diff options
Diffstat (limited to 'phpBB/includes')
23 files changed, 42 insertions, 58 deletions
diff --git a/phpBB/includes/acp/acp_ban.php b/phpBB/includes/acp/acp_ban.php index 206f332c36..f5669b2c04 100644 --- a/phpBB/includes/acp/acp_ban.php +++ b/phpBB/includes/acp/acp_ban.php @@ -97,9 +97,8 @@ class acp_ban 'S_USERNAME_BAN' => ($mode == 'user') ? true : false, 'U_ACTION' => $this->u_action, - 'U_FIND_USER' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_ban&field=ban'), - ) - ); + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_ban&field=ban'), + )); } /** @@ -179,10 +178,10 @@ class acp_ban foreach ($ban_length as $ban_id => $length) { $template->assign_block_vars('ban_length', array( - 'BAN_ID' => $ban_id, + 'BAN_ID' => (int) $ban_id, 'LENGTH' => $length, - 'A_LENGTH' => addslashes($length)) - ); + 'A_LENGTH' => addslashes($length), + )); } } @@ -193,8 +192,8 @@ class acp_ban $template->assign_block_vars('ban_reason', array( 'BAN_ID' => $ban_id, 'REASON' => $reason, - 'A_REASON' => addslashes(htmlspecialchars_decode($reason))) - ); + 'A_REASON' => addslashes(htmlspecialchars_decode($reason)), + )); } } @@ -205,8 +204,8 @@ class acp_ban $template->assign_block_vars('ban_give_reason', array( 'BAN_ID' => $ban_id, 'REASON' => $reason, - 'A_REASON' => addslashes(htmlspecialchars_decode($reason))) - ); + 'A_REASON' => addslashes(htmlspecialchars_decode($reason)), + )); } } diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 5bcbae82ba..7cee81ffe2 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -784,7 +784,7 @@ class acp_board $user->timezone = $old_tz; $user->dst = $old_dst; - return "<select name=\"dateoptions\" id=\"dateoptions\" onchange=\"if (this.value == 'custom') { document.getElementById('$key').value = '$value'; } else { document.getElementById('$key').value = this.value; }\">$dateformat_options</select> + return "<select name=\"dateoptions\" id=\"dateoptions\" onchange=\"if (this.value == 'custom') { document.getElementById('" . addslashes($key) . "').value = '" . addslashes($value) . "'; } else { document.getElementById('" . addslashes($key) . "').value = this.value; }\">$dateformat_options</select> <input type=\"text\" name=\"config[$key]\" id=\"$key\" value=\"$value\" maxlength=\"30\" />"; } } diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index 50f3d2a4c8..cc7c99c90b 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -235,7 +235,6 @@ class acp_email 'S_GROUP_OPTIONS' => $select_list, 'USERNAMES' => $usernames, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_email&field=usernames'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_email&field=usernames', false), 'SUBJECT' => $subject, 'MESSAGE' => $message, 'S_PRIORITY_OPTIONS' => $s_priority_options) diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 8ac3f2cec7..446c67011d 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -344,7 +344,7 @@ class acp_forums $template->assign_vars(array( 'U_PROGRESS_BAR' => $this->u_action . "&action=progress_bar&start=$topics_done&total={$row['forum_topics_real']}", - 'UA_PROGRESS_BAR' => str_replace('&', '&', $this->u_action) . "&action=progress_bar&start=$topics_done&total={$row['forum_topics_real']}", + 'UA_PROGRESS_BAR' => addslashes($this->u_action . "&action=progress_bar&start=$topics_done&total={$row['forum_topics_real']}"), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], $topics_done, $row['forum_topics_real'])) ); @@ -358,7 +358,7 @@ class acp_forums $template->assign_vars(array( 'U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', - 'UA_PROGRESS_BAR' => str_replace('&', '&', $this->u_action) . '&action=progress_bar', + 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'), 'S_CONTINUE_SYNC' => true, 'L_PROGRESS_EXPLAIN' => sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], 0, $row['forum_topics_real'])) ); @@ -831,8 +831,8 @@ class acp_forums 'U_ACTION' => $this->u_action . '&parent_id=' . $this->parent_id, 'U_PROGRESS_BAR' => $this->u_action . '&action=progress_bar', - 'UA_PROGRESS_BAR' => str_replace('&', '&', $this->u_action) . '&action=progress_bar') - ); + 'UA_PROGRESS_BAR' => addslashes($this->u_action . '&action=progress_bar'), + )); } /** diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index 35499b132f..6c8591818c 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -558,7 +558,6 @@ class acp_groups 'U_BACK' => $u_back, 'U_SWATCH' => append_sid("{$phpbb_admin_path}swatch.$phpEx", 'form=settings&name=group_colour'), - 'UA_SWATCH' => append_sid("{$phpbb_admin_path}swatch.$phpEx", 'form=settings&name=group_colour', false), 'U_ACTION' => "{$this->u_action}&action=$action&g=$group_id", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)), ) @@ -628,9 +627,8 @@ class acp_groups 'U_ACTION' => $this->u_action . "&g=$group_id", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=list&field=usernames'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=list&field=usernames', false), - 'U_DEFAULT_ALL' => "{$this->u_action}&action=default&g=$group_id") - ); + 'U_DEFAULT_ALL' => "{$this->u_action}&action=default&g=$group_id", + )); // Grab the members $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php index 56a660ced2..24d65bf02c 100644 --- a/phpBB/includes/acp/acp_icons.php +++ b/phpBB/includes/acp/acp_icons.php @@ -241,6 +241,7 @@ class acp_icons { $template->assign_block_vars('items', array( 'IMG' => $img, + 'A_IMG' => addslashes($img), 'IMG_SRC' => $phpbb_root_path . $img_path . '/' . $img, 'CODE' => ($mode == 'smilies' && isset($img_row['code'])) ? $img_row['code'] : '', diff --git a/phpBB/includes/acp/acp_modules.php b/phpBB/includes/acp/acp_modules.php index 8077bfa2b4..44fe4ed462 100644 --- a/phpBB/includes/acp/acp_modules.php +++ b/phpBB/includes/acp/acp_modules.php @@ -310,7 +310,7 @@ class acp_modules // Name options $s_name_options .= '<option value="' . $option . '"' . (($option == $module_data['module_basename']) ? ' selected="selected"' : '') . '>' . $this->lang_name($values['title']) . ' [' . $this->module_class . '_' . $option . ']</option>'; - $template->assign_block_vars('m_names', array('NAME' => $option)); + $template->assign_block_vars('m_names', array('NAME' => $option, 'A_NAME' => addslashes($option))); // Build module modes foreach ($values['modes'] as $m_mode => $m_values) diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index cc64d84dfe..4b06d2edad 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -332,8 +332,7 @@ class acp_permissions $template->assign_vars(array( 'S_SELECT_USER' => true, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_victim&field=username&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_victim&field=username&select_single=true', false)) - ); + )); break; @@ -395,8 +394,7 @@ class acp_permissions 'S_DEFINED_GROUP_OPTIONS' => $items['group_ids_options'], 'S_ADD_GROUP_OPTIONS' => group_select_options(false, $items['group_ids'], (($user->data['user_type'] == USER_FOUNDER) ? false : 0)), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username&select_single=true', false)) - ); + )); break; } diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 34f43e2426..b7e49ea983 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -350,8 +350,8 @@ class acp_prune 'S_JOINED_OPTIONS' => $s_find_join_time, 'S_ACTIVE_OPTIONS' => $s_find_active_time, 'S_COUNT_OPTIONS' => $s_find_count, - 'U_FIND_USER' => append_sid($phpbb_root_path . "memberlist.$phpEx", 'mode=searchuser&form=acp_prune&field=users')) - ); + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_prune&field=users'), + )); } /** diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php index f8d4f1f80d..12d3095d40 100644 --- a/phpBB/includes/acp/acp_search.php +++ b/phpBB/includes/acp/acp_search.php @@ -473,8 +473,8 @@ class acp_search 'S_INDEX' => true, 'U_ACTION' => $this->u_action, 'U_PROGRESS_BAR' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=progress_bar"), - 'UA_PROGRESS_BAR' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=progress_bar", false)) - ); + 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&mode=$mode&action=progress_bar")), + )); if (isset($this->state[1])) { diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 5a176ead30..a0c648ba1f 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -987,7 +987,6 @@ parse_css_file = {PARSE_CSS_FILE} $template->assign_block_vars('file', array( 'U_VIEWSOURCE' => $this->u_action . "&action=cache&id=$template_id&source=$file", - 'UA_VIEWSOURCE' => str_replace('&', '&', $this->u_action) . "&action=cache&id=$template_id&source=$file", 'CACHED' => $user->format_date(filemtime("{$phpbb_root_path}cache/$filename")), 'FILENAME' => $file, @@ -1454,6 +1453,7 @@ parse_css_file = {PARSE_CSS_FILE} 'U_ACTION' => $this->u_action . "&action=edit&id=$imageset_id", 'U_BACK' => $this->u_action, 'NAME' => $imageset_name, + 'A_NAME' => addslashes($imageset_name), 'ERROR' => !$valid_name, 'IMG_SRC' => ($image_found) ? '../styles/' . $imageset_path . '/imageset/' . $img_val : 'images/no_image.png', 'IMAGE_SELECT' => $image_found diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index aaf066dfca..3748dbaaf9 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -68,9 +68,7 @@ class acp_users 'S_SELECT_USER' => true, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_user&field=username&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_user&field=username&select_single=true', false), - ) - ); + )); return; } diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php index e3514833b5..68156718ab 100644 --- a/phpBB/includes/acp/auth.php +++ b/phpBB/includes/acp/auth.php @@ -382,7 +382,7 @@ class auth_admin extends auth continue; } - $s_role_js_array[$row['role_id']] .= 'role_options[' . $row['role_id'] . '][\'' . $row['auth_option'] . '\'] = ' . $row['auth_setting'] . '; '; + $s_role_js_array[$row['role_id']] .= 'role_options[' . $row['role_id'] . '][\'' . addslashes($row['auth_option']) . '\'] = ' . $row['auth_setting'] . '; '; } $db->sql_freeresult($result); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4155103eef..004c4d8828 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1530,13 +1530,14 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add } $template->assign_vars(array( - $tpl_prefix . 'BASE_URL' => $base_url, - $tpl_prefix . 'PER_PAGE' => $per_page, + $tpl_prefix . 'BASE_URL' => $base_url, + 'A_' . $tpl_prefix . 'BASE_URL' => addslashes($base_url), + $tpl_prefix . 'PER_PAGE' => $per_page, $tpl_prefix . 'PREVIOUS_PAGE' => ($on_page == 1) ? '' : $base_url . "{$url_delim}start=" . (($on_page - 2) * $per_page), $tpl_prefix . 'NEXT_PAGE' => ($on_page == $total_pages) ? '' : $base_url . "{$url_delim}start=" . ($on_page * $per_page), - $tpl_prefix . 'TOTAL_PAGES' => $total_pages) - ); + $tpl_prefix . 'TOTAL_PAGES' => $total_pages, + )); return $page_string; } @@ -4152,9 +4153,8 @@ function page_header($page_title = '', $display_online_list = true) 'U_PRIVATEMSGS' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), 'U_RETURN_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), - 'UA_RETURN_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox', false), 'U_POPUP_PM' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=popup'), - 'UA_POPUP_PM' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=popup', false), + 'UA_POPUP_PM' => addslashes(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=popup')), 'U_MEMBERLIST' => append_sid("{$phpbb_root_path}memberlist.$phpEx"), 'U_MEMBERSLIST' => append_sid("{$phpbb_root_path}memberlist.$phpEx"), 'U_VIEWONLINE' => ($auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) ? append_sid("{$phpbb_root_path}viewonline.$phpEx") : '', diff --git a/phpBB/includes/mcp/mcp_ban.php b/phpBB/includes/mcp/mcp_ban.php index d7c1b28b77..4b33af8b09 100644 --- a/phpBB/includes/mcp/mcp_ban.php +++ b/phpBB/includes/mcp/mcp_ban.php @@ -142,7 +142,7 @@ class mcp_ban 'S_USERNAME_BAN' => ($mode == 'user') ? true : false, 'U_ACTION' => $this->u_action, - 'U_FIND_USER' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp_ban&field=ban'), + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp_ban&field=ban'), )); if ($mode != 'user') diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php index 391d41b6fb..6e6e1ffdd9 100755 --- a/phpBB/includes/mcp/mcp_notes.php +++ b/phpBB/includes/mcp/mcp_notes.php @@ -42,11 +42,10 @@ class mcp_notes case 'front': $template->assign_vars(array( 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true', false), 'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes'), - 'L_TITLE' => $user->lang['MCP_NOTES']) - ); + 'L_TITLE' => $user->lang['MCP_NOTES'], + )); $this->tpl_name = 'mcp_notes_front'; break; diff --git a/phpBB/includes/mcp/mcp_post.php b/phpBB/includes/mcp/mcp_post.php index b98910f55f..4a5bf77bca 100644 --- a/phpBB/includes/mcp/mcp_post.php +++ b/phpBB/includes/mcp/mcp_post.php @@ -176,7 +176,6 @@ function mcp_post_details($id, $mode, $action) 'U_EDIT' => ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '', 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp_chgposter&field=username&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp_chgposter&field=username&select_single=true', false), 'U_MCP_APPROVE' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue&mode=approve_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_REPORT' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'U_MCP_USER_NOTES' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $post_info['user_id']), diff --git a/phpBB/includes/mcp/mcp_warn.php b/phpBB/includes/mcp/mcp_warn.php index 892929539f..3f61f6549a 100755 --- a/phpBB/includes/mcp/mcp_warn.php +++ b/phpBB/includes/mcp/mcp_warn.php @@ -71,7 +71,6 @@ class mcp_warn $template->assign_vars(array( 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true', false), 'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user'), )); diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php index 44b5498ca7..6e93f64acb 100644 --- a/phpBB/includes/ucp/ucp_groups.php +++ b/phpBB/includes/ucp/ucp_groups.php @@ -678,7 +678,6 @@ class ucp_groups 'GROUP_HIDDEN' => $type_hidden, 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&name=group_colour'), - 'UA_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&name=group_colour', false), 'S_UCP_ACTION' => $this->u_action . "&action=$action&g=$group_id", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024))) ); @@ -790,8 +789,7 @@ class ucp_groups 'U_ACTION' => $this->u_action . "&g=$group_id", 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames', false)) - ); + )); break; diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 426b9a9c5b..b383d3e36d 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -95,7 +95,7 @@ class ucp_pm $template->assign_vars(array( 'MESSAGE' => $l_new_message, 'S_NOT_LOGGED_IN' => ($user->data['user_id'] == ANONYMOUS) ? true : false, - 'CLICK_TO_VIEW' => sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox') . '" onclick="jump_to_inbox(); return false;">', '</a>'), + 'CLICK_TO_VIEW' => sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox') . '" onclick="jump_to_inbox(this.href); return false;">', '</a>'), 'U_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), 'UA_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox', false)) ); diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index ba73f3dc3c..fe48e4c0ef 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -105,8 +105,7 @@ function compose_pm($id, $mode, $action) 'S_ALLOW_MASS_PM' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? true : false, 'S_GROUP_OPTIONS' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? $group_options : '', 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=postform&field=username_list&select_single=$select_single"), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=postform&field=username_list&select_single=$select_single", false)) - ); + )); } $sql = ''; @@ -969,9 +968,8 @@ function compose_pm($id, $mode, $action) 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']), 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup'), - 'UA_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup', false), - ) - ); + 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup')), + )); // Build custom bbcodes array display_custom_bbcodes(); diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index b4f2cbeb65..e4d067115d 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -443,8 +443,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit 'DEFAULT_ACTION' => ($config['full_folder_action'] == 1) ? $user->lang['DELETE_OLDEST_MESSAGES'] : $user->lang['HOLD_NEW_MESSAGES'], 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string&select_single=true'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string&select_single=true', false)) - ); + )); $rule_lang = $action_lang = $check_lang = array(); diff --git a/phpBB/includes/ucp/ucp_zebra.php b/phpBB/includes/ucp/ucp_zebra.php index 49ba7329be..aa2dcb15b7 100644 --- a/phpBB/includes/ucp/ucp_zebra.php +++ b/phpBB/includes/ucp/ucp_zebra.php @@ -231,7 +231,6 @@ class ucp_zebra 'L_TITLE' => $user->lang['UCP_ZEBRA_' . $l_mode], 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=add'), - 'UA_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=add', false), 'S_USERNAME_OPTIONS' => $s_username_options, 'S_HIDDEN_FIELDS' => $s_hidden_fields, |