diff options
Diffstat (limited to 'phpBB/includes')
22 files changed, 314 insertions, 228 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 662a83d212..823e9709c4 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -56,8 +56,7 @@ class acp_attachments $template->assign_vars(array( 'L_TITLE' => $user->lang[$l_title], 'L_TITLE_EXPLAIN' => $user->lang[$l_title . '_EXPLAIN'], - 'U_ACTION' => $this->u_action, - ) + 'U_ACTION' => $this->u_action) ); switch ($mode) @@ -181,8 +180,7 @@ class acp_attachments $template->assign_vars(array( 'U_SEARCH_IMAGICK' => $this->u_action . '&action=imgmagick', - 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true, - ) + 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !sizeof($supported_types['format']))) ? false : true) ); // Secure Download Options - Same procedure as with banning @@ -216,8 +214,7 @@ class acp_attachments 'L_SECURE_TITLE' => $user->lang['DEFINE_' . $allow_deny . '_IPS'], 'L_IP_EXCLUDE' => $user->lang['EXCLUDE_FROM_' . $allow_deny . '_IP'], - 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS'], - ) + 'L_REMOVE_IPS' => $user->lang['REMOVE_' . $allow_deny . '_IPS']) ); // Output relevant options @@ -271,8 +268,8 @@ class acp_attachments if ($submit) { // Change Extensions ? - $extension_change_list = (isset($_POST['extension_change_list'])) ? array_map('intval', $_POST['extension_change_list']) : array(); - $group_select_list = (isset($_POST['group_select'])) ? array_map('intval', $_POST['group_select']) : array(); + $extension_change_list = request_var('extension_change_list', array(0)); + $group_select_list = request_var('group_select', array(0)); // Generate correct Change List $extensions = array(); @@ -294,7 +291,7 @@ class acp_attachments $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . ' WHERE extension_id = ' . $row['extension_id']; - $db->sql_query($sql); + $db->sql_query($sql); add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']); } @@ -302,7 +299,7 @@ class acp_attachments $db->sql_freeresult($result); // Delete Extension? - $extension_id_list = (isset($_POST['extension_id_list'])) ? array_map('intval', $_POST['extension_id_list']) : array(); + $extension_id_list = request_var('extension_id_list', array(0)); if (sizeof($extension_id_list)) { @@ -332,7 +329,7 @@ class acp_attachments $add_extension_group = request_var('add_group_select', 0); $add = (isset($_POST['add_extension_check'])) ? true : false; - if ($add_extension != '' && $add) + if ($add_extension && $add) { if (!sizeof($error)) { @@ -353,7 +350,7 @@ class acp_attachments 'group_id' => $add_extension_group, 'extension' => $add_extension ); - + $db->sql_query('INSERT INTO ' . EXTENSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension); } @@ -364,7 +361,7 @@ class acp_attachments { $notify[] = $user->lang['EXTENSIONS_UPDATED']; } - + $cache->destroy('_extensions'); } @@ -467,11 +464,11 @@ class acp_attachments $upload_icon = request_var('upload_icon', 'no_image'); $size_select = request_var('size_select', 'b'); $forum_select = request_var('forum_select', false); - $allowed_forums = isset($_POST['allowed_forums']) ? array_map('intval', array_values($_POST['allowed_forums'])) : array(); - $allow_in_pm = isset($_POST['allow_in_pm']) ? true : false; + $allowed_forums = request_var('allowed_forums', array(0)); + $allow_in_pm = (isset($_POST['allow_in_pm'])) ? true : false; $max_filesize = request_var('max_filesize', 0); $max_filesize = ($size_select == 'kb') ? round($max_filesize * 1024) : (($size_select == 'mb') ? round($max_filesize * 1048576) : $max_filesize); - $allow_group = (isset($_POST['allow_group'])) ? 1 : 0; + $allow_group = (isset($_POST['allow_group'])) ? true : false; if ($max_filesize == $config['max_filesize']) { @@ -486,12 +483,12 @@ class acp_attachments $group_ary = array( 'group_name' => $group_name, 'cat_id' => request_var('special_category', ATTACHMENT_CATEGORY_NONE), - 'allow_group' => $allow_group, + 'allow_group' => ($allow_group) ? 1 : 0, 'download_mode' => request_var('download_mode', INLINE_LINK), 'upload_icon' => ($upload_icon == 'no_image') ? '' : $upload_icon, 'max_filesize' => $max_filesize, 'allowed_forums'=> ($forum_select) ? serialize($allowed_forums) : '', - 'allow_in_pm' => ($allow_in_pm) ? 1 : 0 + 'allow_in_pm' => ($allow_in_pm) ? 1 : 0, ); $sql = ($action == 'add') ? 'INSERT INTO ' . EXTENSION_GROUPS_TABLE . ' ' : 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' SET '; @@ -508,7 +505,7 @@ class acp_attachments add_log('admin', 'LOG_ATTACH_EXTGROUP_' . strtoupper($action), $group_name); } - $extension_list = isset($_REQUEST['extensions']) ? array_map('intval', array_values($_REQUEST['extensions'])) : array(); + $extension_list = request_var('extensions', array(0)); if ($action == 'edit' && sizeof($extension_list)) { @@ -533,7 +530,7 @@ class acp_attachments $notify[] = $user->lang['SUCCESS_EXTENSION_GROUP_' . strtoupper($action)]; } } - + $cat_lang = array( ATTACHMENT_CATEGORY_NONE => $user->lang['NO_FILE_CAT'], ATTACHMENT_CATEGORY_IMAGE => $user->lang['CAT_IMAGES'], @@ -581,7 +578,6 @@ class acp_attachments confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 'i' => $id, 'mode' => $mode, - 'action' => $action, 'group_id' => $group_id, 'action' => 'delete', ))); @@ -590,7 +586,7 @@ class acp_attachments break; case 'edit': - + if (!$group_id) { trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); @@ -608,7 +604,7 @@ class acp_attachments // no break; case 'add': - + if ($action == 'add') { $ext_group_row = array( @@ -620,7 +616,7 @@ class acp_attachments 'upload_icon' => '', 'max_filesize' => 0, ); - + $forum_ids = array(); } @@ -690,15 +686,15 @@ class acp_attachments } $template->assign_vars(array( - 'PHPBB_ROOT_PATH' => $phpbb_root_path, - 'IMG_PATH' => $img_path, - 'ACTION' => $action, - 'GROUP_ID' => $group_id, - 'GROUP_NAME' => $ext_group_row['group_name'], - 'ALLOW_GROUP' => $ext_group_row['allow_group'], - 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'], - 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], - 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], + 'PHPBB_ROOT_PATH' => $phpbb_root_path, + 'IMG_PATH' => $img_path, + 'ACTION' => $action, + 'GROUP_ID' => $group_id, + 'GROUP_NAME' => $ext_group_row['group_name'], + 'ALLOW_GROUP' => $ext_group_row['allow_group'], + 'ALLOW_IN_PM' => $ext_group_row['allow_in_pm'], + 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], + 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], 'ASSIGNED_EXTENSIONS' => $assigned_extensions, 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'), @@ -711,9 +707,9 @@ class acp_attachments 'S_FORUM_IDS' => (sizeof($forum_ids)) ? true : false, 'U_EXTENSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=extensions"), + 'U_BACK' => $this->u_action, - 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP'], - ) + 'L_LEGEND' => $user->lang[strtoupper($action) . '_EXTENSION_GROUP']) ); $s_forum_id_options = ''; @@ -721,11 +717,12 @@ class acp_attachments $sql = 'SELECT forum_id, forum_name, parent_id, forum_type, left_id, right_id FROM ' . FORUMS_TABLE . ' ORDER BY left_id ASC'; - $result = $db->sql_query($sql, 600); + $result = $db->sql_query($sql); $right = $cat_right = $padding_inc = 0; $padding = $forum_list = $holding = ''; $padding_store = array('0' => ''); + while ($row = $db->sql_fetchrow($result)) { if ($row['forum_type'] == FORUM_CAT && ($row['left_id'] + 1 == $row['right_id'])) @@ -777,38 +774,19 @@ class acp_attachments $template->assign_vars(array( 'S_FORUM_ID_OPTIONS' => $s_forum_id_options) ); - - break; - - case 'deactivate': - case 'activate': - - if (!$group_id) - { - trigger_error($user->lang['NO_EXT_GROUP_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); - } - - $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . ' - SET allow_group = ' . (($action == 'activate') ? '1' : '0') . " - WHERE group_id = $group_id"; - $db->sql_query($sql); - - $this->rewrite_extensions(); break; } $sql = 'SELECT * FROM ' . EXTENSION_GROUPS_TABLE . ' - ORDER BY allow_group DESC, group_name'; + ORDER BY allow_group DESC, allow_in_pm DESC, group_name'; $result = $db->sql_query($sql); - $act_deact = 'activate'; + $old_allow_group = $old_allow_pm = 1; while ($row = $db->sql_fetchrow($result)) { - $s_add_spacer = ($row['allow_group'] == 0 && $act_deact == 'deactivate') ? true : false; - - $act_deact = ($row['allow_group']) ? 'deactivate' : 'activate'; + $s_add_spacer = ($old_allow_group != $row['allow_group'] || $old_allow_pm != $row['allow_in_pm']) ? true : false; $template->assign_block_vars('groups', array( 'S_ADD_SPACER' => $s_add_spacer, @@ -817,14 +795,14 @@ class acp_attachments 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", - 'U_ACT_DEACT' => $this->u_action . "&action=$act_deact&g={$row['group_id']}", - 'L_ACT_DEACT' => $user->lang[strtoupper($act_deact)], 'GROUP_NAME' => $row['group_name'], 'CATEGORY' => $cat_lang[$row['cat_id']], ) ); + $old_allow_group = $row['allow_group']; + $old_allow_pm = $row['allow_in_pm']; } $db->sql_freeresult($result); @@ -1369,7 +1347,7 @@ class acp_attachments } else if (isset($_POST['unsecuresubmit'])) { - $unip_sql = array_map('intval', $_POST['unip']); + $unip_sql = request_var('unip', array(0)); if (sizeof($unip_sql)) { diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 7cd50d004e..11fddd3d1c 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -278,7 +278,6 @@ class acp_board 'title' => 'ACP_SERVER_SETTINGS', 'vars' => array( 'legend1' => 'ACP_SERVER_SETTINGS', - 'send_encoding' => array('lang' => 'SEND_ENCODING', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'gzip_compress' => array('lang' => 'ENABLE_GZIP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => false), 'legend2' => 'PATH_SETTINGS', diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index fa29e7b209..4f42f5b5b2 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -107,7 +107,12 @@ class acp_email if ($i == $max_chunk_size || $row['user_lang'] != $old_lang || $row['user_notify_type'] != $old_notify_type) { $i = 0; - $j++; + + if (sizeof($email_list)) + { + $j++; + } + $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; } diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index fc524e0c75..41b40f76e3 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -668,7 +668,7 @@ class acp_forums if ($db->sql_fetchrow($result)) { $template->assign_vars(array( - 'S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id)) // , false, true, false??? + 'S_MOVE_FORUM_OPTIONS' => make_forum_select($forum_data['parent_id'], $subforums_id, false, true)) // , false, true, false??? ); } $db->sql_freeresult($result); @@ -989,7 +989,6 @@ class acp_forums if ($action_subforums == 'delete') { - $log_action_forums = 'FORUMS'; $rows = get_forum_branch($row['forum_id'], 'children', 'descending', false); foreach ($rows as $_row) @@ -1055,8 +1054,6 @@ class acp_forums return array($user->lang['NO_DESTINATION_FORUM']); } - $log_action_forums = 'MOVE_FORUMS'; - $sql = 'SELECT forum_name FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $subforums_to_id; @@ -1115,11 +1112,9 @@ class acp_forums if ($row['forum_name'] != $forum_data_sql['forum_name']) { - // the forum name has changed, clear the parents list of child forums + // the forum name has changed, clear the parents list of all forums (for safety) $sql = 'UPDATE ' . FORUMS_TABLE . " - SET forum_parents = '' - WHERE left_id > " . $row['left_id'] . ' - AND right_id < ' . $row['right_id']; + SET forum_parents = ''"; $db->sql_query($sql); } @@ -1374,6 +1369,9 @@ class acp_forums } $db->sql_freeresult($result); + // Grab new forum data for correct tree updating later + $forum_data = $this->get_forum_info($forum_id); + $sql = 'UPDATE ' . FORUMS_TABLE . " SET parent_id = $subforums_to_id WHERE parent_id = $forum_id"; diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 678a4f3bcf..f7b4d8fc66 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -358,35 +358,49 @@ class acp_groups $group_perm_from = request_var('group_perm_from', 0); // Copy permissions? - if ($group_perm_from && $action == 'add') + // If the user has the a_authgroups permission and at least one additional permission ability set the permissions are fully transfered. + // We do not limit on one auth category because this can lead to incomplete permissions being tricky to fix for the admin, roles being assigned or added non-default permissions. + // Since the user only has the option to copy permissions from non leader managed groups this seems to be a good compromise. + if ($group_perm_from && $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) { - // From the mysql documentation: - // Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14. - // Due to this we stay on the safe side if we do the insertion "the manual way" - - // Copy permisisons from/to the acl groups table (only group_id gets changed) - $sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting - FROM ' . ACL_GROUPS_TABLE . ' + $sql = 'SELECT group_manage_founder + FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $group_perm_from; $result = $db->sql_query($sql); + $check_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - $groups_sql_ary = array(); - while ($row = $db->sql_fetchrow($result)) + // Check the group if non-founder + if ($check_row && ($user->data['user_type'] == USER_FOUNDER || $check_row['group_manage_founder'] == 0)) { - $groups_sql_ary[] = array( - 'group_id' => (int) $group_id, - 'forum_id' => (int) $row['forum_id'], - 'auth_option_id' => (int) $row['auth_option_id'], - 'auth_role_id' => (int) $row['auth_role_id'], - 'auth_setting' => (int) $row['auth_setting'] - ); + // From the mysql documentation: + // Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14. + // Due to this we stay on the safe side if we do the insertion "the manual way" + + // Copy permisisons from/to the acl groups table (only group_id gets changed) + $sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting + FROM ' . ACL_GROUPS_TABLE . ' + WHERE group_id = ' . $group_perm_from; + $result = $db->sql_query($sql); + + $groups_sql_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + $groups_sql_ary[] = array( + 'group_id' => (int) $group_id, + 'forum_id' => (int) $row['forum_id'], + 'auth_option_id' => (int) $row['auth_option_id'], + 'auth_role_id' => (int) $row['auth_role_id'], + 'auth_setting' => (int) $row['auth_setting'] + ); + } + $db->sql_freeresult($result); + + // Now insert the data + $db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary); + + $auth->acl_clear_prefetch(); } - $db->sql_freeresult($result); - - // Now insert the data - $db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary); - - $auth->acl_clear_prefetch(); } $cache->destroy('sql', GROUPS_TABLE); @@ -494,6 +508,7 @@ class acp_groups $template->assign_vars(array( 'S_EDIT' => true, 'S_ADD_GROUP' => ($action == 'add') ? true : false, + 'S_GROUP_PERM' => ($action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_ERROR' => (sizeof($error)) ? true : false, @@ -518,7 +533,7 @@ class acp_groups 'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, - 'S_GROUP_OPTIONS' => group_select_options(0), + 'S_GROUP_OPTIONS' => group_select_options(false, false, (($user->data['user_type'] == USER_FOUNDER) ? false : 0)), 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_AVATAR_WIDTH' => (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '', diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index f5e09582e4..bd942fe27f 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -203,14 +203,14 @@ class acp_icons $images = (isset($_POST['image'])) ? array_keys(request_var('image', array('' => 0))) : array(); // Now really get the items - $image_id = (isset($_POST['id'])) ? array_map('intval', $_POST['id']) : array(); - $image_order = (isset($_POST['order'])) ? array_map('intval', $_POST['order']) : array(); - $image_width = (isset($_POST['width'])) ? array_map('intval', $_POST['width']) : array(); - $image_height = (isset($_POST['height'])) ? array_map('intval', $_POST['height']) : array(); - $image_add = (isset($_POST['add_img'])) ? array_map('intval', $_POST['add_img']) : array(); + $image_id = (isset($_POST['id'])) ? request_var('id', array(0)) : array(); + $image_order = (isset($_POST['order'])) ? request_var('order', array(0)) : array(); + $image_width = (isset($_POST['width'])) ? request_var('width', array(0)) : array(); + $image_height = (isset($_POST['height'])) ? request_var('height', array(0)) : array(); + $image_add = (isset($_POST['add_img'])) ? request_var('add_img', array(0)) : array(); $image_emotion = request_var('emotion', array('' => '')); $image_code = request_var('code', array('' => '')); - $image_display_on_posting = (isset($_POST['display_on_posting'])) ? array_map('intval', $_POST['display_on_posting']) : array(); + $image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array(0)) : array(); foreach ($images as $image) { @@ -530,32 +530,43 @@ class acp_icons case 'delete': - $sql = "DELETE FROM $table - WHERE {$fields}_id = $icon_id"; - $db->sql_query($sql); - - switch ($mode) + if (confirm_box(true)) { - case 'smilies': - break; + $sql = "DELETE FROM $table + WHERE {$fields}_id = $icon_id"; + $db->sql_query($sql); - case 'icons': - // Reset appropriate icon_ids - $db->sql_query('UPDATE ' . TOPICS_TABLE . " - SET icon_id = 0 - WHERE icon_id = $icon_id"); + switch ($mode) + { + case 'smilies': + break; + + case 'icons': + // Reset appropriate icon_ids + $db->sql_query('UPDATE ' . TOPICS_TABLE . " + SET icon_id = 0 + WHERE icon_id = $icon_id"); + + $db->sql_query('UPDATE ' . POSTS_TABLE . " + SET icon_id = 0 + WHERE icon_id = $icon_id"); + break; + } - $db->sql_query('UPDATE ' . POSTS_TABLE . " - SET icon_id = 0 - WHERE icon_id = $icon_id"); + $notice = $user->lang[$lang . '_DELETED']; - break; + $cache->destroy('icons'); + $cache->destroy('sql', $table); + } + else + { + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'i' => $id, + 'mode' => $mode, + 'id' => $icon_id, + 'action' => 'delete', + ))); } - - $notice = $user->lang[$lang . '_DELETED']; - - $cache->destroy('icons'); - $cache->destroy('sql', $table); break; diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 61017a059d..9a8bc9e251 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -347,7 +347,7 @@ class acp_permissions $template->assign_vars(array( 'S_SELECT_GROUP' => true, - 'S_GROUP_OPTIONS' => group_select_options(false)) + 'S_GROUP_OPTIONS' => group_select_options(false, false, (($user->data['user_type'] == USER_FOUNDER) ? false : 0))) ); break; @@ -393,7 +393,7 @@ class acp_permissions 'S_SELECT_USERGROUP_VIEW' => ($victim == 'usergroup_view') ? true : false, 'S_DEFINED_USER_OPTIONS' => $items['user_ids_options'], 'S_DEFINED_GROUP_OPTIONS' => $items['group_ids_options'], - 'S_ADD_GROUP_OPTIONS' => group_select_options(false, $items['group_ids']), + 'S_ADD_GROUP_OPTIONS' => group_select_options(false, $items['group_ids'], (($user->data['user_type'] == USER_FOUNDER) ? false : 0)), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username'), 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username', false)) ); diff --git a/phpBB/includes/acp/acp_ranks.php b/phpBB/includes/acp/acp_ranks.php index db96b173e8..a52ff07607 100644 --- a/phpBB/includes/acp/acp_ranks.php +++ b/phpBB/includes/acp/acp_ranks.php @@ -62,11 +62,15 @@ class acp_ranks { $sql = 'UPDATE ' . RANKS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE rank_id = $rank_id"; $message = $user->lang['RANK_UPDATED']; + + add_log('admin', 'LOG_RANK_UPDATED', $rank_title); } else { $sql = 'INSERT INTO ' . RANKS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $message = $user->lang['RANK_ADDED']; + + add_log('admin', 'LOG_RANK_ADDED', $rank_title); } $db->sql_query($sql); @@ -78,9 +82,20 @@ class acp_ranks case 'delete': - // Ok, they want to delete their rank - if ($rank_id) + if (!$rank_id) { + trigger_error($user->lang['MUST_SELECT_RANK'] . adm_back_link($this->u_action), E_USER_WARNING); + } + + if (confirm_box(true)) + { + $sql = 'SELECT rank_title + FROM ' . RANKS_TABLE . ' + WHERE rank_id = ' . $rank_id; + $result = $db->sql_query($sql); + $rank_title = (string) $db->sql_fetchfield('rank_title'); + $db->sql_freeresult($result); + $sql = 'DELETE FROM ' . RANKS_TABLE . " WHERE rank_id = $rank_id"; $db->sql_query($sql); @@ -92,11 +107,16 @@ class acp_ranks $cache->destroy('ranks'); - trigger_error($user->lang['RANK_REMOVED'] . adm_back_link($this->u_action)); + add_log('admin', 'LOG_RANK_REMOVED', $rank_title); } else { - trigger_error($user->lang['MUST_SELECT_RANK'] . adm_back_link($this->u_action), E_USER_WARNING); + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'i' => $id, + 'mode' => $mode, + 'rank_id' => $rank_id, + 'action' => 'delete', + ))); } break; diff --git a/phpBB/includes/acp/acp_words.php b/phpBB/includes/acp/acp_words.php index e087c4f8af..a35b7e5156 100644 --- a/phpBB/includes/acp/acp_words.php +++ b/phpBB/includes/acp/acp_words.php @@ -110,23 +110,35 @@ class acp_words trigger_error($user->lang['NO_WORD'] . adm_back_link($this->u_action), E_USER_WARNING); } - $sql = 'SELECT word - FROM ' . WORDS_TABLE . " - WHERE word_id = $word_id"; - $result = $db->sql_query($sql); - $deleted_word = $db->sql_fetchfield('word'); - $db->sql_freeresult($result); + if (confirm_box(true)) + { + $sql = 'SELECT word + FROM ' . WORDS_TABLE . " + WHERE word_id = $word_id"; + $result = $db->sql_query($sql); + $deleted_word = $db->sql_fetchfield('word'); + $db->sql_freeresult($result); - $sql = 'DELETE FROM ' . WORDS_TABLE . " - WHERE word_id = $word_id"; - $db->sql_query($sql); + $sql = 'DELETE FROM ' . WORDS_TABLE . " + WHERE word_id = $word_id"; + $db->sql_query($sql); - $cache->destroy('word_censors'); + $cache->destroy('word_censors'); - add_log('admin', 'LOG_WORD_DELETE', $deleted_word); + add_log('admin', 'LOG_WORD_DELETE', $deleted_word); + + trigger_error($user->lang['WORD_REMOVED'] . adm_back_link($this->u_action)); + } + else + { + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'i' => $id, + 'mode' => $mode, + 'id' => $word_id, + 'action' => 'delete', + ))); + } - trigger_error($user->lang['WORD_REMOVED'] . adm_back_link($this->u_action)); - break; } diff --git a/phpBB/includes/acp/info/acp_update.php b/phpBB/includes/acp/info/acp_update.php index 014d67ff2b..0355c583f3 100644 --- a/phpBB/includes/acp/info/acp_update.php +++ b/phpBB/includes/acp/info/acp_update.php @@ -20,7 +20,7 @@ class acp_update_info 'title' => 'ACP_UPDATE', 'version' => '1.0.0', 'modes' => array( - 'version_check' => array('title' => 'ACP_VERSION_CHECK', 'auth' => 'acl_a_', 'cat' => array('ACP_AUTOMATION')), + 'version_check' => array('title' => 'ACP_VERSION_CHECK', 'auth' => 'acl_a_board', 'cat' => array('ACP_AUTOMATION')), ), ); } diff --git a/phpBB/includes/cache.php b/phpBB/includes/cache.php index 6266d32c0f..c5a4a080a5 100644 --- a/phpBB/includes/cache.php +++ b/phpBB/includes/cache.php @@ -173,21 +173,29 @@ class cache extends acm /** * Obtain allowed extensions + * + * @param mixed $forum_id If false then check for private messaging, if int then check for forum id. If true, then only return extension informations. + * + * @return array allowed extensions array. */ - function obtain_attach_extensions($forum_id = false) + function obtain_attach_extensions($forum_id) { if (($extensions = $this->get('_extensions')) === false) { global $db; - + + $extensions = array( + '_allowed_post' => array(), + '_allowed_pm' => array(), + ); + // The rule is to only allow those extensions defined. ;) $sql = 'SELECT e.extension, g.* FROM ' . EXTENSIONS_TABLE . ' e, ' . EXTENSION_GROUPS_TABLE . ' g WHERE e.group_id = g.group_id - AND g.allow_group = 1'; + AND (g.allow_group = 1 OR g.allow_in_pm = 1)'; $result = $db->sql_query($sql); - $extensions = array('_allowed_' => array()); while ($row = $db->sql_fetchrow($result)) { $extension = strtolower(trim($row['extension'])); @@ -196,47 +204,62 @@ class cache extends acm 'display_cat' => (int) $row['cat_id'], 'download_mode' => (int) $row['download_mode'], 'upload_icon' => trim($row['upload_icon']), - 'max_filesize' => (int) $row['max_filesize'] + 'max_filesize' => (int) $row['max_filesize'], + 'allow_group' => $row['allow_group'], + 'allow_in_pm' => $row['allow_in_pm'], ); $allowed_forums = ($row['allowed_forums']) ? unserialize(trim($row['allowed_forums'])) : array(); - if ($row['allow_in_pm']) + // Store allowed extensions forum wise + if ($row['allow_group']) { - $allowed_forums = array_merge($allowed_forums, array(0)); + $extensions['_allowed_post'][$extension] = (!sizeof($allowed_forums)) ? 0 : $allowed_forums; } - // Store allowed extensions forum wise - $extensions['_allowed_'][$extension] = (!sizeof($allowed_forums)) ? 0 : $allowed_forums; + if ($row['allow_in_pm']) + { + $extensions['_allowed_pm'][$extension] = 0; + } } $db->sql_freeresult($result); $this->put('_extensions', $extensions); } - if ($forum_id !== false) + // Forum post + if ($forum_id === false) { - $return = array(); + // We are checking for private messages, therefore we only need to get the pm extensions... + $return = array('_allowed_' => array()); - foreach ($extensions['_allowed_'] as $extension => $check) + foreach ($extensions['_allowed_pm'] as $extension => $check) { - $allowed = false; + $return['_allowed_'][$extension] = 0; + $return[$extension] = $extensions[$extension]; + } + $extensions = $return; + } + else if ($forum_id === true) + { + return $extensions; + } + else + { + $forum_id = (int) $forum_id; + $return = array('_allowed_' => array()); + + foreach ($extensions['_allowed_post'] as $extension => $check) + { + // Check for allowed forums if (is_array($check)) { - // Check for private messaging AND all forums allowed - if (sizeof($check) == 1 && $check[0] == 0) - { - $allowed = true; - } - else - { - $allowed = (!in_array($forum_id, $check)) ? false : true; - } + $allowed = (!in_array($forum_id, $check)) ? false : true; } else { - $allowed = ($forum_id === 0) ? false : true; + $allowed = true; } if ($allowed) diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index a88e3be9bf..8e1df45cb0 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2446,7 +2446,7 @@ function smiley_text($text, $force_option = false) /** * General attachment parsing * -* @param int $forum_id The forum id the attachments are displayed in (0 for private messages) +* @param mixed $forum_id The forum id the attachments are displayed in (false if in private message) * @param string &$message The post/private message * @param array &$attachments The attachments to parse for (inline) display. The attachments array will hold templated data after parsing. * @param array &$update_count The attachment counts to be updated - will be filled @@ -2475,7 +2475,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, if (empty($extensions) || !is_array($extensions)) { - $extensions = $cache->obtain_attach_extensions(); + $extensions = $cache->obtain_attach_extensions($forum_id); } // Look for missing attachment information... @@ -2620,7 +2620,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, } } - $download_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&f=' . $forum_id) : $filename; + $download_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&f=' . (int) $forum_id) : $filename; switch ($display_cat) { @@ -2638,7 +2638,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, // Images, but display Thumbnail case ATTACHMENT_CATEGORY_THUMB: $l_downloaded_viewed = $user->lang['VIEWED']; - $thumbnail_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&t=1&f=' . $forum_id) : $thumbnail_filename; + $thumbnail_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&t=1&f=' . (int) $forum_id) : $thumbnail_filename; $block_array += array( 'S_THUMBNAIL' => true, @@ -2754,35 +2754,23 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, } /** -* Check if extension is allowed to be posted within forum X (forum_id 0 == private messaging) +* Check if extension is allowed to be posted. +* +* @param mixed $forum_id The forum id to check or false if private message +* @param string $extension The extension to check, for example zip. +* @param array &$extensions The extension array holding the information from the cache (will be obtained if empty) +* +* @return bool False if the extension is not allowed to be posted, else true. */ function extension_allowed($forum_id, $extension, &$extensions) { - if (!sizeof($extensions)) + if (empty($extensions)) { global $cache; - $extensions = $cache->obtain_attach_extensions(); + $extensions = $cache->obtain_attach_extensions($forum_id); } - if (!isset($extensions['_allowed_'][$extension])) - { - return false; - } - - $check = $extensions['_allowed_'][$extension]; - - if (is_array($check)) - { - // Check for private messaging AND all forums allowed - if (sizeof($check) == 1 && $check[0] == 0) - { - return true; - } - - return (!in_array($forum_id, $check)) ? false : true; - } - - return ($forum_id == 0) ? false : true; + return (!isset($extensions['_allowed_'][$extension])) ? false : true; } // Little helpers @@ -3700,10 +3688,9 @@ function page_header($page_title = '', $display_online_list = true) 'SITE_LOGO_IMG' => $user->img('site_logo')) ); - if ($config['send_encoding']) - { - header('Content-type: text/html; charset=UTF-8'); - } + // application/xhtml+xml not used because of IE + header('Content-type: text/html; charset=UTF-8'); + header('Cache-Control: private, no-cache="set-cookie"'); header('Expires: 0'); header('Pragma: no-cache'); diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 23f243168f..a94504d3d2 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -200,19 +200,27 @@ function size_select_options($size_compare) } /** -* Generate list of groups +* Generate list of groups (option fields without select) +* +* @param int $group_id The default group id to mark as selected +* @param array $exclude_ids The group ids to exclude from the list, false (default) if you whish to exclude no id +* @param int $manage_founder If set to false (default) all groups are returned, if 0 only those groups returned not being managed by founders only, if 1 only those groups returned managed by founders only. +* +* @return string The list of options. */ -function group_select_options($group_id, $exclude_ids = false) +function group_select_options($group_id, $exclude_ids = false, $manage_founder = false) { global $db, $user, $config; $exclude_sql = ($exclude_ids !== false && sizeof($exclude_ids)) ? 'WHERE ' . $db->sql_in_set('group_id', array_map('intval', $exclude_ids), true) : ''; $sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name <> 'REGISTERED_COPPA'" : ''; + $sql_founder = ($manage_founder !== false) ? (($exclude_sql || $sql_and) ? ' AND ' : ' WHERE ') . 'group_founder_manage = ' . (int) $manage_founder : ''; $sql = 'SELECT group_id, group_name, group_type FROM ' . GROUPS_TABLE . " $exclude_sql $sql_and + $sql_founder ORDER BY group_type DESC, group_name ASC"; $result = $db->sql_query($sql); diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 242eb871ae..47e7e67c17 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -563,18 +563,43 @@ function get_moderators(&$forum_moderators, $forum_id = false) return; } - $forum_sql = 'AND ' . $db->sql_in_set('forum_id', $forum_id); + $forum_sql = 'AND m.' . $db->sql_in_set('forum_id', $forum_id); } - $sql = 'SELECT * - FROM ' . MODERATOR_CACHE_TABLE . " - WHERE display_on_index = 1 - $forum_sql"; + $sql_array = array( + 'SELECT' => 'm.*, u.user_colour, g.group_colour, g.group_type', + + 'FROM' => array( + MODERATOR_CACHE_TABLE => 'm', + ), + + 'LEFT_JOIN' => array( + array( + 'FROM' => array(USERS_TABLE => 'u'), + 'ON' => 'm.user_id = u.user_id', + ), + array( + 'FROM' => array(GROUPS_TABLE => 'g'), + 'ON' => 'm.group_id = g.group_id', + ), + ), + + 'WHERE' => "m.display_on_index = 1 $forum_sql", + ); + + $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql, 3600); while ($row = $db->sql_fetchrow($result)) { - $forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']) . '">' . $row['username'] . '</a>' : '<a href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']) . '">' . $row['group_name'] . '</a>'; + if (!empty($row['user_id'])) + { + $forum_moderators[$row['forum_id']][] = get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']); + } + else + { + $forum_moderators[$row['forum_id']][] = '<a' . (($row['group_colour']) ? ' style="color:#' . $row['group_colour'] . '"' : '') . ' href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']) . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</a>'; + } } $db->sql_freeresult($result); @@ -846,13 +871,15 @@ function display_user_activity(&$userdata) $active_t_pct = ($userdata['user_posts']) ? ($active_t_count / $userdata['user_posts']) * 100 : 0; } + $l_active_pct = ($userdata['user_id'] != ANONYMOUS && $userdata['user_id'] == $user->data['user_id']) ? $user->lang['POST_PCT_ACTIVE_OWN'] : $user->lang['POST_PCT_ACTIVE']; + $template->assign_vars(array( 'ACTIVE_FORUM' => $active_f_name, 'ACTIVE_FORUM_POSTS' => ($active_f_count == 1) ? sprintf($user->lang['USER_POST'], 1) : sprintf($user->lang['USER_POSTS'], $active_f_count), - 'ACTIVE_FORUM_PCT' => sprintf($user->lang['POST_PCT_ACTIVE'], $active_f_pct), + 'ACTIVE_FORUM_PCT' => sprintf($l_active_pct, $active_f_pct), 'ACTIVE_TOPIC' => censor_text($active_t_name), 'ACTIVE_TOPIC_POSTS' => ($active_t_count == 1) ? sprintf($user->lang['USER_POST'], 1) : sprintf($user->lang['USER_POSTS'], $active_t_count), - 'ACTIVE_TOPIC_PCT' => sprintf($user->lang['POST_PCT_ACTIVE'], $active_t_pct), + 'ACTIVE_TOPIC_PCT' => sprintf($l_active_pct, $active_t_pct), 'U_ACTIVE_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $active_f_id), 'U_ACTIVE_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=' . $active_t_id), 'S_SHOW_ACTIVITY' => true) diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 5805e654c6..fa839f038d 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -338,7 +338,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage return $filedata; } - $extensions = $cache->obtain_attach_extensions($forum_id); + $extensions = $cache->obtain_attach_extensions((($is_message) ? false : (int) $forum_id)); $upload->set_allowed_extensions(array_keys($extensions['_allowed_'])); $file = ($local) ? $upload->local_upload($local_storage) : $upload->form_upload($form_name); diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 0fcc42def1..a3a99bd4ec 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -831,7 +831,7 @@ function handle_mark_actions($user_id, $mark_action) { global $db, $user, $_POST, $phpbb_root_path, $phpEx; - $msg_ids = (isset($_POST['marked_msg_id'])) ? array_map('intval', $_POST['marked_msg_id']) : array(); + $msg_ids = request_var('marked_msg_id', array(0)); $cur_folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); $confirm = (isset($_POST['confirm'])) ? true : false; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 5991243d64..e36d3571f6 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -746,19 +746,6 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas $ip_1_counter++; } } - else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($ban_item))) - { - // hostname - $ip_ary = gethostbynamel(trim($ban_item)); - - foreach ($ip_ary as $ip) - { - if ($ip) - { - $banlist_ary[] = $ip; - } - } - } else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($ban_item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($ban_item))) { // Normal IP address @@ -769,6 +756,22 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas // Ban all IPs $banlist_ary[] = "*"; } + else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($ban_item))) + { + // hostname + $ip_ary = gethostbynamel(trim($ban_item)); + + if (!empty($ip_ary)) + { + foreach ($ip_ary as $ip) + { + if ($ip) + { + $banlist_ary[] = $ip; + } + } + } + } else { trigger_error('NO_IPS_DEFINED'); diff --git a/phpBB/includes/ucp/ucp_attachments.php b/phpBB/includes/ucp/ucp_attachments.php index 2312d1f30d..f995f05bf6 100644 --- a/phpBB/includes/ucp/ucp_attachments.php +++ b/phpBB/includes/ucp/ucp_attachments.php @@ -27,7 +27,7 @@ class ucp_attachments $delete = (isset($_POST['delete'])) ? true : false; $confirm = (isset($_POST['confirm'])) ? true : false; - $delete_ids = isset($_REQUEST['attachment']) ? array_keys(array_map('intval', $_REQUEST['attachment'])) : array(); + $delete_ids = request_var('attachment', array(0)); if ($delete && sizeof($delete_ids)) { diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index 57a8d0f86a..6678c362c0 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -193,8 +193,8 @@ class ucp_main if ($unwatch) { - $forums = (isset($_POST['f'])) ? array_map('intval', array_keys($_POST['f'])) : array(); - $topics = (isset($_POST['t'])) ? array_map('intval', array_keys($_POST['t'])) : array(); + $forums = array_keys(request_var('f', array(0 => 0))); + $topics = array_keys(request_var('t', array(0 => 0))); if (sizeof($forums) || sizeof($topics)) { @@ -512,7 +512,7 @@ class ucp_main if (isset($_POST['unbookmark'])) { $s_hidden_fields = array('unbookmark' => 1); - $topics = (isset($_POST['t'])) ? array_map('intval', array_keys($_POST['t'])) : array(); + $topics = (isset($_POST['t'])) ? array_keys(request_var('t', array(0 => 0))) : array(); $url = $this->u_action; if (!sizeof($topics)) @@ -644,7 +644,7 @@ class ucp_main if ($delete) { - $drafts = (!empty($_POST['d'])) ? array_map('intval', array_keys($_POST['d'])) : array(); + $drafts = array_keys(request_var('d', array(0 => 0))); if (sizeof($drafts)) { diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 50eb91297d..b9c069e47e 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -218,7 +218,7 @@ class ucp_pm // Move PM if ($move_pm) { - $move_msg_ids = (isset($_POST['marked_msg_id'])) ? array_map('intval', $_POST['marked_msg_id']) : array(); + $move_msg_ids = (isset($_POST['marked_msg_id'])) ? request_var('marked_msg_id', array(0)) : array(); $cur_folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id)) diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 0dd85c06ae..3b41827aa7 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -605,7 +605,7 @@ function compose_pm($id, $mode, $action) $update_count = array(); $attachment_data = $message_parser->attachment_data; - parse_attachments(0, $preview_message, $attachment_data, $update_count, true); + parse_attachments(false, $preview_message, $attachment_data, $update_count, true); foreach ($attachment_data as $i => $attachment) { diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index d87acfee69..60591f2031 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -120,7 +120,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) if (!empty($attachments)) { $update_count = array(); - parse_attachments(0, $message, $attachments, $update_count); + parse_attachments(false, $message, $attachments, $update_count); // Update the attachment download counts if (sizeof($update_count)) |