aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/common.php1
-rwxr-xr-xphpBB/language/lang_english.php7
-rw-r--r--phpBB/posting.php18
-rw-r--r--phpBB/profile.php138
-rw-r--r--phpBB/viewtopic.php50
5 files changed, 110 insertions, 104 deletions
diff --git a/phpBB/common.php b/phpBB/common.php
index 6950bdbee8..d3c5693141 100644
--- a/phpBB/common.php
+++ b/phpBB/common.php
@@ -122,7 +122,6 @@ else
$board_config['avatar_filesize'] = $config['avatar_filesize'];
$board_config['avatar_path'] = $config['avatar_path'];
}
-
include('language/lang_'.$board_config['default_lang'].'.'.$phpEx);
?> \ No newline at end of file
diff --git a/phpBB/language/lang_english.php b/phpBB/language/lang_english.php
index b36aa9c39f..bec83c8ba8 100755
--- a/phpBB/language/lang_english.php
+++ b/phpBB/language/lang_english.php
@@ -149,6 +149,7 @@ $lang['Post_new_in'] = "Post New Topic in:"; // Followed by forum name
//
$lang['Website'] = "Website";
$lang['From'] = "From";
+$lang['Wrong_Profile'] = "You cannot modify a profile that is not your own.";
//
// Memberslist
@@ -170,10 +171,10 @@ $lang['All'] = "All";
//
// Topic Admin <= Should be blank for now
-//
+//
//
-// Errors (not related to a
+// Errors (not related to a
// specific failure on a page, eg.
// incorrect password messages do
// not belong here!)
@@ -378,7 +379,7 @@ $l_memberslist = "Memberslist";
$l_faq = "FAQ";
$l_privmsgs = "Private $l_messages";
$l_sendpmsg = "Send a Private Message";
-$l_postedtotal =
+$l_postedtotal =
$l_wehave = "We have";
$l_regedusers = "registered users.";
$l_newestuser = "The newest Registered User is";
diff --git a/phpBB/posting.php b/phpBB/posting.php
index 8a2b025e28..4658ff2d69 100644
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@@ -124,7 +124,7 @@ if(!$is_auth[$is_auth_type])
// to read this forum ...
//
include('includes/page_header.'.$phpEx);
-
+
$msg = "I am sorry but you are not currently authorised to post to this forum. You could try logging on and trying again. If you are logged on then this is a private forum for which you have not been granted access.";
$template->set_filenames(array(
@@ -147,9 +147,9 @@ $error = FALSE;
//
// Set initial conditions
//
-$disable_html = (isset($HTTP_POST_VARS['disable_html'])) ? $HTTP_POST_VARS['disable_html'] : !$userdata['user_allowhtml'];
-$disable_bbcode = (isset($HTTP_POST_VARS['disable_bbcode'])) ? $HTTP_POST_VARS['disable_bbcode'] : !$userdata['user_allowbbcode'];
-$disable_smilies = (isset($HTTP_POST_VARS['disable_smile'])) ? $HTTP_POST_VARS['disable_smile'] : !$userdata['user_allowsmile'];
+$disable_html = (isset($HTTP_POST_VARS['disable_html'])) ? $HTTP_POST_VARS['disable_html'] : $userdata['user_allowhtml'];
+$disable_bbcode = (isset($HTTP_POST_VARS['disable_bbcode'])) ? $HTTP_POST_VARS['disable_bbcode'] : $userdata['user_allowbbcode'];
+$disable_smilies = (isset($HTTP_POST_VARS['disable_smile'])) ? $HTTP_POST_VARS['disable_smile'] : $userdata['user_allowsmile'];
$attach_sig = (isset($HTTP_POST_VARS['attach_sig'])) ? $HTTP_POST_VARS['attach_sig'] : $userdata['user_attachsig'];
$notify = (isset($HTTP_POST_VARS['notify'])) ? $HTTP_POST_VARS['notify'] : $userdata["always_notify"];
@@ -163,8 +163,8 @@ if(isset($HTTP_POST_VARS['submit']))
//
if($mode != 'editpost')
{
- $sql = "SELECT max(post_time) AS last_post_time
- FROM ".POSTS_TABLE."
+ $sql = "SELECT max(post_time) AS last_post_time
+ FROM ".POSTS_TABLE."
WHERE poster_ip = '$user_ip'";
if($result = $db->sql_query($sql))
{
@@ -454,7 +454,7 @@ switch($mode)
}
-
+
break;
case 'reply':
@@ -520,7 +520,7 @@ switch($mode)
error_die(SQL_ERROR, "Couldn't commit");
}
}
-
+
$msg = "$l_stored<br /><br />$l_click <a href=\"".append_sid("viewtopic.$phpEx?".POST_POST_URL."=$new_post_id#$new_post_id")."\">$l_here</a>$l_viewmsg<br /><br />$l_click <a href=\"".append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id")."\">$l_here</a> $l_returntopic";
$template->set_filenames(array(
@@ -779,7 +779,7 @@ if($error)
error_die(GENERAL_ERROR, "Sorry, no there is no such forum");
}
- $sql = "SELECT forum_name
+ $sql = "SELECT forum_name
FROM ".FORUMS_TABLE."
WHERE forum_id = $forum_id";
if(!$result = $db->sql_query($sql))
diff --git a/phpBB/profile.php b/phpBB/profile.php
index e799ca6c88..beaa7f743a 100644
--- a/phpBB/profile.php
+++ b/phpBB/profile.php
@@ -13,7 +13,7 @@
/***************************************************************************
- *
+ *
* This program is free software; you can redistribute it and/or modified
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@@ -48,11 +48,11 @@ function validate_username($username)
// a UNION clause which would be very nice here :(
// So we have to use two queries
case 'mysql':
- $sql_users = "SELECT username
- FROM ".USERS_TABLE."
+ $sql_users = "SELECT username
+ FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
- $sql_disallow = "SELECT disallow_username
- FROM ".DISALLOW_TABLE."
+ $sql_disallow = "SELECT disallow_username
+ FROM ".DISALLOW_TABLE."
WHERE disallow_username = '$username'";
if($result = $db->sql_query($sql_users))
@@ -72,12 +72,12 @@ function validate_username($username)
break;
default:
- $sql = "SELECT disallow_username
- FROM ".DISALLOW_TABLE."
- WHERE disallow_username = '$username'
- UNION
- SELECT username
- FROM ".USERS_TABLE."
+ $sql = "SELECT disallow_username
+ FROM ".DISALLOW_TABLE."
+ WHERE disallow_username = '$username'
+ UNION
+ SELECT username
+ FROM ".USERS_TABLE."
WHERE LOWER(username) = '".strtolower($username)."'";
if($result = $db->sql_query($sql))
@@ -97,9 +97,9 @@ function language_select($default, $dirname="language/")
global $phpEx;
$dir = opendir($dirname);
$lang_select = "<select name=\"language\">\n";
- while ($file = readdir($dir))
+ while ($file = readdir($dir))
{
- if (ereg("^lang_", $file))
+ if (ereg("^lang_", $file))
{
$filename = str_replace("lang_", "", $file);
$filename = str_replace(".$phpEx", "", $filename);
@@ -208,7 +208,7 @@ function tz_select($default)
"+10" => "(GMT +10:00 hours) Guam, Melbourne, Papua New Guinea, Sydney, Vladivostok",
"+11" => "(GMT +11:00 hours) Magadan, Solomon Islands, New Caledonia",
"+12" => "(GMT +12:00 hours) Auckland, Wellington, Fiji, Kamchatka, Marshall Island");
-
+
while(list($offset, $zone) = each($tz_array))
{
if($offset == $default)
@@ -232,7 +232,7 @@ function tz_select($default)
//
// Start of program proper
-//
+//
if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
@@ -269,7 +269,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
if(DEBUG)
{
- error_die(GENERAL_ERROR, "You must supply the user ID number of the user you want to view", __LINE__, __FILE__);
+ error_die(GENERAL_ERROR, "You must supply the user ID number of the user you want to view", __LINE__, __FILE__);
}
else
{
@@ -323,10 +323,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"WEBSITE" => stripslashes($profiledata['user_website']),
"LOCATION" => stripslashes($profiledata['user_from']),
"OCCUPATION" => stripslashes($profiledata['user_occ']),
- "INTERESTS" => stripslashes($profiledata['user_interests']),
- "AVATAR_IMG" => $board_config['avatar_path'] . "/" . stripslashes($profiledata['user_avatar']),
-
- "L_VIEWING_PROFILE" => $l_viewing_profile,
+ "INTERESTS" => stripslashes($profiledata['user_interests']),
+ "AVATAR_IMG" => $board_config['avatar_path'] . "/" . stripslashes($profiledata['user_avatar']),
+
+ "L_VIEWING_PROFILE" => $l_viewing_profile,
"L_USERNAME" => $l_username,
"L_VIEW_USERS_POSTS" => $l_view_users_posts,
"L_JOINED" => $l_joined,
@@ -339,10 +339,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"L_MESSENGER" => $l_messenger,
"L_LOCATION" => $l_from,
"L_OCCUPATION" => $l_occupation,
- "L_INTERESTS" => $l_interests,
- "L_AVATAR" => $l_avatar,
+ "L_INTERESTS" => $l_interests,
+ "L_AVATAR" => $l_avatar,
- "U_SEARCH_USER" => append_sid("search.$phpEx?a=".urlencode($profiledata['username'])."&f=all&b=0&d=DESC&c=100&dosearch=1"),
+ "U_SEARCH_USER" => append_sid("search.$phpEx?a=".urlencode($profiledata['username'])."&f=all&b=0&d=DESC&c=100&dosearch=1"),
"U_USER_WEBSITE" => stripslashes($profiledata['user_website']),
"S_PROFILE_ACTION" => append_sid("profile.$phpEx"))
@@ -408,8 +408,14 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$user_avatar = (empty($user_avatar_loc)) ? $userdata['user_avatar'] : "";
$error = FALSE;
-
+
$passwd_sql = "";
+ if($user_id != $userdata['user_id'])
+ {
+ $error = TRUE;
+ $error_msg = $lang['Wrong_Profile'];
+ }
+
if(!empty($password) && !empty($password_confirm))
{
// The user wants to change their password, isn't that cute..
@@ -427,12 +433,12 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
else if($password && !$password_confirm)
{
$error = TRUE;
- $error_msg = $l_mismatch . "<br />" . $l_tryagain;
+ $error_msg = $l_mismatch . "<br />" . $l_tryagain;
}
-
+
if($board_config['allow_namechange'])
{
- if(!validate_username($username))
+ if(!validate_username($username) && ($username != $userdata['username']))
{
$error = TRUE;
if(isset($error_msg))
@@ -462,13 +468,13 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$error_type = false;
switch($user_avatar_type)
{
- case "image/pjpeg":
+ case "image/pjpeg":
$imgtype = '.jpg';
break;
- case "image/gif":
+ case "image/gif":
$imgtype = '.gif';
break;
- case "image/png":
+ case "image/png":
$imgtype = '.png';
break;
default:
@@ -508,11 +514,11 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
if(!$error)
{
-
- $sql = "UPDATE ".USERS_TABLE."
- SET username = '$username'".$passwd_sql.", user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occ', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_lang = '$user_lang', user_template = '$user_template', user_theme = $user_theme".$avatar_sql."
+
+ $sql = "UPDATE ".USERS_TABLE."
+ SET username = '$username'".$passwd_sql.", user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occ', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_lang = '$user_lang', user_template = '$user_template', user_theme = $user_theme".$avatar_sql."
WHERE user_id = $user_id";
-
+
if($result = $db->sql_query($sql))
{
$msg = $l_infoupdated;
@@ -523,7 +529,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ERROR_MESSAGE" => $msg
));
$template->pparse("reg_header");
-
+
include('includes/page_tail.'.$phpEx);
}
else
@@ -625,10 +631,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? "CHECKED" : "",
- "ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
- "ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
- "AVATAR" => ($user_avatar != "") ? "<img src=\"".$board_config['avatar_path']."/$user_avatar\">" : "",
- "AVATAR_SIZE" => $board_config['avatar_filesize'],
+ "ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
+ "ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
+ "AVATAR" => ($user_avatar != "") ? "<img src=\"".$board_config['avatar_path']."/$user_avatar\">" : "",
+ "AVATAR_SIZE" => $board_config['avatar_filesize'],
"LANGUAGE_SELECT" => language_select($user_lang),
"THEME_SELECT" => theme_select($user_theme),
"TIMEZONE_SELECT" => tz_select($user_timezone),
@@ -674,7 +680,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"L_PROFILE_INFO_NOTICE" => $l_profile_info_notice,
"L_CONFIRM" => $l_confirm,
"L_EMAIL_ADDRESS" => $l_emailaddress,
-
+
"S_PROFILE_ACTION" => append_sid("profile.$phpEx"))
);
@@ -726,7 +732,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
$coppa = 1;
}
-
+
list($hr, $min, $sec, $mon, $day, $year) = explode(",", gmdate("H,i,s,m,d,Y", time()));
$regdate = gmmktime($hr, $min, $sec, $mon, $day, $year);
@@ -754,7 +760,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$template->assign_var_from_handle("JUMPBOX", "jumpbox");
$template->assign_vars(array(
"COPPA" => $coppa,
-
+
"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"),
"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true"))
);
@@ -793,11 +799,11 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
}
//
- // The AUTO_INCREMENT field in MySQL v3.23 doesn't work
- // correctly when there is a row with -1 in that field
+ // The AUTO_INCREMENT field in MySQL v3.23 doesn't work
+ // correctly when there is a row with -1 in that field
// so we have to explicitly get the next user ID.
//
- $sql = "SELECT MAX(user_id) AS total
+ $sql = "SELECT MAX(user_id) AS total
FROM ".USERS_TABLE;
if($result = $db->sql_query($sql))
{
@@ -823,13 +829,13 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$error_type = false;
switch($user_avatar_type)
{
- case "image/pjpeg":
+ case "image/pjpeg":
$imgtype = '.jpg';
break;
- case "image/gif":
+ case "image/gif":
$imgtype = '.gif';
break;
- case "image/png":
+ case "image/png":
$imgtype = '.png';
break;
default:
@@ -871,9 +877,9 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
{
$md_pass = md5($password);
- $sql = "INSERT INTO ".USERS_TABLE."
- (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_timezone, user_dateformat, user_lang, user_template, user_theme, user_active, user_actkey)
- VALUES
+ $sql = "INSERT INTO ".USERS_TABLE."
+ (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_timezone, user_dateformat, user_lang, user_template, user_theme, user_active, user_actkey)
+ VALUES
($new_user_id, '$username', '$regdate', '$md_pass', '$email', '$icq', '$website', '$occupation', '$location', '$interests', '$signature', '$avatar_filename', '$viewemail', '$aim', '$yim', '$msn', $attachsig, $allowsmilies, '$allowhtml', $allowbbcode, $user_timezone, '$user_dateformat', '$user_lang', '$user_template', $user_theme, ";
if($require_activation || $coppa == 1)
{
@@ -887,15 +893,15 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
if($result = $db->sql_query($sql))
{
- $sql = "INSERT INTO ".GROUPS_TABLE."
- (group_name, group_description, group_single_user)
- VALUES
+ $sql = "INSERT INTO ".GROUPS_TABLE."
+ (group_name, group_description, group_single_user)
+ VALUES
('$username', 'Personal User', 1)";
if($result = $db->sql_query($sql))
{
$group_id = $db->sql_nextid();
- $sql = "INSERT INTO ".USER_GROUP_TABLE."
+ $sql = "INSERT INTO ".USER_GROUP_TABLE."
(user_id, group_id)
VALUES
($new_user_id, $group_id)";
@@ -916,7 +922,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$msg = $l_acountadded;
$email_msg = $l_welcomemail;
}
-
+
if(!$coppa)
{
$email_msg .= "\r\n" . $board_config['board_email'];
@@ -930,7 +936,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ERROR_MESSAGE" => $msg
));
$template->pparse("reg_header");
-
+
include('includes/page_tail.'.$phpEx);
}
else
@@ -1025,8 +1031,8 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? "CHECKED" : "",
"ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? "CHECKED" : "",
- "ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
- "ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
+ "ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "CHECKED" : "",
+ "ALLOW_AVATAR" => $board_config['allow_avatar_upload'],
"LANGUAGE_SELECT" => language_select($user_lang),
"THEME_SELECT" => theme_select($user_theme),
"TIMEZONE_SELECT" => tz_select($user_timezone),
@@ -1070,10 +1076,10 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"L_PROFILE_INFO_NOTICE" => $l_profile_info_notice,
"L_CONFIRM" => $l_confirm,
"L_EMAIL_ADDRESS" => $l_emailaddress,
-
+
"S_PROFILE_ACTION" => append_sid("profile.$phpEx"))
- );
-
+ );
+
$template->pparse("body");
include('includes/page_tail.'.$phpEx);
}
@@ -1081,16 +1087,16 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
case 'activate':
- $sql = "SELECT user_id
- FROM ".USERS_TABLE."
+ $sql = "SELECT user_id
+ FROM ".USERS_TABLE."
WHERE user_actkey = '$act_key'";
if($result = $db->sql_query($sql))
{
if($num = $db->sql_numrows($result))
{
$rowset = $db->sql_fetchrowset($result);
- $sql_update = "UPDATE ".USERS_TABLE."
- SET user_active = 1, user_actkey = ''
+ $sql_update = "UPDATE ".USERS_TABLE."
+ SET user_active = 1, user_actkey = ''
WHERE user_id = ".$rowset[0]['user_id'];
if($result = $db->sql_query($sql_update))
{
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index 7c82e38a95..aa9f9ca9d8 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -78,8 +78,8 @@ if(isset($HTTP_GET_VARS['view']))
{
case 'mysql':
// And now the stupid MySQL case...I wish they would get around to implementing subselectes...
- $sub_query = "SELECT topic_time
- FROM ".TOPICS_TABLE."
+ $sub_query = "SELECT topic_time
+ FROM ".TOPICS_TABLE."
WHERE topic_id = $topic_id";
if($sub_result = $db->sql_query($sub_query))
{
@@ -141,11 +141,11 @@ else
$count_sql = (!isset($post_id)) ? "" : ", COUNT(p2.post_id) AS prev_posts";
$order_sql = (!isset($post_id)) ? "" : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote ORDER BY p.post_id ASC";
- $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote" . $count_sql . "
- FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".AUTH_FORUMS_TABLE." fa
- WHERE $join_sql
- AND f.forum_id = t.forum_id
- AND fa.forum_id = f.forum_id
+ $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote" . $count_sql . "
+ FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".AUTH_FORUMS_TABLE." fa
+ WHERE $join_sql
+ AND f.forum_id = t.forum_id
+ AND fa.forum_id = f.forum_id
$order_sql";
// This closes out the opening braces above
@@ -223,7 +223,7 @@ if(!$is_auth['auth_view'] || !$is_auth['auth_view'])
// to read this forum ...
//
include('includes/page_header.'.$phpEx);
-
+
$msg = "I am sorry but you are not currently authorised to read this forum. You could try logging on and trying again. If you are logged on then this is a private forum for which you have not been granted access.";
$template->set_filenames(array(
@@ -238,7 +238,7 @@ if(!$is_auth['auth_view'] || !$is_auth['auth_view'])
}
//
// End auth check
-//
+//
for($x = 0; $x < $total_rows; $x++)
@@ -254,17 +254,17 @@ for($x = 0; $x < $total_rows; $x++)
//
// Get next and previous topic_id's
//
-$sql_next_id = "SELECT topic_id
- FROM ".TOPICS_TABLE."
- WHERE topic_time > $topic_time
- AND forum_id = $forum_id
- ORDER BY topic_time ASC
+$sql_next_id = "SELECT topic_id
+ FROM ".TOPICS_TABLE."
+ WHERE topic_time > $topic_time
+ AND forum_id = $forum_id
+ ORDER BY topic_time ASC
LIMIT 1";
-$sql_prev_id = "SELECT topic_id
- FROM ".TOPICS_TABLE."
- WHERE topic_time < $topic_time
- AND forum_id = $forum_id
- ORDER BY topic_time DESC
+$sql_prev_id = "SELECT topic_id
+ FROM ".TOPICS_TABLE."
+ WHERE topic_time < $topic_time
+ AND forum_id = $forum_id
+ ORDER BY topic_time DESC
LIMIT 1";
$result_next = $db->sql_query($sql_next_id);
$result_prev = $db->sql_query($sql_prev_id);
@@ -277,7 +277,7 @@ $topic_prev_row = $db->sql_fetchrow($result_prev);
$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, p.post_time, p.post_id, p.bbcode_uid, pt.post_text, pt.post_subject
FROM ".POSTS_TABLE." p, ".USERS_TABLE." u, ".POSTS_TEXT_TABLE." pt
WHERE p.topic_id = $topic_id
- AND p.poster_id = u.user_id
+ AND p.poster_id = u.user_id
AND p.post_id = pt.post_id
ORDER BY p.post_time ASC
LIMIT $start, ".$board_config['posts_per_page'];
@@ -356,8 +356,8 @@ $template->assign_vars(array(
// If we get here then the page is unlikely
// to fail generating ...
//
-$sql = "UPDATE ".TOPICS_TABLE."
- SET topic_views = topic_views + 1
+$sql = "UPDATE ".TOPICS_TABLE."
+ SET topic_views = topic_views + 1
WHERE topic_id = $topic_id";
if(!$update_result = $db->sql_query($sql))
{
@@ -427,7 +427,7 @@ for($x = 0; $x < $total_posts; $x++)
$yim_img = ($postrow[$x]['user_yim']) ? "<a href=\"http://edit.yahoo.com/config/send_webmesg?.target=".$postrow[$x]['user_yim']."&.src=pg\"><img src=\"".$images['yim']."\" border=\"0\"></a>" : "";
$edit_img = "<a href=\"".append_sid("posting.$phpEx?mode=editpost&".POST_POST_URL."=".$postrow[$x]['post_id']."&".POST_TOPIC_URL."=$topic_id&".POST_FORUM_URL."=$forum_id")."\"><img src=\"".$images['edit']."\" alt=\"$l_editdelete\" border=\"0\"></a>";
- $quote_img = "<a href=\"".append_sid("posting.$phpEx?mode=reply&quote=true&post_id=".$postrow[$x]['post_id']."&topic_id=$topic_id&forum_id=$forum_id")."\"><img src=\"".$images['quote']."\" alt=\"$l_replyquote\" border=\"0\"></a>";
+ $quote_img = "<a href=\"".append_sid("posting.$phpEx?mode=reply&quote=true&".POST_POST_URL."=".$postrow[$x]['post_id']."&".POST_TOPIC_URL."=$topic_id&".POST_FORUM_URL."=$forum_id")."\"><img src=\"".$images['quote']."\" alt=\"$l_replyquote\" border=\"0\"></a>";
$pmsg_img = "<a href=\"".append_sid("priv_msgs.$phpEx?mode=send")."\"><img src=\"".$images['pmsg']."\" alt=\"$l_sendpmsg\" border=\"0\"></a>";
if($is_auth['auth_mod'])
@@ -482,7 +482,7 @@ for($x = 0; $x < $total_posts; $x++)
"POSTER_JOINED" => $poster_joined,
"POSTER_POSTS" => $poster_posts,
"POSTER_FROM" => $poster_from,
- "POSTER_AVATAR" => $poster_avatar,
+ "POSTER_AVATAR" => $poster_avatar,
"POST_DATE" => $post_date,
"POST_SUBJECT" => $post_subject,
"MESSAGE" => $message,
@@ -529,7 +529,7 @@ $template->assign_vars(array(
"PAGINATION" => generate_pagination("viewtopic.$phpEx?".POST_TOPIC_URL."=$topic_id", $total_replies, $board_config['posts_per_page'], $start),
"ON_PAGE" => (floor($start/$board_config['posts_per_page'])+1),
"TOTAL_PAGES" => ceil(($total_replies)/$board_config['posts_per_page']),
-
+
"S_AUTH_LIST" => $s_auth_can,
"L_OF" => $lang['of'],
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-21 10:11:39 +0000