aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/adm/style/acp_users.html2
-rw-r--r--phpBB/includes/acm/acm_main.php2
-rw-r--r--phpBB/includes/acp/acp_email.php12
-rw-r--r--phpBB/includes/acp/acp_main.php2
-rw-r--r--phpBB/includes/acp/acp_users.php11
-rw-r--r--phpBB/includes/functions_posting.php49
-rw-r--r--phpBB/includes/functions_privmsgs.php6
-rw-r--r--phpBB/includes/functions_upload.php2
-rw-r--r--phpBB/includes/functions_user.php35
-rwxr-xr-xphpBB/includes/mcp/mcp_notes.php2
-rw-r--r--phpBB/includes/mcp/mcp_queue.php22
-rwxr-xr-xphpBB/includes/mcp/mcp_reports.php8
-rw-r--r--phpBB/includes/ucp/ucp_activate.php2
-rw-r--r--phpBB/includes/ucp/ucp_groups.php4
-rw-r--r--phpBB/includes/ucp/ucp_main.php1
-rw-r--r--phpBB/includes/ucp/ucp_pm_compose.php5
-rw-r--r--phpBB/includes/ucp/ucp_profile.php4
-rw-r--r--phpBB/includes/ucp/ucp_register.php6
-rw-r--r--phpBB/includes/ucp/ucp_remind.php4
-rw-r--r--phpBB/includes/ucp/ucp_resend.php4
-rwxr-xr-xphpBB/install/install_install.php4
-rw-r--r--phpBB/language/en/common.php2
-rw-r--r--phpBB/language/en/mcp.php3
-rw-r--r--phpBB/language/en/posting.php2
-rw-r--r--phpBB/memberlist.php16
-rw-r--r--phpBB/styles/subSilver/template/ucp_footer.html2
-rw-r--r--phpBB/styles/subSilver/template/ucp_header.html2
-rw-r--r--phpBB/styles/subSilver/template/ucp_main_drafts.html8
28 files changed, 117 insertions, 105 deletions
diff --git a/phpBB/adm/style/acp_users.html b/phpBB/adm/style/acp_users.html
index a672db3c4c..a787d9283f 100644
--- a/phpBB/adm/style/acp_users.html
+++ b/phpBB/adm/style/acp_users.html
@@ -453,6 +453,7 @@
<dd><input name="uploadurl" type="text" id="uploadurl" value="" /></dd>
</dl>
<!-- ENDIF -->
+ <!-- IF S_ALLOW_REMOTE -->
<dl>
<dt><label for="remotelink">{L_LINK_REMOTE_AVATAR}:</label><br /><span>{L_LINK_REMOTE_AVATAR_EXPLAIN}</span></dt>
<dd><input name="remotelink" type="text" id="remotelink" value="" /></dd>
@@ -461,6 +462,7 @@
<dt><label for="width">{L_LINK_REMOTE_SIZE}:</label><br /><span>{L_LINK_REMOTE_SIZE_EXPLAIN}</span></dt>
<dd><input name="width" type="text" id="width" size="3" value="{USER_AVATAR_WIDTH}" /> <span>px X </span> <input type="text" name="height" size="3" value="{USER_AVATAR_HEIGHT}" /> <span>px</span></dd>
</dl>
+ <!-- ENDIF -->
<!-- IF S_DISPLAY_GALLERY -->
<dl>
<dt><label>{L_AVATAR_GALLERY}:</label></dt>
diff --git a/phpBB/includes/acm/acm_main.php b/phpBB/includes/acm/acm_main.php
index a2d8bca4a3..9c0ffc127f 100644
--- a/phpBB/includes/acm/acm_main.php
+++ b/phpBB/includes/acm/acm_main.php
@@ -187,7 +187,7 @@ class cache extends acm
AND g.allow_group = 1';
$result = $db->sql_query($sql);
- $extensions = array();
+ $extensions = array('_allowed_' => array());
while ($row = $db->sql_fetchrow($result))
{
$extension = strtolower(trim($row['extension']));
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index 4d254bb084..e5e10223f7 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -36,8 +36,8 @@ class acp_email
{
// Error checking needs to go here ... if no subject and/or no message then skip
// over the send and return to the form
- $subject = html_entity_decode(request_var('subject', '', true));
- $message = html_entity_decode(request_var('message', '', true));
+ $subject = request_var('subject', '', true);
+ $message = request_var('message', '', true);
$use_queue = (isset($_POST['send_immediatly'])) ? false : true;
$priority = request_var('mail_priority_flag', MAIL_NORMAL_PRIORITY);
@@ -150,14 +150,14 @@ class acp_email
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
- $messenger->subject($subject);
+ $messenger->subject(html_entity_decode($subject));
$messenger->replyto($config['board_email']);
$messenger->set_mail_priority($priority);
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'CONTACT_EMAIL' => $config['board_contact'],
- 'MESSAGE' => $message)
+ 'MESSAGE' => html_entity_decode($message))
);
if (!($messenger->send($used_method)))
@@ -216,8 +216,8 @@ class acp_email
'S_GROUP_OPTIONS' => $select_list,
'USERNAMES' => $usernames,
'U_FIND_USERNAME' => $phpbb_root_path . "memberlist.$phpEx$SID&amp;mode=searchuser&amp;form=acp_email&amp;field=usernames",
- 'SUBJECT' => request_var('subject', '', true),
- 'MESSAGE' => request_var('message', '', true),
+ 'SUBJECT' => $subject,
+ 'MESSAGE' => $message,
'S_PRIORITY_OPTIONS' => $s_priority_options)
);
diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php
index acc1c50112..af48ea700c 100644
--- a/phpBB/includes/acp/acp_main.php
+++ b/phpBB/includes/acp/acp_main.php
@@ -127,7 +127,7 @@ class acp_main
$messenger->assign_vars(array(
'EMAIL_SIG' => $sig,
- 'USERNAME' => $row['username'],
+ 'USERNAME' => html_entity_decode($row['username']),
'SITENAME' => $config['sitename'],
'REGISTER_DATE' => $user->format_date($row['user_regdate']),
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 66fdf40701..1a079b8e0d 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -263,7 +263,7 @@ class acp_users
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']),
- 'USERNAME' => $user_row['username'],
+ 'USERNAME' => html_entity_decode($user_row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
@@ -1277,7 +1277,7 @@ class acp_users
{
$data['user_id'] = $user_id;
- if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload)
+ if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload && $config['allow_avatar_upload'])
{
list($type, $filename, $width, $height) = avatar_upload($data, $error);
}
@@ -1347,6 +1347,8 @@ class acp_users
// Generate users avatar
if ($user_row['user_avatar'])
{
+ $avatar_img = '';
+
switch ($user_row['user_avatar_type'])
{
case AVATAR_UPLOAD:
@@ -1357,8 +1359,8 @@ class acp_users
$avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/';
break;
}
- $avatar_img .= $user_row['user_avatar'];
+ $avatar_img .= $user_row['user_avatar'];
$avatar_img = '<img src="' . $avatar_img . '" width="' . $user_row['user_avatar_width'] . '" height="' . $user_row['user_avatar_height'] . '" alt="" />';
}
else
@@ -1375,7 +1377,8 @@ class acp_users
$template->assign_vars(array(
'S_AVATAR' => true,
- 'S_CAN_UPLOAD' => $can_upload,
+ 'S_CAN_UPLOAD' => ($can_upload && $config['allow_avatar_upload']) ? true : false,
+ 'S_ALLOW_REMOTE' => ($config['allow_avatar_remote']) ? true : false,
'S_DISPLAY_GALLERY' => ($config['allow_avatar_local'] && !$display_gallery) ? true : false,
'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false,
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index cc4afd0ba4..2210be1ab9 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -682,15 +682,27 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0)
global $user, $db, $template, $auth;
global $phpbb_root_path, $phpEx, $SID;
- $topic_ids = $draft_rows = array();
+ $topic_ids = $forum_ids = $draft_rows = array();
// Load those drafts not connected to forums/topics
// If forum_id == 0 AND topic_id == 0 then this is a PM draft
- $sql = 'SELECT *
- FROM ' . DRAFTS_TABLE . '
- WHERE user_id = ' . $user->data['user_id'] . '
- AND (forum_id = 0 OR topic_id = 0)
- ORDER BY save_time DESC';
+ if (!$topic_id && !$forum_id)
+ {
+ $sql_and = 'AND d.forum_id = 0 AND d.topic_id = 0';
+ }
+ else
+ {
+ $sql_and = '';
+ $sql_and .= ($forum_id) ? 'AND d.forum_id = ' . $forum_id : '';
+ $sql_and .= ($topic_id) ? 'AND d.topic_id = ' . $topic_id : '';
+ }
+
+ $sql = 'SELECT d.*, f.forum_id, f.forum_name
+ FROM ' . DRAFTS_TABLE . ' d
+ LEFT JOIN ' . FORUMS_TABLE . ' f ON (f.forum_id = d.forum_id)
+ WHERE d.user_id = ' . $user->data['user_id'] . "
+ $sql_and
+ ORDER BY d.save_time DESC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -703,35 +715,12 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0)
}
$db->sql_freeresult($result);
- // Only those fitting into this forum now...
- if ($forum_id || $topic_id)
- {
- $sql = 'SELECT d.draft_id, d.topic_id, d.forum_id, d.draft_subject, d.save_time, f.forum_name
- FROM ' . DRAFTS_TABLE . ' d, ' . FORUMS_TABLE . ' f
- WHERE d.user_id = ' . $user->data['user_id'] . '
- AND d.forum_id = f.forum_id ' .
- (($forum_id) ? " AND d.forum_id = $forum_id" : '') . '
- ORDER BY d.save_time DESC';
- $result = $db->sql_query($sql);
-
- while ($row = $db->sql_fetchrow($result))
- {
- if ($row['topic_id'])
- {
- $topic_ids[] = (int) $row['topic_id'];
- }
- $draft_rows[] = $row;
- }
- $db->sql_freeresult($result);
- }
-
if (!sizeof($draft_rows))
{
return;
}
$topic_rows = array();
-
if (sizeof($topic_ids))
{
$sql = 'SELECT topic_id, forum_id, topic_title
@@ -746,7 +735,7 @@ function load_drafts($topic_id = 0, $forum_id = 0, $id = 0)
$db->sql_freeresult($result);
}
unset($topic_ids);
-
+
$template->assign_var('S_SHOW_DRAFTS', true);
foreach ($draft_rows as $draft)
diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php
index 717c188a02..4b5a43e2c8 100644
--- a/phpBB/includes/functions_privmsgs.php
+++ b/phpBB/includes/functions_privmsgs.php
@@ -1462,9 +1462,9 @@ function pm_notification($mode, $author, $recipients, $subject, $message)
$messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig,
'SITENAME' => $config['sitename'],
- 'SUBJECT' => $subject,
- 'AUTHOR_NAME' => $author,
- 'USERNAME' => $addr['name'],
+ 'SUBJECT' => html_entity_decode($subject),
+ 'AUTHOR_NAME' => html_entity_decode($author),
+ 'USERNAME' => html_entity_decode($addr['name']),
'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox")
);
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php
index 8b67769847..8b59cfa5c7 100644
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@@ -307,7 +307,7 @@ class filespec
if (!$this->upload->valid_dimensions($this))
{
- $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_SIZE'], $this->upload->min_width, $this->upload->min_height, $this->upload->max_width, $this->upload->max_height);
+ $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_SIZE'], $this->upload->min_width, $this->upload->min_height, $this->upload->max_width, $this->upload->max_height, $this->width, $this->height);
}
}
}
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 533f7b9ef7..0b3ace62b4 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -982,26 +982,39 @@ function avatar_remote($data, &$error)
return false;
}
- if ((!($data['width'] || $data['height']) || $data['remotelink'] != $user->data['user_avatar']) && ($config['avatar_max_width'] || $config['avatar_max_height']))
+ // Make sure getimagesize works...
+ if (($image_data = @getimagesize($data['remotelink'])) === false)
{
- list($width, $height) = @getimagesize($data['remotelink']);
+ $error[] = $user->lang['AVATAR_URL_INVALID'];
+ return false;
+ }
+
+ $width = ($data['width'] && $data['height']) ? $data['width'] : $image_data[0];
+ $height = ($data['width'] && $data['height']) ? $data['height'] : $image_data[1];
+
+ if (!$width || !$height)
+ {
+ $error[] = $user->lang['AVATAR_NO_SIZE'];
+ return false;
+ }
- if (!$width || !$height)
+ if ($config['avatar_max_width'] || $config['avatar_max_height'])
+ {
+ if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height'])
{
- $error[] = $user->lang['AVATAR_NO_SIZE'];
+ $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $width, $height);
return false;
}
- else if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height'])
+ }
+
+ if ($config['avatar_min_width'] || $config['avatar_min_height'])
+ {
+ if ($width < $config['avatar_min_width'] || $height < $config['avatar_min_height'])
{
- $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
+ $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $width, $height);
return false;
}
}
- else if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height'])
- {
- $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
- return false;
- }
return array(AVATAR_REMOTE, $data['remotelink'], $width, $height);
}
diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php
index 44265d2475..4544f3cfd3 100755
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@@ -116,7 +116,7 @@ function mcp_notes_user_view($id, $mode, $action)
add_log('admin', 'LOG_CLEAR_USER', $userrow['username']);
- $msg = ($deletemark) ? 'MARKED_DELETED' : 'ALL_DELETED';
+ $msg = ($deletemark) ? 'MARKED_NOTES_DELETED' : 'ALL_NOTES_DELETED';
$redirect = "mcp.$phpEx$SID&amp;i=$id&amp;mode=$mode&amp;u=$user_id";
meta_refresh(2, $redirect);
trigger_error($user->lang[$msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>'));
diff --git a/phpBB/includes/mcp/mcp_queue.php b/phpBB/includes/mcp/mcp_queue.php
index 8c0dc9cd6d..7e8dc6760a 100644
--- a/phpBB/includes/mcp/mcp_queue.php
+++ b/phpBB/includes/mcp/mcp_queue.php
@@ -458,12 +458,12 @@ function approve_post($post_id_list, $mode)
$messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig,
'SITENAME' => $config['sitename'],
- 'USERNAME' => $post_data['username'],
- 'POST_SUBJECT' => censor_text($post_data['post_subject']),
- 'TOPIC_TITLE' => censor_text($post_data['topic_title']),
+ 'USERNAME' => html_entity_decode($post_data['username']),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])),
- 'U_VIEW_TOPIC' => "{$phpbb_root_path}viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0",
- 'U_VIEW_POST' => "{$phpbb_root_path}viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id")
+ 'U_VIEW_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&e=0",
+ 'U_VIEW_POST' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t={$post_data['topic_id']}&p=$post_id&e=$post_id")
);
$messenger->send($post_data['user_notify_type']);
@@ -550,6 +550,7 @@ function disapprove_post($post_id_list, $mode)
);
$notify_poster = (isset($_REQUEST['notify_poster'])) ? true : false;
+ $disapprove_reason = '';
if ($reason_id)
{
@@ -569,8 +570,7 @@ function disapprove_post($post_id_list, $mode)
{
// If the reason is defined within the language file, we will use the localized version, else just use the database entry...
$disapprove_reason = ($row['reason_title'] != 'other') ? ((isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description']) : '';
- $disapprove_reason .= ($reason) ? "\n\n" . $_REQUEST['reason'] : '';
- unset($reason);
+ $disapprove_reason .= ($reason) ? "\n\n" . $reason : '';
}
}
@@ -671,10 +671,10 @@ function disapprove_post($post_id_list, $mode)
$messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig,
'SITENAME' => $config['sitename'],
- 'USERNAME' => $post_data['username'],
- 'REASON' => $disapprove_reason,
- 'POST_SUBJECT' => censor_text($post_data['post_subject']),
- 'TOPIC_TITLE' => censor_text($post_data['topic_title']))
+ 'USERNAME' => html_entity_decode($post_data['username']),
+ 'REASON' => html_entity_decode($disapprove_reason),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])))
);
$messenger->send($post_data['user_notify_type']);
diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php
index e71e7507bb..f40ef0632c 100755
--- a/phpBB/includes/mcp/mcp_reports.php
+++ b/phpBB/includes/mcp/mcp_reports.php
@@ -461,10 +461,10 @@ function close_report($post_id_list, $mode, $action)
$messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig,
'SITENAME' => $config['sitename'],
- 'USERNAME' => $reporter['username'],
- 'CLOSER_NAME' => $user->data['username'],
- 'POST_SUBJECT' => censor_text($post_info[$post_id]['post_subject']),
- 'TOPIC_TITLE' => censor_text($post_info[$post_id]['topic_title']))
+ 'USERNAME' => html_entity_decode($reporter['username']),
+ 'CLOSER_NAME' => html_entity_decode($user->data['username']),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($post_info[$post_id]['post_subject'])),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($post_info[$post_id]['topic_title'])))
);
$messenger->send($reporter['user_notify_type']);
diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php
index beed7c824b..0e9ad35d21 100644
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@@ -87,7 +87,7 @@ class ucp_activate
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
- 'USERNAME' => $row['username'],
+ 'USERNAME' => html_entity_decode($row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']))
);
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index beef8a1f27..e78c4312ba 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -176,8 +176,8 @@ class ucp_groups
$messenger->assign_vars(array(
'EMAIL_SIG' => $email_sig,
'SITENAME' => $config['sitename'],
- 'USERNAME' => $row['username'],
- 'GROUP_NAME' => $group_row[$group_id]['group_name'],
+ 'USERNAME' => html_entity_decode($row['username']),
+ 'GROUP_NAME' => html_entity_decode($group_row[$group_id]['group_name']),
'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=usergroups&mode=manage",
'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")
diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php
index f06a6671b9..2c777e139f 100644
--- a/phpBB/includes/ucp/ucp_main.php
+++ b/phpBB/includes/ucp/ucp_main.php
@@ -604,6 +604,7 @@ class ucp_main
case 'drafts':
$pm_drafts = ($this->p_master->p_name == 'pm') ? true : false;
+ $template->assign_var('S_SHOW_DRAFTS', true);
$user->add_lang('posting');
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index 7c06895494..cd6831c419 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -332,7 +332,8 @@ function compose_pm($id, $mode, $action)
{
$sql = 'SELECT draft_id
FROM ' . DRAFTS_TABLE . '
- WHERE (forum_id = 0 AND topic_id = 0)
+ WHERE forum_id = 0
+ AND topic_id = 0
AND user_id = ' . $user->data['user_id'] .
(($draft_id) ? " AND draft_id <> $draft_id" : '');
$result = $db->sql_query_limit($sql, 1);
@@ -397,7 +398,7 @@ function compose_pm($id, $mode, $action)
if ($row = $db->sql_fetchrow($result))
{
$_REQUEST['subject'] = $row['draft_subject'];
- $_POST['message'] = $row['draft_message'];
+ $_REQUEST['message'] = $row['draft_message'];
$refresh = true;
$template->assign_var('S_DRAFT_LOADED', true);
}
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index bba0b92332..e50ed67037 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -136,7 +136,7 @@ class ucp_profile
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
- 'USERNAME' => $username,
+ 'USERNAME' => html_entity_decode($username),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
@@ -162,7 +162,7 @@ class ucp_profile
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
- 'USERNAME' => $username,
+ 'USERNAME' => html_entity_decode($username),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index d7292966ad..28757cf3ca 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -327,8 +327,8 @@ class ucp_register
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']),
- 'USERNAME' => $username,
- 'PASSWORD' => $password_confirm,
+ 'USERNAME' => html_entity_decode($username),
+ 'PASSWORD' => html_entity_decode($password_confirm),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
@@ -365,7 +365,7 @@ class ucp_register
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
- 'USERNAME' => $username,
+ 'USERNAME' => html_entity_decode($username),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
index 6b2c6240ae..a0976da443 100644
--- a/phpBB/includes/ucp/ucp_remind.php
+++ b/phpBB/includes/ucp/ucp_remind.php
@@ -69,8 +69,8 @@ class ucp_remind
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
- 'USERNAME' => $username,
- 'PASSWORD' => $user_password,
+ 'USERNAME' => html_entity_decode($username),
+ 'PASSWORD' => html_entity_decode($user_password),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 8c2b55a04f..6809e84892 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -79,7 +79,7 @@ class ucp_resend
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']),
- 'USERNAME' => $row['username'],
+ 'USERNAME' => html_entity_decode($row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$row['user_id']}&k={$row['user_actkey']}")
@@ -117,7 +117,7 @@ class ucp_resend
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
- 'USERNAME' => $row['username'],
+ 'USERNAME' => html_entity_decode($row['username']),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$row['user_id']}&k={$row['user_actkey']}")
diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php
index 7bd12f7f60..6e23cedffe 100755
--- a/phpBB/install/install_install.php
+++ b/phpBB/install/install_install.php
@@ -1301,8 +1301,8 @@ class install_install extends module
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array(
- 'USERNAME' => $admin_name,
- 'PASSWORD' => $admin_pass1,
+ 'USERNAME' => html_entity_decode($admin_name),
+ 'PASSWORD' => html_entity_decode($admin_pass1),
'U_BOARD' => generate_board_url(),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']))
);
diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php
index 2e547f745a..ea0bb08680 100644
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@@ -73,7 +73,7 @@ $lang = array_merge($lang, array(
'AVATAR_URL_INVALID' => 'The URL you specified is invalid.',
'AVATAR_URL_NOT_FOUND' => 'The file specified could not be found.',
'AVATAR_WRONG_FILESIZE' => 'The avatar must be between 0 and %1d %2s.',
- 'AVATAR_WRONG_SIZE' => 'The avatar must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high.',
+ 'AVATAR_WRONG_SIZE' => 'The avatar must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high. The submitted avatar is %5$d pixels wide and %6$d pixels high.',
'BACK_TO_TOP' => 'Top',
'BBCODE_GUIDE' => 'BBCode Guide',
diff --git a/phpBB/language/en/mcp.php b/phpBB/language/en/mcp.php
index 36d3e29f32..be047d1ea4 100644
--- a/phpBB/language/en/mcp.php
+++ b/phpBB/language/en/mcp.php
@@ -35,6 +35,7 @@ $lang = array_merge($lang, array(
'ADD_WARNING' => 'Add warning',
'ADD_WARNING_EXPLAIN' => 'To send a warning to this user please fill out the following form. Only use plain text; HTML, BBCode, etc. are not permitted.',
'ALL_ENTRIES' => 'All entries',
+ 'ALL_NOTES_DELETED' => 'Sucessfully removed all user notes',
'ALL_REPORTS' => 'All reports',
'ALREADY_REPORTED' => 'This post has already been reported',
'ALREADY_WARNED' => 'A warning has already been issued for this post',
@@ -118,6 +119,8 @@ $lang = array_merge($lang, array(
'LOOKUP_ALL' => 'Look up all IP',
'LOOKUP_IP' => 'Look up IP',
+ 'MARKED_NOTES_DELETED' => 'Sucessfully removed all marked user notes',
+
'MCP_ADD' => 'Add a warning',
'MCP_BAN' => 'Banning',
diff --git a/phpBB/language/en/posting.php b/phpBB/language/en/posting.php
index 6f8dbc3925..a0586aa1d7 100644
--- a/phpBB/language/en/posting.php
+++ b/phpBB/language/en/posting.php
@@ -193,7 +193,7 @@ $lang = array_merge($lang, array(
'VIEW_MESSAGE' => 'Click %sHere%s to view your message',
'WRONG_FILESIZE' => 'The file is too big, maximum allowed size is %1d %2s',
- 'WRONG_SIZE' => 'The image must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high.',
+ 'WRONG_SIZE' => 'The image must be at least %1$d pixels wide, %2$d pixels high and at most %3$d pixels wide and %4$d pixels high. The submitted image is %5$d pixels wide and %6$d pixels high.',
));
?> \ No newline at end of file
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php
index a4975f8d6e..3feb7daaa0 100644
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@@ -260,12 +260,12 @@ switch ($mode)
include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
$subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']);
- $message = $_POST['message'];
+ $message = request_var('message', '', true);
$messenger = new messenger();
$messenger->template('profile_send_email', $row['user_lang']);
- $messenger->subject($subject);
+ $messenger->subject(html_entity_decode($subject));
$messenger->replyto($user->data['user_email']);
$messenger->im($row['user_jabber'], $row['username']);
@@ -273,9 +273,9 @@ switch ($mode)
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'BOARD_EMAIL' => $config['board_contact'],
- 'FROM_USERNAME' => $user->data['username'],
- 'TO_USERNAME' => $row['username'],
- 'MESSAGE' => $message)
+ 'FROM_USERNAME' => html_entity_decode($user->data['username']),
+ 'TO_USERNAME' => html_entity_decode($row['username']),
+ 'MESSAGE' => html_entity_decode($message))
);
$messenger->send(NOTIFY_IM);
@@ -289,10 +289,10 @@ switch ($mode)
// Send vars to the template
$template->assign_vars(array(
'IM_CONTACT' => $row[$sql_field],
- 'USERNAME' => addslashes($row['username']),
+ 'USERNAME' => $row['username'],
'EMAIL' => $row['user_email'],
'CONTACT_NAME' => $row[$sql_field],
- 'SITENAME' => addslashes($config['sitename']),
+ 'SITENAME' => $config['sitename'],
'PRESENCE_IMG' => $presence_img,
@@ -616,7 +616,7 @@ switch ($mode)
if ($user_id)
{
- $messenger->subject($subject);
+ $messenger->subject(html_entity_decode($subject));
$messenger->im($row['user_jabber'], $row['username']);
$notify_type = $row['user_notify_type'];
}
diff --git a/phpBB/styles/subSilver/template/ucp_footer.html b/phpBB/styles/subSilver/template/ucp_footer.html
index 1372d3c3ec..15f9dbcdb3 100644
--- a/phpBB/styles/subSilver/template/ucp_footer.html
+++ b/phpBB/styles/subSilver/template/ucp_footer.html
@@ -1,5 +1,5 @@
- <!-- IF not S_PRIVMSGS --></form><!-- ENDIF --></td>
+ <!-- IF not S_PRIVMSGS or S_SHOW_DRAFTS --></form><!-- ENDIF --></td>
</tr>
</table>
diff --git a/phpBB/styles/subSilver/template/ucp_header.html b/phpBB/styles/subSilver/template/ucp_header.html
index b84aab9107..924943d4cb 100644
--- a/phpBB/styles/subSilver/template/ucp_header.html
+++ b/phpBB/styles/subSilver/template/ucp_header.html
@@ -156,4 +156,4 @@
</td>
<td><img src="images/spacer.gif" width="4" alt="" /></td>
- <td width="80%" valign="top"><!-- IF not S_PRIVMSGS --><form name="ucp" id="ucp" method="post" action="{S_UCP_ACTION}"{S_FORM_ENCTYPE}><!-- ENDIF -->
+ <td width="80%" valign="top"><!-- IF not S_PRIVMSGS or S_SHOW_DRAFTS --><form name="ucp" id="ucp" method="post" action="{S_UCP_ACTION}"{S_FORM_ENCTYPE}><!-- ENDIF -->
diff --git a/phpBB/styles/subSilver/template/ucp_main_drafts.html b/phpBB/styles/subSilver/template/ucp_main_drafts.html
index 2ff54a0b31..780a0e9a7b 100644
--- a/phpBB/styles/subSilver/template/ucp_main_drafts.html
+++ b/phpBB/styles/subSilver/template/ucp_main_drafts.html
@@ -32,10 +32,10 @@
<td class="postdetails" style="padding: 4px;" nowrap="nowrap">{draftrow.DATE}</td>
<td style="padding: 4px;" valign="top" width="100%">
<p class="topictitle">{draftrow.DRAFT_SUBJECT}</p>
- <!-- IF draftrow.S_LINK_TOPIC --><br /><span class="gensmall">{L_TOPIC}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span>
- <!-- ELSEIF draftrow.S_LINK_FORUM --><br /><span class="gensmall">{L_FORUM}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span>
- <!-- ELSEIF draftrow.S_LINK_PM --><br /><span class="gensmall">{L_PRIVATE_MESSAGE}</span>
- <!-- ELSE --><br /><span class="gensmall">{L_NO_TOPIC_FORUM}</span><!-- ENDIF -->
+ <!-- IF draftrow.S_LINK_TOPIC --><span class="gensmall">{L_TOPIC}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span>
+ <!-- ELSEIF draftrow.S_LINK_FORUM --><span class="gensmall">{L_FORUM}: <a href="{draftrow.U_VIEW}">{draftrow.TITLE}</a></span>
+ <!-- ELSEIF draftrow.S_LINK_PM --><span class="gensmall">{L_PRIVATE_MESSAGE}</span>
+ <!-- ELSE --><span class="gensmall">{L_NO_TOPIC_FORUM}</span><!-- ENDIF -->
</td>
<td style="padding: 4px;" align="center" nowrap="nowrap"><span class="genmed"><!-- IF draftrow.U_INSERT --><a href="{draftrow.U_INSERT}">{L_LOAD_DRAFT}</a><br /><!-- ENDIF --><a href="{draftrow.U_VIEW_EDIT}">{L_VIEW_EDIT}</a></td>
<td style="padding: 4px;" align="center"><input type="checkbox" name="d[{draftrow.DRAFT_ID}]" /></td>