aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/ucp
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/ucp')
-rw-r--r--phpBB/includes/ucp/ucp_groups.php6
-rw-r--r--phpBB/includes/ucp/ucp_main.php130
-rw-r--r--phpBB/includes/ucp/ucp_pm_compose.php5
-rw-r--r--phpBB/includes/ucp/ucp_pm_options.php227
-rw-r--r--phpBB/includes/ucp/ucp_prefs.php47
-rw-r--r--phpBB/includes/ucp/ucp_profile.php43
-rw-r--r--phpBB/includes/ucp/ucp_register.php11
-rw-r--r--phpBB/includes/ucp/ucp_resend.php7
8 files changed, 301 insertions, 175 deletions
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index 6e93f64acb..d8d4a285d4 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -393,6 +393,7 @@ class ucp_groups
$this->page_title = 'UCP_USERGROUPS_MANAGE';
$action = (isset($_POST['addusers'])) ? 'addusers' : request_var('action', '');
$group_id = request_var('g', 0);
+ add_form_key('ucp_groups');
if ($group_id)
{
@@ -552,6 +553,11 @@ class ucp_groups
}
}
+ if (!check_form_key('ucp_groups'))
+ {
+ $error[] = $user->lang['FORM_INVALID'];
+ }
+
if (!sizeof($error))
{
// Only set the rank, colour, etc. if it's changed or if we're adding a new
diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php
index ba40397a55..6f0db86bf6 100644
--- a/phpBB/includes/ucp/ucp_main.php
+++ b/phpBB/includes/ucp/ucp_main.php
@@ -194,41 +194,51 @@ class ucp_main
$user->add_lang('viewforum');
+ add_form_key('ucp_front_subscribed');
+
$unwatch = (isset($_POST['unwatch'])) ? true : false;
if ($unwatch)
{
- $forums = array_keys(request_var('f', array(0 => 0)));
- $topics = array_keys(request_var('t', array(0 => 0)));
-
- if (sizeof($forums) || sizeof($topics))
+ if(check_form_key('ucp_front_subscribed'))
{
- $l_unwatch = '';
- if (sizeof($forums))
- {
- $sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . '
- WHERE ' . $db->sql_in_set('forum_id', $forums) . '
- AND user_id = ' . $user->data['user_id'];
- $db->sql_query($sql);
+ $forums = array_keys(request_var('f', array(0 => 0)));
+ $topics = array_keys(request_var('t', array(0 => 0)));
+ $msg = '';
- $l_unwatch .= '_FORUMS';
- }
-
- if (sizeof($topics))
+ if (sizeof($forums) || sizeof($topics))
{
- $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . '
- WHERE ' . $db->sql_in_set('topic_id', $topics) . '
- AND user_id = ' . $user->data['user_id'];
- $db->sql_query($sql);
+ $l_unwatch = '';
+ if (sizeof($forums))
+ {
+ $sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . '
+ WHERE ' . $db->sql_in_set('forum_id', $forums) . '
+ AND user_id = ' . $user->data['user_id'];
+ $db->sql_query($sql);
+
+ $l_unwatch .= '_FORUMS';
+ }
+
+ if (sizeof($topics))
+ {
+ $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . '
+ WHERE ' . $db->sql_in_set('topic_id', $topics) . '
+ AND user_id = ' . $user->data['user_id'];
+ $db->sql_query($sql);
+
+ $l_unwatch .= '_TOPICS';
+ }
+ $msg = $user->lang['UNWATCHED' . $l_unwatch];
- $l_unwatch .= '_TOPICS';
}
-
- $message = $user->lang['UNWATCHED' . $l_unwatch] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&amp;mode=subscribed") . '">', '</a>');
-
- meta_refresh(3, append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&amp;mode=subscribed"));
- trigger_error($message);
}
+ else
+ {
+ $msg = $user->lang['FORM_INVALID'];
+ }
+ $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&amp;mode=subscribed") . '">', '</a>');
+ meta_refresh(3, append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&amp;mode=subscribed"));
+ trigger_error($message);
}
$forbidden_forums = array();
@@ -418,53 +428,65 @@ class ucp_main
$s_hidden_fields = ($edit) ? '<input type="hidden" name="edit" value="' . $draft_id . '" />' : '';
$draft_subject = $draft_message = '';
+ add_form_key('ucp_draft');
if ($delete)
{
- $drafts = array_keys(request_var('d', array(0 => 0)));
-
- if (sizeof($drafts))
+ if (check_form_key('ucp_draft'))
{
- $sql = 'DELETE FROM ' . DRAFTS_TABLE . '
- WHERE ' . $db->sql_in_set('draft_id', $drafts) . '
- AND user_id = ' . $user->data['user_id'];
- $db->sql_query($sql);
+ $drafts = array_keys(request_var('d', array(0 => 0)));
- $message = $user->lang['DRAFTS_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
-
- meta_refresh(3, $this->u_action);
- trigger_error($message);
+ if (sizeof($drafts))
+ {
+ $sql = 'DELETE FROM ' . DRAFTS_TABLE . '
+ WHERE ' . $db->sql_in_set('draft_id', $drafts) . '
+ AND user_id = ' . $user->data['user_id'];
+ $db->sql_query($sql);
+ }
+ $msg = $user->lang['DRAFTS_DELETED'];
+ unset($drafts);
}
-
- unset($drafts);
+ else
+ {
+ $msg = $user->lang['FORM_INVALID'];
+ }
+ $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
+ meta_refresh(3, $this->u_action);
+ trigger_error($message);
}
if ($submit && $edit)
{
$draft_subject = utf8_normalize_nfc(request_var('subject', '', true));
$draft_message = utf8_normalize_nfc(request_var('message', '', true));
-
- if ($draft_message && $draft_subject)
+ if (check_form_key('ucp_draft'))
{
- $draft_row = array(
- 'draft_subject' => $draft_subject,
- 'draft_message' => $draft_message
- );
-
- $sql = 'UPDATE ' . DRAFTS_TABLE . '
- SET ' . $db->sql_build_array('UPDATE', $draft_row) . "
- WHERE draft_id = $draft_id
- AND user_id = " . $user->data['user_id'];
- $db->sql_query($sql);
+ if ($draft_message && $draft_subject)
+ {
+ $draft_row = array(
+ 'draft_subject' => $draft_subject,
+ 'draft_message' => $draft_message
+ );
+
+ $sql = 'UPDATE ' . DRAFTS_TABLE . '
+ SET ' . $db->sql_build_array('UPDATE', $draft_row) . "
+ WHERE draft_id = $draft_id
+ AND user_id = " . $user->data['user_id'];
+ $db->sql_query($sql);
- $message = $user->lang['DRAFT_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
+ $message = $user->lang['DRAFT_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
- meta_refresh(3, $this->u_action);
- trigger_error($message);
+ meta_refresh(3, $this->u_action);
+ trigger_error($message);
+ }
+ else
+ {
+ $template->assign_var('ERROR', ($draft_message == '') ? $user->lang['EMPTY_DRAFT'] : (($draft_subject == '') ? $user->lang['EMPTY_DRAFT_TITLE'] : ''));
+ }
}
else
{
- $template->assign_var('ERROR', ($draft_message == '') ? $user->lang['EMPTY_DRAFT'] : (($draft_subject == '') ? $user->lang['EMPTY_DRAFT_TITLE'] : ''));
+ $template->assign_var('ERROR', $user->lang['FORM_INVALID']);
}
}
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index ae2e367795..a22fc57761 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -25,6 +25,7 @@ function compose_pm($id, $mode, $action)
{
$action = 'post';
}
+ add_form_key('ucp_pm_compose');
// Grab only parameters needed here
$to_user_id = request_var('u', 0);
@@ -532,6 +533,10 @@ function compose_pm($id, $mode, $action)
if ($submit || $preview || $refresh)
{
+ if (!check_form_key('ucp_pm_compose'))
+ {
+ $error[] = $user->lang['FORM_INVALID'];
+ }
$subject = utf8_normalize_nfc(request_var('subject', '', true));
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php
index e4d067115d..429c9e0caa 100644
--- a/phpBB/includes/ucp/ucp_pm_options.php
+++ b/phpBB/includes/ucp/ucp_pm_options.php
@@ -17,9 +17,11 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
$redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&amp;mode=options");
+ add_form_key('ucp_pm_options');
// Change "full folder" setting - what to do if folder is full
if (isset($_POST['fullfolder']))
{
+ check_form_key('ucp_pm_options', $config['form_token_lifetime'], $redirect_url);
$full_action = request_var('full_action', 0);
$set_folder_id = 0;
@@ -60,79 +62,94 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
// Add Folder
if (isset($_POST['addfolder']))
{
- $folder_name = utf8_normalize_nfc(request_var('foldername', '', true));
-
- if ($folder_name)
+ if (check_form_key('ucp_pm_options'))
{
- $sql = 'SELECT folder_name
- FROM ' . PRIVMSGS_FOLDER_TABLE . "
- WHERE folder_name = '" . $db->sql_escape($folder_name) . "'
- AND user_id = " . $user->data['user_id'];
- $result = $db->sql_query_limit($sql, 1);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
+ $folder_name = utf8_normalize_nfc(request_var('foldername', '', true));
+ $msg = '';
- if ($row)
+ if ($folder_name)
{
- trigger_error(sprintf($user->lang['FOLDER_NAME_EXIST'], $folder_name));
- }
+ $sql = 'SELECT folder_name
+ FROM ' . PRIVMSGS_FOLDER_TABLE . "
+ WHERE folder_name = '" . $db->sql_escape($folder_name) . "'
+ AND user_id = " . $user->data['user_id'];
+ $result = $db->sql_query_limit($sql, 1);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
- $sql = 'SELECT COUNT(folder_id) as num_folder
- FROM ' . PRIVMSGS_FOLDER_TABLE . '
- WHERE user_id = ' . $user->data['user_id'];
- $result = $db->sql_query($sql);
- $num_folder = (int) $db->sql_fetchfield('num_folder');
- $db->sql_freeresult($result);
+ if ($row)
+ {
+ trigger_error(sprintf($user->lang['FOLDER_NAME_EXIST'], $folder_name));
+ }
- if ($num_folder >= $config['pm_max_boxes'])
- {
- trigger_error('MAX_FOLDER_REACHED');
- }
+ $sql = 'SELECT COUNT(folder_id) as num_folder
+ FROM ' . PRIVMSGS_FOLDER_TABLE . '
+ WHERE user_id = ' . $user->data['user_id'];
+ $result = $db->sql_query($sql);
+ $num_folder = (int) $db->sql_fetchfield('num_folder');
+ $db->sql_freeresult($result);
- $sql = 'INSERT INTO ' . PRIVMSGS_FOLDER_TABLE . ' ' . $db->sql_build_array('INSERT', array(
- 'user_id' => (int) $user->data['user_id'],
- 'folder_name' => $folder_name)
- );
- $db->sql_query($sql);
+ if ($num_folder >= $config['pm_max_boxes'])
+ {
+ trigger_error('MAX_FOLDER_REACHED');
+ }
- $message = $user->lang['FOLDER_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
- meta_refresh(3, $redirect_url);
- trigger_error($message);
+ $sql = 'INSERT INTO ' . PRIVMSGS_FOLDER_TABLE . ' ' . $db->sql_build_array('INSERT', array(
+ 'user_id' => (int) $user->data['user_id'],
+ 'folder_name' => $folder_name)
+ );
+ $db->sql_query($sql);
+ $msg = $user->lang['FOLDER_ADDED'];
+ }
+ }
+ else
+ {
+ $msg = $user->lang['FORM_INVALID'];
}
+ $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
+ meta_refresh(3, $redirect_url);
+ trigger_error($message);
}
// Rename folder
if (isset($_POST['rename_folder']))
{
- $new_folder_name = utf8_normalize_nfc(request_var('new_folder_name', '', true));
- $rename_folder_id= request_var('rename_folder_id', 0);
-
- if (!$new_folder_name)
+ if (check_form_key('ucp_pm_options'))
{
- trigger_error('NO_NEW_FOLDER_NAME');
- }
+ $new_folder_name = utf8_normalize_nfc(request_var('new_folder_name', '', true));
+ $rename_folder_id= request_var('rename_folder_id', 0);
- // Select custom folder
- $sql = 'SELECT folder_name, pm_count
- FROM ' . PRIVMSGS_FOLDER_TABLE . "
- WHERE user_id = {$user->data['user_id']}
- AND folder_id = $rename_folder_id";
- $result = $db->sql_query_limit($sql, 1);
- $folder_row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
+ if (!$new_folder_name)
+ {
+ trigger_error('NO_NEW_FOLDER_NAME');
+ }
- if (!$folder_row)
- {
- trigger_error('CANNOT_RENAME_FOLDER');
- }
+ // Select custom folder
+ $sql = 'SELECT folder_name, pm_count
+ FROM ' . PRIVMSGS_FOLDER_TABLE . "
+ WHERE user_id = {$user->data['user_id']}
+ AND folder_id = $rename_folder_id";
+ $result = $db->sql_query_limit($sql, 1);
+ $folder_row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
- $sql = 'UPDATE ' . PRIVMSGS_FOLDER_TABLE . "
- SET folder_name = '" . $db->sql_escape($new_folder_name) . "'
- WHERE folder_id = $rename_folder_id
- AND user_id = {$user->data['user_id']}";
- $db->sql_query($sql);
+ if (!$folder_row)
+ {
+ trigger_error('CANNOT_RENAME_FOLDER');
+ }
- $message = $user->lang['FOLDER_RENAMED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
+ $sql = 'UPDATE ' . PRIVMSGS_FOLDER_TABLE . "
+ SET folder_name = '" . $db->sql_escape($new_folder_name) . "'
+ WHERE folder_id = $rename_folder_id
+ AND user_id = {$user->data['user_id']}";
+ $db->sql_query($sql);
+ $msg = $user->lang['FOLDER_RENAMED'];
+ }
+ else
+ {
+ $msg = $user->lang['FORM_INVALID'];
+ }
+ $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
meta_refresh(3, $redirect_url);
trigger_error($message);
}
@@ -251,60 +268,68 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
// Add Rule
if (isset($_POST['add_rule']))
{
- $check_option = request_var('check_option', 0);
- $rule_option = request_var('rule_option', 0);
- $cond_option = request_var('cond_option', '');
- $action_option = explode('|', request_var('action_option', ''));
- $rule_string = ($cond_option != 'none') ? utf8_normalize_nfc(request_var('rule_string', '', true)) : '';
- $rule_user_id = ($cond_option != 'none') ? request_var('rule_user_id', 0) : 0;
- $rule_group_id = ($cond_option != 'none') ? request_var('rule_group_id', 0) : 0;
-
- $action = (int) $action_option[0];
- $folder_id = (int) $action_option[1];
-
- if (!$action || !$check_option || !$rule_option || !$cond_option || ($cond_option != 'none' && !$rule_string))
+ if(check_form_key('ucp_pm_options'))
{
- trigger_error('RULE_NOT_DEFINED');
- }
+ $check_option = request_var('check_option', 0);
+ $rule_option = request_var('rule_option', 0);
+ $cond_option = request_var('cond_option', '');
+ $action_option = explode('|', request_var('action_option', ''));
+ $rule_string = ($cond_option != 'none') ? utf8_normalize_nfc(request_var('rule_string', '', true)) : '';
+ $rule_user_id = ($cond_option != 'none') ? request_var('rule_user_id', 0) : 0;
+ $rule_group_id = ($cond_option != 'none') ? request_var('rule_group_id', 0) : 0;
+
+ $action = (int) $action_option[0];
+ $folder_id = (int) $action_option[1];
+
+ if (!$action || !$check_option || !$rule_option || !$cond_option || ($cond_option != 'none' && !$rule_string))
+ {
+ trigger_error('RULE_NOT_DEFINED');
+ }
- if (($cond_option == 'user' && !$rule_user_id) || ($cond_option == 'group' && !$rule_group_id))
- {
- trigger_error('RULE_NOT_DEFINED');
- }
+ if (($cond_option == 'user' && !$rule_user_id) || ($cond_option == 'group' && !$rule_group_id))
+ {
+ trigger_error('RULE_NOT_DEFINED');
+ }
- $rule_ary = array(
- 'user_id' => $user->data['user_id'],
- 'rule_check' => $check_option,
- 'rule_connection' => $rule_option,
- 'rule_string' => $rule_string,
- 'rule_user_id' => $rule_user_id,
- 'rule_group_id' => $rule_group_id,
- 'rule_action' => $action,
- 'rule_folder_id' => $folder_id
- );
+ $rule_ary = array(
+ 'user_id' => $user->data['user_id'],
+ 'rule_check' => $check_option,
+ 'rule_connection' => $rule_option,
+ 'rule_string' => $rule_string,
+ 'rule_user_id' => $rule_user_id,
+ 'rule_group_id' => $rule_group_id,
+ 'rule_action' => $action,
+ 'rule_folder_id' => $folder_id
+ );
- $sql = 'SELECT rule_id
- FROM ' . PRIVMSGS_RULES_TABLE . '
- WHERE ' . $db->sql_build_array('SELECT', $rule_ary);
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
+ $sql = 'SELECT rule_id
+ FROM ' . PRIVMSGS_RULES_TABLE . '
+ WHERE ' . $db->sql_build_array('SELECT', $rule_ary);
+ $result = $db->sql_query($sql);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
- if ($row)
- {
- trigger_error('RULE_ALREADY_DEFINED');
- }
+ if ($row)
+ {
+ trigger_error('RULE_ALREADY_DEFINED');
+ }
- $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary);
- $db->sql_query($sql);
+ $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary);
+ $db->sql_query($sql);
- // Update users message rules
- $sql = 'UPDATE ' . USERS_TABLE . '
- SET user_message_rules = 1
- WHERE user_id = ' . $user->data['user_id'];
- $db->sql_query($sql);
+ // Update users message rules
+ $sql = 'UPDATE ' . USERS_TABLE . '
+ SET user_message_rules = 1
+ WHERE user_id = ' . $user->data['user_id'];
+ $db->sql_query($sql);
- $message = $user->lang['RULE_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
+ $msg = $user->lang['RULE_ADDED'];
+ }
+ else
+ {
+ $msg = $user->lang['FORM_INVALID'];
+ }
+ $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');
meta_refresh(3, $redirect_url);
trigger_error($message);
}
diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php
index b0e8f098c2..445000b4dc 100644
--- a/phpBB/includes/ucp/ucp_prefs.php
+++ b/phpBB/includes/ucp/ucp_prefs.php
@@ -28,7 +28,7 @@ class ucp_prefs
switch ($mode)
{
case 'personal':
-
+ add_form_key('ucp_prefs_personal');
$data = array(
'notifymethod' => request_var('notifymethod', $user->data['user_notify_type']),
'dateformat' => request_var('dateformat', $user->data['user_dateformat'], true),
@@ -55,6 +55,11 @@ class ucp_prefs
'tz' => array('num', false, -14, 14),
));
+ if (!check_form_key('ucp_prefs_personal'))
+ {
+ $error[] = 'FORM_INVALID';
+ }
+
if (!sizeof($error))
{
$user->optionset('popuppm', $data['popuppm']);
@@ -140,6 +145,8 @@ class ucp_prefs
case 'view':
+ add_form_key('ucp_prefs_view');
+
$data = array(
'topic_sk' => request_var('topic_sk', (!empty($user->data['user_topic_sortby_type'])) ? $user->data['user_topic_sortby_type'] : 't'),
'topic_sd' => request_var('topic_sd', (!empty($user->data['user_topic_sortby_dir'])) ? $user->data['user_topic_sortby_dir'] : 'd'),
@@ -166,6 +173,11 @@ class ucp_prefs
'post_sd' => array('string', false, 1, 1),
));
+ if (!check_form_key('ucp_prefs_view'))
+ {
+ $error[] = 'FORM_INVALID';
+ }
+
if (!sizeof($error))
{
$user->optionset('viewimg', $data['images']);
@@ -276,25 +288,34 @@ class ucp_prefs
'sig' => request_var('sig', $user->optionget('attachsig')),
'notify' => request_var('notify', $user->data['user_notify']),
);
+ add_form_key('ucp_prefs_post');
if ($submit)
{
- $user->optionset('bbcode', $data['bbcode']);
- $user->optionset('smilies', $data['smilies']);
- $user->optionset('attachsig', $data['sig']);
+ if (check_form_key('ucp_prefs_post'))
+ {
+ $user->optionset('bbcode', $data['bbcode']);
+ $user->optionset('smilies', $data['smilies']);
+ $user->optionset('attachsig', $data['sig']);
- $sql_ary = array(
- 'user_options' => $user->data['user_options'],
- 'user_notify' => $data['notify'],
- );
+ $sql_ary = array(
+ 'user_options' => $user->data['user_options'],
+ 'user_notify' => $data['notify'],
+ );
- $sql = 'UPDATE ' . USERS_TABLE . '
- SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
- WHERE user_id = ' . $user->data['user_id'];
- $db->sql_query($sql);
+ $sql = 'UPDATE ' . USERS_TABLE . '
+ SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
+ WHERE user_id = ' . $user->data['user_id'];
+ $db->sql_query($sql);
+ $msg = $user->lang['PREFERENCES_UPDATED'];
+ }
+ else
+ {
+ $msg = $user->lang['FORM_INVALID'];
+ }
meta_refresh(3, $this->u_action);
- $message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
+ $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
trigger_error($message);
}
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 269c3aad44..45461a56d0 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -44,6 +44,8 @@ class ucp_profile
'password_confirm' => request_var('password_confirm', '', true),
);
+ add_form_key('ucp_reg_details');
+
if ($submit)
{
// Do not check cur_password, it is the old one.
@@ -89,6 +91,11 @@ class ucp_profile
$error[] = 'NEW_EMAIL_ERROR';
}
+ if (!check_form_key('ucp_reg_details'))
+ {
+ $error[] = 'FORM_INVALID';
+ }
+
if (!sizeof($error))
{
$sql_ary = array(
@@ -224,7 +231,7 @@ class ucp_profile
trigger_error($message);
}
-
+
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
@@ -282,6 +289,8 @@ class ucp_profile
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
}
+ add_form_key('ucp_profile_info');
+
if ($submit)
{
$validate_array = array(
@@ -321,6 +330,11 @@ class ucp_profile
$error = array_merge($error, $cp_error);
}
+ if (!check_form_key('ucp_profile_info'))
+ {
+ $error[] = 'FORM_INVALID';
+ }
+
if (!sizeof($error))
{
$sql_ary = array(
@@ -446,6 +460,8 @@ class ucp_profile
$signature = utf8_normalize_nfc(request_var('signature', (string) $user->data['user_sig'], true));
+ add_form_key('ucp_sig');
+
if ($submit || $preview)
{
include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
@@ -462,6 +478,11 @@ class ucp_profile
$error[] = implode('<br />', $message_parser->warn_msg);
}
+ if (!check_form_key('ucp_sig'))
+ {
+ $error[] = 'FORM_INVALID';
+ }
+
if (!sizeof($error) && $submit)
{
$sql_ary = array(
@@ -517,7 +538,7 @@ class ucp_profile
'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false,
'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false)
);
-
+
// Build custom bbcodes array
display_custom_bbcodes();
@@ -533,15 +554,23 @@ class ucp_profile
$can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;
+ add_form_key('ucp_avatar');
+
if ($submit)
{
- if (avatar_process_user($error))
+ if (check_form_key('ucp_avatar'))
{
- meta_refresh(3, $this->u_action);
- $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
- trigger_error($message);
+ if (avatar_process_user($error))
+ {
+ meta_refresh(3, $this->u_action);
+ $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
+ trigger_error($message);
+ }
+ }
+ else
+ {
+ $error[] = 'FORM_INVALID';
}
-
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 6f133a9ed4..f321eb5b25 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -36,6 +36,16 @@ class ucp_register
$change_lang = request_var('change_lang', '');
$user_lang = request_var('lang', $user->lang_name);
+ add_form_key('ucp_register');
+
+ // not so fast, buddy
+ if (($submit && !check_form_key('ucp_register', false, '', false, 5))
+ || (!$submit && !check_form_key('ucp_register', false, '', false, 1)))
+ {
+ $agreed = false;
+ }
+
+
if ($change_lang || $user_lang != $config['default_lang'])
{
$use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);
@@ -122,6 +132,7 @@ class ucp_register
return;
}
+
// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
$timezone = date('Z') / 3600;
$is_dst = date('I');
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 1e424fb7cc..edd372333e 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -26,8 +26,15 @@ class ucp_resend
$email = strtolower(request_var('email', ''));
$submit = (isset($_POST['submit'])) ? true : false;
+ add_form_key('ucp_resend');
+
if ($submit)
{
+ if (!check_form_key('ucp_resend'))
+ {
+ trigger_error('FORM_INVALID');
+ }
+
$sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey, user_inactive_reason
FROM ' . USERS_TABLE . "
WHERE user_email = '" . $db->sql_escape($email) . "'
generated by cgit v1.2.1 (git 2.21.0) at 2025-06-17 10:43:57 +0000