diff options
Diffstat (limited to 'phpBB/includes/acp')
-rw-r--r-- | phpBB/includes/acp/acp_attachments.php | 3 | ||||
-rw-r--r-- | phpBB/includes/acp/acp_board.php | 2 | ||||
-rw-r--r-- | phpBB/includes/acp/acp_icons.php | 5 | ||||
-rw-r--r-- | phpBB/includes/acp/acp_language.php | 47 | ||||
-rw-r--r-- | phpBB/includes/acp/acp_logs.php | 5 | ||||
-rw-r--r-- | phpBB/includes/acp/acp_permissions.php | 17 | ||||
-rw-r--r-- | phpBB/includes/acp/acp_profile.php | 11 |
7 files changed, 56 insertions, 34 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index fc5f44e14f..68870dce54 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -1235,6 +1235,7 @@ class acp_attachments function perform_site_list() { global $db, $user; + global $request; if (isset($_REQUEST['securesubmit'])) { @@ -1243,7 +1244,7 @@ class acp_attachments $ip_list = array_unique(explode("\n", $ips)); $ip_list_log = implode(', ', $ip_list); - $ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0; + $ip_exclude = (int) $request->variable('ipexclude', false, false, phpbb_request_interface::POST); $iplist = array(); $hostlist = array(); diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index a5e80e1f6d..ab9492b7ba 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -435,7 +435,7 @@ class acp_board $cfg_array = (isset($_REQUEST['config'])) ? utf8_normalize_nfc(request_var('config', array('' => ''), true)) : $this->new_config; $error = array(); - // We validate the complete config if whished + // We validate the complete config if wished validate_config_vars($display_vars['vars'], $cfg_array, $error); if ($submit && !check_form_key($form_key)) diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 3d64a2acda..43412f3c47 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -28,6 +28,7 @@ class acp_icons { global $db, $user, $auth, $template, $cache; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; + global $request; $user->add_lang('acp/posting'); @@ -338,7 +339,7 @@ class acp_icons $image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array('' => 0)) : array(); // Ok, add the relevant bits if we are adding new codes to existing emoticons... - if (!empty($_POST['add_additional_code'])) + if ($request->variable('add_additional_code', false, false, phpbb_request_interface::POST)) { $add_image = request_var('add_image', ''); $add_code = utf8_normalize_nfc(request_var('add_code', '', true)); @@ -354,7 +355,7 @@ class acp_icons $image_width[$add_image] = request_var('add_width', 0); $image_height[$add_image] = request_var('add_height', 0); - if (!empty($_POST['add_display_on_posting'])) + if ($request->variable('add_display_on_posting', false, false, phpbb_request_interface::POST)) { $image_display_on_posting[$add_image] = 1; } diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index c2cb2f9c11..0f924dc95f 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -34,6 +34,7 @@ class acp_language global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; global $safe_mode, $file_uploads; + global $request; include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); @@ -58,7 +59,7 @@ class acp_language if (isset($_POST['missing_file'])) { $missing_file = request_var('missing_file', array('' => 0)); - list($_REQUEST['language_file'], ) = array_keys($missing_file); + $request->overwrite('language_file', array_shift(array_keys($missing_file))); } $selected_lang_file = request_var('language_file', '|common.' . $phpEx); @@ -68,6 +69,23 @@ class acp_language $this->language_directory = basename($this->language_directory); $this->language_file = basename($this->language_file); + // detect language file type + if ($this->language_directory == 'email') + { + $language_file_type = 'email'; + $request_default = ''; + } + else if (strpos($this->language_file, 'help_') === 0) + { + $language_file_type = 'help'; + $request_default = array(0 => array(0 => '')); + } + else + { + $language_file_type = 'normal'; + $request_default = array('' => ''); + } + $user->add_lang('acp/language'); $this->tpl_name = 'acp_language'; $this->page_title = 'ACP_LANGUAGE_PACKS'; @@ -119,7 +137,7 @@ class acp_language 'DATA' => $data, 'NAME' => $user->lang[strtoupper($method . '_' . $data)], 'EXPLAIN' => $user->lang[strtoupper($method . '_' . $data) . '_EXPLAIN'], - 'DEFAULT' => (!empty($_REQUEST[$data])) ? request_var($data, '') : $default + 'DEFAULT' => $request->variable($data, (string) $default), )); } @@ -130,7 +148,7 @@ class acp_language 'method' => $method) ); - $hidden_data .= build_hidden_fields(array('entry' => $_POST['entry']), true, STRIP); + $hidden_data .= build_hidden_fields(array('entry' => $request->variable('entry', $request_default, true, phpbb_request_interface::POST))); $template->assign_vars(array( 'S_UPLOAD' => true, @@ -187,12 +205,9 @@ class acp_language trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING); } - if (!$lang_id || empty($_POST['entry'])) - { - trigger_error($user->lang['NO_LANG_ID'] . adm_back_link($this->u_action), E_USER_WARNING); - } + $entry_value = $request->variable('entry', $request_default, true, phpbb_request_interface::POST); - if ($this->language_directory != 'email' && !is_array($_POST['entry'])) + if (!$lang_id || !$entry_value) { trigger_error($user->lang['NO_LANG_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } @@ -291,10 +306,10 @@ class acp_language trigger_error(sprintf($user->lang['UNABLE_TO_WRITE_FILE'], $filename) . adm_back_link($this->u_action . '&id=' . $lang_id . '&action=details&language_file=' . urlencode($selected_lang_file)), E_USER_WARNING); } - if ($this->language_directory == 'email') + if ($language_file_type == 'email') { // Email Template - $entry = $this->prepare_lang_entry($_POST['entry'], false); + $entry = $this->prepare_lang_entry(htmlspecialchars_decode($entry_value), false); fwrite($fp, $entry); } else @@ -302,13 +317,13 @@ class acp_language $name = (($this->language_directory) ? $this->language_directory . '_' : '') . $this->language_file; $header = str_replace(array('{FILENAME}', '{LANG_NAME}', '{CHANGED}', '{AUTHOR}'), array($name, $row['lang_english_name'], date('Y-m-d', time()), $row['lang_author']), $this->language_file_header); - if (strpos($this->language_file, 'help_') === 0) + if ($language_file_type == 'help') { // Help File $header .= '$help = array(' . "\n"; fwrite($fp, $header); - foreach ($_POST['entry'] as $key => $value) + foreach ($entry_value as $key => $value) { if (!is_array($value)) { @@ -319,7 +334,7 @@ class acp_language foreach ($value as $_key => $_value) { - $entry .= "\t\t" . (int) $_key . "\t=> '" . $this->prepare_lang_entry($_value) . "',\n"; + $entry .= "\t\t" . (int) $_key . "\t=> '" . $this->prepare_lang_entry(htmlspecialchars_decode($_value)) . "',\n"; } $entry .= "\t),\n"; @@ -329,15 +344,15 @@ class acp_language $footer = ");\n\n?>"; fwrite($fp, $footer); } - else + else if ($language_file_type == 'normal') { // Language File $header .= $this->lang_header; fwrite($fp, $header); - foreach ($_POST['entry'] as $key => $value) + foreach ($entry_value as $key => $value) { - $entry = $this->format_lang_array($key, $value); + $entry = $this->format_lang_array(htmlspecialchars_decode($key), htmlspecialchars_decode($value)); fwrite($fp, $entry); } diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php index 0f4f78fcdd..e37b696873 100644 --- a/phpBB/includes/acp/acp_logs.php +++ b/phpBB/includes/acp/acp_logs.php @@ -27,6 +27,7 @@ class acp_logs { global $db, $user, $auth, $template, $cache; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; + global $request; $user->add_lang('mcp'); @@ -35,8 +36,8 @@ class acp_logs $forum_id = request_var('f', 0); $topic_id = request_var('t', 0); $start = request_var('start', 0); - $deletemark = (!empty($_POST['delmarked'])) ? true : false; - $deleteall = (!empty($_POST['delall'])) ? true : false; + $deletemark = $request->variable('delmarked', false, false, phpbb_request_interface::POST); + $deleteall = $request->variable('delall', false, false, phpbb_request_interface::POST); $marked = request_var('mark', array(0)); // Sort keys diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index e9f0af5071..50d7357100 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -658,6 +658,7 @@ class acp_permissions function set_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id) { global $user, $auth; + global $request; $psubmit = request_var('psubmit', array(0 => array(0 => 0))); @@ -676,18 +677,17 @@ class acp_permissions list($ug_id, ) = each($psubmit); list($forum_id, ) = each($psubmit[$ug_id]); - if (empty($_POST['setting']) || empty($_POST['setting'][$ug_id]) || empty($_POST['setting'][$ug_id][$forum_id]) || !is_array($_POST['setting'][$ug_id][$forum_id])) + $settings = $request->variable('setting', array(0 => array(0 => array('' => 0))), false, phpbb_request_interface::POST); + if (empty($settings) || empty($settings[$ug_id]) || empty($settings[$ug_id][$forum_id])) { trigger_error('WRONG_PERMISSION_SETTING_FORMAT', E_USER_WARNING); } - // We obtain and check $_POST['setting'][$ug_id][$forum_id] directly and not using request_var() because request_var() - // currently does not support the amount of dimensions required. ;) - // $auth_settings = request_var('setting', array(0 => array(0 => array('' => 0)))); - $auth_settings = array_map('intval', $_POST['setting'][$ug_id][$forum_id]); + $auth_settings = $settings[$ug_id][$forum_id]; // Do we have a role we want to set? - $assigned_role = (isset($_POST['role'][$ug_id][$forum_id])) ? (int) $_POST['role'][$ug_id][$forum_id] : 0; + $roles = $request->variable('role', array(0 => array(0 => 0)), false, phpbb_request_interface::POST); + $assigned_role = (isset($roles[$ug_id][$forum_id])) ? (int) $roles[$ug_id][$forum_id] : 0; // Do the admin want to set these permissions to other items too? $inherit = request_var('inherit', array(0 => array(0))); @@ -747,6 +747,7 @@ class acp_permissions function set_all_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id) { global $user, $auth; + global $request; // User or group to be set? $ug_type = (sizeof($user_id)) ? 'user' : 'group'; @@ -757,8 +758,8 @@ class acp_permissions trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } - $auth_settings = (isset($_POST['setting'])) ? $_POST['setting'] : array(); - $auth_roles = (isset($_POST['role'])) ? $_POST['role'] : array(); + $auth_settings = $request->variable('setting', array(0 => array(0 => array('' => 0))), false, phpbb_request_interface::POST); + $auth_roles = $request->variable('role', array(0 => array(0 => 0)), false, phpbb_request_interface::POST); $ug_ids = $forum_ids = array(); // We need to go through the auth settings diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index 2288a0728b..b66737ce03 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -30,6 +30,7 @@ class acp_profile { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; + global $request; include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx); @@ -487,7 +488,8 @@ class acp_profile $cp->vars['field_default_value_day'] = $now['mday']; $cp->vars['field_default_value_month'] = $now['mon']; $cp->vars['field_default_value_year'] = $now['year']; - $var = $_POST['field_default_value'] = 'now'; + $var = 'now'; + $request->overwrite('field_default_value', $var, phpbb_request_interface::POST); } else { @@ -496,7 +498,8 @@ class acp_profile $cp->vars['field_default_value_day'] = request_var('field_default_value_day', 0); $cp->vars['field_default_value_month'] = request_var('field_default_value_month', 0); $cp->vars['field_default_value_year'] = request_var('field_default_value_year', 0); - $var = $_POST['field_default_value'] = sprintf('%2d-%2d-%4d', $cp->vars['field_default_value_day'], $cp->vars['field_default_value_month'], $cp->vars['field_default_value_year']); + $var = sprintf('%2d-%2d-%4d', $cp->vars['field_default_value_day'], $cp->vars['field_default_value_month'], $cp->vars['field_default_value_year']); + $request->overwrite('field_default_value', $var, phpbb_request_interface::POST); } else { @@ -688,7 +691,7 @@ class acp_profile } else { - $_new_key_ary[$key] = (is_array($_REQUEST[$key])) ? utf8_normalize_nfc(request_var($key, array(''), true)) : utf8_normalize_nfc(request_var($key, '', true)); + $_new_key_ary[$key] = ($field_type == FIELD_BOOL && $key == 'lang_options') ? utf8_normalize_nfc(request_var($key, array(''), true)) : utf8_normalize_nfc(request_var($key, '', true)); } } } @@ -1623,4 +1626,4 @@ class acp_profile } } -?> +?>
\ No newline at end of file |