aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/functions.php56
-rw-r--r--phpBB/includes/mcp/mcp_forum.php10
-rw-r--r--phpBB/includes/mcp/mcp_main.php32
-rw-r--r--phpBB/includes/mcp/mcp_queue.php4
-rw-r--r--phpBB/includes/mcp/mcp_topic.php11
-rw-r--r--phpBB/includes/ucp/ucp_main.php5
-rw-r--r--phpBB/includes/ucp/ucp_pm_compose.php5
-rw-r--r--phpBB/includes/ucp/ucp_pm_options.php26
8 files changed, 89 insertions, 60 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index d5accb90cf..2ed2331114 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -19,7 +19,6 @@ function set_var(&$result, $var, $type, $multibyte = false)
if ($type == 'string')
{
$result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", '\xFF'), array("\n", "\n", ' '), $result)));
-// $result = preg_replace("#\n{3,}#", "\n\n", $result);
$result = (STRIP) ? stripslashes($result) : $result;
if ($multibyte)
{
@@ -35,39 +34,52 @@ function set_var(&$result, $var, $type, $multibyte = false)
*/
function request_var($var_name, $default, $multibyte = false)
{
- if (!isset($_REQUEST[$var_name]))
+ if (!isset($_REQUEST[$var_name]) || (is_array($_REQUEST[$var_name]) && !is_array($default)) || (is_array($default) && !is_array($_REQUEST[$var_name])))
{
- return $default;
+ return (is_array($default)) ? array() : $default;
}
- else
+
+ $var = $_REQUEST[$var_name];
+ if (!is_array($default))
{
- $var = $_REQUEST[$var_name];
$type = gettype($default);
+ }
+ else
+ {
+ list($key_type, $type) = each($default);
+ $type = gettype($type);
+ $key_type = gettype($key_type);
+ }
- if (is_array($var))
+ if (is_array($var))
+ {
+ $_var = $var;
+ $var = array();
+
+ foreach ($_var as $k => $v)
{
- foreach ($var as $k => $v)
+ if (is_array($v))
{
- if (is_array($v))
- {
- foreach ($v as $_k => $_v)
- {
- set_var($var[$k][$_k], $_v, $type, $multibyte);
- }
- }
- else
+ foreach ($v as $_k => $_v)
{
- set_var($var[$k], $v, $type, $multibyte);
+ set_var($k, $k, $key_type);
+ set_var($_k, $_k, $key_type);
+ set_var($var[$k][$_k], $_v, $type, $multibyte);
}
}
+ else
+ {
+ set_var($k, $k, $key_type);
+ set_var($var[$k], $v, $type, $multibyte);
+ }
}
- else
- {
- set_var($var, $var, $type, $multibyte);
- }
-
- return $var;
}
+ else
+ {
+ set_var($var, $var, $type, $multibyte);
+ }
+
+ return $var;
}
/**
diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php
index 56f76b5455..70548faafc 100644
--- a/phpBB/includes/mcp/mcp_forum.php
+++ b/phpBB/includes/mcp/mcp_forum.php
@@ -25,16 +25,16 @@ function mcp_forum_view($id, $mode, $action, $url, $forum_info)
$forum_id = $forum_info['forum_id'];
$start = request_var('start', 0);
- $topic_id_list = request_var('topic_id_list', 0);
- $post_id_list = request_var('post_id_list', 0);
+ $topic_id_list = request_var('topic_id_list', array(0));
+ $post_id_list = request_var('post_id_list', array(0));
$topic_id = request_var('t', 0);
// Resync Topics
if ($action == 'resync')
{
- $topic_ids = get_array('topic_id_list', 0);
+ $topic_ids = request_var('topic_id_list', array(0));
- if (!$topic_ids)
+ if (!sizeof($topic_ids))
{
$template->assign_var('MESSAGE', $user->lang['NO_TOPIC_SELECTED']);
}
@@ -45,7 +45,7 @@ function mcp_forum_view($id, $mode, $action, $url, $forum_info)
}
$selected_ids = '';
- if ($post_id_list)
+ if (sizeof($post_id_list))
{
foreach ($post_id_list as $num => $post_id)
{
diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php
index a86bc7c8fc..29094ae631 100644
--- a/phpBB/includes/mcp/mcp_main.php
+++ b/phpBB/includes/mcp/mcp_main.php
@@ -33,9 +33,9 @@ class mcp_main extends module
{
case 'lock':
case 'unlock':
- $topic_ids = get_array((!$quickmod) ? 'topic_id_list' : 't', 0);
+ $topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
- if (!$topic_ids)
+ if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
@@ -46,9 +46,9 @@ class mcp_main extends module
case 'lock_post':
case 'unlock_post':
- $post_ids = get_array((!$quickmod) ? 'post_id_list' : 'p', 0);
-
- if (!$post_ids)
+ $post_ids = (!$quickmod) ? request_var('post_id_list', array(0)) : array(request_var('p', 0));
+
+ if (!sizeof($post_ids))
{
trigger_error('NO_POST_SELECTED');
}
@@ -61,9 +61,9 @@ class mcp_main extends module
case 'make_global':
case 'make_normal':
- $topic_ids = get_array((!$quickmod) ? 'topic_id_list' : 't', 0);
+ $topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
- if (!$topic_ids)
+ if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
@@ -75,9 +75,9 @@ class mcp_main extends module
case 'move':
$user->add_lang('viewtopic');
- $topic_ids = get_array((!$quickmod) ? 'topic_id_list' : 't', 0);
+ $topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
- if (!$topic_ids)
+ if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
@@ -89,9 +89,9 @@ class mcp_main extends module
case 'fork':
$user->add_lang('viewtopic');
- $topic_ids = get_array((!$quickmod) ? 'topic_id_list' : 't', 0);
+ $topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
- if (!$topic_ids)
+ if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
@@ -103,9 +103,9 @@ class mcp_main extends module
case 'delete_topic':
$user->add_lang('viewtopic');
- $topic_ids = get_array((!$quickmod) ? 'topic_id_list' : 't', 0);
+ $topic_ids = (!$quickmod) ? request_var('topic_id_list', array(0)) : array(request_var('t', 0));
- if (!$topic_ids)
+ if (!sizeof($topic_ids))
{
trigger_error('NO_TOPIC_SELECTED');
}
@@ -116,9 +116,9 @@ class mcp_main extends module
case 'delete_post':
$user->add_lang('posting');
- $post_ids = get_array((!$quickmod) ? 'post_id_list' : 'p', 0);
-
- if (!$post_ids)
+ $post_ids = (!$quickmod) ? request_var('post_id_list', array(0)) : array(request_var('p', 0));
+
+ if (!sizeof($post_ids))
{
trigger_error('NO_POST_SELECTED');
}
diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php
index c62e29ee38..1f50e3456b 100644
--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@@ -31,9 +31,9 @@ class mcp_queue extends module
include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
- $post_id_list = get_array('post_id_list', 0);
+ $post_id_list = request_var('post_id_list', array(0));
- if (!$post_id_list)
+ if (!sizeof($post_id_list))
{
trigger_error('NO_POST_SELECTED');
}
diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php
index 31c79250f1..e4879288a7 100644
--- a/phpBB/includes/mcp/mcp_topic.php
+++ b/phpBB/includes/mcp/mcp_topic.php
@@ -34,8 +34,7 @@ function mcp_topic_view($id, $mode, $action, $url)
$start = request_var('start', 0);
$to_topic_id = request_var('to_topic_id', 0);
$to_forum_id = request_var('to_forum_id', 0);
-
- $post_id_list = get_array('post_id_list', 0);
+ $post_id_list = request_var('post_id_list', array(0));
// Split Topic?
if ($action == 'split_all' || $action == 'split_beyond')
@@ -218,10 +217,10 @@ function split_topic($mode, $topic_id, $to_forum_id, $subject)
{
global $db, $template, $user, $phpEx, $SID, $phpbb_root_path, $auth;
- $post_id_list = get_array('post_id_list', 0);
+ $post_id_list = request_var('post_id_list', array(0));
$start = request_var('start', 0);
- if (!$post_id_list)
+ if (!sizeof($post_id_list))
{
trigger_error('NO_POST_SELECTED');
}
@@ -414,10 +413,10 @@ function merge_posts($topic_id, $to_topic_id)
$topic_data = $topic_data[$to_topic_id];
- $post_id_list = get_array('post_id_list', 0);
+ $post_id_list = request_var('post_id_list', array(0));
$start = request_var('start', 0);
- if (!$post_id_list)
+ if (!sizeof($post_id_list))
{
$template->assign_var('MESSAGE', $user->lang['NO_POST_SELECTED']);
return;
diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php
index 4a98ea2829..f236f5dd9d 100644
--- a/phpBB/includes/ucp/ucp_main.php
+++ b/phpBB/includes/ucp/ucp_main.php
@@ -687,9 +687,8 @@ class ucp_main extends module
if ($submit && $edit)
{
- $draft_subject = preg_replace('#&(\#[0-9]+;)#', '&\1', request_var('subject', ''));
- $draft_message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : '';
- $draft_message = preg_replace('#&(\#[0-9]+;)#', '&\1', $draft_message);
+ $draft_subject = request_var('subject', '', true);
+ $draft_message = request_var('message', '', true);
if ($draft_message && $draft_subject)
{
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index 33ee31b22c..80a9c7676e 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -333,10 +333,9 @@ function compose_pm($id, $mode, $action)
// Save Draft
if ($save && $auth->acl_get('u_savedrafts'))
{
- $subject = preg_replace('#&(\#[0-9]+;)#', '&\1', request_var('subject', ''));
+ $subject = request_var('subject', '', true);
$subject = (!$subject && $action != 'post') ? $user->lang['NEW_MESSAGE'] : $subject;
- $message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : '';
- $message = preg_replace('#&(\#[0-9]+;)#', '&\1', $message);
+ $message = request_var('message', '', true);
if ($subject && $message)
{
diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php
index 253547cd47..129c6cb84f 100644
--- a/phpBB/includes/ucp/ucp_pm_options.php
+++ b/phpBB/includes/ucp/ucp_pm_options.php
@@ -418,7 +418,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
$rule_option = request_var('rule_option', 0);
$cond_option = request_var('cond_option', '');
$action_option = request_var('action_option', '');
- $back = (isset($_REQUEST['back'])) ? request_var('back', '') : array();
+ $back = (isset($_REQUEST['back'])) ? request_var('back', array('' => 0)) : array();
if (sizeof($back))
{
@@ -576,7 +576,7 @@ function define_rule_option($hardcoded, $rule_option, $rule_lang, $check_ary)
*/
function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule_conditions)
{
- global $db, $template;
+ global $db, $template, $auth;
$template->assign_vars(array(
'S_COND_DEFINED' => true,
@@ -657,15 +657,35 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule
$rule_group_id = request_var('rule_group_id', 0);
$rule_string = request_var('rule_string', '');
+ $sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
+ $sql = 'SELECT group_id, group_name, group_type
+ FROM ' . GROUPS_TABLE . "
+ WHERE group_type $sql_and
+ ORDER BY group_type DESC, group_name";
+ $result = $db->sql_query($sql);
+
+ $s_group_options = '';
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if ($rule_group_id && ($row['group_id'] == $rule_group_id))
+ {
+ $rule_string = (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']);
+ }
+
+ $s_selected = ($row['group_id'] == $rule_group_id) ? ' selected="selected"' : '';
+ $s_group_options .= '<option value="' . $row['group_id'] . '"' . $s_selected . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
+ }
+ $db->sql_freeresult($result);
+
$template->assign_vars(array(
'S_GROUP_CONDITION' => true,
+ 'S_GROUP_OPTIONS' => $s_group_options,
'CURRENT_STRING' => $rule_string,
'CURRENT_USER_ID' => 0,
'CURRENT_GROUP_ID' => $rule_group_id)
);
$current_value = $rule_string;
-
break;
default:
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-31 19:25:34 +0000