diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_bbcodes.php | 7 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_styles.php | 27 | ||||
| -rw-r--r-- | phpBB/includes/auth.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/db/oracle.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_main.php | 4 |
5 files changed, 26 insertions, 17 deletions
diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index ee1decea1c..2fdbdbdbd1 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -383,6 +383,13 @@ class acp_bbcodes // Lowercase tags $bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+=?).*/i', '$1', $bbcode_match); + + if (!preg_match('/^[a-zA-Z0-9_-]+=?$/', $bbcode_tag)) + { + global $user; + trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + $fp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $fp_match); $fp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $fp_replace); $sp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $sp_match); diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index b876cc2d65..582b25f5c5 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -1355,19 +1355,17 @@ parse_css_file = {PARSE_CSS_FILE} { $dp2 = @opendir("$dir/$imgnamelang"); - if (!$dp2) + if ($dp2) { - continue; - } - - while (($file2 = readdir($dp2)) !== false) - { - if (preg_match('#\.(?:gif|jpg|png)$#', $file2)) + while (($file2 = readdir($dp2)) !== false) { - $imagesetlist['lang'][] = "$imgnamelang/$file2"; + if (preg_match('#\.(?:gif|jpg|png)$#', $file2)) + { + $imagesetlist['lang'][] = "$imgnamelang/$file2"; + } } + closedir($dp2); } - closedir($dp2); } closedir($dp); } @@ -1408,7 +1406,8 @@ parse_css_file = {PARSE_CSS_FILE} sort($imagesetlist['lang']); sort($imagesetlist['nolang']); - $imagesetlist_options = ''; + $image_found = false; + $img_val = ''; foreach ($imagesetlist as $type => $img_ary) { if ($type !== 'lang' || $sql_extra) @@ -1424,7 +1423,8 @@ parse_css_file = {PARSE_CSS_FILE} $selected = (!empty($imgname) && strpos($image_filename, $imgtext) !== false); if ($selected) { - $template->assign_var('IMAGE_SELECT', true); + $image_found = true; + $img_val = htmlspecialchars($img); } $template->assign_block_vars('imagesetlist.images', array( 'SELECTED' => $selected, @@ -1442,13 +1442,14 @@ parse_css_file = {PARSE_CSS_FILE} 'L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN'], 'IMAGE_OPTIONS' => $img_options, - 'IMAGELIST_OPTIONS' => $imagesetlist_options, 'IMAGE_SIZE' => $imgsize_bool, 'IMAGE_REQUEST' => $image_request, 'U_ACTION' => $this->u_action . "&action=edit&id=$imageset_id", 'U_BACK' => $this->u_action, 'NAME' => $imageset_name, - 'ERROR' => !$valid_name + 'ERROR' => !$valid_name, + 'IMG_SRC' => ($image_found) ? '../styles/' . $imageset_path . '/imageset/' . $img_val : 'images/no_image.png', + 'IMAGE_SELECT' => $image_found )); } diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 3b05652a87..0f0349a6f3 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -127,7 +127,7 @@ class auth } } } - + return !$negate; // Founder always has all global options set to true... return ($negate) ? !$this->cache[$f][$opt] : $this->cache[$f][$opt]; } diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index 9c0491d8c8..1d2a097e04 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -110,10 +110,11 @@ class dbal_oracle extends dbal $in_transaction = true; } + $array = array(); + // We overcome Oracle's 4000 char limit by binding vars if (strlen($query) > 4000) { - $array = array(); if (preg_match('/^(INSERT INTO[^(]+)\\(([^()]+)\\) VALUES[^(]+\\((.*?)\\)$/s', $query, $regs)) { diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index 687900e646..758c0b22c2 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -1146,7 +1146,7 @@ function mcp_fork_topic($topic_ids) } // Sync new topics, parent forums and board stats - sync('topic', 'topic_id', $new_topic_id_list, true); + sync('topic', 'topic_id', $new_topic_id_list); $sync_sql = array(); @@ -1162,7 +1162,7 @@ function mcp_fork_topic($topic_ids) $db->sql_query($sql); } - sync('forum', 'forum_id', $to_forum_id, true); + sync('forum', 'forum_id', $to_forum_id); set_config('num_topics', $config['num_topics'] + sizeof($new_topic_id_list), true); set_config('num_posts', $config['num_posts'] + $total_posts, true); |