diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/admin/admin_ban.php | 136 | ||||
| -rw-r--r-- | phpBB/admin/admin_board.php | 232 | ||||
| -rw-r--r-- | phpBB/admin/admin_database.php | 240 | ||||
| -rw-r--r-- | phpBB/admin/admin_disallow.php | 39 | ||||
| -rw-r--r-- | phpBB/admin/admin_email.php | 35 | ||||
| -rw-r--r-- | phpBB/admin/admin_forums.php | 48 | ||||
| -rw-r--r-- | phpBB/admin/admin_permissions.php | 154 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune.php | 43 | ||||
| -rw-r--r-- | phpBB/admin/admin_prune_users.php | 96 | ||||
| -rw-r--r-- | phpBB/admin/admin_ranks.php | 94 | ||||
| -rw-r--r-- | phpBB/admin/admin_search.php | 93 | ||||
| -rw-r--r-- | phpBB/admin/admin_smilies.php | 34 | ||||
| -rw-r--r-- | phpBB/admin/admin_users.php | 107 | ||||
| -rw-r--r-- | phpBB/admin/admin_words.php | 105 | ||||
| -rw-r--r-- | phpBB/admin/index.php | 147 | ||||
| -rw-r--r-- | phpBB/admin/pagestart.php | 30 | ||||
| -rw-r--r-- | phpBB/install/schemas/mysql_basic.sql | 31 | ||||
| -rw-r--r-- | phpBB/language/en/lang_admin.php | 85 |
18 files changed, 843 insertions, 906 deletions
diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index bd4c9775d1..058e32102f 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -21,9 +21,9 @@ define('IN_PHPBB', 1); -if( !empty($setmodules) ) +if(!empty($setmodules)) { - if ( !$auth->acl_get('a_ban') ) + if (!$auth->acl_get('a_ban')) { return; } @@ -42,15 +42,15 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // Do we have ban permissions? -if ( !$auth->acl_get('a_ban') ) +if (!$auth->acl_get('a_ban')) { - return; + trigger_error($user->lang['NO_ADMIN']); } // Mode setting -if ( isset($_POST['mode']) || isset($_GET['mode']) ) +if (isset($_POST['mode']) || isset($_GET['mode'])) { - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; + $mode = (isset($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; } else { @@ -60,19 +60,19 @@ else $current_time = time(); // Start program -if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) +if (isset($_POST['bansubmit']) || isset($_GET['bansubmit'])) { - $ban = ( !empty($_POST['ban']) ) ? $_POST['ban'] : $_GET['ban']; + $ban = (!empty($_POST['ban'])) ? $_POST['ban'] : $_GET['ban']; $ban_list = array_unique(explode("\n", $ban)); $ban_list_log = implode(', ', $ban_list); - $ban_reason = ( isset($_POST['banreason']) ) ? $_POST['banreason'] : ''; + $ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : ''; - if ( !empty($_POST['banlength']) ) + if (!empty($_POST['banlength'])) { - if ( $_POST['banlength'] != -1 || empty($_POST['banlengthother']) ) + if ($_POST['banlength'] != -1 || empty($_POST['banlengthother'])) { - $ban_end = max($current_time, $current_time + ( intval($_POST['banlength']) * 60 )); + $ban_end = max($current_time, $current_time + (intval($_POST['banlength']) * 60)); } else { @@ -87,7 +87,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist = array(); - switch ( $mode ) + switch ($mode) { case 'user': $type = 'ban_userid'; @@ -95,7 +95,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist_tmp = array(); for($i = 0; $i < count($ban_list); $i++) { - if ( trim($ban_list[$i]) != '' ) + if (trim($ban_list[$i]) != '') { $banlist_tmp[] = '\'' . trim($ban_list[$i]) . '\''; } @@ -106,13 +106,13 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) WHERE username IN (" . implode(', ', $banlist_tmp) . ")"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banlist[] = $row['user_id']; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } unset($banlist_tmp); break; @@ -122,18 +122,18 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) for($i = 0; $i < count($ban_list); $i++) { - if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) ) + if (preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode)) { // Don't ask about all this, just don't ask ... ! $ip_1_counter = $ip_range_explode[1]; $ip_1_end = $ip_range_explode[5]; - while ( $ip_1_counter <= $ip_1_end ) + while ($ip_1_counter <= $ip_1_end) { - $ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0; + $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; - if( $ip_2_counter == 0 && $ip_2_end == 254 ) + if($ip_2_counter == 0 && $ip_2_end == 254) { $ip_2_counter = 256; $ip_2_fragment = 256; @@ -141,12 +141,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist[] = "'$ip_1_counter.*'"; } - while ( $ip_2_counter <= $ip_2_end ) + while ($ip_2_counter <= $ip_2_end) { - $ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0; + $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; - if ( $ip_3_counter == 0 && $ip_3_end == 254 ) + if ($ip_3_counter == 0 && $ip_3_end == 254) { $ip_3_counter = 256; $ip_3_fragment = 256; @@ -154,12 +154,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist[] = "'$ip_1_counter.$ip_2_counter.*'"; } - while ( $ip_3_counter <= $ip_3_end ) + while ($ip_3_counter <= $ip_3_end) { - $ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0; + $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; - if ( $ip_4_counter == 0 && $ip_4_end == 254 ) + if ($ip_4_counter == 0 && $ip_4_end == 254) { $ip_4_counter = 256; $ip_4_fragment = 256; @@ -167,7 +167,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'"; } - while ( $ip_4_counter <= $ip_4_end ) + while ($ip_4_counter <= $ip_4_end) { $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; $ip_4_counter++; @@ -179,19 +179,19 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $ip_1_counter++; } } - else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])) ) + else if (preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i]))) { $ip = gethostbynamel(trim($ban_list[$i])); for($j = 0; $j < count($ip); $j++) { - if ( !empty($ip[$j]) ) + if (!empty($ip[$j])) { $banlist[] = '\'' . $ip[$j] . '\''; } } } - else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) || preg_match('/^[a-f0-9:]+\*?$/i', trim($ban_list[$i])) ) + else if (preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) || preg_match('/^[a-f0-9:]+\*?$/i', trim($ban_list[$i]))) { $banlist[] = '\'' . trim($ban_list[$i]) . '\''; } @@ -206,7 +206,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) // This ereg match is based on one by php@unreelpro.com // contained in the annotated php manual at php.com (ereg // section) - if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])) ) + if (eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i]))) { $banlist[] = '\'' . trim($ban_list[$i]) . '\''; } @@ -219,12 +219,12 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) WHERE $type <> ''"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $banlist_tmp = array(); do { - switch ( $mode ) + switch ($mode) { case 'user': $banlist_tmp[] = $row['ban_userid']; @@ -239,13 +239,13 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) break; } } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); $banlist = array_unique(array_diff($banlist, $banlist_tmp)); unset($banlist_tmp); } - if ( sizeof($banlist) ) + if (sizeof($banlist)) { for($i = 0; $i < count($banlist); $i++) { @@ -255,7 +255,7 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) } $sql = ''; - switch ( $mode ) + switch ($mode) { case 'user': $sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")"; @@ -272,20 +272,20 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) $result = $db->sql_query($sql); $sql = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - $sql .= ( ( $sql != '' ) ? ', ' : '' ) . $row['user_id']; + $sql .= (($sql != '') ? ', ' : '') . $row['user_id']; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); $sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")"; } break; } - if ( $sql != '' ) + if ($sql != '') { $sql = "DELETE FROM " . SESSIONS_TABLE . " $sql"; @@ -302,15 +302,15 @@ if ( isset($_POST['bansubmit']) || isset($_GET['bansubmit']) ) message_die(MESSAGE, $message); } -else if ( isset($_POST['unbansubmit']) ) +else if (isset($_POST['unbansubmit'])) { $unban_sql = ''; - for($i = 0; $i < count($_POST['unban']); $i++ ) + for($i = 0; $i < count($_POST['unban']); $i++) { - $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($_POST['unban'][$i]); + $unban_sql .= (($unban_sql != '') ? ', ' : '') . intval($_POST['unban'][$i]); } - if ( $unban_sql != '' ) + if ($unban_sql != '') { $sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_id IN ($unban_sql)"; @@ -340,7 +340,7 @@ $db->sql_query($sql); $ban_end_text = array(0 => $user->lang['Permanent'], 30 => $user->lang['30_Mins'], 60 => $user->lang['1_Hour'], 360 => $user->lang['6_Hours'], 1440 => $user->lang['1_Day'], 10080 => $user->lang['7_Days'], 20160 => $user->lang['2_Weeks'], 40320 => $user->lang['1_Month'], -1 => $user->lang['Other']); $ban_end_options = ''; -foreach ( $ban_end_text as $length => $text ) +foreach ($ban_end_text as $length => $text) { $ban_end_options .= '<option value="' . $length . '">' . $text . '</option>'; } @@ -348,7 +348,7 @@ foreach ( $ban_end_text as $length => $text ) // // Title // -switch ( $mode ) +switch ($mode) { case 'user': $l_title = $user->lang['Ban_users']; @@ -372,13 +372,13 @@ page_header($l_title); <?php -switch ( $mode ) +switch ($mode) { case 'user': $sql = "SELECT b.*, u.user_id, u.username FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE ( b.ban_end >= " . time() . " - OR b.ban_end = 0 ) + WHERE (b.ban_end >= " . time() . " + OR b.ban_end = 0) AND u.user_id = b.ban_userid AND b.ban_userid <> 0 AND u.user_id <> " . ANONYMOUS . " @@ -388,15 +388,15 @@ switch ( $mode ) $banned_options = ''; $banned_length = ''; $banned_options = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>'; - $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; - $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + $banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\''; + $banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\''; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); @@ -414,23 +414,23 @@ switch ( $mode ) $sql = "SELECT * FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + WHERE (ban_end >= " . time() . " + OR ban_end = 0) AND ban_ip <> ''"; $result = $db->sql_query($sql); $banned_reasons = ''; $banned_length = ''; $banned_options = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_ip'] . '</option>'; - $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; - $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + $banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\''; + $banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\''; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); @@ -448,23 +448,23 @@ switch ( $mode ) $sql = "SELECT * FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + WHERE (ban_end >= " . time() . " + OR ban_end = 0) AND ban_email <> ''"; $result = $db->sql_query($sql); $banned_options = ''; $banned_length = ''; $banned_options = ''; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_email'] . '</option>'; - $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; - $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + $banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\''; + $banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\''; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); @@ -509,7 +509,7 @@ switch ( $mode ) <td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td> </tr> <tr> - <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td> + <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td> </tr> </table> @@ -524,7 +524,7 @@ switch ( $mode ) <tr> <?php - if ( $banned_options != '' ) + if ($banned_options != '') { ?> @@ -545,7 +545,7 @@ switch ( $mode ) ?> </tr> <tr> - <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /></td> + <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /></td> </tr> </table></form> diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index 0656654d77..099514f680 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -19,45 +19,68 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) - { - return; - } - $file = basename(__FILE__); - $module['General']['Avatar_settings'] = "$file$SID&mode=avatar"; - $module['General']['Cookie_settings'] = "$file$SID&mode=cookie"; - $module['General']['Board_defaults'] = "$file$SID&mode=default"; - $module['General']['Board_settings'] = "$file$SID&mode=setting"; - $module['General']['Email_settings'] = "$file$SID&mode=email"; - $module['General']['Server_settings'] = "$file$SID&mode=server"; - $module['General']['Auth_settings'] = "$file$SID&mode=auth"; + $module['General']['Cookie_settings'] = ($auth->acl_get('a_cookies')) ? "$file$SID&mode=cookie" : ''; + $module['General']['Board_defaults'] = ($auth->acl_get('a_defaults')) ? "$file$SID&mode=default" : ''; + $module['General']['Board_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&mode=setting" : ''; + $module['General']['Avatar_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&mode=avatar" : ''; + $module['General']['Email_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&mode=email" : ''; + $module['General']['Server_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&mode=server" : ''; + $module['General']['Auth_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&mode=auth" : ''; return; } -// Let's set the root dir for phpBB define('IN_PHPBB', 1); +// Load default header $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.' . $phpEx); -// Are we authed? -if ( !$auth->acl_get('a_general') ) -{ - trigger_error($user->lang['No_admin']); -} +// Get mode +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; -// Get mod -if ( isset($_POST['mode']) || isset($_GET['mode']) ) +// Check permissions/set title +switch ($mode) { - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; + case 'cookie': + $l_title = 'Cookie_settings'; + $which_auth = 'a_cookies'; + break; + case 'default': + $l_title = 'Board_defaults'; + $which_auth = 'a_defaults'; + break; + case 'avatar': + $l_title = 'Avatar_settings'; + $which_auth = 'a_board'; + break; + case 'setting': + $l_title = 'Board_settings'; + $which_auth = 'a_board'; + break; + case 'email': + $l_title = 'Email_settings'; + $which_auth = 'a_server'; + break; + case 'server': + $l_title = 'Server_settings'; + $which_auth = 'a_server'; + break; + case 'auth': + $l_title = 'Auth_settings'; + $which_auth = 'a_server'; + break; + default: + return; } -else + +// Check permissions +if (!$auth->acl_get($which_acl)) { - $mode = ''; + trigger_error($user->lang['NO_ADMIN']); } // Pull all config data @@ -65,15 +88,15 @@ $sql = "SELECT * FROM " . CONFIG_TABLE; $result = $db->sql_query($sql); -while ( $row = $db->sql_fetchrow($result) ) +while ($row = $db->sql_fetchrow($result)) { $config_name = $row['config_name']; $config_value = $row['config_value']; $default_config[$config_name] = $config_value; - $new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name]; + $new[$config_name] = (isset($_POST[$config_name])) ? $_POST[$config_name] : $default_config[$config_name]; - if ( isset($_POST['submit']) ) + if (isset($_POST['submit'])) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . str_replace("\'", "''", $new[$config_name]) . "' @@ -82,7 +105,7 @@ while ( $row = $db->sql_fetchrow($result) ) } } -if ( isset($_POST['submit']) ) +if (isset($_POST['submit'])) { // Re-cache config data config_config($new); @@ -91,39 +114,6 @@ if ( isset($_POST['submit']) ) trigger_error($user->lang['Config_updated']); } -// -// Which title? -// -switch ( $mode ) -{ - case 'cookie': - $l_title = 'Cookie_settings'; - break; - case 'avatar': - $l_title = 'Avatar_settings'; - break; - case 'default': - $l_title = 'Board_defaults'; - break; - case 'setting': - $l_title = 'Board_settings'; - break; - case 'email': - $l_title = 'Email_settings'; - break; - case 'server': - $l_title = 'Server_settings'; - break; - case 'login': - $l_title = 'Server_settings'; - break; - case 'auth': - $l_title = 'Auth_settings'; - break; - default: - return; -} - page_header($user->lang[$l_title]); ?> @@ -141,12 +131,12 @@ page_header($user->lang[$l_title]); // // Output relevant page // -switch ( $mode ) +switch ($mode) { case 'cookie': - $cookie_secure_yes = ( $new['cookie_secure'] ) ? 'checked="checked"' : ''; - $cookie_secure_no = ( !$new['cookie_secure'] ) ? 'checked="checked"' : ''; + $cookie_secure_yes = ($new['cookie_secure']) ? 'checked="checked"' : ''; + $cookie_secure_no = (!$new['cookie_secure']) ? 'checked="checked"' : ''; ?> <tr> @@ -171,12 +161,12 @@ switch ( $mode ) case 'avatar': - $avatars_local_yes = ( $new['allow_avatar_local'] ) ? 'checked="checked"' : ''; - $avatars_local_no = ( !$new['allow_avatar_local'] ) ? 'checked="checked"' : ''; - $avatars_remote_yes = ( $new['allow_avatar_remote'] ) ? 'checked="checked"' : ''; - $avatars_remote_no = ( !$new['allow_avatar_remote'] ) ? 'checked="checked"' : ''; - $avatars_upload_yes = ( $new['allow_avatar_upload'] ) ? 'checked="checked"' : ''; - $avatars_upload_no = ( !$new['allow_avatar_upload'] ) ? 'checked="checked"' : ''; + $avatars_local_yes = ($new['allow_avatar_local']) ? 'checked="checked"' : ''; + $avatars_local_no = (!$new['allow_avatar_local']) ? 'checked="checked"' : ''; + $avatars_remote_yes = ($new['allow_avatar_remote']) ? 'checked="checked"' : ''; + $avatars_remote_no = (!$new['allow_avatar_remote']) ? 'checked="checked"' : ''; + $avatars_upload_yes = ($new['allow_avatar_upload']) ? 'checked="checked"' : ''; + $avatars_upload_no = (!$new['allow_avatar_upload']) ? 'checked="checked"' : ''; ?> <tr> @@ -217,29 +207,29 @@ switch ( $mode ) $lang_select = language_select($new['default_lang'], 'default_lang', '../language'); $timezone_select = tz_select($new['board_timezone'], 'board_timezone'); - $override_user_style_yes = ( $new['override_user_style'] ) ? 'checked="checked"' : ''; - $override_user_style_no = ( !$new['override_user_style'] ) ? 'checked="checked"' : ''; + $override_user_style_yes = ($new['override_user_style']) ? 'checked="checked"' : ''; + $override_user_style_no = (!$new['override_user_style']) ? 'checked="checked"' : ''; - $topic_notify_yes = ( $new['allow_topic_notify'] ) ? 'checked="checked"' : ''; - $topic_notify_no = ( !$new['allow_topic_notify'] ) ? 'checked="checked"' : ''; + $topic_notify_yes = ($new['allow_topic_notify']) ? 'checked="checked"' : ''; + $topic_notify_no = (!$new['allow_topic_notify']) ? 'checked="checked"' : ''; - $forum_notify_yes = ( $new['allow_forum_notify'] ) ? 'checked="checked"' : ''; - $forum_notify_no = ( !$new['allow_forum_notify'] ) ? 'checked="checked"' : ''; + $forum_notify_yes = ($new['allow_forum_notify']) ? 'checked="checked"' : ''; + $forum_notify_no = (!$new['allow_forum_notify']) ? 'checked="checked"' : ''; - $html_yes = ( $new['allow_html'] ) ? 'checked="checked"' : ''; - $html_no = ( !$new['allow_html'] ) ? 'checked="checked"' : ''; + $html_yes = ($new['allow_html']) ? 'checked="checked"' : ''; + $html_no = (!$new['allow_html']) ? 'checked="checked"' : ''; - $bbcode_yes = ( $new['allow_bbcode'] ) ? 'checked="checked"' : ''; - $bbcode_no = ( !$new['allow_bbcode'] ) ? 'checked="checked"' : ''; + $bbcode_yes = ($new['allow_bbcode']) ? 'checked="checked"' : ''; + $bbcode_no = (!$new['allow_bbcode']) ? 'checked="checked"' : ''; - $smile_yes = ( $new['allow_smilies'] ) ? 'checked="checked"' : ''; - $smile_no = ( !$new['allow_smilies'] ) ? 'checked="checked"' : ''; + $smile_yes = ($new['allow_smilies']) ? 'checked="checked"' : ''; + $smile_no = (!$new['allow_smilies']) ? 'checked="checked"' : ''; - $sig_yes = ( $new['allow_sig'] ) ? 'checked="checked"' : ''; - $sig_no = ( !$new['allow_sig'] ) ? 'checked="checked"' : ''; + $sig_yes = ($new['allow_sig']) ? 'checked="checked"' : ''; + $sig_no = (!$new['allow_sig']) ? 'checked="checked"' : ''; - $namechange_yes = ( $new['allow_namechange'] ) ? 'checked="checked"' : ''; - $namechange_no = ( !$new['allow_namechange'] ) ? 'checked="checked"' : ''; + $namechange_yes = ($new['allow_namechange']) ? 'checked="checked"' : ''; + $namechange_no = (!$new['allow_namechange']) ? 'checked="checked"' : ''; ?> <tr> @@ -312,22 +302,22 @@ switch ( $mode ) case 'setting': - $disable_board_yes = ( $new['board_disable'] ) ? 'checked="checked"' : ''; - $disable_board_no = ( !$new['board_disable'] ) ? 'checked="checked"' : ''; + $disable_board_yes = ($new['board_disable']) ? 'checked="checked"' : ''; + $disable_board_no = (!$new['board_disable']) ? 'checked="checked"' : ''; - $coppa_enable_yes = ( $new['coppa_enable'] ) ? 'checked="checked"' : ''; - $coppa_enable_no = ( !$new['coppa_enable'] ) ? 'checked="checked"' : ''; + $coppa_enable_yes = ($new['coppa_enable']) ? 'checked="checked"' : ''; + $coppa_enable_no = (!$new['coppa_enable']) ? 'checked="checked"' : ''; - $activation_none = ( $new['require_activation'] == USER_ACTIVATION_NONE ) ? 'checked="checked"' : ''; - $activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? 'checked="checked"' : ''; - $activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : ''; - $activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : ''; + $activation_none = ($new['require_activation'] == USER_ACTIVATION_NONE) ? 'checked="checked"' : ''; + $activation_user = ($new['require_activation'] == USER_ACTIVATION_SELF) ? 'checked="checked"' : ''; + $activation_admin = ($new['require_activation'] == USER_ACTIVATION_ADMIN) ? 'checked="checked"' : ''; + $activation_disable = ($new['require_activation'] == USER_ACTIVATION_DISABLE) ? 'checked="checked"' : ''; - $privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : ''; - $privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : ''; + $privmsg_on = (!$new['privmsg_disable']) ? 'checked="checked"' : ''; + $privmsg_off = ($new['privmsg_disable']) ? 'checked="checked"' : ''; - $prune_yes = ( $new['prune_enable'] ) ? 'checked="checked"' : ''; - $prune_no = ( !$new['prune_enable'] ) ? 'checked="checked"' : ''; + $prune_yes = ($new['prune_enable']) ? 'checked="checked"' : ''; + $prune_no = (!$new['prune_enable']) ? 'checked="checked"' : ''; ?> <tr> @@ -412,14 +402,14 @@ switch ( $mode ) case 'email': - $email_yes = ( $new['email_enable'] ) ? 'checked="checked"' : ''; - $email_no = ( !$new['email_enable'] ) ? 'checked="checked"' : ''; + $email_yes = ($new['email_enable']) ? 'checked="checked"' : ''; + $email_no = (!$new['email_enable']) ? 'checked="checked"' : ''; - $board_email_form_yes = ( $new['board_email_form'] ) ? 'checked="checked"' : ''; - $board_email_form_no = ( !$new['board_email_form'] ) ? 'checked="checked"' : ''; + $board_email_form_yes = ($new['board_email_form']) ? 'checked="checked"' : ''; + $board_email_form_no = (!$new['board_email_form']) ? 'checked="checked"' : ''; - $smtp_yes = ( $new['smtp_delivery'] ) ? 'checked="checked"' : ''; - $smtp_no = ( !$new['smtp_delivery'] ) ? 'checked="checked"' : ''; + $smtp_yes = ($new['smtp_delivery']) ? 'checked="checked"' : ''; + $smtp_no = (!$new['smtp_delivery']) ? 'checked="checked"' : ''; ?> <tr> @@ -460,13 +450,13 @@ switch ( $mode ) case 'server': - $ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : ''; - $ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : ''; - $ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : ''; - $ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : ''; + $ip_all = ($new['ip_check'] == 4) ? 'checked="checked"' : ''; + $ip_classc = ($new['ip_check'] == 3) ? 'checked="checked"' : ''; + $ip_classb = ($new['ip_check'] == 2) ? 'checked="checked"' : ''; + $ip_none = ($new['ip_check'] == 0) ? 'checked="checked"' : ''; - $gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : ''; - $gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : ''; + $gzip_yes = ($new['gzip_compress']) ? 'checked="checked"' : ''; + $gzip_no = (!$new['gzip_compress']) ? 'checked="checked"' : ''; ?> <tr> <td class="row1"><?php echo $user->lang['Server_name']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Server_name_explain']; ?></span></td> @@ -517,9 +507,9 @@ switch ( $mode ) $auth_plugins = array(); $dp = opendir($phpbb_root_path . 'includes/auth'); - while ( $file = readdir($dp) ) + while ($file = readdir($dp)) { - if ( preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file) ) + if (preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file)) { $auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file); } @@ -528,9 +518,9 @@ switch ( $mode ) sort($auth_plugins); $auth_select = ''; - foreach ( $auth_plugins as $method ) + foreach ($auth_plugins as $method) { - $selected = ( $config['auth_method'] == $method ) ? ' selected="selected"' : ''; + $selected = ($config['auth_method'] == $method) ? ' selected="selected"' : ''; $auth_select .= '<option value="' . $method . '"' . $selected . '>' . ucfirst($method) . '</option>'; } @@ -541,23 +531,23 @@ switch ( $mode ) </tr> <?php - foreach ( $auth_plugins as $method ) + foreach ($auth_plugins as $method) { - if ( $method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx) ) + if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx)) { include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); $method = 'admin_' . $method; - if ( function_exists($method) ) + if (function_exists($method)) { - if ( $config_fields = $method($new) ) + if ($config_fields = $method($new)) { // // Check if we need to create config fields for this plugin // - foreach( $config_fields as $field ) + foreach($config_fields as $field) { - if ( !isset($config[$field]) ) + if (!isset($config[$field])) { $sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value) VALUES ('$field', '')"; @@ -576,7 +566,7 @@ switch ( $mode ) ?> <tr> - <td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td> + <td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td> </tr> </table></form> diff --git a/phpBB/admin/admin_database.php b/phpBB/admin/admin_database.php index 162a7ae653..812e1050db 100644 --- a/phpBB/admin/admin_database.php +++ b/phpBB/admin/admin_database.php @@ -19,18 +19,13 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) - { - return; - } - $filename = basename(__FILE__); - $module['DB']['DB_Backup'] = $filename . "$SID&mode=backup"; + $module['DB']['DB_Backup'] = ($auth->acl_get('a_backup')) ? $filename . "$SID&mode=backup" : ''; $file_uploads = @ini_get('file_uploads'); - if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' ) + if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' && $auth->acl_get('a_restore')) { $module['DB']['DB_Restore'] = $filename . "$SID&mode=restore"; } @@ -39,40 +34,30 @@ if ( !empty($setmodules) ) } define('IN_PHPBB', 1); -// // Load default header -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// -// Do we have DB backup/restore permissions? -// -if ( !$auth->acl_get('a_general') ) -{ - message_die(MESSAGE, $user->lang['No_admin']); -} +$mode = (isset($_GET['mode'])) ? $_GET['mode'] : ''; -// // Increase maximum execution time, but don't complain about it if it isn't // allowed. -// @set_time_limit(1200); -$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : ''; - -// // Begin program proper -// -switch( $mode ) +switch($mode) { case 'backup': + if (!$auth->acl_get('a_backup')) + { + trigger_error($user->lang['NO_ADMIN']); + } - if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql') { - switch ( SQL_LAYER ) + switch (SQL_LAYER) { case 'oracle': $db_type = 'Oracle'; @@ -85,17 +70,17 @@ switch( $mode ) break; } - message_die(MESSAGE, $user->lang['Backups_not_supported']); + trigger_error($user->lang['Backups_not_supported']); break; } - $additional_tables = ( isset($_POST['tables']) ) ? $_POST['tables'] : ( ( isset($_GET['tables']) ) ? $_GET['tables'] : '' ); - $backup_type = ( isset($_POST['type']) ) ? $_POST['type'] : ( ( isset($_GET['type']) ) ? $_GET['type'] : '' ); - $search = ( !empty($_POST['search']) ) ? intval($_POST['search']) : ( ( !empty($_GET['search']) ) ? intval($_GET['search']) : 0 ); - $store_path = ( isset($_POST['store']) ) ? $_POST['store'] : ( ( isset($_GET['store']) ) ? $_GET['store'] : '' ); - $compress = ( !empty($_POST['compress']) ) ? $_POST['compress'] : ( ( !empty($_GET['compress']) ) ? $_GET['compress'] : 'none' ); + $additional_tables = (isset($_POST['tables'])) ? $_POST['tables'] : ((isset($_GET['tables'])) ? $_GET['tables'] : ''); + $backup_type = (isset($_POST['type'])) ? $_POST['type'] : ((isset($_GET['type'])) ? $_GET['type'] : ''); + $search = (!empty($_POST['search'])) ? intval($_POST['search']) : ((!empty($_GET['search'])) ? intval($_GET['search']) : 0); + $store_path = (isset($_POST['store'])) ? $_POST['store'] : ((isset($_GET['store'])) ? $_GET['store'] : ''); + $compress = (!empty($_POST['compress'])) ? $_POST['compress'] : ((!empty($_GET['compress'])) ? $_GET['compress'] : 'none'); - if ( !isset($_POST['backupstart']) && !isset($_GET['backupstart']) ) + if (!isset($_POST['backupstart']) && !isset($_GET['backupstart'])) { page_header($user->lang['DB_Backup']); @@ -127,7 +112,7 @@ switch( $mode ) </tr> <?php - if ( extension_loaded('zlib') || extension_loaded('bz2') ) + if (extension_loaded('zlib') || extension_loaded('bz2')) { ?> @@ -135,7 +120,7 @@ switch( $mode ) <td class="row1"><?php echo $user->lang['Compress_file']; ?>: </td> <td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $user->lang['None']; ?><?php - if ( extension_loaded('zlib') ) + if (extension_loaded('zlib')) { @@ -143,7 +128,7 @@ switch( $mode ) } - if ( extension_loaded('bz2') ) + if (extension_loaded('bz2')) { ?> <input type="radio" name="compress" value="bzip" />.bz2<?php @@ -166,21 +151,21 @@ switch( $mode ) break; } - else if ( !isset($_POST['startdownload']) && !isset($_GET['startdownload']) ) + else if (!isset($_POST['startdownload']) && !isset($_GET['startdownload'])) { $meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&type=$backup_type&tables=" . quotemeta($additional_tables) . "&search=$search&store=" . quotemeta($store_path) . "&compress=$compress&backupstart=1&startdownload=1\">"; - $message = ( empty($store_path) ) ? $user->lang['Backup_download'] : $user->lang['Backup_writing']; + $message = (empty($store_path)) ? $user->lang['Backup_download'] : $user->lang['Backup_writing']; page_header($user->lang['DB_Backup'], $meta); page_message($user->lang['DB_Backup'], $message); page_footer(); } - $tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables(); + $tables = (SQL_LAYER != 'postgresql') ? mysql_get_tables() : pg_get_tables(); @sort($tables); - if ( !empty($additional_tables) ) + if (!empty($additional_tables)) { $additional_tables = explode(',', $additional_tables); @@ -206,7 +191,7 @@ switch( $mode ) echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; echo "#\n"; - if ( SQL_LAYER == 'postgresql' ) + if (SQL_LAYER == 'postgresql') { echo "\n" . pg_get_sequences("\n", $backup_type); } @@ -215,7 +200,7 @@ switch( $mode ) { $table_name = $tables[$i]; - if ( SQL_LAYER != 'mysql4' ) + if (SQL_LAYER != 'mysql4') { $table_def_function = "get_table_def_" . SQL_LAYER; $table_content_function = "get_table_content_" . SQL_LAYER; @@ -226,18 +211,18 @@ switch( $mode ) $table_content_function = "get_table_content_mysql"; } - if ( $backup_type != 'data' ) + if ($backup_type != 'data') { echo "#\n# TABLE: " . $table_name . "\n#\n"; echo $table_def_function($table_name, "\n") . "\n"; } - if ( $backup_type != 'structure' ) + if ($backup_type != 'structure') { // // Skip search table data? // - if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) ) + if ($search || (!$search && !preg_match('/search_word/', $table_name))) { $table_content_function($table_name, "output_table_content"); } @@ -247,7 +232,7 @@ switch( $mode ) // // Flush the buffer, send the file // - switch ( $compress ) + switch ($compress) { case 'gzip': $extension = 'sql.gz'; @@ -258,7 +243,7 @@ switch( $mode ) case 'zip': $extension = 'zip'; $zip = new zipfile; - $zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time()); + $zip->add_file(ob_get_contents(), "phpbb_db_backup.sql", time()); ob_end_clean(); $contents = $zip->file(); break; @@ -277,7 +262,7 @@ switch( $mode ) add_admin_log('log_db_backup'); - if ( empty($store_path) ) + if (empty($store_path)) { header("Pragma: no-cache"); header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\""); @@ -288,12 +273,12 @@ switch( $mode ) } else { - if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) ) + if (!($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb'))) { message_die(ERROR, 'Could not open backup file'); } - if ( !fwrite($fp, $contents) ) + if (!fwrite($fp, $contents)) { message_die(ERROR, 'Could not write backup file content'); } @@ -301,54 +286,58 @@ switch( $mode ) fclose($fp); unset($contents); - message_die(MESSAGE, $user->lang['Backup_success']); + trigger_error($user->lang['Backup_success']); } exit; break; case 'restore': + if (!$auth->acl_get('a_restore')) + { + trigger_error($user->lang['No_admin']); + } - if ( isset($_POST['restorestart']) ) + if (isset($_POST['restorestart'])) { // // Handle the file upload .... // If no file was uploaded report an error... // - if ( !empty($_POST['local']) ) + if (!empty($_POST['local'])) { $file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']); $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); } else { - $filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : ''; - $file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; + $filename = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : ''; + $file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != 'none') ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; } - if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) ) + if ($file_tmpname == '' || $filename == '' || !file_exists($file_tmpname)) { - message_die(MESSAGE, $user->lang['Restore_Error_no_file']); + trigger_error($user->lang['Restore_Error_no_file']); } $ext = substr($filename, strrpos($filename, '.') + 1); - if ( !preg_match('/^(sql|gz|bz2)$/', $ext) ) + if (!preg_match('/^(sql|gz|bz2)$/', $ext)) { - message_die(MESSAGE, $user->lang['Restore_Error_filename']); + trigger_error($user->lang['Restore_Error_filename']); } - if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) ) + if ((!extension_loaded('zlib') && $ext == 'gz') || (!extension_loaded('zip') && $ext == 'zip') || ($ext == 'bz2' && !extension_loaded('bz2'))) { - message_die(MESSAGE, $user->lang['Compress_unsupported']); + trigger_error($user->lang['Compress_unsupported']); } $sql_query = ''; - switch ( $ext ) + switch ($ext) { case 'gz': $fp = gzopen($file_tmpname, 'rb'); - while ( !gzeof($fp) ) + while (!gzeof($fp)) { $sql_query .= gzgets($fp, 100000); } @@ -359,11 +348,14 @@ switch( $mode ) $sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname))); break; + case 'zip': + + default; $sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname)); } - if ( $sql_query != '' ) + if ($sql_query != '') { // Strip out sql comments... $sql_query = remove_remarks($sql_query); @@ -374,7 +366,7 @@ switch( $mode ) { $sql = trim($pieces[$i]); - if ( !empty($sql) && $sql[0] != '#' ) + if (!empty($sql) && $sql[0] != '#') { $db->sql_query($sql); } @@ -383,7 +375,7 @@ switch( $mode ) add_admin_log('log_db_restore'); - message_die(MESSAGE, $user->lang['Restore_success']); + trigger_error($user->lang['Restore_success']); } // @@ -406,11 +398,11 @@ switch( $mode ) echo $user->lang['Supported_extensions']; $types = ': <u>sql</u>'; - if ( extension_loaded('zlib') ) + if (extension_loaded('zlib')) { $types .= ', <u>sql.gz</u>'; } - if ( extension_loaded('bz2') ) + if (extension_loaded('bz2')) { $types .= ', <u>bz2</u>'; } @@ -434,6 +426,7 @@ switch( $mode ) break; default: + trigger_error($user->lang['No_admin']); exit; } @@ -454,16 +447,16 @@ function mysql_get_tables() $tables = array(); $result = mysql_list_tables($db->dbname, $db->db_connect_id); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - if ( preg_match('/^' . $table_prefix . '/', $row[0]) ) + if (preg_match('/^' . $table_prefix . '/', $row[0])) { $tables[] = $row[0]; } } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } return $tables; @@ -483,7 +476,7 @@ function pg_get_sequences($crlf, $backup_type) $seq = $db->sql_query($get_seq_sql); - if( !$num_seq = $db->sql_numrows($seq) ) + if (!$num_seq = $db->sql_numrows($seq)) { $return_val = "# No Sequences Found $crlf"; @@ -502,11 +495,11 @@ function pg_get_sequences($crlf, $backup_type) $get_props_sql = "SELECT * FROM $sequence"; $seq_props = $db->sql_query($get_props_sql); - if($db->sql_numrows($seq_props) > 0) + if ($db->sql_numrows($seq_props) > 0) { $row1 = $db->sql_fetchrow($seq_props); - if($backup_type == 'structure') + if ($backup_type == 'structure') { $row['last_value'] = 1; } @@ -515,7 +508,7 @@ function pg_get_sequences($crlf, $backup_type) } // End if numrows > 0 - if(($row['last_value'] > 1) && ($backup_type != 'structure')) + if (($row['last_value'] > 1) && ($backup_type != 'structure')) { $return_val .= "SELECT NEXTVALE('$sequence'); $crlf"; unset($row['last_value']); @@ -555,7 +548,7 @@ function get_table_def_postgresql($table, $crlf) ORDER BY a.attnum"; $result = $db->sql_query($field_query); - if(!$result) + if (!$result) { message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); } // end if.. @@ -641,12 +634,12 @@ function get_table_def_postgresql($table, $crlf) ORDER BY index_name, tab_name, column_name "; $result = $db->sql_query($sql_pri_keys); - if(!$result) + if (!$result) { message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_pri_keys); } - while ( $row = $db->sql_fetchrow($result)) + while ($row = $db->sql_fetchrow($result)) { if ($row['primary_key'] == 't') { @@ -743,37 +736,29 @@ function get_table_def_mysql($table, $crlf) $field_query = "SHOW FIELDS FROM $table"; $key_query = "SHOW KEYS FROM $table"; - // // If the user has selected to drop existing tables when doing a restore. // Then we add the statement to drop the tables.... - // $schema_create .= "DROP TABLE IF EXISTS $table;$crlf"; $schema_create .= "CREATE TABLE $table($crlf"; - // // Ok lets grab the fields... - // $result = $db->sql_query($field_query); - if(!result) - { - message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); - } while ($row = $db->sql_fetchrow($result)) { $schema_create .= ' ' . $row['Field'] . ' ' . $row['Type']; - if(!empty($row['Default'])) + if (!empty($row['Default'])) { $schema_create .= ' DEFAULT \'' . $row['Default'] . '\''; } - if($row['Null'] != "YES") + if ($row['Null'] != "YES") { $schema_create .= ' NOT NULL'; } - if($row['Extra'] != "") + if ($row['Extra'] != "") { $schema_create .= ' ' . $row['Extra']; } @@ -794,12 +779,12 @@ function get_table_def_mysql($table, $crlf) { $kname = $row['Key_name']; - if(($kname != 'PRIMARY') && ($row['Non_unique'] == 0)) + if (($kname != 'PRIMARY') && ($row['Non_unique'] == 0)) { $kname = "UNIQUE|$kname"; } - if(!is_array($index[$kname])) + if (!is_array($index[$kname])) { $index[$kname] = array(); } @@ -807,11 +792,11 @@ function get_table_def_mysql($table, $crlf) $index[$kname][] = $row['Column_name']; } - while(list($x, $columns) = @each($index)) + foreach ($index as $x => $columns) { $schema_create .= ", $crlf"; - if($x == 'PRIMARY') + if ($x == 'PRIMARY') { $schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')'; } @@ -827,7 +812,7 @@ function get_table_def_mysql($table, $crlf) $schema_create .= "$crlf);"; - if(get_magic_quotes_runtime()) + if (get_magic_quotes_runtime()) { return(stripslashes($schema_create)); } @@ -856,10 +841,7 @@ function get_table_content_postgresql($table, $handler) { global $db; - // // Grab all of the data from current table. - // - $result = $db->sql_query("SELECT * FROM $table"); $i_num_fields = $db->sql_numfields($result); @@ -872,24 +854,23 @@ function get_table_content_postgresql($table, $handler) $iRec = 0; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { unset($schema_vals); unset($schema_fields); unset($schema_insert); - // + // Build the SQL statement to recreate the data. - // for($i = 0; $i < $i_num_fields; $i++) { $strVal = $row[$aryName[$i]]; - if (eregi("char|text|bool", $aryType[$i])) + if (preg_match('#char|text|bool#i', $aryType[$i])) { $strQuote = "'"; $strEmpty = ""; $strVal = addslashes($strVal); } - elseif (eregi("date|timestamp", $aryType[$i])) + elseif (preg_match('#date|timestamp#i', $aryType[$i])) { if ($empty($strVal)) { @@ -913,18 +894,15 @@ function get_table_content_postgresql($table, $handler) $schema_vals .= " $strQuote$strVal$strQuote,"; $schema_fields .= " $aryName[$i],"; - } - $schema_vals = ereg_replace(",$", "", $schema_vals); - $schema_vals = ereg_replace("^ ", "", $schema_vals); - $schema_fields = ereg_replace(",$", "", $schema_fields); - $schema_fields = ereg_replace("^ ", "", $schema_fields); + $schema_vals = preg_replace('#,$#', '', $schema_vals); + $schema_vals = preg_replace('#^ #', '', $schema_vals); + $schema_fields = preg_replace('#,$#', '', $schema_fields); + $schema_fields = preg_replace('#^ #', '', $schema_fields); - // // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. - // $schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);"; $handler(trim($schema_insert)); @@ -941,16 +919,13 @@ function get_table_content_postgresql($table, $handler) function get_table_content_mysql($table, $handler) { global $db; - // + // Grab the data from the table. - // $result = $db->sql_query("SELECT * FROM $table"); - // // Loop through the resulting rows and build the sql statement. - // $schema_insert = ""; - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $schema_insert = "\n#\n# Table Data for $table\n#\n"; @@ -970,7 +945,7 @@ function get_table_content_mysql($table, $handler) // // Get rid of the last comma // - $table_list = ereg_replace(', $', '', $table_list); + $table_list = preg_replace('#, $#', '', $table_list); $table_list .= ')'; // // Start building the SQL statement. @@ -981,7 +956,7 @@ function get_table_content_mysql($table, $handler) // for ($j = 0; $j < $num_fields; $j++) { - if(!isset($row[$j])) + if (!isset($row[$j])) { // // If there is no data for the column set it to null. @@ -1003,14 +978,14 @@ function get_table_content_mysql($table, $handler) // // Get rid of the the last comma. // - $schema_insert = ereg_replace(',$', '', $schema_insert); + $schema_insert = preg_replace('#,$#', '', $schema_insert); $schema_insert .= ');'; // // Go ahead and send the insert statement to the handler function. // $handler(trim($schema_insert)); } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } return true; @@ -1041,9 +1016,9 @@ class zipfile var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; - function unix2DosTime($unixtime = 0) + function unix_to_dos_time($unixtime = 0) { - $timearray = ( $unixtime == 0 ) ? getdate() : getdate($unixtime); + $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] < 1980) { @@ -1055,15 +1030,15 @@ class zipfile $timearray['seconds'] = 0; } - return ( ( $timearray['year'] - 1980) << 25 ) | ( $timearray['mon'] << 21 ) | ( $timearray['mday'] << 16 ) | - ( $timearray['hours'] << 11 ) | ( $timearray['minutes'] << 5 ) | ( $timearray['seconds'] >> 1 ); + return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | + ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); } - function addFile($data, $name, $time = 0) + function add_file($data, $name, $time = 0) { $name = str_replace('\\', '/', $name); - $dtime = dechex($this->unix2DosTime($time)); + $dtime = dechex($this->unix_to_dos_time($time)); $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] @@ -1111,14 +1086,14 @@ class zipfile $cdrec .= pack('V', $crc); // crc32 $cdrec .= pack('V', $c_len); // compressed filesize $cdrec .= pack('V', $unc_len); // uncompressed filesize - $cdrec .= pack('v', strlen($name) ); // length of filename - $cdrec .= pack('v', 0 ); // extra field length - $cdrec .= pack('v', 0 ); // file comment length - $cdrec .= pack('v', 0 ); // disk number start - $cdrec .= pack('v', 0 ); // internal file attributes - $cdrec .= pack('V', 32 ); // external file attributes - 'archive' bit set - - $cdrec .= pack('V', $this -> old_offset ); // relative offset of local header + $cdrec .= pack('v', strlen($name)); // length of filename + $cdrec .= pack('v', 0); // extra field length + $cdrec .= pack('v', 0); // file comment length + $cdrec .= pack('v', 0); // disk number start + $cdrec .= pack('v', 0); // internal file attributes + $cdrec .= pack('V', 32); // external file attributes - 'archive' bit set + + $cdrec .= pack('V', $this -> old_offset); // relative offset of local header $this -> old_offset = $new_offset; $cdrec .= $name; @@ -1140,7 +1115,6 @@ class zipfile pack('V', strlen($data)) . // offset to start of central dir "\x00\x00"; // .zip file comment length } - } // diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php index 4bd6a88170..3061a069fa 100644 --- a/phpBB/admin/admin_disallow.php +++ b/phpBB/admin/admin_disallow.php @@ -21,43 +21,36 @@ define('IN_PHPBB', 1); -if( !empty($setmodules) ) +if(!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_get('a_names')) { return; } - $filename = basename(__FILE__); - $module['Users']['Disallow'] = $filename . $SID; + $module['Users']['Disallow'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// -// Do we have user admin permissions? -// -if ( !$auth->acl_get('a_user') ) +// Check permissions +if (!$auth->acl_get('a_names')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -if( isset($_POST['add_name']) ) +if (isset($_POST['add_name'])) { - include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); - - $disallowed_user = ( isset($_POST['disallowed_user']) ) ? $_POST['disallowed_user'] : $_GET['disallowed_user']; + $disallowed_user = (isset($_POST['disallowed_user'])) ? $_POST['disallowed_user'] : $_GET['disallowed_user']; $disallowed_user = str_replace('*', '%', $disallowed_user); - if ( !validate_username($disallowed_user) ) + if (validate_username($disallowed_user)) { $message = $user->lang['Disallowed_already']; } @@ -65,7 +58,7 @@ if( isset($_POST['add_name']) ) { $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) VALUES('" . str_replace("\'", "''", $disallowed_user) . "')"; - $result = $db->sql_query( $sql ); + $result = $db->sql_query($sql); $message = $user->lang['Disallow_successful']; } @@ -76,9 +69,9 @@ if( isset($_POST['add_name']) ) message_die(MESSAGE, $message); } -else if( isset($_POST['delete_name']) ) +else if (isset($_POST['delete_name'])) { - $disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] ); + $disallowed_id = (isset($_POST['disallowed_id'])) ? intval($_POST['disallowed_id']) : intval($_GET['disallowed_id']); $sql = "DELETE FROM " . DISALLOW_TABLE . " WHERE disallow_id = $disallowed_id"; @@ -92,21 +85,19 @@ else if( isset($_POST['delete_name']) ) } -// // Grab the current list of disallowed usernames... -// $sql = "SELECT * FROM " . DISALLOW_TABLE; $result = $db->sql_query($sql); $disallow_select = ''; -if ( $row = $db->sql_fetchrow($result) ) +if ($row = $db->sql_fetchrow($result)) { do { $disallow_select .= '<option value="' . $row['disallow_id'] . '">' . str_replace('%', '*', $row['disallow_username']) . '</option>'; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } // @@ -133,7 +124,7 @@ page_header($user->lang['Users']); </tr> <tr> <td class="row1"><?php echo $user->lang['Username']; ?><br /><span class="gensmall"><?php echo $user->lang['Delete_disallow_explain']; ?></span></td> - <td class="row2"><?php if ( $disallow_select != '' ) { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select> <input type="submit" name="delete_name" value="<?php echo $user->lang['Delete']; ?>" class="liteoption" /><?php } else { echo $user->lang['No_disallowed']; } ?></td> + <td class="row2"><?php if ($disallow_select != '') { ?><select name="disallowed_id"><?php echo $disallow_select; ?></select> <input type="submit" name="delete_name" value="<?php echo $user->lang['Delete']; ?>" class="liteoption" /><?php } else { echo $user->lang['No_disallowed']; } ?></td> </tr> </table></form> diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index 41e3ca55cd..ada237a912 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -19,33 +19,28 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_email')) { return; } - $filename = basename(__FILE__); - $module['General']['Mass_Email'] = $filename . $SID; + $module['General']['Mass_Email'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// -// Do we have general admin permissions? -// -if ( !$auth->acl_get('a_general') ) +// Check permissions +if (!$auth->acl_get('a_email')) { - return; + trigger_error($user->lang['NO_ADMIN']); } // @@ -57,7 +52,7 @@ $subject = ''; // // Do the job ... // -if ( isset($_POST['submit']) ) +if (isset($_POST['submit'])) { // // Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't @@ -67,10 +62,10 @@ if ( isset($_POST['submit']) ) $group_id = intval($_POST['g']); - $sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; + $sql = ($group_id != -1) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; $result = $db->sql_query($sql); - if ( !($email_list = $db->sql_fetchrowset($g_result)) ) + if (!($email_list = $db->sql_fetchrowset($g_result))) { // // Output a relevant GENERAL_MESSAGE about users/group @@ -87,14 +82,14 @@ if ( isset($_POST['submit']) ) // $error = FALSE; - if ( !$error ) + if (!$error) { include($phpbb_root_path . 'includes/emailer.'.$phpEx); // // Let's do some checking to make sure that mass mail functions // are working in win32 versions of php. // - if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$config['smtp_delivery']) + if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$config['smtp_delivery']) { // We are running on windows, force delivery to use // our smtp functions since php's are broken by default @@ -108,7 +103,7 @@ if ( isset($_POST['submit']) ) $bcc_list = ''; for($i = 0; $i < count($email_list); $i++) { - $bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $email_list[$i]['user_email']; + $bcc_list .= (($bcc_list != '') ? ', ' : '') . $email_list[$i]['user_email']; } $email_headers .= "Bcc: $bcc_list\n"; @@ -145,13 +140,13 @@ $sql = "SELECT group_id, group_name $result = $db->sql_query($sql); $select_list = '<select name = "g"><option value = "-1">' . $user->lang['All_users'] . '</option>'; -if ( $row = $db->sql_fetchrow($result) ) +if ($row = $db->sql_fetchrow($result)) { do { $select_list .= '<option value = "' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $select_list .= '</select>'; @@ -163,7 +158,7 @@ page_header($user->lang['Mass_Email']); <p><?php echo $user->lang['Mass_email_explain']; ?></p> -<form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1"> +<form method="post" action="admin_mass_email.<?php echo $phpEx.$SID; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1"> <tr> <th colspan="2"><?php echo $user->lang['Compose']; ?></th> </tr> diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index 3e79720dff..17fea8fac4 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -21,45 +21,47 @@ if (!empty($setmodules)) { - if (!$auth->acl_get('a_forum')) + if (!$auth->acl_gets('a_forum', 'a_forumadd', 'a_forumdel')) { return; } - $file = basename(__FILE__); - $module['Forums']['Manage'] = $file . $SID; + $module['Forums']['Manage'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// -// Do we have forum admin permissions? -// -if (!$auth->acl_get('a_forum')) -{ - message_die(MESSAGE, $user->lang['No_admin']); -} +// Get mode +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; -// -// Mode setting -// -if (isset($_POST['mode']) || isset($_GET['mode'])) -{ - $mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; -} -else +// Do we have permissions? +switch ($mode) { - $mode = ''; + case 'add': + if (!$auth->acl_get('a_forumadd')) + { + trigger_error($user->lang['NO_ADMIN']); + } + case 'del': + if (!$auth->acl_get('a_forumdel')) + { + trigger_error($user->lang['NO_ADMIN']); + } + + default: + if (!$auth->acl_get('a_forum')) + { + trigger_error($user->lang['NO_ADMIN']); + } } +// Major routines switch ($mode) { case 'move_up': @@ -355,15 +357,13 @@ switch ($mode) break; case 'forum_sync': - sync('forum', intval($_GET[POST_FORUM_URL])); + sync('forum', intval($_GET['f'])); $show_index = TRUE; break; case 'add': case 'edit': - // // Show form to create/modify a forum - // if ($mode == 'edit') { $forum_id = intval($_GET['f']); diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 7eec84da2e..048e8bf52b 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -19,18 +19,13 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_auth') ) - { - return; - } - $filename = basename(__FILE__); - $module['Forums']['Permissions'] = $filename . $SID . '&mode=forums'; - $module['Forums']['Moderators'] = $filename . $SID . '&mode=moderators'; - $module['Forums']['Super_Moderators'] = $filename . $SID . '&mode=supermoderators'; - $module['General']['Administrators'] = $filename . $SID . '&mode=administrators'; + $module['Forums']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&mode=forums' : ''; + $module['Forums']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=moderators' : ''; + $module['Forums']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=supermoderators' : ''; + $module['General']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&mode=administrators' : ''; return; } @@ -43,16 +38,10 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// Do we have forum admin permissions? -if ( !$auth->acl_get('a_auth') ) -{ - trigger_error($user->lang['No_admin']); -} - // Define some vars -if ( isset($_GET['f']) || isset($_POST['f']) ) +if (isset($_REQUEST['f'])) { - $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); + $forum_id = intval($_REQUEST['f']); $forum_sql = " WHERE forum_id = $forum_id"; } else @@ -61,88 +50,87 @@ else $forum_sql = ''; } -if ( isset($_GET['mode']) || isset($_POST['mode']) ) -{ - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = ''; -} +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; // Start program proper -switch ( $mode ) +switch ($mode) { case 'forums': - $l_title = $user->lang['Permissions']; - $l_title_explain = $user->lang['Permissions_explain']; - $l_can = '_can'; + $l_title = $user->lang['PERMISSIONS']; + $l_title_explain = $user->lang['PERMISSIONS_EXPLAIN']; + $which_acl = 'a_auth'; break; case 'moderators': - $l_title = $user->lang['Moderators']; - $l_title_explain = $user->lang['Moderators_explain']; - $l_can = '_can'; + $l_title = $user->lang['MODERATORS']; + $l_title_explain = $user->lang['MODERATORS_EXPLAIN']; + $which_acl = 'a_authmods'; break; case 'supermoderators': - $l_title = $user->lang['Super_Moderators']; - $l_title_explain = $user->lang['Super_Moderators_explain']; - $l_can = '_can'; + $l_title = $user->lang['SUPER_MODERATORS']; + $l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN']; + $which_acl = 'a_authmods'; break; case 'administrators': - $l_title = $user->lang['Administrators']; - $l_title_explain = $user->lang['Administrators_explain']; - $l_can = '_can_admin'; + $l_title = $user->lang['ADMINISTRATORS']; + $l_title_explain = $user->lang['ADMINISTRATORS_EXPLAIN']; + $which_acl = 'a_authadmins'; break; } +// Permission check +if (!$auth->acl_get($which_acl)) +{ + trigger_error($user->lang['NO_ADMIN']); +} + // Call update or delete, both can take multiple user/group // ids. Additionally inheritance is handled (by the auth API) -if ( isset($_POST['update']) ) +if (isset($_POST['update'])) { $auth_admin = new auth_admin(); // Admin wants subforums to inherit permissions ... so handle this - if ( !empty($_POST['inherit']) ) + if (!empty($_POST['inherit'])) { array_push($_POST['inherit'], $forum_id); $forum_id = $_POST['inherit']; } - foreach ( $_POST['entries'] as $id ) + foreach ($_POST['entries'] as $id) { $auth_admin->acl_set($_POST['type'], $forum_id, $id, $_POST['option']); } trigger_error('Permissions updated successfully'); } -else if ( isset($_POST['delete']) ) +else if (isset($_POST['delete'])) { $auth_admin = new auth_admin(); $option_ids = false; - if ( !empty($_POST['option']) ) + if (!empty($_POST['option'])) { $sql = "SELECT auth_option_id FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $option_ids = array(); do { $option_ids[] = $row['auth_option_id']; } - while( $row = $db->sql_fetchrow($result) ); + while($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); } - foreach ( $_POST['entries'] as $id ) + foreach ($_POST['entries'] as $id) { $auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids); } @@ -152,12 +140,12 @@ else if ( isset($_POST['delete']) ) // Get required information, either all forums if no id was // specified or just the requsted if it was -if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' ) +if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators') { // Clear some vars, grab some info if relevant ... $s_hidden_fields = ''; - if ( !empty($forum_id) ) + if (!empty($forum_id)) { $sql = "SELECT forum_name FROM " . FORUMS_TABLE . " @@ -179,7 +167,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <?php - switch ( $mode ) + switch ($mode) { case 'forums': $type_sql = 'f'; @@ -204,17 +192,17 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " - ORDER BY group_name"; + ORDER BY group_type DESC, group_name"; $result = $db->sql_query($sql); $group_list = ''; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - $group_list .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>'; + $group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); - if ( empty($_POST['advanced']) || empty($_POST['entries']) ) + if (empty($_POST['advanced']) || empty($_POST['entries'])) { ?> @@ -241,7 +229,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $result = $db->sql_query($sql); $users = ''; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>'; } @@ -268,13 +256,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $forum_sql AND a.auth_option_id = o.auth_option_id AND g.group_id = a.group_id - ORDER BY g.group_name ASC"; + ORDER BY g.group_type DESC, g.group_name ASC"; $result = $db->sql_query($sql); $groups = ''; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - $groups .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>'; + $groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); @@ -301,7 +289,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td> </tr> <tr> - <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> + <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> </tr> </table></form></td> @@ -313,7 +301,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td> </tr> <tr> - <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> + <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> </tr> </table></form></td> @@ -328,7 +316,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators // Founder only operations ... these operations can // only be altered by someone with founder status - $founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : ''; + $founder_sql = (!$userdata['user_founder']) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " @@ -338,35 +326,35 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $result = $db->sql_query($sql); $auth_options = array(); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $auth_options[] = $row; } $db->sql_freeresult($result); - if ( $_POST['type'] == 'user' && !empty($_POST['new']) ) + if ($_POST['type'] == 'user' && !empty($_POST['new'])) { $_POST['entries'] = explode("\n", $_POST['entries']); } $where_sql = ''; - foreach ( $_POST['entries'] as $value ) + foreach ($_POST['entries'] as $value) { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $_POST['type'] == 'user' && !empty($_POST['new']) ) ? '\'' . $value . '\'' : intval($value) ); + $where_sql .= (($where_sql != '') ? ', ' : '') . (($_POST['type'] == 'user' && !empty($_POST['new'])) ? '\'' . $value . '\'' : intval($value)); } - switch ( $_POST['type'] ) + switch ($_POST['type']) { case 'group': $l_type = 'Group'; - $sql = ( empty($_POST['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; + $sql = (empty($_POST['new'])) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; break; case 'user': $l_type = 'User'; - $sql = ( empty($_POST['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; + $sql = (empty($_POST['new'])) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; break; } @@ -375,15 +363,15 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators $ug = '';; $ug_hidden = ''; $auth = array(); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - $ug_test = ( !empty($user->lang[$row['name']]) ) ? $user->lang[$row['name']] : $row['name']; - $ug .= ( !strstr($ug, $ug_test) ) ? $ug_test . "\n" : ''; + $ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name']; + $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; $ug_test = '<input type="hidden" name="entries[]" value="' . $row['id'] . '" />'; - $ug_hidden .= ( !strstr($ug_hidden, $ug_test) ) ? $ug_test : ''; + $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; - $auth[$row['auth_value']] = ( isset($auth_group[$row['auth_value']]) ) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; + $auth[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; } $db->sql_freeresult($result); @@ -451,7 +439,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators //--> </script> -<p><?php echo $user->lang['ACL_explain']; ?></p> +<p><?php echo $user->lang['ACL_EXPLAIN']; ?></p> <form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table cellspacing="1" cellpadding="0" border="0" align="center"> <tr> @@ -469,13 +457,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators for($i = 0; $i < sizeof($auth_options); $i++) { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; - $l_can_cell = ( !empty($user->lang['acl_' . $auth_options[$i]['auth_value']]) ) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value'])); + $l_can_cell = (!empty($user->lang['acl_' . $auth_options[$i]['auth_value']])) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value'])); - $allow_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_ALLOW ) ? ' checked="checked"' : ''; - $deny_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_DENY ) ? ' checked="checked"' : ''; - $inherit_type = ( $auth[$auth_options[$i]['auth_value']] == ACL_INHERIT ) ? ' checked="checked"' : ''; + $allow_type = ($auth[$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; + $deny_type = ($auth[$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; + $inherit_type = ($auth[$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; ?> <tr> @@ -488,11 +476,11 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } - if ( $type_sql == 'f' || $type_sql == 'm' ) + if ($type_sql == 'f' || $type_sql == 'm') { $children = get_forum_branch($forum_id, 'children', 'descending', false); - if ( !empty($children) ) + if (!empty($children)) { ?> <tr> @@ -504,7 +492,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators <td colspan="4" height="16"><span class="gensmall"><?php echo $user->lang['Inheritance_explain']; ?></span></td> </tr> <?php - foreach ( $children as $row ) + foreach ($children as $row) { ?> @@ -528,7 +516,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators ?> <tr> - <td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" /> <input class="liteoption" type="submit" name="cancel" value="<?php echo $user->lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td> + <td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" /> <input class="liteoption" type="submit" name="CANCEL" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td> </tr> </table></td> </tr> diff --git a/phpBB/admin/admin_prune.php b/phpBB/admin/admin_prune.php index fadcf1e0a5..8ad2806569 100644 --- a/phpBB/admin/admin_prune.php +++ b/phpBB/admin/admin_prune.php @@ -19,41 +19,38 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_forum') ) + if (!$auth->acl_get('a_prune')) { return; } - $filename = basename(__FILE__); - $module['Forums']['Prune'] = $filename . $SID . '&mode=forums'; + $module['Forums']['Prune'] = basename(__FILE__) . $SID . '&mode=forums'; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// Do we have forum admin permissions? -if ( !$auth->acl_get('a_forum') ) +// Do we have permission? +if (!$auth->acl_get('a_prune')) { - message_die(MESSAGE, $user->lang['No_admin']); + trigger_error($user->lang['NO_ADMIN']); } // // Get the forum ID for pruning // -if ( isset($_GET['f']) || isset($_POST['f']) ) +if (isset($_REQUEST['f'])) { - $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); - $forum_sql = ( $forum_id == -1 ) ? '' : "AND forum_id = $forum_id"; + $forum_id = intval($_REQUEST['f']); + $forum_sql = ($forum_id == -1) ? '' : "AND forum_id = $forum_id"; } else { @@ -69,7 +66,7 @@ $sql = "SELECT forum_id, forum_name, left_id, right_id $result = $db->sql_query($sql); $forum_rows = array(); -while( $row = $db->sql_fetchrow($result) ) +while($row = $db->sql_fetchrow($result)) { $forum_rows[] = $row; } @@ -78,12 +75,12 @@ $db->sql_freeresult($result); // // Check for submit to be equal to Prune. If so then proceed with the pruning. // -if ( isset($_POST['doprune']) ) +if (isset($_POST['doprune'])) { - $prunedays = ( isset($_POST['prunedays']) ) ? intval($_POST['prunedays']) : 0; + $prunedays = (isset($_POST['prunedays'])) ? intval($_POST['prunedays']) : 0; // Convert days to seconds for timestamp functions... - $prunedate = time() - ( $prunedays * 86400 ); + $prunedate = time() - ($prunedays * 86400); $template->set_filenames(array( 'body' => 'admin/forum_prune_result_body.tpl') @@ -103,7 +100,7 @@ if ( isset($_POST['doprune']) ) 'FORUM_POSTS' => $p_result['posts']) ); - $log_data .= ( ( $log_data != '' ) ? ', ' : '' ) . $forum_rows[$i]['forum_name']; + $log_data .= (($log_data != '') ? ', ' : '') . $forum_rows[$i]['forum_name']; } $template->assign_vars(array( @@ -125,7 +122,7 @@ else // If they haven't selected a forum for pruning yet then // display a select box to use for pruning. // - if ( empty($forum_id) ) + if (empty($forum_id)) { // // Output a selection table if no forum id has been specified. @@ -135,15 +132,15 @@ else $right = 0; $subforum = ''; $forum_list = ''; - foreach ( $forum_rows as $row ) + foreach ($forum_rows as $row) { - if ( $row['left_id'] < $right ) + if ($row['left_id'] < $right ) { $subforum .= ' '; } - else if ( $row['left_id'] > $right + 1 ) + else if ($row['left_id'] > $right + 1) { - $subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 )); + $subforum = substr($subforum, 0, -18 * ($row['left_id'] - $right + 1)); } $select_list .= '<option value="' . $row['forum_id'] . '">' . $subforum . $row['forum_name'] . '</option>'; @@ -171,7 +168,7 @@ else } else { - $forum_name = ( $forum_id == -1 ) ? $user->lang['All_Forums'] : $forum_rows[0]['forum_name']; + $forum_name = ($forum_id == -1) ? $user->lang['All_Forums'] : $forum_rows[0]['forum_name']; $prune_data = $user->lang['Prune_topics_not_posted'] . " "; $prune_data .= '<input type="text" name="prunedays" size="4"> ' . $user->lang['Days']; diff --git a/phpBB/admin/admin_prune_users.php b/phpBB/admin/admin_prune_users.php index 7bd0e59160..8d2b57b418 100644 --- a/phpBB/admin/admin_prune_users.php +++ b/phpBB/admin/admin_prune_users.php @@ -19,61 +19,45 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_get('a_userdel')) { return; } - $filename = basename(__FILE__); - $module['Users']['Prune_users'] = $filename . $SID; + $module['Users']['Prune_users'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->acl_get('a_user') ) +if (!$auth->acl_get('a_userdel')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -// // Set mode -// -if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) -{ - $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = ''; -} +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; -// -// -// -if ( isset($_POST['prune']) ) +// Do prune +if (isset($_POST['prune'])) { - if ( empty($_POST['confirm']) ) + if (empty($_POST['confirm'])) { $values = array('prune', 'deactivate', 'delete', 'users', 'username', 'email', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'deleteposts'); $l_message = '<form method="post" action="admin_prune_users.' . $phpEx . $SID . '">' . $user->lang['Confirm_prune_users'] . '<br /><br /><input class="liteoption" type="submit" name="confirm" value="' . $user->lang['Yes'] . '" /> <input class="liteoption" type="submit" name="cancel" value="' . $user->lang['No'] . '" />'; - foreach ( $values as $field ) + foreach ($values as $field) { - $l_message .= ( !empty($_POST[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : ''; + $l_message .= (!empty($_POST[$field])) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : ''; } $l_message .= '</form>'; @@ -92,40 +76,40 @@ if ( isset($_POST['prune']) ) page_footer(); } - else if ( isset($_POST['confirm']) ) + else if (isset($_POST['confirm'])) { - if ( !empty($_POST['users']) ) + if (!empty($_POST['users'])) { $users = explode("\n", urldecode($_POST['users'])); $where_sql = ''; - foreach ( $users as $username ) + foreach ($users as $username) { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . '\'' . trim($username) . '\''; + $where_sql .= (($where_sql != '') ? ', ' : '') . '\'' . trim($username) . '\''; } $where_sql = " AND username IN ($where_sql)"; } else { - $username = ( !empty($_POST['username']) ) ? urldecode($_POST['username']) : ''; - $email = ( !empty($_POST['email']) ) ? urldecode($_POST['email']) : ''; + $username = (!empty($_POST['username'])) ? urldecode($_POST['username']) : ''; + $email = (!empty($_POST['email'])) ? urldecode($_POST['email']) : ''; - $joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : 'lt'; - $active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] :'lt'; - $count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : 'eq'; - $joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : array(); - $active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) :array(); - $count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ''; + $joined_select = (!empty($_POST['joined_select'])) ? $_POST['joined_select'] : 'lt'; + $active_select = (!empty($_POST['active_select'])) ? $_POST['active_select'] :'lt'; + $count_select = (!empty($_POST['count_select'])) ? $_POST['count_select'] : 'eq'; + $joined = (!empty($_POST['joined'])) ? explode('-', $_POST['joined']) : array(); + $active = (!empty($_POST['active'])) ? explode('-', $_POST['active']) :array(); + $count = (!empty($_POST['count'])) ? intval($_POST['count']) : ''; $key_match = array('lt' => '<', 'gt' => '>', 'eq' => '='); $sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit'); $where_sql = ''; - $where_sql .= ( $username ) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : ''; - $where_sql .= ( $email ) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : ''; - $where_sql .= ( $joined ) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : ''; - $where_sql .= ( $count ) ? " AND user_posts " . $key_match[$count_select] . " $count " : ''; - $where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; + $where_sql .= ($username) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : ''; + $where_sql .= ($email) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : ''; + $where_sql .= ($joined) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : ''; + $where_sql .= ($count) ? " AND user_posts " . $key_match[$count_select] . " $count " : ''; + $where_sql .= ($active) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; } $sql = "SELECT username, user_id FROM " . USERS_TABLE . " @@ -136,26 +120,26 @@ if ( isset($_POST['prune']) ) $where_sql = ''; $user_ids = array(); $usernames = array(); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $row['user_id']; + $where_sql .= (($where_sql != '') ? ', ' : '') . $row['user_id']; $user_ids[] = $row['user_id']; $usernames[] = $row['username']; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); $where_sql = " AND user_id IN ($where_sql)"; } $db->sql_freeresult($result); - if ( $where_sql != '' ) + if ($where_sql != '') { $sql = ''; - if ( !empty($_POST['delete']) ) + if (!empty($_POST['delete'])) { - if ( !empty($_POST['deleteposts']) ) + if (!empty($_POST['deleteposts'])) { $l_admin_log = 'log_prune_user_del_del'; @@ -178,7 +162,7 @@ if ( isset($_POST['prune']) ) $sql = "DELETE FROM " . USERS_TABLE; } - else if ( !empty($_POST['deactivate']) ) + else if (!empty($_POST['deactivate'])) { $l_admin_log = 'log_prune_user_deac'; @@ -203,20 +187,20 @@ if ( isset($_POST['prune']) ) // $find_count = array('lt' => $user->lang['Less_than'], 'eq' => $user->lang['Equal_to'], 'gt' => $user->lang['More_than']); $s_find_count = ''; -foreach ( $find_count as $key => $value ) +foreach ($find_count as $key => $value) { - $selected = ( $key == 'eq' ) ? ' selected="selected"' : ''; + $selected = ($key == 'eq') ? ' selected="selected"' : ''; $s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; } $find_time = array('lt' => $user->lang['Before'], 'gt' => $user->lang['After']); $s_find_join_time = ''; -foreach ( $find_time as $key => $value ) +foreach ($find_time as $key => $value) { $s_find_join_time .= '<option value="' . $key . '">' . $value . '</option>'; } $s_find_active_time = ''; -foreach ( $find_time as $key => $value ) +foreach ($find_time as $key => $value) { $s_find_active_time .= '<option value="' . $key . '">' . $value . '</option>'; } @@ -237,7 +221,7 @@ page_header($user->lang['Prune_users']); <th colspan="2"><?php echo $user->lang['Prune_users']; ?></th> </tr> <tr> - <td class="row1"><?php echo $user->lang['Username']; ?>: </td> + <td class="row1"><?php echo $user->lang['USERNAME']; ?>: </td> <td class="row2"><input class="post" type="text" name="username" /></td> </tr> <tr> diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index ff3424f9f2..52c5d4e98b 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -19,52 +19,42 @@ * ***************************************************************************/ -define('IN_PHPBB', 1); - -if( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_get('a_ranks')) { return; } - $file = basename(__FILE__); - $module['Users']['Ranks'] = "$file$SID"; + $module['Users']['Ranks'] = basename(__FILE__) . $SID; return; } -// +define('IN_PHPBB', 1); // Let's set the root dir for phpBB -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// -// -// -if ( !$auth->acl_get('a_user') ) +// Do we have permission? +if (!$auth->acl_get('a_ranks')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -// -// -// -if ( isset($_GET['mode']) || isset($_POST['mode']) ) +// Check mode +if (isset($_REQUEST['mode'])) { - $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; + $mode = $_REQUEST['mode']; } else { - // // These could be entered via a form button - // - if ( isset($_POST['add']) ) + if (isset($_POST['add'])) { $mode = 'add'; } - else if ( isset($_POST['save']) ) + else if (isset($_POST['save'])) { $mode = 'save'; } @@ -74,23 +64,21 @@ else } } -// -// -// -if ( $mode != '' ) +// Process mode +if ($mode != '') { - if ( $mode == 'edit' || $mode == 'add' ) + if ($mode == 'edit' || $mode == 'add') { // // They want to add a new rank, show the form. // - $rank_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; + $rank_id = (isset($_GET['id'])) ? intval($_GET['id']) : 0; $s_hidden_fields = '<input type="hidden" name="mode" value="save" />'; - if ( $mode == 'edit' ) + if ($mode == 'edit') { - if ( empty($rank_id) ) + if (empty($rank_id)) { message_die(MESSAGE, $user->lang['Must_select_rank']); } @@ -126,15 +114,15 @@ if ( $mode != '' ) </tr> <tr> <td class="row1" width="40%"><?php echo $user->lang['Rank_special']; ?>: </td> - <td class="row2"><input type="radio" name="special_rank" value="1"<?php echo ( $rank_info['rank_special'] ) ? ' checked="checked"' : ''; ?> /><?php echo $user->lang['Yes']; ?> <input type="radio" name="special_rank" value="0"<?php echo ( !$rank_info['rank_special'] ) ? ' checked="checked"' : ''; ?> /> <?php echo $user->lang['No']; ?></td> + <td class="row2"><input type="radio" name="special_rank" value="1"<?php echo ($rank_info['rank_special']) ? ' checked="checked"' : ''; ?> /><?php echo $user->lang['Yes']; ?> <input type="radio" name="special_rank" value="0"<?php echo (!$rank_info['rank_special']) ? ' checked="checked"' : ''; ?> /> <?php echo $user->lang['No']; ?></td> </tr> <tr> <td class="row1" width="40%"><?php echo $user->lang['Rank_minimum']; ?>: </td> - <td class="row2"><input type="text" name="min_posts" size="5" maxlength="10" value="<?php echo ( $rank_info['rank_special'] ) ? '' : $rank_info['rank_min']; ?>" /></td> + <td class="row2"><input type="text" name="min_posts" size="5" maxlength="10" value="<?php echo ($rank_info['rank_special']) ? '' : $rank_info['rank_min']; ?>" /></td> </tr> <tr> <td class="row1" width="40%"><?php echo $user->lang['Rank_image']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Rank_image_explain']; ?></span></td> - <td class="row2"><input type="text" name="rank_image" size="40" maxlength="255" value="<?php echo ( $rank_info['rank_image'] != '' ) ? $rank_info['rank_image'] : ''; ?>" /><br /><?php echo ( $rank_info['rank_image'] != '' ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : ''; ?></td> + <td class="row2"><input type="text" name="rank_image" size="40" maxlength="255" value="<?php echo ($rank_info['rank_image'] != '') ? $rank_info['rank_image'] : ''; ?>" /><br /><?php echo ($rank_info['rank_image'] != '') ? '<img src="../' . $rank_info['rank_image'] . '" />' : ''; ?></td> </tr> <tr> <td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td> @@ -146,24 +134,24 @@ if ( $mode != '' ) page_footer(); } - else if ( $mode == 'save' ) + else if ($mode == 'save') { // // Ok, they sent us our info, let's update it. // - $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; - $rank_title = ( isset($_POST['title']) ) ? trim($_POST['title']) : ''; - $special_rank = ( $_POST['special_rank'] == 1 ) ? TRUE : 0; - $min_posts = ( isset($_POST['min_posts']) ) ? intval($_POST['min_posts']) : -1; - $rank_image = ( (isset($_POST['rank_image'])) ) ? trim($_POST['rank_image']) : ''; + $rank_id = (isset($_POST['id'])) ? intval($_POST['id']) : 0; + $rank_title = (isset($_POST['title'])) ? trim($_POST['title']) : ''; + $special_rank = ($_POST['special_rank'] == 1) ? TRUE : 0; + $min_posts = (isset($_POST['min_posts'])) ? intval($_POST['min_posts']) : -1; + $rank_image = ((isset($_POST['rank_image']))) ? trim($_POST['rank_image']) : ''; - if ( $rank_title == '' ) + if ($rank_title == '') { message_die(MESSAGE, $user->lang['Must_select_rank']); } - if ( $special_rank == 1 ) + if ($special_rank == 1) { $min_posts = -1; } @@ -171,15 +159,15 @@ if ( $mode != '' ) // // The rank image has to be a jpg, gif or png // - if ( $rank_image != '' ) + if ($rank_image != '') { - if ( !preg_match('/(\.gif|\.png|\.jpg|\.jpeg)$/is', $rank_image)) + if (!preg_match('/(\.gif|\.png|\.jpg|\.jpeg)$/is', $rank_image)) { $rank_image = ''; } } - if ( $rank_id ) + if ($rank_id) { $sql = "UPDATE " . RANKS_TABLE . " SET rank_title = '" . str_replace("\'", "''", $rank_title) . "', rank_special = $special_rank, rank_min = $min_posts, rank_image = '" . str_replace("\'", "''", $rank_image) . "' @@ -202,22 +190,22 @@ if ( $mode != '' ) message_die(MESSAGE, $message); } - else if ( $mode == 'delete' ) + else if ($mode == 'delete') { // // Ok, they want to delete their rank // - if ( isset($_POST['id']) || isset($_GET['id']) ) + if (isset($_POST['id']) || isset($_GET['id'])) { - $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); + $rank_id = (isset($_POST['id'])) ? intval($_POST['id']) : intval($_GET['id']); } else { $rank_id = 0; } - if ( $rank_id ) + if ($rank_id) { $sql = "DELETE FROM " . RANKS_TABLE . " WHERE rank_id = $rank_id"; @@ -265,23 +253,23 @@ $sql = "SELECT * FROM " . RANKS_TABLE . " ORDER BY rank_min ASC, rank_special ASC"; $result = $db->sql_query($sql); -if ( $row = $db->sql_fetchrow($result) ) +if ($row = $db->sql_fetchrow($result)) { do { - $row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2'; + $row_class = ($row_class != 'row1') ? 'row1' : 'row2'; ?> <tr> <td class="<?php echo $row_class; ?>" align="center"><?php echo $row['rank_title']; ?></td> - <td class="<?php echo $row_class; ?>" align="center"><?php echo ( $row['rank_special'] ) ? '-' : $row['rank_min']; ?></td> - <td class="<?php echo $row_class; ?>" align="center"><?php echo ( $row['rank_special'] ) ? $user->lang['Yes'] : $user->lang['No']; ?></td> + <td class="<?php echo $row_class; ?>" align="center"><?php echo ($row['rank_special']) ? '-' : $row['rank_min']; ?></td> + <td class="<?php echo $row_class; ?>" align="center"><?php echo ($row['rank_special']) ? $user->lang['Yes'] : $user->lang['No']; ?></td> <td class="<?php echo $row_class; ?>" align="center"><a href="<?php echo "admin_ranks.$phpEx$SID&mode=edit&id=" . $row['rank_id']; ?>"><?php echo $user->lang['Edit']; ?></a></td> <td class="<?php echo $row_class; ?>" align="center"><a href="<?php echo "admin_ranks.$phpEx$SID&mode=delete&id=" . $row['rank_id']; ?>"><?php echo $user->lang['Delete']; ?></a></td> </tr> <?php } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } ?> diff --git a/phpBB/admin/admin_search.php b/phpBB/admin/admin_search.php index 158e13a96e..07b150c89f 100644 --- a/phpBB/admin/admin_search.php +++ b/phpBB/admin/admin_search.php @@ -19,59 +19,50 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_search')) { return; } - $filename = basename(__FILE__); - $module['DB']['Search_indexing'] = $filename . $SID; + $module['DB']['Search_indexing'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); -// -// Do we have forum admin permissions? -// -if ( !$auth->acl_get('a_general') ) +// Check permissions +if (!$auth->acl_get('a_search')) { - message_die(MESSAGE, $user->lang['No_admin']); + trigger_error($user->lang['NO_ADMIN']); } -// // Start indexing -// -if ( isset($_POST['start']) || isset($_GET['batchstart']) ) +if (isset($_POST['start']) || isset($_GET['batchstart'])) { $batchsize = 200; // Process this many posts per batch - $batchstart = ( !isset($_GET['batchstart']) ) ? $row['min_post_id'] : $_GET['batchstart']; - $batchcount = ( !isset($_GET['batchcount']) ) ? 1 : $_GET['batchcount']; + $batchstart = (!isset($_GET['batchstart'])) ? $row['min_post_id'] : $_GET['batchstart']; + $batchcount = (!isset($_GET['batchcount'])) ? 1 : $_GET['batchcount']; $loopcount = 0; $batchend = $batchstart + $batchsize; - // // Search re-indexing is tough on the server ... so we'll check the load // each loop and if we're on a 1min load of 3 or more we'll re-load the page // and try again. No idea how well this will work in practice so we'll see ... - // - if ( file_exists('/proc/loadavg') ) + if (file_exists('/proc/loadavg')) { - if ( $load = @file('/proc/loadavg') ) + if ($load = @file('/proc/loadavg')) { list($load) = explode(' ', $load[0]); - if ( $load > 3 ) + if ($load > 3) { header("Location: admin_search.$phpEx$SID&batchstart=$batchstart&batchcount=$batch_count"); exit; @@ -79,27 +70,25 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - // // Try and load stopword and synonym files - // $stopword_array = array(); $synonym_array = array(); $dir = opendir($phpbb_root_path . 'language/'); - while ( $file = readdir($dir) ) + while ($file = readdir($dir)) { - if ( preg_match('#^lang_#', $file) && !is_file($phpbb_root_path . 'language/' . $file) && !is_link($phpbb_root_path . 'language/' . $file) ) + if (preg_match('#^lang_#', $file) && !is_file($phpbb_root_path . 'language/' . $file) && !is_link($phpbb_root_path . 'language/' . $file)) { unset($tmp_array); $tmp_array = @file($phpbb_root_path . 'language/' . $file . '/search_stopwords.txt'); - if ( is_array($tmp_array) ) + if (is_array($tmp_array)) { $stopword_array = array_unique(array_merge($stopword_array, $tmp_array)); } unset($tmp_array); $tmp_array = @file($phpbb_root_path . 'language/' . $file . '/search_synonyms.txt'); - if ( is_array($tmp_array) ) + if (is_array($tmp_array)) { $synonym_array = array_unique(array_merge($synonym_array, $tmp_array)); } @@ -108,7 +97,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) closedir($dir); - if ( !isset($_GET['batchstart']) ) + if (!isset($_GET['batchstart'])) { // // Take board offline @@ -146,7 +135,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) AND $batchend"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { @@ -158,36 +147,36 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) $word = array(); $word_insert_sql = array(); - foreach ( $search_raw_words as $word_in => $search_matches ) + foreach ($search_raw_words as $word_in => $search_matches) { $word_insert_sql[$word_in] = ''; - if ( !empty($search_matches) ) + if (!empty($search_matches)) { for ($i = 0; $i < count($search_matches); $i++) { $search_matches[$i] = trim($search_matches[$i]); - if ( $search_matches[$i] != '' ) + if ($search_matches[$i] != '') { $word[] = $search_matches[$i]; - $word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; + $word_insert_sql[$word_in] .= ($word_insert_sql[$word_in] != '') ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; } } } } - if ( count($word) ) + if (count($word)) { $word_text_sql = ''; $word = array_unique($word); for($i = 0; $i < count($word); $i++) { - $word_text_sql .= ( ( $word_text_sql != '' ) ? ', ' : '' ) . "'" . $word[$i] . "'"; + $word_text_sql .= (($word_text_sql != '') ? ', ' : '') . "'" . $word[$i] . "'"; } $check_words = array(); - switch( SQL_LAYER ) + switch(SQL_LAYER) { case 'postgresql': case 'msaccess': @@ -199,7 +188,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) WHERE word_text IN ($word_text_sql)"; $result = $db->sql_query($sql); - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { $check_words[$row['word_text']] = $row['word_id']; } @@ -211,21 +200,21 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) for ($i = 0; $i < count($word); $i++) { $new_match = true; - if ( isset($check_words[$word[$i]]) ) + if (isset($check_words[$word[$i]])) { $new_match = false; } - if ( $new_match ) + if ($new_match) { - switch( SQL_LAYER ) + switch(SQL_LAYER) { case 'mysql': case 'mysql4': - $value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\')'; + $value_sql .= (($value_sql != '') ? ', ' : '') . '(\'' . $word[$i] . '\')'; break; case 'mssql': - $value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'"; + $value_sql .= (($value_sql != '') ? ' UNION ALL ' : '') . "SELECT '" . $word[$i] . "'"; break; default: $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) @@ -236,9 +225,9 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - if ( $value_sql != '' ) + if ($value_sql != '') { - switch ( SQL_LAYER ) + switch (SQL_LAYER) { case 'mysql': case 'mysql4': @@ -255,11 +244,11 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - foreach ( $word_insert_sql as $word_in => $match_sql ) + foreach ($word_insert_sql as $word_in => $match_sql) { - $title_match = ( $word_in == 'title' ) ? 1 : 0; + $title_match = ($word_in == 'title') ? 1 : 0; - if ( $match_sql != '' ) + if ($match_sql != '') { $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) SELECT $post_id, word_id, $title_match @@ -270,22 +259,22 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) } } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); // Remove common words after the first 2 batches and after every 4th batch after that. - if ( $batchcount % 4 == 3 ) + if ($batchcount % 4 == 3) { // remove_common('global', $config['common_search']); } $batchcount++; - if ( ( $batchstart + $batchsize ) < $max_post_id ) + if (($batchstart + $batchsize) < $max_post_id) { - header("Location: admin_search.$phpEx$SID&batchstart=" . ( $batchstart + $batchsize ) . "&batchcount=$batch_count"); + header("Location: admin_search.$phpEx$SID&batchstart=" . ($batchstart + $batchsize) . "&batchcount=$batch_count"); exit; } else @@ -312,7 +301,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) ) exit; } -else if ( isset($_POST['cancel']) ) +else if (isset($_POST['cancel'])) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '0' diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 0aa6d7a9c1..b3fdb8071b 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -19,9 +19,9 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_icons')) { return; } @@ -34,42 +34,22 @@ if ( !empty($setmodules) ) } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -// // Do we have general permissions? -// -if (!$auth->acl_get('a_general')) +if (!$auth->acl_get('a_icons')) { message_die(MESSAGE, $user->lang['No_admin']); } -// // Check to see what mode we should operate in. -// -if (isset($_POST['type']) || isset($_GET['type'])) -{ - $type = (!empty($_POST['type'])) ? $_POST['type'] : $_GET['type']; -} -else -{ - $type = ''; -} - -if (isset($_POST['mode']) || isset($_GET['mode'])) -{ - $mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = ''; -} +$type = (!empty($_REQUEST['type'])) ? $_REQUEST['type'] : ''; +$mode = (!empty($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; +// What are we doing? switch ($type) { case 'emoticons': @@ -603,7 +583,7 @@ function update_smile_dimensions() </tr> <?php } - $row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2'; + $row_class = ($row_class != 'row1') ? 'row1' : 'row2'; ?> <tr> <?php diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index bbc5a29bb4..dde955e3ca 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -19,71 +19,57 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_user') ) + if (!$auth->acl_gets('a_user', 'a_useradd', 'a_userdel')) { return; } - $filename = basename(__FILE__); - $module['Users']['Manage'] = $filename . $SID; + $module['Users']['Manage'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); - // Include files $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); - -// Do we have forum admin permissions? -if ( !$auth->acl_get('a_user') ) -{ - trigger_error($user->lang['No_admin']); -} - -echo $mode; // Set mode -if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) -{ - $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; -} -else -{ - $mode = 'main'; -} +$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main'; // Begin program -if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) +if (isset($_POST['username']) || isset($_GET['u']) || isset($_POST['u'])) { - // Grab relevant userdata - if( isset( $_GET['u']) || isset( $_POST['u']) ) + if(isset($_REQUEST['u'])) { - $user_id = ( isset( $_POST['u']) ) ? intval( $_POST['u']) : intval( $_GET['u']); + $user_id = intval($_REQUEST['u']); - if( !($userdata = get_userdata($user_id)) ) + if(!($userdata = get_userdata($user_id))) { - trigger_error($user->lang['No_user_id_specified'] ); + trigger_error($user->lang['No_user_id_specified']); } } else { - if( !$userdata = get_userdata( $_POST['username'] ) ) + if(!$userdata = get_userdata($_POST['username'])) { - trigger_error($user->lang['No_user_id_specified'] ); + trigger_error($user->lang['No_user_id_specified']); } } // Update entry in DB - if( $_POST['deleteuser'] && !$userdata['user_founder'] && $auth->acl_get('a_userdel') ) + if ($_POST['deleteuser'] && !$userdata['user_founder']) { + if (!$auth->acl_get('a_userdel')) + { + trigger_error($user->lang['NO_ADMIN']); + } + $db->sql_transaction(); $sql = "UPDATE " . POSTS_TABLE . " @@ -108,6 +94,10 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) WHERE user_id = $user_id"; $db->sql_query($sql); + $sql = "DELETE FROM " . FORUMS_WATCH_TABLE . " + WHERE user_id = $user_id"; + $db->sql_query($sql); + $sql = "DELETE FROM " . ACL_USERS_TABLE . " WHERE user_id = $user_id"; $db->sql_query($sql); @@ -149,13 +139,13 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) </tr> <tr> <td class="row1">Registered from IP: </td> - <td class="row2"><?php if ( $userdata['user_ip'] ) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=main&do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&mode=ip&ban=<?php echo $userdata['user_ip']; ?>&bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td> + <td class="row2"><?php if ($userdata['user_ip']) { echo $userdata['user_ip']; ?> [ <a href="admin_users.<?php echo $phpEx . $SID; ?>&u=<?php echo $userdata['user_id']; ?>&mode=main&do=iplookup">Lookup</a> | <a href="admin_ban.<?php echo $phpEx . $SID; ?>&mode=ip&ban=<?php echo $userdata['user_ip']; ?>&bansubmit=true">Ban</a> ] <?php } else { echo 'Unknown'; } ?></td> </tr> <?php - if ( isset($_GET['do']) && $_GET['do'] == 'iplookup' ) + if (isset($_GET['do']) && $_GET['do'] == 'iplookup') { - if ( $userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip']) ) + if ($userdata['user_ip'] != '' && $domain = gethostbyaddr($userdata['user_ip'])) { ?> <tr> @@ -164,7 +154,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) <tr> <td class="row1" colspan="2"><?php - if ( $ipwhois = ipwhois($userdata['user_ip']) ) + if ($ipwhois = ipwhois($userdata['user_ip'])) { echo '<br /><pre align="left">' . trim($ipwhois) . '</pre>'; } @@ -199,7 +189,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) foreach ($acl_options['global'] as $option_name => $option_id) { - $type = substr($option_name, 0, strpos('_', $option_name) +1 ); + $type = substr($option_name, 0, strpos('_', $option_name) +1); $global[$type][$option_name] = $userauth->acl_get($option_name); } @@ -209,7 +199,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) $result = $db->sql_query($sql); $permissions = array(); - while( $row = $db->sql_fetchrow($result) ) + while($row = $db->sql_fetchrow($result)) { $forum_data[$row['forum_id']] = $row['forum_name']; @@ -245,14 +235,14 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) foreach ($auth_ary as $option => $allow) { - if ( $option != $type .'_' ) + if ($option != $type .'_') { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; - $l_can_cell = ( !empty($user->lang['acl_' . $option]) ) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option)); + $l_can_cell = (!empty($user->lang['acl_' . $option])) ? $user->lang['acl_' . $option] : ucfirst(preg_replace('#.*?_#', '', $option)); - $allow_type = ( $allow == ACL_ALLOW ) ? ' checked="checked"' : ''; - $deny_type = ( $allow == ACL_DENY ) ? ' checked="checked"' : ''; + $allow_type = ($allow == ACL_ALLOW) ? ' checked="checked"' : ''; + $deny_type = ($allow == ACL_DENY) ? ' checked="checked"' : ''; ?> <tr> <td class="<?php echo $row_class; ?>"><?php echo $l_can_cell; ?></td> @@ -280,7 +270,7 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) foreach ($auth_ary as $option => $allow) { - echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . ( ( $allow ) ? 'Allowed' : 'Denied' ) . '</td></tr>'; + echo '<tr><td>' . $user->lang['acl_' . $option] . ' => ' . (($allow) ? 'Allowed' : 'Denied') . '</td></tr>'; } ?> @@ -297,10 +287,14 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) page_footer(); } -else + +// Do we have permission? +if (!$auth->acl_get('a_user')) { + trigger_error($user->lang['No_admin']); +} - page_header($user->lang['Manage']); +page_header($user->lang['Manage']); ?> @@ -308,7 +302,7 @@ else <p><?php echo $user->lang['User_admin_explain']; ?></p> -<form method="post" name="post" action="<?php echo "admin_users.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> +<form method="post" name="post" action="admin_users.<?php echo $phpEx.$SID; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> <tr> <th align="center"><?php echo $user->lang['Select_a_User']; ?></th> </tr> @@ -319,12 +313,11 @@ else <?php -} page_footer(); -// -// +// --------- +// FUNCTIONS function ipwhois($ip) { $ipwhois = ''; @@ -336,25 +329,25 @@ function ipwhois($ip) '#whois\.registro\.br#is' => 'whois.registro.br' ); - if ( ($fsk = fsockopen('whois.arin.net', 43)) ) + if (($fsk = fsockopen('whois.arin.net', 43))) { @fputs($fsk, "$ip\n"); - while (!feof($fsk) ) + while (!feof($fsk)) { $ipwhois .= fgets($fsk, 1024); } fclose($fsk); } - foreach ( array_keys($match) as $server ) + foreach (array_keys($match) as $server) { - if ( preg_match($server, $ipwhois) ) + if (preg_match($server, $ipwhois)) { $ipwhois = ''; - if ( ($fsk = fsockopen($match[$server], 43)) ) + if (($fsk = fsockopen($match[$server], 43))) { @fputs($fsk, "$ip\n"); - while (!feof($fsk) ) + while (!feof($fsk)) { $ipwhois .= fgets($fsk, 1024); } @@ -366,7 +359,7 @@ function ipwhois($ip) return $ipwhois; } -// -// +// FUNCTIONS +// --------- ?>
\ No newline at end of file diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php index 579014b52e..d4599191af 100644 --- a/phpBB/admin/admin_words.php +++ b/phpBB/admin/admin_words.php @@ -19,51 +19,43 @@ * ***************************************************************************/ -if ( !empty($setmodules) ) +if (!empty($setmodules)) { - if ( !$auth->acl_get('a_general') ) + if (!$auth->acl_get('a_words')) { return; } - $file = basename(__FILE__); - $module['Posts']['Word_Censor'] = "$file$SID"; + $module['Posts']['Word_Censor'] = basename(__FILE__) . $SID; return; } define('IN_PHPBB', 1); -// // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +require($phpbb_root_path . 'includes/functions_admin.' . $phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->acl_get('a_general') ) +if (!$auth->acl_get('a_words')) { - return; + trigger_error($user->lang['NO_ADMIN']); } -// -// -// -if ( isset($_GET['mode']) || isset($_POST['mode']) ) +// What do we want to do? +if (isset($_REQUEST['mode'])) { - $mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; + $mode = $_REQUEST['mode']; } else { - // // These could be entered via a form button - // - if ( isset($_POST['add']) ) + if (isset($_POST['add'])) { $mode = 'add'; } - else if ( isset($_POST['save']) ) + else if (isset($_POST['save'])) { $mode = 'save'; } @@ -73,20 +65,20 @@ else } } -if( $mode != '' ) +if ($mode != '') { - switch ( $mode ) + switch ($mode) { case 'edit': case 'add': - $word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; + $word_id = (isset($_GET['id'])) ? intval($_GET['id']) : 0; $s_hidden_fields = ''; - if ( $mode == 'edit' ) + if ($mode == 'edit') { - if ( !$word_id ) + if (!$word_id) { - message_die(MESSAGE, $user->lang['No_word_selected']); + trigger_error($user->lang['No_word_selected']); } $sql = "SELECT * @@ -119,43 +111,43 @@ if( $mode != '' ) <td class="row2"><input type="text" name="replacement" value="<?php echo $word_info['replacement']; ?>" /></td> </tr> <tr> - <td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['Submit']; ?>" /></td> + <td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['SUBMIT']; ?>" /></td> </tr> </table></form> <?php + page_footer(); break; case 'save': - $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; - $word = ( isset($_POST['word']) ) ? trim($_POST['word']) : ''; - $replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : ''; + $word_id = (isset($_POST['id'])) ? intval($_POST['id']) : 0; + $word = (isset($_POST['word'])) ? trim($_POST['word']) : ''; + $replacement = (isset($_POST['replacement'])) ? trim($_POST['replacement']) : ''; - if ( $word == '' || $replacement == '' ) + if ($word == '' || $replacement == '') { - message_die(MESSAGE, $user->lang['Must_enter_word']); + trigger_error($user->lang['Must_enter_word']); } - $sql = ( $word_id ) ? "UPDATE " . WORDS_TABLE . " SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')"; + $sql = ($word_id) ? "UPDATE " . WORDS_TABLE . " SET word = '" . sql_quote($word) . "', replacement = '" . sql_quote($replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . sql_quote($word) . "', '" . sql_quote($replacement) . "')"; $db->sql_query($sql); - $log_action = ( $word_id ) ? 'log_edit_word' : 'log_add_word'; + $log_action = ($word_id) ? 'log_edit_word' : 'log_add_word'; add_admin_log($log_action, stripslashes($word)); - $message = ( $word_id ) ? $user->lang['Word_updated'] : $user->lang['Word_added']; - message_die(MESSAGE, $message); + $message = ($word_id) ? $user->lang['Word_updated'] : $user->lang['Word_added']; break; case 'delete': - if ( isset($_POST['id']) || isset($_GET['id']) ) + if (isset($_POST['id']) || isset($_GET['id'])) { - $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); + $word_id = (isset($_POST['id'])) ? intval($_POST['id']) : intval($_GET['id']); } else { - message_die(MESSAGE, $user->lang['Must_specify_word']); + trigger_error($user->lang['Must_specify_word']); } $sql = "DELETE FROM " . WORDS_TABLE . " @@ -164,10 +156,34 @@ if( $mode != '' ) add_admin_log('log_delete_word'); - message_die(MESSAGE, $user->lang['Word_removed']); + $message = $user->lang['Word_remove']; break; + } + $sql = "SELECT * + FROM " . WORDS_TABLE . " + ORDER BY word"; + $result = $db->sql_query($sql); + + $cache_str = "\$word_censors = array(\n"; + $cache_str_match = $cache_str_replace = ''; + if ($row = $db->sql_fetchrow($result)) + { + do + { + $cache_str_match .= "\t\t'" . addslashes('#\b' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . '\b#i') . "',\n"; + $cache_str_replace .= "\t\t'" . addslashes($row['replacement']) . "',\n"; + } + while ($row = $db->sql_fetchrow($result)); + + $cache_str .= "\t'match' => array(\n$cache_str_match\t),\n\t'replace' => array(\n$cache_str_replace\t)\n);"; + } + $db->sql_freeresult($result); + + config_cache_write('\$word_censors = array\(.*?\);', $cache_str); + trigger_error($message); + } else { @@ -194,11 +210,11 @@ else ORDER BY word"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { do { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> @@ -210,8 +226,9 @@ else <?php } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } + $db->sql_freeresult($result); ?> <tr> @@ -221,8 +238,8 @@ else <?php -} + page_footer(); -page_footer() +} ?>
\ No newline at end of file diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index b2fea163b4..4cfb0591e9 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -22,8 +22,8 @@ define('IN_PHPBB', 1); // Define some vars -$pane = ( isset($_GET['pane']) ) ? $_GET['pane'] : ''; -$update = ( $pane == 'right' ) ? true : false; +$pane = (isset($_GET['pane'])) ? $_GET['pane'] : ''; +$update = ($pane == 'right') ? true : false; // Include files $phpbb_root_path = '../'; @@ -31,13 +31,13 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // Do we have any admin permissions at all? -if ( !$auth->acl_get('a_') ) +if (!$auth->acl_get('a_')) { - trigger_error('No_admin'); + trigger_error($user->lang['NO_ADMIN']); } // Generate relevant output -if ( isset($_GET['pane']) && $_GET['pane'] == 'top' ) +if (isset($_GET['pane']) && $_GET['pane'] == 'top') { page_header('', '', false); @@ -55,7 +55,7 @@ if ( isset($_GET['pane']) && $_GET['pane'] == 'top' ) page_footer(false); } -else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) +else if (isset($_GET['pane']) && $_GET['pane'] == 'left') { // Cheat and use the meta tag to change some stylesheet info page_header('', '<style type="text/css">body {background-color: #98AAB1}</style>', false); @@ -64,9 +64,9 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) $dir = @opendir('.'); $setmodules = 1; - while ( $file = @readdir($dir) ) + while ($file = @readdir($dir)) { - if ( preg_match('/^admin_(.*?)\.' . $phpEx . '$/', $file) ) + if (preg_match('/^admin_(.*?)\.' . $phpEx . '$/', $file)) { include($file); } @@ -92,12 +92,12 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) </tr> <?php - if ( is_array($module) ) + if (is_array($module)) { @ksort($module); - foreach ( $module as $cat => $action_ary ) + foreach ($module as $cat => $action_ary) { - $cat = ( !empty($user->lang[$cat . '_cat']) ) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat); + $cat = (empty($user->lang[$cat . '_cat'])) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat); ?> <tr> @@ -107,17 +107,20 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) @ksort($action_ary); - foreach ( $action_ary as $action => $file ) + foreach ($action_ary as $action => $file) { - $action = ( !empty($user->lang[$action]) ) ? $user->lang[$action] : preg_replace('/_/', ' ', $action); + if (!empty($file)) + { + $action = (!empty($user->lang[$action])) ? $user->lang[$action] : preg_replace('/_/', ' ', $action); - $cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> - <td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td> + <td class="<?php echo $row_class; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td> </tr> <?php + } } } } @@ -134,24 +137,29 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' ) page_footer(false); } -elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) +elseif (isset($_GET['pane']) && $_GET['pane'] == 'right') { - if ( ( isset($_POST['activate']) || isset($_POST['delete']) ) && !empty($_POST['mark']) ) + if ((isset($_POST['activate']) || isset($_POST['delete'])) && !empty($_POST['mark'])) { - if ( is_array($_POST['mark']) ) + if (!$auth->acl_get('a_user')) + { + trigger_error($user->lang['NO_ADMIN']); + } + + if (is_array($_POST['mark'])) { $in_sql = ''; - foreach( $_POST['mark'] as $user_id ) + foreach ($_POST['mark'] as $user_id) { - $in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $user_id; + $in_sql .= (($in_sql != '') ? ', ' : '') . intval($user_id); } - if ( $in_sql != '' ) + if ($in_sql != '') { - $sql = ( isset($_POST['activate']) ) ? "UPDATE " . USERS_TABLE . " SET user_active = 1 WHERE user_id IN ($in_sql)" : "DELETE FROM " . USERS_TABLE . " WHERE user_id IN ($in_sql)"; + $sql = (isset($_POST['activate'])) ? "UPDATE " . USERS_TABLE . " SET user_active = 1 WHERE user_id IN ($in_sql)" : "DELETE FROM " . USERS_TABLE . " WHERE user_id IN ($in_sql)"; $db->sql_query($sql); - if ( isset($_POST['delete']) ) + if (isset($_POST['delete'])) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = config_value - " . sizeof($_POST['mark']) . " @@ -159,16 +167,20 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $db->sql_query($sql); } - $log_action = ( isset($_POST['activate']) ) ? 'log_index_activate' : 'log_index_delete'; + $log_action = (isset($_POST['activate'])) ? 'log_index_activate' : 'log_index_delete'; add_admin_log($log_action, sizeof($_POST['mark'])); } } } - else if ( isset($_POST['remind']) ) + else if (isset($_POST['remind'])) { + if (!$auth->acl_get('a_user')) + { + trigger_error($user->lang['NO_ADMIN']); + } } - else if ( isset($_POST['resetonline']) ) + else if (isset($_POST['resetonline'])) { } @@ -180,7 +192,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $start_date = $user->format_date($config['board_startdate']); - $boarddays = ( time() - $config['board_startdate'] ) / 86400; + $boarddays = (time() - $config['board_startdate']) / 86400; $posts_per_day = sprintf('%.2f', $total_posts / $boarddays); $topics_per_day = sprintf('%.2f', $total_topics / $boarddays); @@ -188,11 +200,11 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $avatar_dir_size = 0; - if ( $avatar_dir = @opendir($phpbb_root_path . $config['avatar_path']) ) + if ($avatar_dir = @opendir($phpbb_root_path . $config['avatar_path'])) { - while ( $file = @readdir($avatar_dir) ) + while ($file = @readdir($avatar_dir)) { - if ( $file != '.' && $file != '..' ) + if ($file != '.' && $file != '..') { $avatar_dir_size += @filesize($phpbb_root_path . $config['avatar_path'] . '/' . $file); } @@ -202,11 +214,11 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) // This bit of code translates the avatar directory size into human readable format // Borrowed the code from the PHP.net annoted manual, origanally written by: // Jesse (jesse@jess.on.ca) - if ( $avatar_dir_size >= 1048576 ) + if ($avatar_dir_size >= 1048576) { $avatar_dir_size = round($avatar_dir_size / 1048576 * 100) / 100 . ' MB'; } - else if ( $avatar_dir_size >= 1024 ) + else if ($avatar_dir_size >= 1024) { $avatar_dir_size = round($avatar_dir_size / 1024 * 100) / 100 . ' KB'; } @@ -222,17 +234,17 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $avatar_dir_size = $user->lang['Not_available']; } - if ( $posts_per_day > $total_posts ) + if ($posts_per_day > $total_posts) { $posts_per_day = $total_posts; } - if ( $topics_per_day > $total_topics ) + if ($topics_per_day > $total_topics) { $topics_per_day = $total_topics; } - if ( $users_per_day > $total_users ) + if ($users_per_day > $total_users) { $users_per_day = $total_users; } @@ -240,30 +252,30 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) // DB size ... MySQL only // This code is heavily influenced by a similar routine // in phpMyAdmin 2.2.0 - if ( preg_match('/^mysql/', SQL_LAYER) ) + if (preg_match('/^mysql/', SQL_LAYER)) { $result = $db->sql_query('SELECT VERSION() AS mysql_version'); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $version = $row['mysql_version']; - if ( preg_match('/^(3\.23|4\.)/', $version) ) + if (preg_match('/^(3\.23|4\.)/', $version)) { - $db_name = ( preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version) ) ? "`$dbname`" : $dbname; + $db_name = (preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version)) ? "`$dbname`" : $dbname; $sql = "SHOW TABLE STATUS FROM " . $db_name; $result = $db->sql_query($sql); $dbsize = 0; - while ( $row = $db->sql_fetchrow($result) ) + while ($row = $db->sql_fetchrow($result)) { - if ( $row['Type'] != 'MRG_MyISAM' ) + if ($row['Type'] != 'MRG_MyISAM') { - if ( $table_prefix != '' ) + if ($table_prefix != '') { - if ( strstr($row['Name'], $table_prefix) ) + if (strstr($row['Name'], $table_prefix)) { $dbsize += $row['Data_length'] + $row['Index_length']; } @@ -285,22 +297,22 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) $dbsize = $user->lang['Not_available']; } } - else if ( preg_match('/^mssql/', SQL_LAYER) ) + else if (preg_match('/^mssql/', SQL_LAYER)) { $sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize FROM sysfiles"; $result = $db->sql_query($sql); - $dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $user->lang['Not_available']; + $dbsize = ($row = $db->sql_fetchrow($result)) ? intval($row['dbsize']) : $user->lang['Not_available']; } else { $dbsize = $user->lang['Not_available']; } - if ( is_int($dbsize) ) + if (is_int($dbsize)) { - $dbsize = ( $dbsize >= 1048576 ) ? sprintf('%.2f MB', ( $dbsize / 1048576 )) : ( ( $dbsize >= 1024 ) ? sprintf('%.2f KB', ( $dbsize / 1024 )) : sprintf('%.2f Bytes', $dbsize) ); + $dbsize = ($dbsize >= 1048576) ? sprintf('%.2f MB', ($dbsize / 1048576)) : (($dbsize >= 1024) ? sprintf('%.2f KB', ($dbsize / 1024)) : sprintf('%.2f Bytes', $dbsize)); } page_header($user->lang['Admin_Index']); @@ -360,7 +372,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) <td class="row1" nowrap="nowrap"><?php echo $user->lang['Database_size']; ?>:</td> <td class="row2"><b><?php echo $dbsize; ?></b></td> <td class="row1" nowrap="nowrap"><?php echo $user->lang['Gzip_compression']; ?>:</td> - <td class="row2"><b><?php echo ( $config['gzip_compress'] ) ? $user->lang['ON'] : $user->lang['OFF']; ?></b></td> + <td class="row2"><b><?php echo ($config['gzip_compress']) ? $user->lang['ON'] : $user->lang['OFF']; ?></b></td> </tr> <!-- tr> <td class="row1" colspan="4"><?php echo sprintf($user->lang['Record_online_users'], $config['record_online_users'], $user->format_date($config['record_online_date'])); ?></td> @@ -384,7 +396,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) for($i = 0; $i < sizeof($log_data); $i++) { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> @@ -397,6 +409,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) } + if ($auth->acl_get('a_user')) + { + ?> </table> @@ -412,18 +427,18 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - $sql = "SELECT user_id, username, user_regdate - FROM " . USERS_TABLE . " - WHERE user_active = 0 - AND user_id <> " . ANONYMOUS . " - ORDER BY user_regdate ASC"; - $result = $db->sql_query($sql); + $sql = "SELECT user_id, username, user_regdate + FROM " . USERS_TABLE . " + WHERE user_active = 0 + AND user_id <> " . ANONYMOUS . " + ORDER BY user_regdate ASC"; + $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) - { - do + if ($row = $db->sql_fetchrow($result)) { - $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; + do + { + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?> <tr> @@ -433,8 +448,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - } - while ( $row = $db->sql_fetchrow($result) ); + } + while ($row = $db->sql_fetchrow($result)); ?> <tr> @@ -442,9 +457,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - } - else - { + } + else + { ?> <tr> @@ -452,7 +467,7 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) </tr> <?php - } + } ?> </table> @@ -465,6 +480,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' ) <?php + } + page_footer(); } diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 37aaa9c899..8b4e2aa535 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -19,7 +19,7 @@ * ***************************************************************************/ -if ( !defined('IN_PHPBB') ) +if (!defined('IN_PHPBB')) { die('Hacking attempt'); } @@ -53,9 +53,9 @@ function page_header($sub_title, $meta = '', $table_html = true) define('HEADER_INC', true); // gzip_compression - if ( $config['gzip_compress'] ) + if ($config['gzip_compress']) { - if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() ) + if (extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent()) { ob_start('ob_gzhandler'); } @@ -87,7 +87,7 @@ td.cat { background-image: url('images/cellpic1.gif') } <?php - if ( $table_html ) + if ($table_html) { ?> @@ -122,7 +122,7 @@ function page_footer($copyright_html = true) </table> <?php - if ( $copyright_html ) + if ($copyright_html) { ?> @@ -144,7 +144,7 @@ function page_message($title, $message, $show_header = false) { global $phpEx, $SID, $user; - if ( $show_header ) + if ($show_header) { ?> @@ -186,7 +186,7 @@ function add_admin_log() $arguments = func_get_args(); $action = array_shift($arguments); - $data = ( !sizeof($arguments) ) ? '' : addslashes(serialize($arguments)); + $data = (!sizeof($arguments)) ? '' : addslashes(serialize($arguments)); $sql = "INSERT INTO " . LOG_ADMIN_TABLE . " (user_id, log_ip, log_time, log_operation, log_data) VALUES (" . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')"; @@ -199,9 +199,9 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id { global $db, $user, $phpEx, $SID; - $table_sql = ( $mode == 'admin' ) ? LOG_ADMIN_TABLE : LOG_MOD_TABLE; - $forum_sql = ( $mode == 'mod' && $forum_id ) ? "AND l.forum_id = $forum_id" : ''; - $limit_sql = ( $limit ) ? ( ( $offset ) ? "LIMIT $offset, $limit" : "LIMIT $limit" ) : ''; + $table_sql = ($mode == 'admin') ? LOG_ADMIN_TABLE : LOG_MOD_TABLE; + $forum_sql = ($mode == 'mod' && $forum_id) ? "AND l.forum_id = $forum_id" : ''; + $limit_sql = ($limit) ? (($offset) ? "LIMIT $offset, $limit" : "LIMIT $limit") : ''; $sql = "SELECT l.log_id, l.user_id, l.log_ip, l.log_time, l.log_operation, l.log_data, u.username FROM $table_sql l, " . USERS_TABLE . " u @@ -213,7 +213,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $result = $db->sql_query($sql); $log = array(); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $i = 0; do @@ -223,13 +223,13 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $log[$i]['ip'] = $row['log_ip']; $log[$i]['time'] = $row['log_time']; - $log[$i]['action'] = ( !empty($user->lang[$row['log_operation']]) ) ? $user->lang[$row['log_operation']] : ucfirst(str_replace('_', ' ', $row['log_operation'])); + $log[$i]['action'] = (!empty($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : ucfirst(str_replace('_', ' ', $row['log_operation'])); - if ( !empty($row['log_data']) ) + if (!empty($row['log_data'])) { $log_data_ary = unserialize(stripslashes($row['log_data'])); - foreach ( $log_data_ary as $log_data ) + foreach ($log_data_ary as $log_data) { $log[$i]['action'] = preg_replace('#%s#', $log_data, $log[$i]['action'], 1); } @@ -237,7 +237,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $i++; } - while ( $row = $db->sql_fetchrow($result) ); + while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); diff --git a/phpBB/install/schemas/mysql_basic.sql b/phpBB/install/schemas/mysql_basic.sql index 8ed7667703..0fcfc2ee99 100644 --- a/phpBB/install/schemas/mysql_basic.sql +++ b/phpBB/install/schemas/mysql_basic.sql @@ -128,10 +128,23 @@ INSERT INTO phpbb_auth_options (auth_value, is_local, is_global) VALUES ('m_unra INSERT INTO phpbb_auth_options (auth_value, is_local, is_global) VALUES ('m_auth', 1, 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_', 1); -INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_general', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_server', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_defaults', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_board', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_cookies', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_clearlogs', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_words', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_icons', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_bbcode', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_attach', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_events', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_email', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_styles', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_user', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_useradd', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_userdel', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ranks', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ban', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_names', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_group', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_groupadd', 1); @@ -139,17 +152,13 @@ INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_groupdel', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forum', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forumadd', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forumdel', 1); -INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_posts', 1); -INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ban', 1); +INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_prune', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_auth', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_authmods', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_authadmins', 1); -INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_email', 1); -INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_styles', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_backup', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_restore', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_search', 1); -INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_clearlogs', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('u_', 1); INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('u_email', 1); @@ -186,11 +195,11 @@ INSERT INTO phpbb_ranks (rank_id, rank_title, rank_min, rank_special, rank_image # -- Groups -INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (1, 'GUESTS', 0); -INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (2, 'REGISTERED_INACTIVE', 0); -INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (3, 'REGISTERED', 0); -INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (4, 'SUPER_MODERATORS', 0); -INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINISTRATORS', 0); +INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (1, 'GUESTS', 3); +INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (2, 'INACTIVE', 3); +INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (3, 'REGISTERED', 3); +INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (4, 'SUPER_MODERATORS', 3); +INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINISTRATORS', 3); # -- User -> Group diff --git a/phpBB/language/en/lang_admin.php b/phpBB/language/en/lang_admin.php index aab587d319..c56a09d0f3 100644 --- a/phpBB/language/en/lang_admin.php +++ b/phpBB/language/en/lang_admin.php @@ -21,7 +21,7 @@ $lang = array_merge($lang, array( 'Admin_title' => 'Administration Panel', - 'No_admin' => 'You are not authorised to administer this board', + 'NO_ADMIN' => 'You are not authorised to administer this board', 'No_frames' => 'Sorry, your browser does not support frames', 'Return_to' => 'Return to ...', 'DB_cat' => 'Database Admin', @@ -39,7 +39,7 @@ $lang = array_merge($lang, array( 'Email_settings' => 'Email Settings', 'Server_settings' => 'Server Settings', 'Auth_settings' => 'Authentication', - 'Permissions' => 'Permissions', + 'PERMISSIONS' => 'Permissions', 'Manage' => 'Manage', 'Disallow' => 'Disallow names', 'Prune' => 'Pruning', @@ -57,7 +57,7 @@ $lang = array_merge($lang, array( 'DB_Backup' => 'DB Backup', 'DB_Restore' => 'DB Restore', 'Basic_Config' => 'Basic Configuration', - 'Administrators' => 'Administrators', + 'ADMINISTRATORS' => 'Administrators', 'Admin_logs' => 'Admin Log', 'Mod_logs' => 'Moderator Log', 'Users' => 'Users', @@ -97,6 +97,7 @@ $lang = array_merge($lang, array( 'log_prune_user_deac' => '<b>Users Deactivated</b> => %s', 'log_prune_user_del_del' => '<b>Users Pruned and Posts Deleted</b> => %s', 'log_prune_user_del_anon' => '<b>Users Pruned and Posts Retained</b> => %s', + 'Admin_logs_explain' => 'This lists all the actions carried out by board administrators. You can sort by username, date, IP or action. If you have appropriate permissions you can also clear individual operations or the log as a whole.', 'Mod_logs_explain' => 'This lists the actions carried out by board moderators, select a forum from the drop down list. You can sort by username, date, IP or action. If you have appropriate permissions you can also clear individual operations or the log as a whole.', 'Display_log' => 'Display entries from previous', @@ -168,13 +169,13 @@ $lang = array_merge($lang, array( 'Restore_Error_filename' => 'The file you uploaded had an unsupported extension.', 'Compress_unsupported' => 'The version of PHP installed on this server does not support the type of compression used for your backup. Please use a compression method listed on the previous page.', 'Restore_Error_no_file' => 'No file was uploaded', - 'ACL_explain' => 'Permissions are based on an ALLOW / INHERIT / DENY system with all options being denied by default. The precedent is DENY > ALLOW > INHERIT for any combination of user or group settings. The INHERIT setting causes permissions granted elsewhere for the option being used in place of a specific ALLOW / DENY setting here.', - 'Permissions_explain' => 'Here you can alter which users and groups can access which forums. To assign moderators or define administrators please use the appropriate page (see left hand side menu).', - 'Moderators' => 'Moderators', - 'Moderators_explain' => 'Here you can assign users and groups as forum moderators. To assign users access to forums, to define super moderators or administrators please use the appropriate page (see left hand side menu).', - 'Super_Moderators' => 'Super Moderators', - 'Super_Moderators_explain' => 'Here you can assign users and groups as super moderators. Super Moderators are like ordinary moderators accept they have access to every forum on your board. To assign users access to forums or define administrators please use the appropriate page (see left hand side menu).', - 'Administrators_explain' => 'Here you can assign administrator rights to users or groups. All users with admin permissions can view the administration panel.', + 'ACL_EXPLAIN' => 'Permissions are based on an ALLOW / INHERIT / DENY system with all options being denied by default. The precedent is DENY > ALLOW > INHERIT for any combination of user or group settings. The INHERIT setting causes permissions granted elsewhere for the option being used in place of a specific ALLOW / DENY setting here.', + 'PERMISSIONS_EXPLAIN' => 'Here you can alter which users and groups can access which forums. To assign moderators or define administrators please use the appropriate page (see left hand side menu).', + 'MODERATORS' => 'Moderators', + 'MODERATORS_EXPLAIN' => 'Here you can assign users and groups as forum moderators. To assign users access to forums, to define super moderators or administrators please use the appropriate page (see left hand side menu).', + 'SUPER_MODERATORS' => 'Super Moderators', + 'SUPER_MODERATORS_EXPLAIN' => 'Here you can assign users and groups as super moderators. Super Moderators are like ordinary moderators accept they have access to every forum on your board. To assign users access to forums or define administrators please use the appropriate page (see left hand side menu).', + 'ADMINISTRATORS_EXPLAIN' => 'Here you can assign administrator rights to users or groups. All users with admin permissions can view the administration panel.', 'Manage_users' => 'Manage Users', 'Add_users' => 'Add Users', 'Manage_groups' => 'Manage Groups', @@ -201,26 +202,49 @@ $lang = array_merge($lang, array( 'All_Inherit' => 'All Inherit', 'Inheritance' => 'Inheritance', 'Inheritance_explain' => 'Select the subforums you want to inherit these permissions', - 'acl_a_general' => 'General Settings', - 'acl_a_user' => 'Users', - 'acl_a_group' => 'Groups', - 'acl_a_forum' => 'Forums', - 'acl_a_post' => 'Posts', - 'acl_a_ban' => 'Banning', - 'acl_a_auth' => 'Permissions', - 'acl_a_email' => 'Email', - 'acl_a_styles' => 'Styles', - 'acl_a_backup' => 'Backups', - 'acl_a_clearlogs' => 'Clear Admin Log', - 'acl_m__edit' => 'Edit posts', - 'acl_m__delete' => 'Delete posts', - 'acl_m__move' => 'Move posts', - 'acl_m__lock' => 'Lock topics', - 'acl_m__split' => 'Split topics', - 'acl_m__merge' => 'Merge topics', - 'acl_m__approve' => 'Approve posts', - 'acl_m__unrate' => 'Un-rate topics', - 'acl_m__auth' => 'Set permissions', + + 'acl_a_server' => 'Alter Server/Email Settings', + 'acl_a_defaults' => 'Alter Board Defaults', + 'acl_a_board' => 'Alter Board Settings', + 'acl_a_cookies' => 'Alter Cookie Settings', + 'acl_a_names' => 'Alter Disallowed Names', + 'acl_a_words' => 'Alter Word Censors', + 'acl_a_icons' => 'Alter Topic Icons/Emoticons', + 'acl_a_search' => 'Re-index Search Tables', + 'acl_a_prune' => 'Prune Forums', + 'acl_a_bbcode' => 'Define BBCode Tags', + 'acl_a_attach' => 'Manage Attachments', + 'acl_a_events' => 'Manage User/Group Events', + 'acl_a_ranks' => 'Manage User Ranks', + 'acl_a_user' => 'Manage Users', + 'acl_a_userdel' => 'Delete/Prune Users', + 'acl_a_useradd' => 'Add New Users', + 'acl_a_group' => 'Manage Groups', + 'acl_a_groupdel' => 'Delete Groups', + 'acl_a_groupadd' => 'Add New Groups', + 'acl_a_forum' => 'Manage Forums', + 'acl_a_forumdel' => 'Delete Forums', + 'acl_a_forumadd' => 'Add New Forums', + 'acl_a_ban' => 'Manage Bans', + 'acl_a_auth' => 'Alter Forum Permissions', + 'acl_a_authmods' => 'Alter Moderator Permissions', + 'acl_a_authadmins' => 'Alter Admin Permissions', + 'acl_a_email' => 'Mass Email', + 'acl_a_styles' => 'Manage Styles', + 'acl_a_backup' => 'Backup Database', + 'acl_a_restore' => 'Restore Database', + 'acl_a_clearlogs' => 'Clear Admin/Mod Logs', + + 'acl_m_edit' => 'Edit posts', + 'acl_m_delete' => 'Delete posts', + 'acl_m_move' => 'Move posts', + 'acl_m_lock' => 'Lock topics', + 'acl_m_split' => 'Split topics', + 'acl_m_merge' => 'Merge topics', + 'acl_m_approve' => 'Approve posts', + 'acl_m_unrate' => 'Un-rate topics', + 'acl_m_auth' => 'Set permissions', + 'acl_f_list' => 'See forum', 'acl_f_read' => 'Read forum', 'acl_f_post' => 'Post in forum', @@ -245,6 +269,7 @@ $lang = array_merge($lang, array( 'acl_f_print' => 'Print topics', 'acl_f_ignoreflood' => 'Ignore flood limit', 'acl_f_ignorequeue' => 'Ignore mod queue', + 'Auth_updated' => 'Permissions have been updated', 'Prune_users' => 'Prune Users', 'Prune_users_explain' => 'Here you can delete (or deactivate) users from you board. This can be done in a variety of ways; by post count, last activity, etc. Each of these criteria can be combined, i.e. you can prune users last active before 2002-01-01 with fewer than 10 posts. Alternatively you can enter a list of users directly into the text box, any criteria entered will be ignored. Take care with this facility! Once a user is deleted there is no way back.', |