diff options
Diffstat (limited to 'phpBB/includes')
46 files changed, 564 insertions, 671 deletions
diff --git a/phpBB/includes/acm/acm_db.php b/phpBB/includes/acm/acm_db.php deleted file mode 100644 index cbb8af31fc..0000000000 --- a/phpBB/includes/acm/acm_db.php +++ /dev/null @@ -1,227 +0,0 @@ -<?php -/** -* -* @package acm -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License -* -*/ - -/** -* @package acm -* ACM Database Caching -*/ -class acm -{ - // Contains all loaded variables - var $vars = ''; - - // Contains the names of the variables that are ready to be used - // (iow, variables that have been unserialized) - var $var_ready = array(); - - // Contains variables that have been updated or destroyed this session - var $var_expires = array(); - - // Contains variables that have already been requested - // If a variable has been requested but not loaded, it simply means it - // wasn't found in the db - var $var_requested = array(); - - function load($var_names = '') - { - global $db; - $this->vars = array(); - - if (is_array($var_names)) - { - $var_requested = $var_names; - $sql_condition = "var_name IN ('" . implode("', '", $var_names) . "')"; - } - else - { -// $sql_condition = "var_name NOT LIKE '\_%'"; - $sql_condition = "LEFT(var_name, 1) <> '_'"; - } - - $sql = 'SELECT var_name, var_data - FROM ' . CACHE_TABLE . ' - WHERE var_expires > ' . time() . " - AND $sql_condition"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $this->vars[$row['var_name']] = $row['var_data']; - - if (!$var_names) - { - $this->var_requested[] = $row['var_name']; - } - } - } - - function unload() - { - $this->save(); - unset($this->vars); - } - - function save() - { - global $db; - - $delete = $insert = array(); - foreach ($this->var_expires as $var_name => $expires) - { - if ($expires == 'now') - { - $delete[] = $var_name; - } - else - { - $delete[] = $var_name; - $insert[] = "'$var_name', $expires, '" . $db->sql_escape(serialize($this->vars[$var_name])) . "'"; - } - } - $this->var_expires = array(); - - if (sizeof($delete)) - { - $sql = 'DELETE FROM ' . CACHE_TABLE . " - WHERE var_name IN ('" . implode("', '", $delete) . "')"; - $db->sql_query($sql); - } - - if (sizeof($insert)) - { - switch (SQL_LAYER) - { - case 'mysql': - case 'mysql4': - case 'mysqli': - $sql = 'INSERT INTO ' . CACHE_TABLE . ' (var_name, var_expires, var_data) - VALUES (' . implode('), (', $insert) . ')'; - $db->sql_query($sql); - break; - - default: - foreach ($insert as $values) - { - $sql = 'INSERT INTO ' . CACHE_TABLE . " (var_name, var_expires, var_data) - VALUES ($values)"; - $db->sql_query($sql); - } - } - } - } - - function tidy() - { - global $db; - - $sql = 'DELETE FROM ' . CACHE_TABLE . ' - WHERE var_expires < ' . time(); - $db->sql_query($sql); - - set_config('cache_last_gc', time(), true); - } - - function get($var_name) - { - if (!is_array($this->vars)) - { - $this->load(); - } - - if ($var_name{0} == '_') - { - if (!in_array($var_name, $this->var_requested)) - { - $this->var_requested[] = $var_name; - - global $db; - $sql = 'SELECT var_data - FROM ' . CACHE_TABLE . " - WHERE var_name = '$var_name' - AND var_expires > " . time(); - $result = $db->sql_query($sql); - if ($row = $db->sql_fetchrow($result)) - { - $this->vars[$var_name] = $row['var_data']; - } - } - } - - if ($this->_exists($var_name)) - { - if (empty($this->var_ready[$var_name])) - { - $this->vars[$var_name] = unserialize($this->vars[$var_name]); - $this->var_ready[$var_name] = true; - } - - return $this->vars[$var_name]; - } - else - { - return false; - } - } - - function put($var_name, $var_data, $ttl = 31536000) - { - $this->vars[$var_name] = $var_data; - - if ($var_name{0} == '_') - { - global $db; - - switch (SQL_LAYER) - { - case 'mysql': - case 'mysql4': - case 'mysqli': - $INSERT = 'REPLACE'; - break; - - default: - $sql = 'DELETE FROM ' . CACHE_TABLE . " - WHERE var_name = '$var_name'"; - $db->sql_query($sql); - - $INSERT = 'INSERT'; - } - - $sql = "$INSERT INTO " . CACHE_TABLE . " (var_name, var_expires, var_data) - VALUES ('$var_name', " . (time() + $ttl) . ", '" . $db->sql_escape(serialize($var_data)) . "')"; - $db->sql_query($sql); - } - else - { - $this->var_expires[$var_name] = time() + $ttl; - } - } - - function destroy($var_name, $void = NULL) - { - if (isset($this->vars[$var_name])) - { - $this->var_expires[$var_name] = 'now'; - unset($this->vars[$var_name]); - } - } - - function _exists($var_name) - { - if (!is_array($this->vars)) - { - $this->load(); - } - - return isset($this->vars[$var_name]); - } -} - -?>
\ No newline at end of file diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 976c2b2257..85480756ca 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -256,7 +256,6 @@ class acp_attachments { if ($submit) { - // Change Extensions ? $extension_change_list = (isset($_POST['extension_change_list'])) ? array_map('intval', $_POST['extension_change_list']) : array(); $group_select_list = (isset($_POST['group_select'])) ? array_map('intval', $_POST['group_select']) : array(); @@ -282,6 +281,7 @@ class acp_attachments SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . ' WHERE extension_id = ' . $row['extension_id']; $db->sql_query($sql); + add_log('admin', 'LOG_ATTACH_EXT_UPDATE', $row['extension']); } } @@ -312,7 +312,7 @@ class acp_attachments add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list); } } - + // Add Extension? $add_extension = strtolower(request_var('add_extension', '')); $add_extension_group = request_var('add_group_select', 0); @@ -400,7 +400,7 @@ class acp_attachments { $action = request_var('action', ''); $group_id = request_var('g', 0); - + if ($action != 'add' && $action != 'edit') { trigger_error('WRONG_MODE'); @@ -439,6 +439,7 @@ class acp_attachments FROM ' . EXTENSION_GROUPS_TABLE . " WHERE LOWER(group_name) = '" . $db->sql_escape(strtolower($new_group_name)) . "'"; $result = $db->sql_query($sql); + if ($db->sql_fetchrow($result)) { $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $new_group_name); @@ -461,7 +462,7 @@ class acp_attachments if ($max_filesize == $config['max_filesize']) { $max_filesize = 0; - } + } if (!sizeof($allowed_forums)) { @@ -484,7 +485,7 @@ class acp_attachments $sql .= ($action == 'edit') ? " WHERE group_id = $group_id" : ''; $db->sql_query($sql); - + if ($action == 'add') { $group_id = $db->sql_nextid(); @@ -580,7 +581,8 @@ class acp_attachments trigger_error($user->lang['NO_EXTENSION_GROUP'] . adm_back_link($this->u_action)); } - $sql = 'SELECT * FROM ' . EXTENSION_GROUPS_TABLE . " + $sql = 'SELECT * + FROM ' . EXTENSION_GROUPS_TABLE . " WHERE group_id = $group_id"; $result = $db->sql_query($sql); $ext_group_row = $db->sql_fetchrow($result); @@ -588,6 +590,8 @@ class acp_attachments $forum_ids = (!$ext_group_row['allowed_forums']) ? array() : unserialize(trim($ext_group_row['allowed_forums'])); + // no break; + case 'add': if ($action == 'add') @@ -607,8 +611,10 @@ class acp_attachments $extensions = array(); - $sql = 'SELECT * FROM ' . EXTENSIONS_TABLE . " - WHERE group_id = $group_id OR group_id = 0 + $sql = 'SELECT * + FROM ' . EXTENSIONS_TABLE . " + WHERE group_id = $group_id + OR group_id = 0 ORDER BY extension"; $result = $db->sql_query($sql); $extensions = $db->sql_fetchrowset($result); @@ -674,7 +680,7 @@ class acp_attachments 'UPLOAD_ICON_SRC' => $phpbb_root_path . $img_path . '/' . $ext_group_row['upload_icon'], 'EXTGROUP_FILESIZE' => $ext_group_row['max_filesize'], 'ASSIGNED_EXTENSIONS' => $assigned_extensions, - + 'S_CATEGORY_SELECT' => $this->category_select('special_category', $group_id, 'category'), 'S_DOWNLOAD_SELECT' => $this->download_select('download_mode', $group_id, 'download_mode'), 'S_EXT_GROUP_SIZE_OPTIONS' => size_select_options($size_format), @@ -756,7 +762,7 @@ class acp_attachments case 'deactivate': case 'activate': - + if (!$group_id) { trigger_error($user->lang['NO_EXTENSION_GROUP'] . adm_back_link($this->u_action)); @@ -781,9 +787,9 @@ class acp_attachments while ($row = $db->sql_fetchrow($result)) { $s_add_spacer = ($row['allow_group'] == 0 && $act_deact == 'deactivate') ? true : false; - + $act_deact = ($row['allow_group']) ? 'deactivate' : 'activate'; - + $template->assign_block_vars('groups', array( 'S_ADD_SPACER' => $s_add_spacer, 'S_ALLOWED_IN_PM' => ($row['allow_in_pm']) ? true : false, @@ -792,7 +798,7 @@ class acp_attachments 'U_EDIT' => $this->u_action . "&action=edit&g={$row['group_id']}", 'U_DELETE' => $this->u_action . "&action=delete&g={$row['group_id']}", 'U_ACT_DEACT' => $this->u_action . "&action=$act_deact&g={$row['group_id']}", - + 'L_ACT_DEACT' => $user->lang[strtoupper($act_deact)], 'GROUP_NAME' => $row['group_name'], 'CATEGORY' => $cat_lang[$row['cat_id']], @@ -808,7 +814,6 @@ class acp_attachments if ($submit) { - $delete_files = (isset($_POST['delete'])) ? array_keys(request_var('delete', array('' => 0))) : array(); $add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array(); $post_ids = request_var('post_id', array('' => 0)); @@ -862,15 +867,15 @@ class acp_attachments { $return = true; - if ($auth->acl_gets('f_attach', 'u_attach', $row['forum_id'])) + if ($auth->acl_get('f_attach', $row['forum_id'])) { $return = $this->upload_file($row['post_id'], $row['topic_id'], $row['forum_id'], $config['upload_path'], $upload_list[$row['post_id']]); } - + $template->assign_block_vars('upload', array( 'FILE_INFO' => sprintf($user->lang['UPLOADING_FILE_TO'], $upload_list[$row['post_id']], $row['post_id']), - 'S_DENIED' => (!$auth->acl_gets('f_attach', 'u_attach', $row['forum_id'])) ? true : false, - 'L_DENIED' => (!$auth->acl_gets('f_attach', 'u_attach', $row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '', + 'S_DENIED' => (!$auth->acl_get('f_attach', $row['forum_id'])) ? true : false, + 'L_DENIED' => (!$auth->acl_get('f_attach', $row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '', 'ERROR_MSG' => ($return === true) ? false : $return) ); } @@ -883,7 +888,7 @@ class acp_attachments $template->assign_vars(array( 'S_ORPHAN' => true) ); - + $attach_filelist = array(); $dir = @opendir($phpbb_root_path . $config['upload_path']); @@ -939,7 +944,6 @@ class acp_attachments 'NOTIFY_MSG' => implode('<br />', $notify)) ); } - } /** @@ -962,7 +966,7 @@ class acp_attachments FROM ' . EXTENSION_GROUPS_TABLE . ' WHERE group_id = ' . (int) $group_id; $result = $db->sql_query($sql); - + $cat_type = (!($row = $db->sql_fetchrow($result))) ? ATTACHMENT_CATEGORY_NONE : $row['cat_id']; $db->sql_freeresult($result); @@ -1037,8 +1041,8 @@ class acp_attachments global $db, $user; $types = array( - INLINE_LINK => $user->lang['MODE_INLINE'], - PHYSICAL_LINK => $user->lang['MODE_PHYSICAL'] + INLINE_LINK => $user->lang['MODE_INLINE'], + PHYSICAL_LINK => $user->lang['MODE_PHYSICAL'] ); if ($group_id) @@ -1047,7 +1051,7 @@ class acp_attachments FROM " . EXTENSION_GROUPS_TABLE . " WHERE group_id = " . (int) $group_id; $result = $db->sql_query($sql); - + $download_mode = (!($row = $db->sql_fetchrow($result))) ? INLINE_LINK : $row['download_mode']; $db->sql_freeresult($result); @@ -1072,7 +1076,6 @@ class acp_attachments /** * Upload already uploaded file... huh? are you kidding? - * @todo integrate into upload class */ function upload_file($post_id, $topic_id, $forum_id, $upload_dir, $filename) { @@ -1141,7 +1144,7 @@ class acp_attachments function search_imagemagick() { $imagick = ''; - + $exe = ((defined('PHP_OS')) && (preg_match('#win#i', PHP_OS))) ? '.exe' : ''; $magic_home = getenv('MAGICK_HOME'); @@ -1150,7 +1153,7 @@ class acp_attachments { $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); - + $locations = array_merge($path_locations, $locations); foreach ($locations as $location) @@ -1198,13 +1201,13 @@ class acp_attachments $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir); return; } - + if (!is_dir($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir); return; } - + if (!is_writable($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); @@ -1332,6 +1335,7 @@ class acp_attachments unset($iplist_tmp); unset($hostlist_tmp); } + $db->sql_freeresult($result); if (sizeof($iplist)) { @@ -1380,6 +1384,7 @@ class acp_attachments { $l_unip_list .= (($l_unip_list != '') ? ', ' : '') . (($row['site_ip']) ? $row['site_ip'] : $row['site_hostname']); } + $db->sql_freeresult($result); $sql = 'DELETE FROM ' . SITELIST_TABLE . " WHERE site_id IN ($unip_sql)"; @@ -1416,12 +1421,12 @@ class acp_attachments $extensions[$extension]['max_filesize'] = (int) $row['max_filesize']; $allowed_forums = ($row['allowed_forums']) ? unserialize(trim($row['allowed_forums'])) : array(); - + if ($row['allow_in_pm']) { $allowed_forums = array_merge($allowed_forums, array(0)); } - + // Store allowed extensions forum wise $extensions['_allowed_'][$extension] = (!sizeof($allowed_forums)) ? 0 : $allowed_forums; } diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 834fdd19a8..4923b64a71 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -96,6 +96,9 @@ class acp_ban ); } + /** + * Display ban options + */ function display_ban_options($mode) { global $user, $db, $template; diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index 4dfcaf7e8a..382a836a63 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -42,12 +42,13 @@ class acp_bbcodes FROM ' . BBCODES_TABLE . ' WHERE bbcode_id = ' . $bbcode_id; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (!$row = $db->sql_fetchrow($result)) + if (!$row) { trigger_error('BBCODE_NOT_EXIST'); } - $db->sql_freeresult($result); $bbcode_match = $row['bbcode_match']; $bbcode_tpl = htmlspecialchars($row['bbcode_tpl']); @@ -59,14 +60,15 @@ class acp_bbcodes FROM ' . BBCODES_TABLE . ' WHERE bbcode_id = ' . $bbcode_id; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (!$row = $db->sql_fetchrow($result)) + if (!$row) { trigger_error('BBCODE_NOT_EXIST'); } - $db->sql_freeresult($result); - // No break here + // No break here case 'create': $display_on_posting = request_var('display_on_posting', 0); @@ -151,12 +153,17 @@ class acp_bbcodes $sql_ary['bbcode_id'] = (int) $bbcode_id; $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); + $lang = 'BBCODE_ADDED'; $log_action = 'LOG_BBCODE_ADD'; } else { - $db->sql_query('UPDATE ' . BBCODES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE bbcode_id = ' . $bbcode_id); + $sql = 'UPDATE ' . BBCODES_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE bbcode_id = ' . $bbcode_id; + $db->sql_query($sql); + $lang = 'BBCODE_EDITED'; $log_action = 'LOG_BBCODE_EDIT'; } @@ -173,13 +180,14 @@ class acp_bbcodes FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id"; $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) { $db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id"); add_log('admin', 'LOG_BBCODE_DELETE', $row['bbcode_tag']); } - $db->sql_freeresult($result); break; } diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 5c60f7099f..da424d1131 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -498,7 +498,6 @@ class acp_board // Output relevant page foreach ($display_vars['vars'] as $config_key => $vars) { - if (!is_array($vars) && strpos($config_key, 'legend') === false) { continue; @@ -564,6 +563,9 @@ class acp_board } } + /** + * Select auth method + */ function select_auth_method($selected_method, $key = '') { global $phpbb_root_path, $phpEx; @@ -591,6 +593,9 @@ class acp_board return $auth_select; } + /** + * Select mail authentication method + */ function mail_auth_select($selected_method, $key = '') { global $user; @@ -606,6 +611,9 @@ class acp_board return $s_smtp_auth_options; } + /** + * Select full folder action + */ function full_folder_select($value, $key = '') { global $user; @@ -613,6 +621,9 @@ class acp_board return '<option value="1"' . (($value == 1) ? ' selected="selected"' : '') . '>' . $user->lang['DELETE_OLDEST_MESSAGES'] . '</option><option value="2"' . (($value == 2) ? ' selected="selected"' : '') . '>' . $user->lang['HOLD_NEW_MESSAGES_SHORT'] . '</option>'; } + /** + * Select captcha pixel noise + */ function captcha_pixel_noise_select($value, $key = '') { global $user; @@ -620,6 +631,9 @@ class acp_board return '<option value="0"' . (($value == 0) ? ' selected="selected"' : '') . '>' . $user->lang['NONE'] . '</option><option value="1"' . (($value == 1) ? ' selected="selected"' : '') . '>' . $user->lang['LIGHT'] . '</option><option value="2"' . (($value == 2) ? ' selected="selected"' : '') . '>' . $user->lang['MEDIUM'] . '</option><option value="3"' . (($value == 3) ? ' selected="selected"' : '') . '>' . $user->lang['HEAVY'] . '</option>'; } + /** + * Select ip validation + */ function select_ip_check($value, $key = '') { $radio_ary = array(4 => 'ALL', 3 => 'CLASS_C', 2 => 'CLASS_B', 0 => 'NONE'); @@ -627,6 +641,9 @@ class acp_board return h_radio('config[ip_check]', $radio_ary, $value, $key); } + /** + * Select account activation method + */ function select_acc_activation($value, $key = '') { global $user, $config; @@ -640,6 +657,9 @@ class acp_board return h_radio('config[require_activation]', $radio_ary, $value, $key); } + /** + * Maximum/Minimum username length + */ function username_length($value, $key = '') { global $user; @@ -647,6 +667,9 @@ class acp_board return '<input id="' . $key . '" type="text" size="3" maxlength="3" name="config[min_name_chars]" value="' . $value . '" /> ' . $user->lang['MIN_CHARS'] . ' <input type="text" size="3" maxlength="3" name="config[max_name_chars]" value="' . $this->new_config['max_name_chars'] . '" /> ' . $user->lang['MAX_CHARS']; } + /** + * Allowed chars in usernames + */ function select_username_chars($selected_value, $key) { global $user; @@ -662,6 +685,9 @@ class acp_board return $user_char_options; } + /** + * Maximum/Minimum password length + */ function password_length($value, $key) { global $user; @@ -669,6 +695,9 @@ class acp_board return '<input id="' . $key . '" type="text" size="3" maxlength="3" name="config[min_pass_chars]" value="' . $value . '" /> ' . $user->lang['MIN_CHARS'] . ' <input type="text" size="3" maxlength="3" name="config[max_pass_chars]" value="' . $this->new_config['max_pass_chars'] . '" /> ' . $user->lang['MAX_CHARS']; } + /** + * Required chars in passwords + */ function select_password_chars($selected_value, $key) { global $user; @@ -684,6 +713,9 @@ class acp_board return $pass_char_options; } + /** + * Select bump interval + */ function bump_interval($value, $key) { global $user; @@ -699,6 +731,9 @@ class acp_board return '<input id="' . $key . '" type="text" size="3" maxlength="4" name="config[bump_interval]" value="' . $value . '" /> <select name="config[bump_type]">' . $s_bump_type . '</select>'; } + /** + * Board disable option and message + */ function board_disable($value, $key) { global $user; @@ -708,6 +743,9 @@ class acp_board return h_radio('config[board_disable]', $radio_ary, $value) . '<br /><input id="' . $key . '" type="text" name="config[board_disable_msg]" maxlength="255" size="40" value="' . $this->new_config['board_disable_msg'] . '" />'; } + /** + * Select default dateformat + */ function dateformat_select($value, $key) { global $user; diff --git a/phpBB/includes/acp/acp_bots.php b/phpBB/includes/acp/acp_bots.php index 407bf554a5..a57283e3ea 100644 --- a/phpBB/includes/acp/acp_bots.php +++ b/phpBB/includes/acp/acp_bots.php @@ -111,6 +111,8 @@ class acp_bots case 'edit': case 'add': + include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); + $bot_row = array( 'bot_name' => request_var('bot_name', '', true), 'bot_agent' => request_var('bot_agent', ''), @@ -160,25 +162,18 @@ class acp_bots trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action")); } - $sql = 'INSERT INTO ' . USERS_TABLE . ' ' . $db->sql_build_array('INSERT', array( + $user_id = user_add(array( + 'user_type' => (int) USER_IGNORE, 'group_id' => (int) $group_row['group_id'], 'username' => (string) $bot_row['bot_name'], - 'user_type' => (int) USER_IGNORE, + 'user_regdate' => time(), + 'user_password' => '', 'user_colour' => (string) $group_row['group_colour'], + 'user_email' => '', 'user_lang' => (string) $bot_row['bot_lang'], 'user_style' => (int) $bot_row['bot_style'], 'user_options' => 0) ); - $db->sql_query($sql); - - $user_id = $db->sql_nextid(); - - // Add to Bots usergroup - $sql = 'INSERT INTO ' . USER_GROUP_TABLE . ' ' . $db->sql_build_array('INSERT', array( - 'user_id' => $user_id, - 'group_id' => $group_row['group_id']) - ); - $db->sql_query($sql); $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => (int) $user_id, @@ -225,7 +220,7 @@ class acp_bots $db->sql_transaction('commit'); $cache->destroy('bots'); - + add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']); trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action . "&id=$bot_id&action=$action")); } diff --git a/phpBB/includes/acp/acp_disallow.php b/phpBB/includes/acp/acp_disallow.php index 3065b8cceb..1fdc2f8551 100644 --- a/phpBB/includes/acp/acp_disallow.php +++ b/phpBB/includes/acp/acp_disallow.php @@ -33,7 +33,7 @@ class acp_disallow if ($disallow) { - $disallowed_user = str_replace('*', '%', request_var('disallowed_user', '')); + $disallowed_user = str_replace('*', '%', request_var('disallowed_user', '', true)); if (!$disallowed_user) { diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index 2109011014..ec15d4e0df 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -84,14 +84,16 @@ class acp_email } } $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (!($row = $db->sql_fetchrow($result))) + if (!$row) { trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action)); } - $db->sql_freeresult($result); $i = $j = 0; + // Send with BCC, no more than 50 recipients for one mail (to not exceed the limit) $max_chunk_size = 50; $email_list = array(); @@ -175,8 +177,7 @@ class acp_email } else { - // Not great but the logging routine doesn't cope well with localising - // on the fly + // Not great but the logging routine doesn't cope well with localising on the fly $group_name = $user->lang['ALL_USERS']; } diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 379df056d4..ac4112a773 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -253,7 +253,7 @@ class acp_forums trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } - $sql = 'SELECT parent_id, left_id, right_id + $sql = 'SELECT * FROM ' . FORUMS_TABLE . " WHERE forum_id = $forum_id"; $result = $db->sql_query($sql); @@ -265,91 +265,14 @@ class acp_forums trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } - $forum_info = array($forum_id => $row); + $move_forum_name = $this->move_forum_by($row, $action, 1); - // Get the adjacent forum - $sql = 'SELECT forum_id, forum_name, left_id, right_id - FROM ' . FORUMS_TABLE . " - WHERE parent_id = $this->parent_id - AND " . (($action == 'move_up') ? "right_id < {$row['right_id']} ORDER BY right_id DESC" : "left_id > {$row['left_id']} ORDER BY left_id ASC"); - $result = $db->sql_query_limit($sql, 1); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - // already on top or at bottom - break; - } - - if ($action == 'move_up') - { - $log_action = 'LOG_FORUM_MOVE_UP'; - $up_id = $forum_id; - $down_id = $row['forum_id']; - } - else - { - $log_action = 'LOG_FORUM_MOVE_DOWN'; - $up_id = $row['forum_id']; - $down_id = $forum_id; - } - - $move_forum_name = $row['forum_name']; - $forum_info[$row['forum_id']] = $row; - $diff_up = $forum_info[$up_id]['right_id'] - $forum_info[$up_id]['left_id']; - $diff_down = $forum_info[$down_id]['right_id'] - $forum_info[$down_id]['left_id']; - - $forum_ids = array(); - - $sql = 'SELECT forum_id - FROM ' . FORUMS_TABLE . ' - WHERE left_id > ' . $forum_info[$up_id]['left_id'] . ' - AND right_id < ' . $forum_info[$up_id]['right_id']; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) + if ($move_forum_name !== false) { - $forum_ids[] = $row['forum_id']; - } - $db->sql_freeresult($result); - - // Start transaction - $db->sql_transaction('begin'); - - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET left_id = left_id + ' . ($diff_up + 1) . ', right_id = right_id + ' . ($diff_up + 1) . ' - WHERE left_id > ' . $forum_info[$down_id]['left_id'] . ' - AND right_id < ' . $forum_info[$down_id]['right_id']; - $db->sql_query($sql); - - if (sizeof($forum_ids)) - { - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET left_id = left_id - ' . ($diff_down + 1) . ', right_id = right_id - ' . ($diff_down + 1) . ' - WHERE forum_id IN (' . implode(', ', $forum_ids) . ')'; - $db->sql_query($sql); + add_log('admin', 'LOG_FORUM_' . strtoupper($action), $row['forum_name'], $move_forum_name); + $cache->destroy('sql', FORUMS_TABLE); } - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET left_id = ' . $forum_info[$down_id]['left_id'] . ', right_id = ' . ($forum_info[$down_id]['left_id'] + $diff_up) . ' - WHERE forum_id = ' . $up_id; - $db->sql_query($sql); - - $sql = 'UPDATE ' . FORUMS_TABLE . ' - SET left_id = ' . ($forum_info[$up_id]['right_id'] - $diff_down) . ', right_id = ' . $forum_info[$up_id]['right_id'] . ' - WHERE forum_id = ' . $down_id; - $db->sql_query($sql); - - $db->sql_transaction('commit'); - - $forum_data = $this->get_forum_info($forum_id); - - add_log('admin', $log_action, $forum_data['forum_name'], $move_forum_name); - unset($forum_data); - - $cache->destroy('sql', FORUMS_TABLE); - break; case 'sync': @@ -1439,15 +1362,91 @@ class acp_forums $db->sql_query("UPDATE $table SET forum_id = 0 WHERE forum_id = $forum_id"); } - /** - * @todo run cron for optimize table or redirect to database management screen - */ - $db->sql_transaction('commit'); return array(); } + /** + * Move forum position by $steps up/down + */ + function move_forum_by($forum_row, $action = 'move_up', $steps = 1) + { + global $db; + + /** + * Fetch all the siblings between the module's current spot + * and where we want to move it to. If there are less than $steps + * siblings between the current spot and the target then the + * module will move as far as possible + */ + $sql = 'SELECT forum_id, forum_name, left_id, right_id + FROM ' . FORUMS_TABLE . " + WHERE parent_id = {$forum_row['parent_id']} + AND " . (($action == 'move_up') ? "right_id < {$forum_row['right_id']} ORDER BY right_id DESC" : "left_id > {$forum_row['left_id']} ORDER BY left_id ASC"); + $result = $db->sql_query_limit($sql, $steps); + + $target = array(); + while ($row = $db->sql_fetchrow($result)) + { + $target = $row; + } + $db->sql_freeresult($result); + + if (!sizeof($target)) + { + // The forum is already on top or bottom + return false; + } + + /** + * $left_id and $right_id define the scope of the nodes that are affected by the move. + * $diff_up and $diff_down are the values to substract or add to each node's left_id + * and right_id in order to move them up or down. + * $move_up_left and $move_up_right define the scope of the nodes that are moving + * up. Other nodes in the scope of ($left_id, $right_id) are considered to move down. + */ + if ($action == 'move_up') + { + $left_id = $target['left_id']; + $right_id = $forum_row['right_id']; + + $diff_up = $forum_row['left_id'] - $target['left_id']; + $diff_down = $forum_row['right_id'] + 1 - $forum_row['left_id']; + + $move_up_left = $forum_row['left_id']; + $move_up_right = $forum_row['right_id']; + } + else + { + $left_id = $forum_row['left_id']; + $right_id = $target['right_id']; + + $diff_up = $forum_row['right_id'] + 1 - $forum_row['left_id']; + $diff_down = $target['right_id'] - $forum_row['right_id']; + + $move_up_left = $forum_row['right_id'] + 1; + $move_up_right = $target['right_id']; + } + + // Now do the dirty job + $sql = 'UPDATE ' . FORUMS_TABLE . " + SET left_id = left_id + CASE + WHEN left_id BETWEEN {$move_up_left} AND {$move_up_right} THEN -{$diff_up} + ELSE {$diff_down} + END, + right_id = right_id + CASE + WHEN right_id BETWEEN {$move_up_left} AND {$move_up_right} THEN -{$diff_up} + ELSE {$diff_down} + END, + forum_parents = '' + WHERE + left_id BETWEEN {$left_id} AND {$right_id} + AND right_id BETWEEN {$left_id} AND {$right_id}"; + $db->sql_query($sql); + + return $target['forum_name']; + } } ?>
\ No newline at end of file diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index d0560bae13..5aee176524 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -66,7 +66,7 @@ class acp_groups { trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action)); } - + // Approve, demote or promote group_user_attributes($action, $group_id, $mark_ary, false, ($group_id) ? $group_row['group_name'] : false); @@ -75,11 +75,11 @@ class acp_groups case 'demote': $message = 'GROUP_MODS_DEMOTED'; break; - + case 'promote': $message = 'GROUP_MODS_PROMOTED'; break; - + case 'approve': $message = 'USERS_APPROVED'; break; @@ -99,7 +99,7 @@ class acp_groups if (!sizeof($mark_ary)) { $start = 0; - + do { $sql = 'SELECT user_id @@ -320,7 +320,7 @@ class acp_groups // Only set the rank, colour, etc. if it's changed or if we're adding a new // group. This prevents existing group members being updated if no changes // were made. - + $group_attributes = array(); $test_variables = array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'legend', 'message_limit'); foreach ($test_variables as $test) @@ -449,10 +449,11 @@ class acp_groups { case AVATAR_UPLOAD: $avatar_img = $phpbb_root_path . $config['avatar_path'] . '/'; - break; + break; + case AVATAR_GALLERY: $avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/'; - break; + break; } $avatar_img .= $group_row['group_avatar']; @@ -505,7 +506,7 @@ class acp_groups 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'], - + 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(0), 'AVATAR_IMAGE' => $avatar_img, diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 23bd86ea3b..b74e5f8b4f 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -97,6 +97,8 @@ class acp_icons unset($_images); $_images = array(); + // no break; + case 'add': $order_list = ''; @@ -269,9 +271,10 @@ class acp_icons { $update = true; - $result = $db->sql_query("SELECT {$fields}_order + $sql = "SELECT {$fields}_order FROM $table - WHERE {$fields}_id = " . $image_id[$image]); + WHERE {$fields}_id = " . $image_id[$image]; + $result = $db->sql_query($sql); $order_old = (int) $db->sql_fetchfield($fields . '_order'); $db->sql_freeresult($result); @@ -403,8 +406,9 @@ class acp_icons )); } - $db->sql_query("UPDATE $table SET " . $db->sql_build_array('UPDATE', $sql) . " - WHERE $field_sql = '" . $db->sql_escape($replace_sql) . "'"); + $sql = "UPDATE $table SET " . $db->sql_build_array('UPDATE', $sql) . " + WHERE $field_sql = '" . $db->sql_escape($replace_sql) . "'"; + $db->sql_query($sql); } else { @@ -638,7 +642,6 @@ class acp_icons } } $db->sql_freeresult($result); - } } diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index 2977859b2f..2799c97959 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -65,11 +65,10 @@ class acp_jabber { if (!$jabber->connect()) { - trigger_error('Could not connect to Jabber server' . adm_back_link($this->u_action)); + trigger_error($user->lang['ERR_JAB_CONNECT'] . adm_back_link($this->u_action)); } - // First we'll try to authorise using this account, if that fails we'll - // try to create it. + // First we'll try to authorise using this account, if that fails we'll try to create it. if (!($result = $jabber->send_auth())) { if (($result = $jabber->account_registration($config['board_email'], $config['sitename'])) <> 2) @@ -95,12 +94,12 @@ class acp_jabber { if (!$jabber->connect()) { - trigger_error('Could not connect to Jabber server' . adm_back_link($this->u_action)); + trigger_error($user->lang['ERR_JAB_CONNECT'] . adm_back_link($this->u_action)); } if (!$jabber->send_auth()) { - trigger_error('Could not authorise on Jabber server' . adm_back_link($this->u_action)); + trigger_error($user->lang['ERR_JAB_AUTH'] . adm_back_link($this->u_action)); } $jabber->send_presence(NULL, NULL, 'online'); diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index 63b3c0dcdd..668422a90b 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -60,9 +60,7 @@ class acp_language if ($action == 'upload_data' && request_var('test_connection', '')) { $test_connection = false; - $action = 'upload_file'; - $method = request_var('method', ''); include_once($phpbb_root_path . 'includes/functions_transfer.' . $phpEx); @@ -72,6 +70,7 @@ class acp_language case 'ftp': $transfer = new ftp(request_var('host', ''), request_var('username', ''), request_var('password', ''), request_var('root_path', ''), request_var('port', ''), request_var('timeout', '')); break; + default: trigger_error($user->lang['INVALID_UPLOAD_METHOD']); } diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php index 038a3b0d3c..3f1a2436cf 100644 --- a/phpBB/includes/acp/acp_logs.php +++ b/phpBB/includes/acp/acp_logs.php @@ -109,7 +109,6 @@ class acp_logs 'S_SORT_KEY' => $s_sort_key, 'S_SORT_DIR' => $s_sort_dir, 'S_CLEARLOGS' => $auth->acl_get('a_clearlogs'), - ) ); diff --git a/phpBB/includes/acp/acp_modules.php b/phpBB/includes/acp/acp_modules.php index 3913527043..ce14694adf 100644 --- a/phpBB/includes/acp/acp_modules.php +++ b/phpBB/includes/acp/acp_modules.php @@ -31,11 +31,10 @@ class acp_modules global $db, $user, $auth, $template; global $config, $phpbb_admin_path, $phpbb_root_path, $phpEx; - // Set a global define for modules we might include (the author is able to prevent executing of code with this) + // Set a global define for modules we might include (the author is able to prevent execution of code by checking this constant) define('MODULE_INCLUDE', true); $user->add_lang('acp/modules'); - $this->tpl_name = 'acp_modules'; // module class @@ -560,6 +559,7 @@ class acp_modules WHERE module_class = '" . $db->sql_escape($this->module_class) . "' ORDER BY left_id ASC"; break; + default: $sql = 'SELECT module_id, module_enabled, module_name, parent_id, module_langname, left_id, right_id, module_auth FROM ' . MODULES_TABLE . " @@ -649,6 +649,7 @@ class acp_modules default: $condition = 'm2.left_id BETWEEN m1.left_id AND m1.right_id OR m1.left_id BETWEEN m2.left_id AND m2.right_id'; + break; } $rows = array(); @@ -934,14 +935,11 @@ class acp_modules /** * Move module position by $steps up/down - * @todo support more than one step up/down (at the moment $steps needs to be 1)! */ function move_module_by($module_row, $action = 'move_up', $steps = 1) { global $db; - $module_id = $module_row['module_id']; - /** * Fetch all the siblings between the module's current spot * and where we want to move it to. If there are less than $steps @@ -955,14 +953,14 @@ class acp_modules AND " . (($action == 'move_up') ? "right_id < {$module_row['right_id']} ORDER BY right_id DESC" : "left_id > {$module_row['left_id']} ORDER BY left_id ASC"); $result = $db->sql_query_limit($sql, $steps); - $target_module = array(); + $target = array(); while ($row = $db->sql_fetchrow($result)) { - $target_module = $row; + $target = $row; } $db->sql_freeresult($result); - if (!sizeof($target_module)) + if (!sizeof($target)) { // The module is already on top or bottom return false; @@ -977,10 +975,10 @@ class acp_modules */ if ($action == 'move_up') { - $left_id = $target_module['left_id']; + $left_id = $target['left_id']; $right_id = $module_row['right_id']; - $diff_up = $module_row['left_id'] - $target_module['left_id']; + $diff_up = $module_row['left_id'] - $target['left_id']; $diff_down = $module_row['right_id'] + 1 - $module_row['left_id']; $move_up_left = $module_row['left_id']; @@ -989,13 +987,13 @@ class acp_modules else { $left_id = $module_row['left_id']; - $right_id = $target_module['right_id']; + $right_id = $target['right_id']; $diff_up = $module_row['right_id'] + 1 - $module_row['left_id']; - $diff_down = $target_module['right_id'] - $module_row['right_id']; + $diff_down = $target['right_id'] - $module_row['right_id']; $move_up_left = $module_row['right_id'] + 1; - $move_up_right = $target_module['right_id']; + $move_up_right = $target['right_id']; } // Now do the dirty job @@ -1015,7 +1013,7 @@ class acp_modules $this->remove_cache_file(); - return $this->lang_name($target_module['module_langname']); + return $this->lang_name($target['module_langname']); } } diff --git a/phpBB/includes/acp/acp_permission_roles.php b/phpBB/includes/acp/acp_permission_roles.php index 8022498f67..1681986a36 100644 --- a/phpBB/includes/acp/acp_permission_roles.php +++ b/phpBB/includes/acp/acp_permission_roles.php @@ -128,6 +128,8 @@ class acp_permission_roles trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action)); } + // no break; + case 'add': $role_name = request_var('role_name', '', true); @@ -178,7 +180,7 @@ class acp_permission_roles $db->sql_freeresult($result); $sql_ary['role_order'] = $max_order + 1; - + $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql); @@ -193,7 +195,6 @@ class acp_permission_roles trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action)); break; - } } @@ -243,6 +244,8 @@ class acp_permission_roles $db->sql_freeresult($result); } + // no break; + case 'edit': if ($action == 'edit') @@ -284,13 +287,13 @@ class acp_permission_roles 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 'U_BACK' => $this->u_action, - + 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)], ) ); - + // We need to fill the auth options array with ACL_UNSET options ;) $sql = 'SELECT auth_option_id, auth_option FROM ' . ACL_OPTIONS_TABLE . " @@ -348,7 +351,7 @@ class acp_permission_roles break; } - // By default, check that image_order is valid and fix it if necessary + // By default, check that role_order is valid and fix it if necessary $sql = 'SELECT role_id, role_order FROM ' . ACL_ROLES_TABLE . " WHERE role_type = '" . $db->sql_escape($permission_type) . "' @@ -430,12 +433,12 @@ class acp_permission_roles $content_array = $categories = array(); $key_sort_array = array(0); $auth_options = array(0 => $auth_options); - + // Making use of auth_admin method here (we do not really want to change two similar code fragments) auth_admin::build_permission_array($auth_options, $content_array, $categories, $key_sort_array); $content_array = $content_array[0]; - + $template->assign_var('S_NUM_PERM_COLS', sizeof($categories)); // Assign to template @@ -448,7 +451,7 @@ class acp_permission_roles 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_YES'] && !$cat_array['S_UNSET']) ? true : false, 'S_UNSET' => ($cat_array['S_UNSET'] && !$cat_array['S_NO'] && !$cat_array['S_YES']) ? true : false) ); - + foreach ($cat_array['permissions'] as $permission => $allowed) { $template->assign_block_vars('auth.mask', array( @@ -471,7 +474,7 @@ class acp_permission_roles global $db; $auth_admin = new auth_admin(); - + // Get complete auth array $sql = 'SELECT auth_option, auth_option_id FROM ' . ACL_OPTIONS_TABLE . " diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index 758959f241..00722255c1 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -129,13 +129,14 @@ class acp_permissions // Define some common variables for every mode $error = array(); - + $permission_scope = (strpos($mode, '_global') !== false) ? 'global' : 'local'; // Showing introductionary page? if ($mode == 'intro') { $this->page_title = 'ACP_PERMISSIONS'; + $template->assign_vars(array( 'S_INTRO' => true) ); @@ -263,7 +264,7 @@ class acp_permissions ); break; - + case 'forums': if (sizeof($forum_id)) @@ -362,9 +363,9 @@ class acp_permissions ), 'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id) - $sql_permission_option - $sql_forum_id - AND u.user_id = a.user_id", + $sql_permission_option + $sql_forum_id + AND u.user_id = a.user_id", 'ORDER_BY' => 'u.username, u.user_regdate ASC' )); @@ -599,7 +600,7 @@ class acp_permissions FROM $table WHERE $sql_id IN (" . implode(', ', $ids) . ')'; $result = $db->sql_query($sql); - + $ids = array(); while ($row = $db->sql_fetchrow($result)) { @@ -709,7 +710,7 @@ class acp_permissions { trigger_error($user->lang['NO_ADMIN'] . adm_back_link($this->u_action)); } - + $auth_settings = (isset($_POST['setting'])) ? $_POST['setting'] : array(); $auth_roles = (isset($_POST['role'])) ? $_POST['role'] : array(); $ug_ids = $forum_ids = array(); @@ -719,7 +720,7 @@ class acp_permissions { $ug_id = (int) $ug_id; $ug_ids[] = $ug_id; - + foreach ($forum_auth_row as $forum_id => $auth_options) { $forum_id = (int) $forum_id; @@ -824,7 +825,7 @@ class acp_permissions } $this->log_action($mode, 'del', $permission_type, $ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : array(0 => 0))); - + trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action)); } @@ -942,7 +943,7 @@ class acp_permissions FROM ' . FORUMS_TABLE . " WHERE forum_id = $forum_id"; $result = $db->sql_query($sql, 3600); - $forum_name = $db->sql_fetchfield('forum_name', false, $result); + $forum_name = $db->sql_fetchfield('forum_name'); $db->sql_freeresult($result); } diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index cb9cf02573..56bd735de0 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -142,7 +142,7 @@ class acp_prune 'U_ACTION' => $this->u_action, 'S_SELECT_FORUM' => true, 'S_FORUM_OPTIONS' => make_forum_select(false, false, false)) - ); + ); } else { @@ -150,9 +150,11 @@ class acp_prune FROM ' . FORUMS_TABLE . ' WHERE forum_id IN (' . implode(', ', $forum_id) . ')'; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); - if (!($row = $db->sql_fetchrow($result))) + if (!$row) { + $db->sql_freeresult($result); trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action)); } @@ -175,9 +177,7 @@ class acp_prune 'FORUM_LIST' => $forum_list, 'S_HIDDEN_FIELDS' => $s_hidden_fields) ); - } - } /** @@ -361,7 +361,6 @@ class acp_prune 'S_COUNT_OPTIONS' => $s_find_count, 'U_FIND_USER' => append_sid($phpbb_root_path . "memberlist.$phpEx", 'mode=searchuser&form=acp_prune&field=users')) ); - } } diff --git a/phpBB/includes/acp/acp_reasons.php b/phpBB/includes/acp/acp_reasons.php index 450f2d5332..d6e15435ee 100644 --- a/phpBB/includes/acp/acp_reasons.php +++ b/phpBB/includes/acp/acp_reasons.php @@ -30,7 +30,6 @@ class acp_reasons $this->tpl_name = 'acp_reasons'; $this->page_title = 'ACP_REASONS'; - // dumdidum... do i really need to do something mom? $error = array(); switch ($action) diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 0448b7e568..a30078d7bf 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -31,7 +31,7 @@ class acp_users $username = request_var('username', '', true); $user_id = request_var('u', 0); $action = request_var('action', ''); - + $submit = (isset($_POST['update'])) ? true : false; // Whois (special case) @@ -57,7 +57,7 @@ class acp_users return; } - + // Show user selection mask if (!$username && !$user_id) { @@ -130,6 +130,12 @@ class acp_users 'S_FORM_OPTIONS' => $s_form_options) ); + // Prevent normal users/admins change/view founders if they are not a founder by themselves + if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER) + { + trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action)); + } + switch ($mode) { case 'overview': @@ -1502,9 +1508,9 @@ class acp_users 'SIGNATURE' => $signature, 'SIGNATURE_PREVIEW' => $signature_preview, - 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? 'checked="checked"' : '', - 'S_SMILIES_CHECKED' => (!$enable_smilies) ? 'checked="checked"' : '', - 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? 'checked="checked"' : '', + 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? 'checked="checked"' : '', + 'S_SMILIES_CHECKED' => (!$enable_smilies) ? 'checked="checked"' : '', + 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? 'checked="checked"' : '', 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>'), 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index 0888cae128..b92030b123 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -124,6 +124,7 @@ class auth_admin extends auth FROM ' . USERS_TABLE . ' WHERE user_id IN (' . implode(',', $ug_id) . ')'; $result = $db->sql_query($sql); + while ($userdata = $db->sql_fetchrow($result)) { if ($user->data['user_id'] != $user_id) @@ -148,6 +149,7 @@ class auth_admin extends auth } } $db->sql_freeresult($result); + unset($userdata); unset($auth2); } @@ -393,9 +395,9 @@ class auth_admin extends auth $groups[$row['group_id']] = $row; } $db->sql_freeresult($result); - + $memberships = group_memberships(false, array_keys($hold_ary), false); - + // User is not a member of any group? Bad admin, bad bad admin... if ($memberships) { @@ -546,6 +548,7 @@ class auth_admin extends auth default: $folder_image = ($forum_names_ary[$forum_id]['left_id'] + 1 != $forum_names_ary[$forum_id]['right_id']) ? '<img src="images/icon_folder_sub_small.gif" width="22" height="18" alt="' . $user->lang['SUBFORUM'] . '" />' : '<img src="images/icon_folder_small.gif" width="19" height="18" alt="' . $user->lang['FOLDER'] . '" />'; + break; } } } @@ -596,7 +599,7 @@ class auth_admin extends auth 'NAME' => ($forum_id == 0) ? $user->lang['GLOBAL_MASK'] : $forum_names[$forum_id], 'FORUM_ID' => $forum_id) ); - + if (isset($auth_ary['users']) && sizeof($auth_ary['users'])) { $sql = 'SELECT user_id, username @@ -740,6 +743,7 @@ class auth_admin extends auth } $cache->destroy('acl_options'); + $this->acl_clear_prefetch(); return true; } @@ -762,7 +766,7 @@ class auth_admin extends auth { $ug_id = array($ug_id); } - + $ug_id_sql = 'IN (' . implode(', ', array_map('intval', $ug_id)) . ')'; $forum_sql = 'IN (' . implode(', ', array_map('intval', $forum_id)) . ') '; @@ -1181,7 +1185,7 @@ class auth_admin extends auth * The other user is always able to revert back to his permission set. * This function does not check for lower/higher permissions, it is possible for the user to gain * "more" permissions by this. - * + * Admin permissions will not be copied. */ function ghost_permissions($from_user_id, $to_user_id) { diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 7a09d2d212..262c1ffaf7 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -53,7 +53,6 @@ class auth $db->sql_freeresult($result); $cache->put('acl_options', $this->acl_options); - $this->acl_clear_prefetch(); $this->acl_cache($userdata); } else if (!trim($userdata['user_permissions'])) diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index ac362bdeb0..410bf1abdb 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -28,7 +28,7 @@ function login_apache(&$username, &$password) $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; - if ((!empty($php_auth_user)) && (!empty($php_auth_pw))) + if (!empty($php_auth_user) && !empty($php_auth_pw)) { $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " @@ -85,16 +85,17 @@ function autologin_apache() $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; - if ((!empty($php_auth_user)) && (!empty($php_auth_pw))) + if (!empty($php_auth_user) && !empty($php_auth_pw)) { $sql = 'SELECT * FROM ' . USERS_TABLE . " WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if ($row = $db->sql_fetchrow($result)) + if ($row) { - $db->sql_freeresult($result); return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; } } @@ -109,7 +110,7 @@ function autologin_apache() */ function validate_session_apache(&$user) { - return ($_SERVER['PHP_AUTH_USER'] == $user['username']) ? true : false; + return ($_SERVER['PHP_AUTH_USER'] === $user['username']) ? true : false; } ?>
\ No newline at end of file diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index 071b61fdfe..55465ab762 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -103,7 +103,10 @@ function login_db(&$username, &$password) if (md5($password) == $row['user_password']) { // Successful, reset login attempts (the user passed all stages) - $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_attempts = 0 WHERE user_id = ' . $row['user_id']); + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = 0 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); // User inactive... if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) @@ -124,8 +127,11 @@ function login_db(&$username, &$password) } // Password incorrect - increase login attempts - $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_attempts = user_login_attempts + 1 WHERE user_id = ' . $row['user_id']); - + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = user_login_attempts + 1 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + // Give status about wrong password... return array( 'status' => LOGIN_ERROR_PASSWORD, diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index e6d783313f..e9b87bcf44 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -20,13 +20,15 @@ */ /** +* Connect to ldap server * Only allow changing authentication to ldap if we can connect to the ldap server +* Called in acp_board while setting authentication plugins */ function init_ldap() { global $config, $user; - if (!extension_loaded('ldap')) + if (!@extension_loaded('ldap')) { return $user->lang['LDAP_NO_LDAP_EXTENSION']; } @@ -38,13 +40,10 @@ function init_ldap() @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - // We'll get a notice here that we don't want, if we cannot connect to the server. // ldap_connect only checks whether the specified server is valid, so the connection might still fail - ob_start(); - $search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid'])); - if (ob_get_clean()) + if ($search === false) { return $user->lang['LDAP_NO_SERVER_CONNECTION']; } @@ -68,7 +67,7 @@ function login_ldap(&$username, &$password) { global $db, $config; - if (!extension_loaded('ldap')) + if (!@extension_loaded('ldap')) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -115,7 +114,7 @@ function login_ldap(&$username, &$password) 'user_row' => $row, ); } - + // Successful login... set user_login_attempts to zero... return array( 'status' => LOGIN_SUCCESS, @@ -155,7 +154,7 @@ function admin_ldap(&$new) global $user; /** - * @todo Using same approach with cfg_build_template? + * @todo Using same approach as with cfg_build_template? */ $tpl = ' diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index f39c004747..ea800e533b 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -375,14 +375,17 @@ class bbcode { if (empty($bbcode_hardtpl)) { - static $bbcode_hardtpl = array( + global $user; + static $bbcode_hardtpl = array(); + + $bbcode_hardtpl = array( 'b_open' => '<span style="font-weight: bold">', 'b_close' => '</span>', 'i_open' => '<span style="font-style: italic">', 'i_close' => '</span>', 'u_open' => '<span style="text-decoration: underline">', 'u_close' => '</span>', - 'img' => '<img src="$1" border="0" />', + 'img' => '<img src="$1" alt="' . $user->lang['IMAGE'] . '" />', 'size' => '<span style="font-size: $1px; line-height: normal">$2</span>', 'color' => '<span style="color: $1">$2</span>', 'email' => '<a href="mailto:$1">$2</a>' diff --git a/phpBB/includes/captcha/captcha_non_gd.php b/phpBB/includes/captcha/captcha_non_gd.php index a019628e4b..e247823a5e 100644 --- a/phpBB/includes/captcha/captcha_non_gd.php +++ b/phpBB/includes/captcha/captcha_non_gd.php @@ -25,7 +25,7 @@ class captcha // If we can we will generate a single filtered png, we avoid nastiness via emulation of some Zlib stuff $this->define_filtered_pngs(); } - + /** * Create the image containing $code */ diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 8aa1f9117b..5bf505243b 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -143,7 +143,6 @@ define('BANLIST_TABLE', $table_prefix . 'banlist'); define('BBCODES_TABLE', $table_prefix . 'bbcodes'); define('BOOKMARKS_TABLE', $table_prefix . 'bookmarks'); define('BOTS_TABLE', $table_prefix . 'bots'); -define('CACHE_TABLE', $table_prefix . 'cache'); define('CONFIG_TABLE', $table_prefix . 'config'); define('CONFIRM_TABLE', $table_prefix . 'confirm'); define('PROFILE_FIELDS_TABLE', $table_prefix . 'profile_fields'); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 0ba6315b5b..7b36c36548 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2357,7 +2357,7 @@ function page_header($page_title = '', $display_online_list = true) // gzip_compression if ($config['gzip_compress']) { - if (extension_loaded('zlib') && !headers_sent()) + if (@extension_loaded('zlib') && !headers_sent()) { ob_start('ob_gzhandler'); } diff --git a/phpBB/includes/functions_compress.php b/phpBB/includes/functions_compress.php index 1dc95bc509..09ad1f4e8f 100644 --- a/phpBB/includes/functions_compress.php +++ b/phpBB/includes/functions_compress.php @@ -474,7 +474,7 @@ class compress_tar extends compress */ function extract($dst) { - $fzread = ($this->isbz && function_exists('bzread')) ? 'bzread' : (($this->isgz && extension_loaded('zlib')) ? 'gzread' : 'fread'); + $fzread = ($this->isbz && function_exists('bzread')) ? 'bzread' : (($this->isgz && @extension_loaded('zlib')) ? 'gzread' : 'fread'); // Run through the file and grab directory entries while ($buffer = $fzread($this->fp, 512)) @@ -536,11 +536,11 @@ class compress_tar extends compress */ function close() { - $fzclose = ($this->isbz && function_exists('bzclose')) ? 'bzclose' : (($this->isgz && extension_loaded('zlib')) ? 'gzclose' : 'fclose'); + $fzclose = ($this->isbz && function_exists('bzclose')) ? 'bzclose' : (($this->isgz && @extension_loaded('zlib')) ? 'gzclose' : 'fclose'); if ($this->wrote) { - $fzwrite = ($this->isbz && function_exists('bzwrite')) ? 'bzwrite' : (($this->isgz && extension_loaded('zlib')) ? 'gzwrite' : 'fwrite'); + $fzwrite = ($this->isbz && function_exists('bzwrite')) ? 'bzwrite' : (($this->isgz && @extension_loaded('zlib')) ? 'gzwrite' : 'fwrite'); // Symbolizes that there are no more files $fzwrite($this->fp, pack("a512", "")); @@ -555,7 +555,7 @@ class compress_tar extends compress function data($name, $data, $is_dir = false, $stat) { $this->wrote = true; - $fzwrite = ($this->isbz && function_exists('bzwrite')) ? 'bzwrite' : (($this->isgz && extension_loaded('zlib')) ? 'gzwrite' : 'fwrite'); + $fzwrite = ($this->isbz && function_exists('bzwrite')) ? 'bzwrite' : (($this->isgz && @extension_loaded('zlib')) ? 'gzwrite' : 'fwrite'); $typeflag = ($is_dir) ? '5' : ''; @@ -600,7 +600,7 @@ class compress_tar extends compress */ function open() { - $fzopen = ($this->isbz && function_exists('bzopen')) ? 'bzopen' : (($this->isgz && extension_loaded('zlib')) ? 'gzopen' : 'fopen'); + $fzopen = ($this->isbz && function_exists('bzopen')) ? 'bzopen' : (($this->isgz && @extension_loaded('zlib')) ? 'gzopen' : 'fopen'); $this->fp = @$fzopen($this->file, $this->mode . 'b' . (($fzopen == 'gzopen') ? '9' : '')); if (!$this->fp) diff --git a/phpBB/includes/functions_profile_fields.php b/phpBB/includes/functions_profile_fields.php index 2a9293a8e0..9910d58e5b 100644 --- a/phpBB/includes/functions_profile_fields.php +++ b/phpBB/includes/functions_profile_fields.php @@ -114,7 +114,7 @@ class custom_profile return 'FIELD_INVALID_DATE'; } - if (!checkdate($month, $day, $year) === false) + if (checkdate($month, $day, $year) === false) { return 'FIELD_INVALID_DATE'; } diff --git a/phpBB/includes/mcp/mcp_ban.php b/phpBB/includes/mcp/mcp_ban.php index 7435c3054e..7878e4912c 100644 --- a/phpBB/includes/mcp/mcp_ban.php +++ b/phpBB/includes/mcp/mcp_ban.php @@ -25,9 +25,9 @@ class mcp_ban // Include the admin banning interface... include($phpbb_root_path . 'includes/acp/acp_ban.' . $phpEx); - $bansubmit = (isset($_POST['bansubmit'])) ? true : false; - $unbansubmit= (isset($_POST['unbansubmit'])) ? true : false; - $current_time = time(); + $bansubmit = (isset($_POST['bansubmit'])) ? true : false; + $unbansubmit = (isset($_POST['unbansubmit'])) ? true : false; + $current_time = time(); $user->add_lang('acp/ban'); $this->tpl_name = 'mcp_ban'; diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index 659baffee0..ceb2dcbff7 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -24,11 +24,11 @@ function mcp_forum_view($id, $mode, $action, $forum_info) unset($_POST['sk'], $_POST['sd'], $_REQUEST['sk'], $_REQUEST['sd']); } - $forum_id = $forum_info['forum_id']; - $start = request_var('start', 0); - $topic_id_list = request_var('topic_id_list', array(0)); - $post_id_list = request_var('post_id_list', array(0)); - $topic_id = request_var('t', 0); + $forum_id = $forum_info['forum_id']; + $start = request_var('start', 0); + $topic_id_list = request_var('topic_id_list', array(0)); + $post_id_list = request_var('post_id_list', array(0)); + $topic_id = request_var('t', 0); // Resync Topics if ($action == 'resync') @@ -180,12 +180,12 @@ function mcp_forum_view($id, $mode, $action, $forum_info) 'TOPIC_ICON_IMG_HEIGHT' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['height'] : '', 'UNAPPROVED_IMG' => ($topic_unapproved || $posts_unapproved) ? $user->img('icon_unapproved', ($topic_unapproved) ? 'TOPIC_UNAPPROVED' : 'POSTS_UNAPPROVED') : '', - 'TOPIC_TYPE' => $topic_type, - 'TOPIC_TITLE' => $topic_title, - 'REPLIES' => ($auth->acl_get('m_approve', $row['forum_id'])) ? $row['topic_replies_real'] : $row['topic_replies'], - 'LAST_POST_TIME' => $user->format_date($row['topic_last_post_time']), - 'TOPIC_ID' => $row['topic_id'], - 'S_TOPIC_CHECKED' => ($topic_id_list && in_array($row['topic_id'], $topic_id_list)) ? 'checked="checked" ' : '', + 'TOPIC_TYPE' => $topic_type, + 'TOPIC_TITLE' => $topic_title, + 'REPLIES' => ($auth->acl_get('m_approve', $row['forum_id'])) ? $row['topic_replies_real'] : $row['topic_replies'], + 'LAST_POST_TIME' => $user->format_date($row['topic_last_post_time']), + 'TOPIC_ID' => $row['topic_id'], + 'S_TOPIC_CHECKED' => ($topic_id_list && in_array($row['topic_id'], $topic_id_list)) ? 'checked="checked" ' : '', 'S_TOPIC_REPORTED' => (!empty($row['topic_reported']) && $auth->acl_gets('m_report', $row['forum_id'])) ? true : false, 'S_TOPIC_UNAPPROVED' => $topic_unapproved, @@ -228,6 +228,7 @@ function mcp_resync_topics($topic_ids) { add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_TOPIC_RESYNC', $row['topic_title']); } + $db->sql_freeresult($result); $msg = (sizeof($topic_ids) == 1) ? $user->lang['TOPIC_RESYNC_SUCCESS'] : $user->lang['TOPICS_RESYNC_SUCCESS']; diff --git a/phpBB/includes/mcp/mcp_front.php b/phpBB/includes/mcp/mcp_front.php index db38df42ae..3fe9b60018 100644 --- a/phpBB/includes/mcp/mcp_front.php +++ b/phpBB/includes/mcp/mcp_front.php @@ -56,6 +56,7 @@ function mcp_front_view($id, $mode, $action) AND post_approved = 0 ORDER BY post_id DESC'; $result = $db->sql_query_limit($sql, 5); + while ($row = $db->sql_fetchrow($result)) { $post_list[] = $row['post_id']; @@ -79,12 +80,12 @@ function mcp_front_view($id, $mode, $action) } $template->assign_block_vars('unapproved', array( - 'U_POST_DETAILS'=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=post_details&f=' . $row['forum_id'] . '&p=' . $row['post_id']), - 'U_MCP_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=forum_view&f=' . $row['forum_id']) : '', - 'U_MCP_TOPIC' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=topic_view&f=' . $row['forum_id'] . '&t=' . $row['topic_id']), - 'U_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', - 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), - 'U_AUTHOR' => ($row['poster_id'] == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']), + 'U_POST_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=post_details&f=' . $row['forum_id'] . '&p=' . $row['post_id']), + 'U_MCP_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=forum_view&f=' . $row['forum_id']) : '', + 'U_MCP_TOPIC' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=main&mode=topic_view&f=' . $row['forum_id'] . '&t=' . $row['topic_id']), + 'U_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), + 'U_AUTHOR' => ($row['poster_id'] == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']), 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'TOPIC_TITLE' => $row['topic_title'], @@ -116,6 +117,7 @@ function mcp_front_view($id, $mode, $action) $forum_list = get_forum_list('m_'); $template->assign_var('S_SHOW_REPORTS', (!empty($forum_list)) ? true : false); + if (!empty($forum_list)) { $sql = 'SELECT COUNT(r.report_id) AS total @@ -124,8 +126,8 @@ function mcp_front_view($id, $mode, $action) AND r.report_closed = 0 AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')'; $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $total = $row['total']; + $total = (int) $db->sql_fetchfield('total'); + $db->sql_freeresult($result); if ($total) { @@ -140,7 +142,6 @@ function mcp_front_view($id, $mode, $action) TOPICS_TABLE => 't', USERS_TABLE => 'u', POSTS_TABLE => 'p' - ), 'LEFT_JOIN' => array( @@ -151,11 +152,11 @@ function mcp_front_view($id, $mode, $action) ), 'WHERE' => 'r.post_id = p.post_id - AND r.report_closed = 0 - AND r.reason_id = rr.reason_id - AND p.topic_id = t.topic_id - AND r.user_id = u.user_id - AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')', + AND r.report_closed = 0 + AND r.reason_id = rr.reason_id + AND p.topic_id = t.topic_id + AND r.user_id = u.user_id + AND p.forum_id IN (0, ' . implode(', ', $forum_list) . ')', 'ORDER_BY' => 'p.post_id DESC' )); @@ -170,12 +171,12 @@ function mcp_front_view($id, $mode, $action) } $template->assign_block_vars('report', array( - 'U_POST_DETAILS'=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id'] . "&i=reports&mode=report_details"), - 'U_MCP_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . "&i=$id&mode=forum_view") : '', - 'U_MCP_TOPIC' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id'] . "&i=$id&mode=topic_view"), - 'U_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', - 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), - 'U_REPORTER' => ($row['user_id'] == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']), + 'U_POST_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id'] . "&i=reports&mode=report_details"), + 'U_MCP_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . "&i=$id&mode=forum_view") : '', + 'U_MCP_TOPIC' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id'] . "&i=$id&mode=topic_view"), + 'U_FORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&t=' . $row['topic_id']), + 'U_REPORTER' => ($row['user_id'] == ANONYMOUS) ? '' : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['user_id']), 'FORUM_NAME' => (!$global_topic) ? $row['forum_name'] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'TOPIC_TITLE' => $row['topic_title'], @@ -221,8 +222,8 @@ function mcp_front_view($id, $mode, $action) 'IP' => $row['ip'], 'TIME' => $user->format_date($row['time']), 'ACTION' => $row['action'], - 'U_VIEWTOPIC' => isset($row['viewtopic']) ? $row['viewtopic'] : '', - 'U_VIEWLOGS' => isset($row['viewlogs']) ? $row['viewlogs'] : '') + 'U_VIEWTOPIC' => (!empty($row['viewtopic'])) ? $row['viewtopic'] : '', + 'U_VIEWLOGS' => (!empty($row['viewlogs'])) ? $row['viewlogs'] : '') ); } } diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php index 77837006c9..2850505e66 100755 --- a/phpBB/includes/mcp/mcp_logs.php +++ b/phpBB/includes/mcp/mcp_logs.php @@ -17,7 +17,7 @@ class mcp_logs { var $u_action; var $p_master; - + function mcp_main(&$p_master) { $this->p_master = &$p_master; @@ -121,12 +121,12 @@ class mcp_logs 'TOTAL' => ($log_count == 1) ? $user->lang['TOTAL_LOG'] : sprintf($user->lang['TOTAL_LOGS'], $log_count), 'PAGINATION' => generate_pagination($this->u_action . "&$u_sort_param", $log_count, $config['topics_per_page'], $start), - 'U_POST_ACTION' => $this->u_action, - 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, - 'S_SELECT_SORT_DIR' => $s_sort_dir, - 'S_SELECT_SORT_KEY' => $s_sort_key, - 'S_SELECT_SORT_DAYS'=> $s_limit_days, - 'S_LOGS' => ($log_count > 0), + 'U_POST_ACTION' => $this->u_action, + 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, + 'S_SELECT_SORT_DIR' => $s_sort_dir, + 'S_SELECT_SORT_KEY' => $s_sort_key, + 'S_SELECT_SORT_DAYS' => $s_limit_days, + 'S_LOGS' => ($log_count > 0), ) ); diff --git a/phpBB/includes/mcp/mcp_main.php b/phpBB/includes/mcp/mcp_main.php index eb77e68585..abae0d55d4 100644 --- a/phpBB/includes/mcp/mcp_main.php +++ b/phpBB/includes/mcp/mcp_main.php @@ -180,7 +180,7 @@ class mcp_main break; default: - trigger_error("Unknown mode: $mode"); + trigger_error("Unknown mode: $mode", E_USER_ERROR); } } } @@ -543,7 +543,9 @@ function mcp_delete_topic($topic_ids) $return = delete_topics('topic_id', $topic_ids, true); - // TODO: Adjust total post count... + /** + * @todo Adjust total post count (mcp_delete_topic) + */ } else { @@ -778,7 +780,7 @@ function mcp_fork_topic($topic_ids) $new_topic_id_list[$topic_id] = $new_topic_id; /** - * @todo enable + * @todo enable? (is this still needed?) * markread('topic', $to_forum_id, $new_topic_id); */ @@ -793,9 +795,14 @@ function mcp_fork_topic($topic_ids) while ($row = $db->sql_fetchrow($result)) { - $sql = 'INSERT INTO ' . POLL_OPTIONS_TABLE . ' (poll_option_id, topic_id, poll_option_text, poll_option_total) - VALUES (' . $row['poll_option_id'] . ', ' . $new_topic_id . ", '" . $db->sql_escape($row['poll_option_text']) . "', 0)"; - $db->sql_query($sql); + $sql_ary = array( + 'poll_option_id' => (int) $row['poll_option_id'], + 'topic_id' => (int) $new_topic_id, + 'poll_option_text' => (string) $row['poll_option_text'], + 'poll_option_total' => 0 + ); + + $db->sql_query('INSERT INTO ' . POLL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); } } @@ -810,7 +817,7 @@ function mcp_fork_topic($topic_ids) { $post_rows[] = $row; } - $db->sql_freeresult(); + $db->sql_freeresult($result); if (!sizeof($post_rows)) { diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php index da7b31f7d9..560431ce87 100644 --- a/phpBB/includes/mcp/mcp_queue.php +++ b/phpBB/includes/mcp/mcp_queue.php @@ -39,7 +39,7 @@ class mcp_queue { case 'approve': case 'disapprove': - include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx); + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $post_id_list = request_var('post_id_list', array(0)); @@ -111,7 +111,7 @@ class mcp_queue $message = $post_info['post_text']; if ($post_info['bbcode_bitfield']) { - include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx); + include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); $bbcode = new bbcode($post_info['bbcode_bitfield']); $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']); } @@ -179,7 +179,7 @@ class mcp_queue $forum_list[] = $row['forum_id']; } - if (!$forum_list = implode(', ', $forum_list)) + if (!($forum_list = implode(', ', $forum_list))) { trigger_error('NOT_MODERATOR'); } @@ -244,6 +244,7 @@ class mcp_queue $post_ids[] = $row['post_id']; $row_num[$row['post_id']] = $i++; } + $db->sql_freeresult($result); if (sizeof($post_ids)) { @@ -252,8 +253,8 @@ class mcp_queue WHERE p.post_id IN (" . implode(', ', $post_ids) . ") AND t.topic_id = p.topic_id AND u.user_id = p.poster_id"; - $result = $db->sql_query($sql); + $post_data = $rowset = array(); while ($row = $db->sql_fetchrow($result)) { @@ -311,6 +312,7 @@ class mcp_queue { $forum_names[$row['forum_id']] = $row['forum_name']; } + $db->sql_freeresult($result); } foreach ($rowset as $row) @@ -324,8 +326,6 @@ class mcp_queue $poster = $row['username']; } - $s_checkbox = '<input type="checkbox" class="radio" name="post_id_list[]" value="' . $row['post_id'] . '" />'; - $global_topic = ($row['forum_id']) ? false : true; if ($global_topic) { @@ -333,22 +333,21 @@ class mcp_queue } $template->assign_block_vars('postrow', array( - 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', + 'U_VIEWFORUM' => (!$global_topic) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : '', // Q: Why accessing the topic by a post_id instead of its topic_id? // A: To prevent the post from being hidden because of wrong encoding or different charset - 'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''), - 'U_VIEW_DETAILS'=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')), - 'U_VIEWPROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']) : '', + 'U_VIEWTOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . '&p=' . $row['post_id']) . (($mode == 'unapproved_posts') ? '#p' . $row['post_id'] : ''), + 'U_VIEW_DETAILS' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=queue&start=$start&mode=approve_details&f={$row['forum_id']}&p={$row['post_id']}" . (($mode == 'unapproved_topics') ? "&t={$row['topic_id']}" : '')), + 'U_VIEWPROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']) : '', + 'POST_ID' => $row['post_id'], 'FORUM_NAME' => (!$global_topic) ? $forum_names[$row['forum_id']] : $user->lang['GLOBAL_ANNOUNCEMENT'], 'TOPIC_TITLE' => $row['topic_title'], 'POSTER' => $poster, - 'POST_TIME' => $user->format_date($row['post_time']), - 'S_CHECKBOX' => $s_checkbox) + 'POST_TIME' => $user->format_date($row['post_time'])) ); } - unset($rowset); - unset($forum_names); + unset($rowset, $forum_names); // Now display the page $template->assign_vars(array( @@ -372,7 +371,9 @@ class mcp_queue } } -// Approve Post/Topic +/** +* Approve Post/Topic +*/ function approve_post($post_id_list, $mode) { global $db, $template, $user, $config; @@ -588,7 +589,9 @@ function approve_post($post_id_list, $mode) } } -// Disapprove Post/Topic +/** +* Disapprove Post/Topic +*/ function disapprove_post($post_id_list, $mode) { global $db, $template, $user, $config; @@ -627,7 +630,7 @@ function disapprove_post($post_id_list, $mode) if (!$row || (!$reason && $row['reason_title'] == 'other')) { - $additional_msg = 'Please give an appropiate reason for disapproval'; + $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; unset($_POST['confirm']); } else @@ -698,7 +701,7 @@ function disapprove_post($post_id_list, $mode) { if (!function_exists('delete_posts')) { - include_once($phpbb_root_path . 'includes/functions_admin.'.$phpEx); + include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); } // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 6900c74879..8614e0cdd2 100755 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -39,7 +39,7 @@ class mcp_reports { case 'close': case 'delete': - include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx); + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $post_id_list = request_var('post_id_list', array(0)); @@ -76,14 +76,14 @@ class mcp_reports AND rr.reason_id = r.reason_id AND r.user_id = u.user_id"; $result = $db->sql_query($sql); + $report = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (!($report = $db->sql_fetchrow($result))) + if (!$report) { trigger_error('NO_POST_REPORT'); } - $db->sql_freeresult($result); - $reason = array('title' => $report['reason_title'], 'description' => $report['reason_description']); if (isset($user->lang['report_reasons']['TITLE'][strtoupper($reason['title'])]) && isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($reason['title'])])) { @@ -111,7 +111,8 @@ class mcp_reports $message = $post_info['post_text']; if ($post_info['bbcode_bitfield']) { - include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx); + include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); + $bbcode = new bbcode($post_info['bbcode_bitfield']); $bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']); } @@ -126,27 +127,26 @@ class mcp_reports 'S_POST_LOCKED' => $post_info['post_edit_locked'], 'S_USER_NOTES' => true, - 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', - 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), - 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), - 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $report['user_id']), - 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), - 'U_MCP_WARN_REPORTER' => ($auth->acl_getf_global('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $report['user_id']) : '', - 'U_MCP_WARN_USER' => ($auth->acl_getf_global('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', - 'U_VIEW_PROFILE' => ($post_info['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $post_info['user_id']) : '', + 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', + 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), + 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), + 'U_MCP_REPORTER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $report['user_id']), + 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), + 'U_MCP_WARN_REPORTER' => ($auth->acl_getf_global('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $report['user_id']) : '', + 'U_MCP_WARN_USER' => ($auth->acl_getf_global('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $post_info['user_id']) : '', + 'U_VIEW_PROFILE' => ($post_info['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $post_info['user_id']) : '', 'U_VIEW_REPORTER_PROFILE' => ($report['user_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $report['user_id']) : '', 'EDIT_IMG' => $user->img('btn_edit', $user->lang['EDIT_POST']), + 'UNAPPROVED_IMG' => $user->img('icon_unapproved', $user->lang['POST_UNAPPROVED']), - 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports' . (($post_info['post_reported']) ? '&mode=reports' : '&mode=reports_closed') . '&start=' . $start) . '">', '</a>'), - 'REPORTED_IMG' => $user->img('icon_reported', $user->lang['POST_REPORTED']), - 'REPORT_REASON_TITLE' => $reason['title'], + 'RETURN_REPORTS' => sprintf($user->lang['RETURN_REPORTS'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports' . (($post_info['post_reported']) ? '&mode=reports' : '&mode=reports_closed') . '&start=' . $start) . '">', '</a>'), + 'REPORTED_IMG' => $user->img('icon_reported', $user->lang['POST_REPORTED']), + 'REPORT_REASON_TITLE' => $reason['title'], 'REPORT_REASON_DESCRIPTION' => $reason['description'], - 'REPORTER_NAME' => ($report['user_id'] == ANONYMOUS) ? $user->lang['GUEST'] : $report['username'], - 'REPORT_DATE' => $user->format_date($report['report_time']), - 'REPORT_TEXT' => $report['report_text'], - - 'UNAPPROVED_IMG' => $user->img('icon_unapproved', $user->lang['POST_UNAPPROVED']), + 'REPORTER_NAME' => ($report['user_id'] == ANONYMOUS) ? $user->lang['GUEST'] : $report['username'], + 'REPORT_DATE' => $user->format_date($report['report_time']), + 'REPORT_TEXT' => $report['report_text'], 'POSTER_NAME' => $poster, 'POST_PREVIEW' => $message, @@ -189,7 +189,7 @@ class mcp_reports $forum_list[] = $row['forum_id']; } - if (!$forum_list = implode(', ', $forum_list)) + if (!($forum_list = implode(', ', $forum_list))) { trigger_error('NOT_MODERATOR'); } @@ -200,7 +200,6 @@ class mcp_reports $result = $db->sql_query($sql); $forum_info['forum_topics'] = (int) $db->sql_fetchfield('sum_forum_topics'); $db->sql_freeresult($result); - } else { @@ -263,6 +262,7 @@ class mcp_reports $post_ids[] = $row['post_id']; $row_num[$row['post_id']] = $i++; } + $db->sql_freeresult($result); if (sizeof($post_ids)) { @@ -273,8 +273,8 @@ class mcp_reports AND r.post_id = p.post_id AND u.user_id = p.poster_id AND ru.user_id = r.user_id"; - $result = $db->sql_query($sql); + $post_data = $rowset = array(); while ($row = $db->sql_fetchrow($result)) { @@ -295,8 +295,6 @@ class mcp_reports $poster = $row['username']; } - $s_checkbox = '<input type="checkbox" class="radio" name="post_id_list[]" value="' . $row['post_id'] . '" />'; - $template->assign_block_vars('postrow', array( 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']), // Q: Why accessing the topic by a post_id instead of its topic_id? @@ -306,10 +304,9 @@ class mcp_reports 'U_VIEW_POSTER_PROFILE' => ($row['poster_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['poster_id']) : '', 'U_VIEW_REPORTER_PROFILE' => ($row['reporter_id'] != ANONYMOUS) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $row['reporter_id']) : '', - 'S_CHECKBOX' => $s_checkbox, - 'FORUM_NAME' => ($row['forum_id']) ? $forum_data[$row['forum_id']]['forum_name'] : $user->lang['ALL_FORUMS'], 'POSTER' => $poster, + 'POST_ID' => $row['post_id'], 'POST_SUBJECT' => $row['post_subject'], 'POST_TIME' => $user->format_date($row['post_time']), 'REPORTER' => ($row['reporter_id'] == ANONYMOUS) ? $user->lang['GUEST'] : $row['reporter_name'], @@ -383,12 +380,9 @@ function close_report($post_id_list, $mode, $action) { $reports[$report['post_id']] = $report; } - $db->sql_freeresult($result); - $close_report_posts = array(); - $close_report_topics = array(); - $notify_reporters = array(); + $close_report_posts = $close_report_topics = $notify_reporters = array(); foreach ($post_info as $post_id => $post_data) { if (isset($reports[$post_id])) @@ -420,6 +414,7 @@ function close_report($post_id_list, $mode, $action) { $keep_report_topics[] = $row['topic_id']; } + $db->sql_freeresult($result); $close_report_topics = array_diff($close_report_topics, $keep_report_topics); unset($keep_report_topics); diff --git a/phpBB/includes/mcp/mcp_topic.php b/phpBB/includes/mcp/mcp_topic.php index 1c0c1d9a68..92125cd14d 100644 --- a/phpBB/includes/mcp/mcp_topic.php +++ b/phpBB/includes/mcp/mcp_topic.php @@ -31,12 +31,12 @@ function mcp_topic_view($id, $mode, $action) $topic_info = $topic_info[$topic_id]; // Set up some vars - $icon_id = request_var('icon', 0); - $subject = request_var('subject', '', true); - $start = request_var('start', 0); - $to_topic_id = request_var('to_topic_id', 0); - $to_forum_id = request_var('to_forum_id', 0); - $post_id_list = request_var('post_id_list', array(0)); + $icon_id = request_var('icon', 0); + $subject = request_var('subject', '', true); + $start = request_var('start', 0); + $to_topic_id = request_var('to_topic_id', 0); + $to_forum_id = request_var('to_forum_id', 0); + $post_id_list = request_var('post_id_list', array(0)); // Split Topic? if ($action == 'split_all' || $action == 'split_beyond') @@ -60,8 +60,7 @@ function mcp_topic_view($id, $mode, $action) // Jumpbox, sort selects and that kind of things make_jumpbox($url . "&i=$id&mode=forum_view", $topic_info['forum_id'], false, 'm_'); $where_sql = ($action == 'reports') ? 'WHERE post_reported = 1 AND ' : 'WHERE'; - - + $sort_days = $total = 0; $sort_key = $sort_dir = ''; $sort_by_sql = $sort_order_sql = array(); @@ -73,6 +72,7 @@ function mcp_topic_view($id, $mode, $action) { $total = $topic_info['topic_replies'] + 1; } + $posts_per_page = max(0, request_var('posts_per_page', intval($config['posts_per_page']))); if ($posts_per_page == 0) { @@ -94,6 +94,7 @@ function mcp_topic_view($id, $mode, $action) $rowset[] = $row; $bbcode_bitfield |= $row['bbcode_bitfield']; } + $db->sql_freeresult($result); if ($bbcode_bitfield) { @@ -118,9 +119,6 @@ function mcp_topic_view($id, $mode, $action) $message = smiley_text($message); $message = str_replace("\n", '<br />', $message); - $checked = ($post_id_list && in_array(intval($row['post_id']), $post_id_list)) ? 'checked="checked" ' : ''; - $s_checkbox = '<input type="checkbox" class="radio" name="post_id_list[]" value="' . $row['post_id'] . '" ' . $checked . '/>'; - if (!$row['post_approved']) { $has_unapproved_posts = true; @@ -136,9 +134,9 @@ function mcp_topic_view($id, $mode, $action) 'MINI_POST_IMG' => ($row['post_time'] > $user->data['user_lastvisit'] && $user->data['is_registered']) ? $user->img('icon_post_new', $user->lang['NEW_POST']) : $user->img('icon_post', $user->lang['POST']), - 'S_CHECKBOX' => $s_checkbox, 'S_POST_REPORTED' => ($row['post_reported']) ? true : false, 'S_POST_UNAPPROVED' => ($row['post_approved']) ? false : true, + 'S_CHECKED' => ($post_id_list && in_array(intval($row['post_id']), $post_id_list)) ? true : false, 'U_POST_DETAILS' => "$url&i=$id&p={$row['post_id']}&mode=post_details", 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $topic_info['forum_id'] . '&p=' . $row['post_id']), @@ -200,8 +198,8 @@ function mcp_topic_view($id, $mode, $action) 'S_CAN_LOCK' => ($auth->acl_get('m_lock', $topic_info['forum_id'])) ? true : false, 'S_REPORT_VIEW' => ($action == 'reports') ? true : false, - 'S_SHOW_TOPIC_ICONS'=> $s_topic_icons, - 'S_TOPIC_ICON' => $icon_id, + 'S_SHOW_TOPIC_ICONS' => $s_topic_icons, + 'S_TOPIC_ICON' => $icon_id, 'U_SELECT_TOPIC' => "$url&i=$id&mode=forum_view&action=merge_select", @@ -344,6 +342,7 @@ function split_topic($action, $topic_id, $to_forum_id, $subject) $post_id_list[] = $row['post_id']; } } + $db->sql_freeresult($result); } if (!sizeof($post_id_list)) diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php index a40e53649a..13de52c457 100755 --- a/phpBB/includes/mcp/mcp_warn.php +++ b/phpBB/includes/mcp/mcp_warn.php @@ -42,19 +42,22 @@ class mcp_warn case 'front': mcp_warn_front_view($id, $mode); $this->tpl_name = 'mcp_warn_front'; - break; + break; + case 'list': mcp_warn_list_view($id, $mode, $action); $this->tpl_name = 'mcp_warn_list'; - break; + break; + case 'warn_post': mcp_warn_post_view($id, $mode, $action); $this->tpl_name = 'mcp_warn_post'; - break; + break; + case 'warn_user': mcp_warn_user_view($id, $mode, $action); $this->tpl_name = 'mcp_warn_user'; - break; + break; } } } @@ -127,10 +130,10 @@ function mcp_warn_list_view($id, $mode, $action) $user->add_lang('memberlist'); - $start = request_var('start', 0); - $st = request_var('st', 0); - $sk = request_var('sk', 'b'); - $sd = request_var('sd', 'd'); + $start = request_var('start', 0); + $st = request_var('st', 0); + $sk = request_var('sk', 'b'); + $sd = request_var('sd', 'd'); $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_DATE'], 'c' => $user->lang['SORT_WARNINGS']); @@ -162,11 +165,11 @@ function mcp_warn_list_view($id, $mode, $action) } $template->assign_vars(array( - 'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode"), - 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, - 'S_SELECT_SORT_DIR' => $s_sort_dir, - 'S_SELECT_SORT_KEY' => $s_sort_key, - 'S_SELECT_SORT_DAYS' => $s_limit_days, + 'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode"), + 'S_CLEAR_ALLOWED' => ($auth->acl_get('a_clearlogs')) ? true : false, + 'S_SELECT_SORT_DIR' => $s_sort_dir, + 'S_SELECT_SORT_KEY' => $s_sort_key, + 'S_SELECT_SORT_DAYS' => $s_limit_days, 'PAGE_NUMBER' => on_page($user_count, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination(append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&mode=$mode&st=$st&sk=$sk&sd=$sd"), $user_count, $config['topics_per_page'], $start), @@ -188,16 +191,18 @@ function mcp_warn_post_view($id, $mode, $action) $notify = (isset($_REQUEST['notify_user'])) ? true : false; $warning = request_var('warning', '', true); - $sql = 'SELECT u.*, p.* FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u + $sql = 'SELECT u.*, p.* + FROM ' . POSTS_TABLE . ' p, ' . USERS_TABLE . " u WHERE post_id = $post_id - AND u.user_id = p.poster_id"; + AND u.user_id = p.poster_id"; $result = $db->sql_query($sql); + $userrow = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if (!$userrow = $db->sql_fetchrow($result)) + if (!$userrow) { trigger_error($user->lang['NO_POST']); } - $db->sql_freeresult($result); // There is no point issuing a warning to ignored users (ie anonymous and bots) if ($userrow['user_type'] == USER_IGNORE) @@ -207,16 +212,18 @@ function mcp_warn_post_view($id, $mode, $action) // Check if there is already a warning for this post to prevent multiple // warnings for the same offence - $sql = 'SELECT * FROM ' . WARNINGS_TABLE . " + $sql = 'SELECT post_id + FROM ' . WARNINGS_TABLE . " WHERE post_id = $post_id"; $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if ($row = $db->sql_fetchrow($result)) + if ($row) { trigger_error($user->lang['ALREADY_WARNED']); } - $db->sql_freeresult($result); - + $user_id = $userrow['user_id']; if ($warning && $action == 'add_warning') @@ -237,7 +244,8 @@ function mcp_warn_post_view($id, $mode, $action) // Second parse bbcode here if ($userrow['bbcode_bitfield']) { - include_once($phpbb_root_path . 'includes/bbcode.'.$phpEx); + include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx); + $bbcode = new bbcode($userrow['bbcode_bitfield']); $bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']); } @@ -259,14 +267,15 @@ function mcp_warn_post_view($id, $mode, $action) { case AVATAR_UPLOAD: $avatar_img = $config['avatar_path'] . '/'; - break; + break; + case AVATAR_GALLERY: $avatar_img = $config['avatar_gallery_path'] . '/'; - break; + break; } $avatar_img .= $userrow['user_avatar']; - $avatar_img = '<img src="' . $avatar_img . '" width="' . $userrow['user_avatar_width'] . '" height="' . $userrow['user_avatar_height'] . '" border="0" alt="" />'; + $avatar_img = '<img src="' . $avatar_img . '" width="' . $userrow['user_avatar_width'] . '" height="' . $userrow['user_avatar_height'] . '" alt="" />'; } $template->assign_vars(array( @@ -307,6 +316,11 @@ function mcp_warn_user_view($id, $mode, $action) $userrow = $db->sql_fetchrow($result); $db->sql_freeresult($result); + if (!$userrow) + { + trigger_error('NO_USER'); + } + $user_id = $userrow['user_id']; if ($warning && $action == 'add_warning') @@ -329,14 +343,15 @@ function mcp_warn_user_view($id, $mode, $action) { case AVATAR_UPLOAD: $avatar_img = $config['avatar_path'] . '/'; - break; + break; + case AVATAR_GALLERY: $avatar_img = $config['avatar_gallery_path'] . '/'; - break; + break; } $avatar_img .= $userrow['user_avatar']; - $avatar_img = '<img src="' . $avatar_img . '" width="' . $userrow['user_avatar_width'] . '" height="' . $userrow['user_avatar_height'] . '" border="0" alt="" />'; + $avatar_img = '<img src="' . $avatar_img . '" width="' . $userrow['user_avatar_width'] . '" height="' . $userrow['user_avatar_height'] . '" alt="" />'; } // OK, they didn't submit a warning so lets build the page for them to do so @@ -366,13 +381,14 @@ function add_warning($userrow, $warning, $send_pm = true, $post_id = 0) if ($send_pm) { - include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); - include($phpbb_root_path . 'includes/message_parser.'.$phpEx); + include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); + include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx); $userrow['user_lang'] = (file_exists($phpbb_root_path . 'language/' . $userrow['user_lang'] . "/mcp.$phpEx")) ? $userrow['user_lang'] : $config['default_lang']; - include($phpbb_root_path . 'language/' . $userrow['user_lang'] . "/mcp.$phpEx"); + include($phpbb_root_path . 'language/' . basename($userrow['user_lang']) . "/mcp.$phpEx"); $message_parser = new parse_message(); + $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning); $message_parser->parse(true, true, true, false, false, true); @@ -412,4 +428,5 @@ function add_warning($userrow, $warning, $send_pm = true, $post_id = 0) WHERE user_id = ' . $userrow['user_id']; $db->sql_query($sql); } + ?>
\ No newline at end of file diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 8c9ecf6754..a0dcd821fd 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -258,14 +258,21 @@ class bbcode_firstpass extends bbcode { $stats = @getimagesize($in); - if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1]) + if ($stats === false) { - $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + $this->warn_msg[] = $user->lang['UNABLE_GET_IMAGE_SIZE']; } - - if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0]) + else { - $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1]) + { + $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']); + } + + if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0]) + { + $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']); + } } } @@ -282,7 +289,7 @@ class bbcode_firstpass extends bbcode */ function bbcode_flash($width, $height, $in) { - global $config; + global $user, $config, $phpEx; if (!$this->check_bbcode('flash', $in)) { diff --git a/phpBB/includes/search/fulltext_mysql.php b/phpBB/includes/search/fulltext_mysql.php index 781bafd41d..b65818dad7 100644 --- a/phpBB/includes/search/fulltext_mysql.php +++ b/phpBB/includes/search/fulltext_mysql.php @@ -52,7 +52,7 @@ class fulltext_mysql extends search_backend } $result = $db->sql_query('SELECT VERSION() AS mysql_version'); - $version = $db->sql_fetchfield('mysql_version', 0, $result); + $version = $db->sql_fetchfield('mysql_version'); $db->sql_freeresult($result); if (!preg_match('#^4|5|6#s', $version)) @@ -248,9 +248,11 @@ class fulltext_mysql extends search_backend $id_ary = array(); $join_topic = ($type == 'posts') ? false : true; + // Build sql strings for sorting $sql_sort = $sort_by_sql[$sort_key] . (($sort_dir == 'a') ? ' ASC' : ' DESC'); $sql_sort_table = $sql_sort_join = ''; + switch ($sql_sort[0]) { case 'u': @@ -291,6 +293,7 @@ class fulltext_mysql extends search_backend default: $sql_match = 'p.post_subject, p.post_text'; $sql_match_where = ''; + break; } if (!sizeof($m_approve_fid_ary)) @@ -358,6 +361,7 @@ class fulltext_mysql extends search_backend // Get the ids for the current result block $any_words = (sizeof($any_words)) ? ' +(' . implode(' ', $any_words) . ')' : ''; + $sql = "SELECT $sql_select FROM $sql_from$sql_sort_table" . POSTS_TABLE . " p WHERE MATCH ($sql_match) AGAINST ('" . $db->sql_escape(implode(' ', $words)) . $any_words . "' IN BOOLEAN MODE) @@ -714,7 +718,8 @@ class fulltext_mysql extends search_backend return array( $user->lang['FULLTEXT_MYSQL_TOTAL_POSTS'] => ($this->index_created()) ? $this->stats['total_posts'] : 0, $user->lang['FULLTEXT_MYSQL_TEXT_CARDINALITY'] => isset($this->stats['post_text']['Cardinality']) ? $this->stats['post_text']['Cardinality'] : 0, - $user->lang['FULLTEXT_MYSQL_SUBJECT_CARDINALITY'] => isset($this->stats['post_subject']['Cardinality']) ? $this->stats['post_subject']['Cardinality'] : 0); + $user->lang['FULLTEXT_MYSQL_SUBJECT_CARDINALITY'] => isset($this->stats['post_subject']['Cardinality']) ? $this->stats['post_subject']['Cardinality'] : 0, + ); } function get_stats() diff --git a/phpBB/includes/search/fulltext_native.php b/phpBB/includes/search/fulltext_native.php index 6bdaaec176..71941f8bfc 100755 --- a/phpBB/includes/search/fulltext_native.php +++ b/phpBB/includes/search/fulltext_native.php @@ -284,9 +284,11 @@ class fulltext_native extends search_backend $id_ary = array(); $join_topic = ($type == 'posts') ? false : true; + // Build sql strings for sorting $sql_sort = $sort_by_sql[$sort_key] . (($sort_dir == 'a') ? ' ASC' : ' DESC'); $sql_sort_table = $sql_sort_join = ''; + switch ($sql_sort[0]) { case 'u': @@ -363,17 +365,21 @@ class fulltext_native extends search_backend { case '-': $bool = 'NOT'; - continue; + continue; + case '+': $bool = 'AND'; - continue; + continue; + case '|': $bool = 'OR'; - continue; + continue; + default: $bool = ($terms != 'all') ? 'OR' : $bool; $sql_words[$bool][] = "'" . $db->sql_escape(preg_replace('#\*+#', '%', trim($word))) . "'"; $bool = ($terms == 'all') ? 'AND' : 'OR'; + break; } } @@ -400,6 +406,7 @@ class fulltext_native extends search_backend if (!($row = $db->sql_fetchrow($result))) { + $db->sql_freeresult($result); $id_ary = array(); return false; } @@ -444,6 +451,7 @@ class fulltext_native extends search_backend if (!($row = $db->sql_fetchrow($result))) { + $db->sql_freeresult($result); $id_ary = array(); return false; } diff --git a/phpBB/includes/ucp/ucp_confirm.php b/phpBB/includes/ucp/ucp_confirm.php index dd33418054..37f9d485f9 100644 --- a/phpBB/includes/ucp/ucp_confirm.php +++ b/phpBB/includes/ucp/ucp_confirm.php @@ -71,7 +71,7 @@ class ucp_confirm } $policy = ''; - if (extension_loaded('gd') && sizeof($policy_modules)) + if (@extension_loaded('gd') && sizeof($policy_modules)) { include($phpbb_root_path . 'includes/captcha/captcha_gd.' . $phpEx); $policy = $policy_modules[array_rand($policy_modules)]; diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index 952f969bd6..bc7f22427b 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -17,8 +17,8 @@ function compose_pm($id, $mode, $action) global $template, $db, $auth, $user; global $phpbb_root_path, $phpEx, $config; - include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); - include($phpbb_root_path . 'includes/message_parser.'.$phpEx); + include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); + include($phpbb_root_path . 'includes/message_parser.' . $phpEx); if (!$action) { @@ -35,17 +35,17 @@ function compose_pm($id, $mode, $action) // Do NOT use request_var or specialchars here $address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array(); - $submit = (isset($_POST['post'])); - $preview = (isset($_POST['preview'])); - $save = (isset($_POST['save'])); - $load = (isset($_POST['load'])); - $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])); - $delete = (isset($_POST['delete'])); + $submit = (isset($_POST['post'])) ? true : false; + $preview = (isset($_POST['preview'])) ? true : false; + $save = (isset($_POST['save'])) ? true : false; + $load = (isset($_POST['load'])) ? true : false; + $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; + $delete = (isset($_POST['delete'])) ? true : false; - $remove_u = (isset($_REQUEST['remove_u'])); - $remove_g = (isset($_REQUEST['remove_g'])); - $add_to = (isset($_REQUEST['add_to'])); - $add_bcc = (isset($_REQUEST['add_bcc'])); + $remove_u = (isset($_REQUEST['remove_u'])) ? true : false; + $remove_g = (isset($_REQUEST['remove_g'])) ? true : false; + $add_to = (isset($_REQUEST['add_to'])) ? true : false; + $add_bcc = (isset($_REQUEST['add_bcc'])) ? true : false; $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; @@ -273,7 +273,9 @@ function compose_pm($id, $mode, $action) { delete_pm($user->data['user_id'], $msg_id, $folder_id); - // TODO - jump to next message in "history"? + /** + * @todo jump to next message in "history"? + */ $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id"); $message = $user->lang['MESSAGE_DELETED']; @@ -284,9 +286,9 @@ function compose_pm($id, $mode, $action) else { $s_hidden_fields = array( - 'p' => $msg_id, - 'f' => $folder_id, - 'action'=> 'delete' + 'p' => $msg_id, + 'f' => $folder_id, + 'action' => 'delete' ); // "{$phpbb_root_path}ucp.$phpEx?i=pm&mode=compose" @@ -340,12 +342,13 @@ function compose_pm($id, $mode, $action) AND user_id = ' . $user->data['user_id'] . (($draft_id) ? " AND draft_id <> $draft_id" : ''); $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); - if ($db->sql_fetchrow($result)) + if ($row) { $drafts = true; } - $db->sql_freeresult($result); } if ($action == 'edit') @@ -353,10 +356,10 @@ function compose_pm($id, $mode, $action) $message_parser->bbcode_uid = $bbcode_uid; } - $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')); - $smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')); - $img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')); - $flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')); + $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; + $smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')) ? true : false; + $img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')) ? true : false; + $flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')) ? true : false; // Save Draft if ($save && $auth->acl_get('u_savedrafts')) @@ -370,12 +373,13 @@ function compose_pm($id, $mode, $action) if (confirm_box(true)) { $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( - 'user_id' => $user->data['user_id'], - 'topic_id' => 0, - 'forum_id' => 0, - 'save_time' => $current_time, - 'draft_subject' => $subject, - 'draft_message' => $message)); + 'user_id' => $user->data['user_id'], + 'topic_id' => 0, + 'forum_id' => 0, + 'save_time' => $current_time, + 'draft_subject' => $subject, + 'draft_message' => $message) + ); $db->sql_query($sql); $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=$mode"); @@ -427,6 +431,7 @@ function compose_pm($id, $mode, $action) { $draft_id = 0; } + $db->sql_freeresult($result); } // Load Drafts @@ -761,7 +766,7 @@ function compose_pm($id, $mode, $action) break; default: - trigger_error('NO_ACTION_MODE'); + trigger_error('NO_ACTION_MODE', E_USER_ERROR); } $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; @@ -772,9 +777,9 @@ function compose_pm($id, $mode, $action) // Start assigning vars for main posting page ... $template->assign_vars(array( - 'L_POST_A' => $page_title, - 'L_ICON' => $user->lang['PM_ICON'], - 'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', + 'L_POST_A' => $page_title, + 'L_ICON' => $user->lang['PM_ICON'], + 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'SUBJECT' => (isset($message_subject)) ? $message_subject : '', 'MESSAGE' => $message_text, @@ -788,12 +793,12 @@ function compose_pm($id, $mode, $action) 'S_EDIT_POST' => ($action == 'edit'), 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_BBCODE_ALLOWED' => $bbcode_status, - 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', + 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, - 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '', + 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => ($config['allow_sig'] && $auth->acl_get('u_sig')), - 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', - 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '', + 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', + 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => $auth->acl_get('u_savedrafts'), 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $drafts), 'S_FORM_ENCTYPE' => $form_enctype, @@ -802,9 +807,9 @@ function compose_pm($id, $mode, $action) 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => true, - 'S_POST_ACTION' => $s_action, - 'S_HIDDEN_ADDRESS_FIELD'=> $s_hidden_address_field, - 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_POST_ACTION' => $s_action, + 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, + 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']), 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup'), @@ -901,7 +906,7 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_ { // We need to check their PM status (do they want to receive PM's?) // Only check if not a moderator or admin, since they are allowed to override this user setting - if (!$auth->acl_gets('a_', 'm_')) + if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) { $sql = 'SELECT user_id FROM ' . USERS_TABLE . ' diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 82234084da..9326e41427 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -340,11 +340,16 @@ class ucp_profile $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } - $bday_day = $bday_month = $bday_year = 0; - - if ($user->data['user_birthday']) + if (!isset($bday_day)) { - list($bday_day, $bday_month, $bday_year) = explode('-', $user->data['user_birthday']); + if ($user->data['user_birthday']) + { + list($bday_day, $bday_month, $bday_year) = explode('-', $user->data['user_birthday']); + } + else + { + $bday_day = $bday_month = $bday_year = 0; + } } $s_birthday_day_options = '<option value="0"' . ((!$bday_day) ? ' selected="selected"' : '') . '>--</option>'; |