_link_hash('acp_search')));
trigger_error($user->lang('SEARCH_INDEX_DELETE_REDIRECT', (int) $row_count, $post_counter, $rows_per_second));
}
}
@@ -445,7 +440,7 @@ class acp_search
$mtime = explode(' ', microtime());
$totaltime = $mtime[0] + $mtime[1] - $starttime;
$rows_per_second = $row_count / $totaltime;
- meta_refresh(1, append_sid($this->u_action . '&amp;action=create&amp;skip_rows=' . $post_counter));
+ meta_refresh(1, append_sid($this->u_action . '&amp;action=create&amp;skip_rows=' . $post_counter . '&amp;hash=' . generate_link_hash('acp_search')));
trigger_error($user->lang('SEARCH_INDEX_CREATE_REDIRECT', (int) $row_count, $post_counter) . $user->lang('SEARCH_INDEX_CREATE_REDIRECT_RATE', $rows_per_second));
}
}
@@ -524,7 +519,7 @@ class acp_search
$template->assign_vars(array(
'S_INDEX' => true,
- 'U_ACTION' => $this->u_action,
+ 'U_ACTION' => $this->u_action . '&amp;hash=' . generate_link_hash('acp_search'),
'U_PROGRESS_BAR' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;mode=$mode&amp;action=progress_bar"),
'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;mode=$mode&amp;action=progress_bar")),
));
@@ -533,7 +528,7 @@ class acp_search
{
$template->assign_vars(array(
'S_CONTINUE_INDEXING' => $this->state[1],
- 'U_CONTINUE_INDEXING' => $this->u_action . '&amp;action=' . $this->state[1],
+ 'U_CONTINUE_INDEXING' => $this->u_action . '&amp;action=' . $this->state[1] . '&amp;hash=' . generate_link_hash('acp_search'),
'L_CONTINUE' => ($this->state[1] == 'create') ? $user->lang['CONTINUE_INDEXING'] : $user->lang['CONTINUE_DELETING_INDEX'],
'L_CONTINUE_EXPLAIN' => ($this->state[1] == 'create') ? $user->lang['CONTINUE_INDEXING_EXPLAIN'] : $user->lang['CONTINUE_DELETING_INDEX_EXPLAIN'])
);
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 1e453e88ad..cd44800af8 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -373,11 +373,6 @@ class acp_users
if ($user_row['user_type'] == USER_NORMAL)
{
user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
-
- $sql = 'UPDATE ' . USERS_TABLE . "
- SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
- WHERE user_id = $user_id";
- $db->sql_query($sql);
}
else
{
@@ -386,8 +381,18 @@ class acp_users
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
- $user_actkey = (string) $db->sql_fetchfield('user_actkey');
+ $user_activation_key = (string) $db->sql_fetchfield('user_actkey');
$db->sql_freeresult($result);
+
+ $user_actkey = empty($user_activation_key) ? $user_actkey : $user_activation_key;
+ }
+
+ if ($user_row['user_type'] == USER_NORMAL || empty($user_activation_key))
+ {
+ $sql = 'UPDATE ' . USERS_TABLE . "
+ SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
+ WHERE user_id = $user_id";
+ $db->sql_query($sql);
}
$messenger = new messenger(false);
@@ -1924,7 +1929,7 @@ class acp_users
'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"',
- 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
+ 'L_AVATAR_EXPLAIN' => $user->lang(($config['avatar_filesize'] == 0) ? 'AVATAR_EXPLAIN_NO_FILESIZE' : 'AVATAR_EXPLAIN', $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled),
));
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-10 05:36:14 +0000