aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/adm/style/acp_captcha.html2
-rw-r--r--phpBB/includes/acp/acp_users.php294
-rw-r--r--phpBB/includes/functions.php2
-rw-r--r--phpBB/includes/ucp/ucp_prefs.php112
-rw-r--r--phpBB/includes/ucp/ucp_profile.php77
-rw-r--r--phpBB/includes/ucp/ucp_register.php45
-rwxr-xr-xphpBB/install/install_install.php16
7 files changed, 214 insertions, 334 deletions
diff --git a/phpBB/adm/style/acp_captcha.html b/phpBB/adm/style/acp_captcha.html
index 4378e538f1..bdc48ea0aa 100644
--- a/phpBB/adm/style/acp_captcha.html
+++ b/phpBB/adm/style/acp_captcha.html
@@ -27,8 +27,8 @@
<dt><label for="captcha_gd_noise">{L_CAPTCHA_GD_NOISE}:</label><br /><span>{L_CAPTCHA_GD_NOISE_EXPLAIN}</span></dt>
<dd><input id="captcha_gd_noise" name="captcha_gd_noise" value="1" class="radio" type="radio"<!-- IF CAPTCHA_GD_NOISE --> checked="checked"<!-- ENDIF --> />&nbsp;{L_YES}&nbsp;&nbsp;<input name="captcha_gd_noise" value="0" class="radio" type="radio"<!-- IF not CAPTCHA_GD_NOISE --> checked="checked"<!-- ENDIF --> />&nbsp;{L_NO}</dd>
</dl>
-</fieldset>
<!-- ENDIF -->
+</fieldset>
<fieldset class="submit-buttons">
<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index b87524e911..0cba781542 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -616,32 +616,19 @@ class acp_users
break;
}
- $data = array();
-
// Handle registration info updates
- $var_ary = array(
- 'user' => (string) $user_row['username'],
- 'user_founder' => (int) (($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
- 'user_email' => (string) $user_row['user_email'],
- 'email_confirm' => (string) '',
- 'user_password' => (string) '',
- 'password_confirm' => (string) '',
- 'warnings' => (int) $user_row['user_warnings'],
+ $data = array(
+ 'username' => request_var('user', $user_row['username'], true),
+ 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
+ 'email' => request_var('user_email', $user_row['user_email']),
+ 'email_confirm' => request_var('email_confirm', ''),
+ 'user_password' => request_var('user_password', '', true),
+ 'password_confirm' => request_var('password_confirm', '', true),
+ 'warnings' => request_var('warnings', $user_row['user_warnings']),
);
- // Get the data from the form. Use data from the database if no info is provided
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = ($var == 'user') ? request_var($var, $default, true) : request_var($var, $default);
- }
-
- // We use user within the form to circumvent auto filling
- $data['username'] = $data['user'];
- $data['email'] = $data['user_email'];
- unset($data['user'], $data['user_email']);
-
// Validation data - we do not check the password complexity setting here
- $var_ary = array(
+ $check_ary = array(
'user_password' => array(
array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
array('password')),
@@ -652,7 +639,7 @@ class acp_users
// Check username if altered
if ($data['username'] != $user_row['username'])
{
- $var_ary += array(
+ $check_ary += array(
'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', $user_row['username'])),
@@ -662,7 +649,7 @@ class acp_users
// Check email if altered
if ($data['email'] != $user_row['user_email'])
{
- $var_ary += array(
+ $check_ary += array(
'email' => array(
array('string', false, 6, 60),
array('email', $user_row['user_email'])
@@ -671,7 +658,7 @@ class acp_users
);
}
- $error = validate_data($data, $var_ary);
+ $error = validate_data($data, $check_ary);
if ($data['user_password'] && $data['password_confirm'] != $data['user_password'])
{
@@ -979,7 +966,6 @@ class acp_users
$cp = new custom_profile();
$cp_data = $cp_error = array();
- $data = array();
$sql = 'SELECT lang_id
FROM ' . LANG_TABLE . "
@@ -990,29 +976,33 @@ class acp_users
$user_row['iso_lang_id'] = $row['lang_id'];
- if ($submit)
+ $data = array(
+ 'icq' => request_var('icq', $user_row['user_icq']),
+ 'aim' => request_var('aim', $user_row['user_aim']),
+ 'msn' => request_var('msn', $user_row['user_msnm']),
+ 'yim' => request_var('yim', $user_row['user_yim']),
+ 'jabber' => request_var('jabber', $user_row['user_jabber']),
+ 'website' => request_var('website', $user_row['user_website']),
+ 'location' => request_var('location', $user_row['user_from'], true),
+ 'occupation' => request_var('occupation', $user_row['user_occ'], true),
+ 'interests' => request_var('interests', $user_row['user_interests']),
+ 'bday_day' => 0,
+ 'bday_month' => 0,
+ 'bday_year' => 0,
+ );
+
+ if ($user_row['user_birthday'])
{
- $var_ary = array(
- 'icq' => (string) '',
- 'aim' => (string) '',
- 'msn' => (string) '',
- 'yim' => (string) '',
- 'jabber' => (string) '',
- 'website' => (string) '',
- 'location' => (string) '',
- 'occupation' => (string) '',
- 'interests' => (string) '',
- 'bday_day' => 0,
- 'bday_month' => 0,
- 'bday_year' => 0,
- );
+ list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
+ }
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
- }
+ $data['bday_day'] = request_var('bday_day', $data['bday_day']);
+ $data['bday_month'] = request_var('bday_month', $data['bday_month']);
+ $data['bday_year'] = request_var('bday_year', $data['bday_year']);
- $var_ary = array(
+ if ($submit)
+ {
+ $error = validate_data($data, array(
'icq' => array(
array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')),
@@ -1031,9 +1021,7 @@ class acp_users
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
// validate custom profile fields
$cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
@@ -1119,18 +1107,6 @@ class acp_users
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
- if (!isset($data['bday_day']))
- {
- if ($user_row['user_birthday'])
- {
- list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
- }
- else
- {
- $data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0;
- }
- }
-
$s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 32; $i++)
{
@@ -1156,15 +1132,15 @@ class acp_users
unset($now);
$template->assign_vars(array(
- 'ICQ' => (isset($data['icq'])) ? $data['icq'] : $user_row['user_icq'],
- 'YIM' => (isset($data['yim'])) ? $data['yim'] : $user_row['user_yim'],
- 'AIM' => (isset($data['aim'])) ? $data['aim'] : $user_row['user_aim'],
- 'MSN' => (isset($data['msn'])) ? $data['msn'] : $user_row['user_msnm'],
- 'JABBER' => (isset($data['jabber'])) ? $data['jabber'] : $user_row['user_jabber'],
- 'WEBSITE' => (isset($data['website'])) ? $data['website']: $user_row['user_website'],
- 'LOCATION' => (isset($data['location'])) ? $data['location'] : $user_row['user_from'],
- 'OCCUPATION' => (isset($data['occupation'])) ? $data['occupation'] : $user_row['user_occ'],
- 'INTERESTS' => (isset($data['interests'])) ? $data['interests'] : $user_row['user_interests'],
+ 'ICQ' => $data['icq'],
+ 'YIM' => $data['yim'],
+ 'AIM' => $data['aim'],
+ 'MSN' => $data['msn'],
+ 'JABBER' => $data['jabber'],
+ 'WEBSITE' => $data['website'],
+ 'LOCATION' => $data['location'],
+ 'OCCUPATION' => $data['occupation'],
+ 'INTERESTS' => $data['interests'],
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
@@ -1182,51 +1158,44 @@ class acp_users
case 'prefs':
- $data = array();
+ $data = array(
+ 'dateformat' => request_var('dateformat', $user_row['user_dateformat']),
+ 'lang' => request_var('lang', $user_row['user_lang']),
+ 'tz' => request_var('tz', (float) $user_row['user_timezone']),
+ 'style' => request_var('style', $user_row['user_style']),
+ 'dst' => request_var('dst', $user_row['user_dst']),
+ 'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']),
+ 'massemail' => request_var('massemail', $user_row['user_allow_massemail']),
+ 'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
+ 'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
+ 'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
+ 'popuppm' => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
+ 'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
+
+ 'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
+ 'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
+ 'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
+
+ 'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
+ 'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
+ 'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
+
+ 'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')),
+ 'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
+ 'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
+ 'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
+ 'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
+ 'view_wordcensor' => request_var('view_wordcensore', $this->optionget($user_row, 'viewcensors')),
+
+ 'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
+ 'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')),
+ 'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')),
+ 'notify' => request_var('notify', $user_row['user_notify']),
+ );
if ($submit)
{
- $var_ary = array(
- 'dateformat' => (string) $config['default_dateformat'],
- 'lang' => (string) $config['default_lang'],
- 'tz' => (float) $config['board_timezone'],
- 'style' => (int) $config['default_style'],
- 'dst' => (bool) $config['board_dst'],
- 'viewemail' => false,
- 'massemail' => true,
- 'hideonline' => false,
- 'notifymethod' => 0,
- 'notifypm' => true,
- 'popuppm' => false,
- 'allowpm' => true,
-
- 'topic_sk' => (string) 't',
- 'topic_sd' => (string) 'd',
- 'topic_st' => 0,
-
- 'post_sk' => (string) 't',
- 'post_sd' => (string) 'a',
- 'post_st' => 0,
-
- 'view_images' => true,
- 'view_flash' => false,
- 'view_smilies' => true,
- 'view_sigs' => true,
- 'view_avatars' => true,
- 'view_wordcensor' => false,
-
- 'bbcode' => true,
- 'smilies' => true,
- 'sig' => true,
- 'notify' => false,
- );
-
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = request_var($var, $default);
- }
-
- $var_ary = array(
+ $error = validate_data($data, array(
'dateformat' => array('string', false, 3, 30),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
'tz' => array('num', false, -14, 14),
@@ -1235,9 +1204,7 @@ class acp_users
'topic_sd' => array('string', false, 1, 1),
'post_sk' => array('string', false, 1, 1),
'post_sd' => array('string', false, 1, 1),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
if (!sizeof($error))
{
@@ -1291,17 +1258,10 @@ class acp_users
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
- $notify_method = (isset($data['notifymethod'])) ? $data['notifymethod'] : $user_row['user_notify_type'];
- $dateformat = (isset($data['dateformat'])) ? $data['dateformat'] : $user_row['user_dateformat'];
- $lang = (isset($data['lang'])) ? $data['lang'] : $user_row['user_lang'];
- $style = (isset($data['style'])) ? $data['style'] : $user_row['user_style'];
- $tz = (isset($data['tz'])) ? $data['tz'] : $user_row['user_timezone'];
-
$dateformat_options = '';
-
foreach ($user->lang['dateformats'] as $format => $null)
{
- $dateformat_options .= '<option value="' . $format . '"' . (($format == $dateformat) ? ' selected="selected"' : '') . '>';
+ $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
$dateformat_options .= $user->format_date(time(), $format, true) . ((strpos($format, '|') !== false) ? ' [' . $user->lang['RELATIVE_DAYS'] . ']' : '');
$dateformat_options .= '</option>';
}
@@ -1309,22 +1269,13 @@ class acp_users
$s_custom = false;
$dateformat_options .= '<option value="custom"';
- if (!in_array($dateformat, array_keys($user->lang['dateformats'])))
+ if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
{
$dateformat_options .= ' selected="selected"';
$s_custom = true;
}
$dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
- $topic_sk = (isset($data['topic_sk'])) ? $data['topic_sk'] : (($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't');
- $post_sk = (isset($data['post_sk'])) ? $data['post_sk'] : (($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't');
-
- $topic_sd = (isset($data['topic_sd'])) ? $data['topic_sd'] : (($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd');
- $post_sd = (isset($data['post_sd'])) ? $data['post_sd'] : (($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'd');
-
- $topic_st = (isset($data['topic_st'])) ? $data['topic_st'] : (($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0);
- $post_st = (isset($data['post_st'])) ? $data['post_st'] : (($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0);
-
$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
// Topic ordering options
@@ -1341,7 +1292,7 @@ class acp_users
${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
{
- $selected = (${$sort_option . '_st'} == $day) ? ' selected="selected"' : '';
+ $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
}
${'s_limit_' . $sort_option . '_days'} .= '</select>';
@@ -1349,7 +1300,7 @@ class acp_users
${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
{
- $selected = (${$sort_option . '_sk'} == $key) ? ' selected="selected"' : '';
+ $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
}
${'s_sort_' . $sort_option . '_key'} .= '</select>';
@@ -1357,7 +1308,7 @@ class acp_users
${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
foreach ($sort_dir_text as $key => $value)
{
- $selected = (${$sort_option . '_sd'} == $key) ? ' selected="selected"' : '';
+ $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
${'s_sort_' . $sort_option . '_dir'} .= '</select>';
@@ -1365,28 +1316,28 @@ class acp_users
$template->assign_vars(array(
'S_PREFS' => true,
- 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? false : true,
+ 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
- 'VIEW_EMAIL' => (isset($data['viewemail'])) ? $data['viewemail'] : $user_row['user_allow_viewemail'],
- 'MASS_EMAIL' => (isset($data['massemail'])) ? $data['massemail'] : $user_row['user_allow_massemail'],
- 'ALLOW_PM' => (isset($data['allowpm'])) ? $data['allowpm'] : $user_row['user_allow_pm'],
- 'HIDE_ONLINE' => (isset($data['hideonline'])) ? $data['hideonline'] : !$user_row['user_allow_viewonline'],
- 'NOTIFY_EMAIL' => ($notify_method == NOTIFY_EMAIL) ? true : false,
- 'NOTIFY_IM' => ($notify_method == NOTIFY_IM) ? true : false,
- 'NOTIFY_BOTH' => ($notify_method == NOTIFY_BOTH) ? true : false,
- 'NOTIFY_PM' => (isset($data['notifypm'])) ? $data['notifypm'] : $user_row['user_notify_pm'],
- 'POPUP_PM' => (isset($data['popuppm'])) ? $data['popuppm'] : $this->optionget($user_row, 'popuppm'),
- 'DST' => (isset($data['dst'])) ? $data['dst'] : $user_row['user_dst'],
- 'BBCODE' => (isset($data['bbcode'])) ? $data['bbcode'] : $this->optionget($user_row, 'bbcode'),
- 'SMILIES' => (isset($data['smilies'])) ? $data['smilies'] : $this->optionget($user_row, 'smilies'),
- 'ATTACH_SIG' => (isset($data['sig'])) ? $data['sig'] : $this->optionget($user_row, 'attachsig'),
- 'NOTIFY' => (isset($data['notify'])) ? $data['notify'] : $user_row['user_notify'],
- 'VIEW_IMAGES' => (isset($data['view_images'])) ? $data['view_images'] : $this->optionget($user_row, 'viewimg'),
- 'VIEW_FLASH' => (isset($data['view_flash'])) ? $data['view_flash'] : $this->optionget($user_row, 'viewflash'),
- 'VIEW_SMILIES' => (isset($data['view_smilies'])) ? $data['view_smilies'] : $this->optionget($user_row, 'viewsmilies'),
- 'VIEW_SIGS' => (isset($data['view_sigs'])) ? $data['view_sigs'] : $this->optionget($user_row, 'viewsigs'),
- 'VIEW_AVATARS' => (isset($data['view_avatars'])) ? $data['view_avatars'] : $this->optionget($user_row, 'viewavatars'),
- 'VIEW_WORDCENSOR' => (isset($data['view_wordcensor'])) ? $data['view_wordcensor'] : $this->optionget($user_row, 'viewcensors'),
+ 'VIEW_EMAIL' => $data['viewemail'],
+ 'MASS_EMAIL' => $data['massemail'],
+ 'ALLOW_PM' => $data['allowpm'],
+ 'HIDE_ONLINE' => $data['hideonline'],
+ 'NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
+ 'NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
+ 'NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
+ 'NOTIFY_PM' => $data['notifypm'],
+ 'POPUP_PM' => $data['popuppm'],
+ 'DST' => $data['dst'],
+ 'BBCODE' => $data['bbcode'],
+ 'SMILIES' => $data['smilies'],
+ 'ATTACH_SIG' => $data['sig'],
+ 'NOTIFY' => $data['notify'],
+ 'VIEW_IMAGES' => $data['view_images'],
+ 'VIEW_FLASH' => $data['view_flash'],
+ 'VIEW_SMILIES' => $data['view_smilies'],
+ 'VIEW_SIGS' => $data['view_sigs'],
+ 'VIEW_AVATARS' => $data['view_avatars'],
+ 'VIEW_WORDCENSOR' => $data['view_wordcensor'],
'S_TOPIC_SORT_DAYS' => $s_limit_topic_days,
'S_TOPIC_SORT_KEY' => $s_sort_topic_key,
@@ -1395,15 +1346,15 @@ class acp_users
'S_POST_SORT_KEY' => $s_sort_post_key,
'S_POST_SORT_DIR' => $s_sort_post_dir,
- 'DATE_FORMAT' => $dateformat,
+ 'DATE_FORMAT' => $data['dateformat'],
'S_DATEFORMAT_OPTIONS' => $dateformat_options,
'S_CUSTOM_DATEFORMAT' => $s_custom,
'DEFAULT_DATEFORMAT' => $config['default_dateformat'],
'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']),
- 'S_LANG_OPTIONS' => language_select($lang),
- 'S_STYLE_OPTIONS' => style_select($style),
- 'S_TZ_OPTIONS' => tz_select($tz, true),
+ 'S_LANG_OPTIONS' => language_select($data['lang']),
+ 'S_STYLE_OPTIONS' => style_select($data['style']),
+ 'S_TZ_OPTIONS' => tz_select($data['tz'], true),
)
);
@@ -1421,26 +1372,19 @@ class acp_users
{
$delete = request_var('delete', '');
- $var_ary = array(
- 'uploadurl' => (string) '',
- 'remotelink' => (string) '',
- 'width' => (string) '',
- 'height' => (string) '',
+ $data = array(
+ 'uploadurl' => request_var('uploadurl', ''),
+ 'remotelink' => request_var('remotelink', ''),
+ 'width' => request_var('width', ''),
+ 'height' => request_var('height', ''),
);
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = request_var($var, $default);
- }
-
- $var_ary = array(
+ $error = validate_data($data, array(
'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
if (!sizeof($error))
{
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 1dc036b4b6..7a2ec278f8 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -1979,7 +1979,7 @@ function login_forum_box($forum_data)
{
global $db, $config, $user, $template, $phpEx;
- $password = request_var('password', '');
+ $password = request_var('password', '', true);
$sql = 'SELECT forum_id
FROM ' . FORUMS_ACCESS_TABLE . '
diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php
index 5dce0b80c2..378562a2dd 100644
--- a/phpBB/includes/ucp/ucp_prefs.php
+++ b/phpBB/includes/ucp/ucp_prefs.php
@@ -30,44 +30,30 @@ class ucp_prefs
case 'personal':
$data = array(
- 'notifymethod' => $user->data['user_notify_type'],
- 'dateformat' => $user->data['user_dateformat'],
- 'lang' => $user->data['user_lang'],
- 'style' => $user->data['user_style'],
- 'tz' => $user->data['user_timezone'],
+ 'notifymethod' => request_var('notifymethod', $user->data['user_notify_type']),
+ 'dateformat' => request_var('dateformat', $user->data['user_dateformat']),
+ 'lang' => request_var('lang', $user->data['user_lang']),
+ 'style' => request_var('style', (int) $user->data['user_style']),
+ 'tz' => request_var('tz', (float) $user->data['user_timezone']),
+
+ 'dst' => request_var('dst', (bool) $user->data['user_dst']),
+ 'viewemail' => request_var('viewemail', (bool) $user->data['user_allow_viewemail']),
+ 'massemail' => request_var('massemail', (bool) $user->data['user_allow_massemail']),
+ 'hideonline' => request_var('hideonline', (bool) !$user->data['user_allow_viewonline']),
+ 'notifypm' => request_var('notifypm', (bool) $user->data['user_notify_pm']),
+ 'popuppm' => request_var('popuppm', (bool) $user->optionget('popuppm')),
+ 'allowpm' => request_var('allowpm', (bool) $user->data['user_allow_pm']),
);
if ($submit)
{
- $var_ary = array(
- 'dateformat' => (string) $config['default_dateformat'],
- 'lang' => (string) $config['default_lang'],
- 'tz' => (float) $config['board_timezone'],
- 'style' => (int) $config['default_style'],
- 'dst' => (bool) $config['board_dst'],
- 'viewemail' => false,
- 'massemail' => true,
- 'hideonline' => false,
- 'notifymethod' => 0,
- 'notifypm' => true,
- 'popuppm' => false,
- 'allowpm' => true,
- );
-
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = request_var($var, $default);
- }
-
$data['style'] = ($config['override_user_style']) ? $config['default_style'] : $data['style'];
- $var_ary = array(
+ $error = validate_data($data, array(
'dateformat' => array('string', false, 3, 30),
'lang' => array('match', false, '#^[a-z0-9_\-]{2,}$#i'),
'tz' => array('num', false, -14, 14),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
if (!sizeof($error))
{
@@ -128,13 +114,13 @@ class ucp_prefs
'S_NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
'S_NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
'S_NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
- 'S_VIEW_EMAIL' => (isset($data['viewemail'])) ? $data['viewemail'] : $user->data['user_allow_viewemail'],
- 'S_MASS_EMAIL' => (isset($data['massemail'])) ? $data['massemail'] : $user->data['user_allow_massemail'],
- 'S_ALLOW_PM' => (isset($data['allowpm'])) ? $data['allowpm'] : $user->data['user_allow_pm'],
- 'S_HIDE_ONLINE' => (isset($data['hideonline'])) ? $data['hideonline'] : !$user->data['user_allow_viewonline'],
- 'S_NOTIFY_PM' => (isset($data['notifypm'])) ? $data['notifypm'] : $user->data['user_notify_pm'],
- 'S_POPUP_PM' => (isset($data['popuppm'])) ? $data['popuppm'] : $user->optionget('popuppm'),
- 'S_DST' => (isset($data['dst'])) ? $data['dst'] : $user->data['user_dst'],
+ 'S_VIEW_EMAIL' => $data['viewemail'],
+ 'S_MASS_EMAIL' => $data['massemail'],
+ 'S_ALLOW_PM' => $data['allowpm'],
+ 'S_HIDE_ONLINE' => $data['hideonline'],
+ 'S_NOTIFY_PM' => $data['notifypm'],
+ 'S_POPUP_PM' => $data['popuppm'],
+ 'S_DST' => $data['dst'],
'DATE_FORMAT' => $data['dateformat'],
'S_DATEFORMAT_OPTIONS' => $dateformat_options,
@@ -161,32 +147,23 @@ class ucp_prefs
'post_sk' => (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't',
'post_sd' => (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a',
'post_st' => (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0,
+
+ 'images' => request_var('images', (bool) $user->optionget('viewimg')),
+ 'flash' => request_var('flash', (bool) $user->optionget('viewflash')),
+ 'smilies' => request_var('smilies', (bool) $user->optionget('viewsmilies')),
+ 'sigs' => request_var('sigs', (bool) $user->optionget('viewsigs')),
+ 'avatars' => request_var('avatars', (bool) $user->optionget('viewavatars')),
+ 'wordcensor' => request_var('wordcensor', (bool) $user->optionget('viewcensors')),
);
if ($submit)
{
- $var_ary = array_merge($data, array(
- 'images' => true,
- 'flash' => false,
- 'smilies' => true,
- 'sigs' => true,
- 'avatars' => true,
- 'wordcensor'=> false,
- ));
-
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = request_var($var, $default);
- }
-
- $var_ary = array(
+ $error = validate_data($data, array(
'topic_sk' => array('string', false, 1, 1),
'topic_sd' => array('string', false, 1, 1),
'post_sk' => array('string', false, 1, 1),
'post_sd' => array('string', false, 1, 1),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
if (!sizeof($error))
{
@@ -271,12 +248,12 @@ class ucp_prefs
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
- 'S_IMAGES' => (isset($data['images'])) ? $data['images'] : $user->optionget('viewimg'),
- 'S_FLASH' => (isset($data['flash'])) ? $data['flash'] : $user->optionget('viewflash'),
- 'S_SMILIES' => (isset($data['smilies'])) ? $data['smilies'] : $user->optionget('viewsmilies'),
- 'S_SIGS' => (isset($data['sigs'])) ? $data['sigs'] : $user->optionget('viewsigs'),
- 'S_AVATARS' => (isset($data['avatars'])) ? $data['avatars'] : $user->optionget('viewavatars'),
- 'S_DISABLE_CENSORS' => (isset($data['wordcensor'])) ? $data['wordcensor'] : $user->optionget('viewcensors'),
+ 'S_IMAGES' => $data['images'],
+ 'S_FLASH' => $data['flash'],
+ 'S_SMILIES' => $data['smilies'],
+ 'S_SIGS' => $data['sigs'],
+ 'S_AVATARS' => $data['avatars'],
+ 'S_DISABLE_CENSORS' => $data['wordcensor'],
'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false,
@@ -293,21 +270,14 @@ class ucp_prefs
case 'post':
$data = array(
- 'bbcode' => $user->optionget('bbcode'),
- 'smilies' => $user->optionget('smilies'),
- 'sig' => $user->optionget('attachsig'),
- 'notify' => $user->data['user_notify'],
+ 'bbcode' => request_var('bbcode', $user->optionget('bbcode')),
+ 'smilies' => request_var('smilies', $user->optionget('smilies')),
+ 'sig' => request_var('sig', $user->optionget('attachsig')),
+ 'notify' => request_var('notify', $user->data['user_notify']),
);
if ($submit)
{
- $var_ary = $data;
-
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = request_var($var, $default);
- }
-
$user->optionset('bbcode', $data['bbcode']);
$user->optionset('smilies', $data['smilies']);
$user->optionset('attachsig', $data['sig']);
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 61e1aefcec..7aab239f39 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -34,23 +34,18 @@ class ucp_profile
case 'reg_details':
$data = array(
- 'username' => $user->data['username'],
- 'email' => $user->data['user_email'],
- 'email_confirm' => (string) '',
- 'new_password' => (string) '',
- 'cur_password' => (string) '',
- 'password_confirm' => (string) '',
+ 'username' => request_var('username', $user->data['username'], true),
+ 'email' => request_var('email', $user->data['user_email']),
+ 'email_confirm' => request_var('email_confirm', ''),
+ 'new_password' => request_var('new_password', '', true),
+ 'cur_password' => request_var('cur_password', '', true),
+ 'password_confirm' => request_var('password_confirm', '', true),
);
if ($submit)
{
- foreach ($data as $var => $default)
- {
- $data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
- }
-
// Do not check cur_password, it is the old one.
- $var_ary = array(
+ $check_ary = array(
'new_password' => array(
array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
array('password')),
@@ -63,13 +58,13 @@ class ucp_profile
if ($auth->acl_get('u_chgname') && $config['allow_namechange'])
{
- $var_ary['username'] = array(
+ $check_ary['username'] = array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', $data['username']),
);
}
- $error = validate_data($data, $var_ary);
+ $error = validate_data($data, $check_ary);
if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
{
@@ -249,15 +244,15 @@ class ucp_profile
$cp_data = $cp_error = array();
$data = array(
- 'icq' => (string) $user->data['user_icq'],
- 'aim' => (string) $user->data['user_aim'],
- 'msn' => (string) $user->data['user_msnm'],
- 'yim' => (string) $user->data['user_yim'],
- 'jabber' => (string) $user->data['user_jabber'],
- 'website' => (string) $user->data['user_website'],
- 'location' => (string) $user->data['user_from'],
- 'occupation' => (string) $user->data['user_occ'],
- 'interests' => (string) $user->data['user_interests'],
+ 'icq' => request_var('icq', $user->data['user_icq']),
+ 'aim' => request_var('aim', $user->data['user_aim']),
+ 'msn' => request_var('msn', $user->data['user_msnm']),
+ 'yim' => request_var('yim', $user->data['user_yim']),
+ 'jabber' => request_var('jabber', $user->data['user_jabber']),
+ 'website' => request_var('website', $user->data['user_website']),
+ 'location' => request_var('location', $user->data['user_from'], true),
+ 'occupation' => request_var('occupation', $user->data['user_occ'], true),
+ 'interests' => request_var('interests', $user->data['user_interests']),
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
@@ -268,14 +263,13 @@ class ucp_profile
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']);
}
+ $data['bday_day'] = request_var('bday_day', $data['bday_day']);
+ $data['bday_month'] = request_var('bday_month', $data['bday_month']);
+ $data['bday_year'] = request_var('bday_year', $data['bday_year']);
+
if ($submit)
{
- foreach ($data as $var => $default)
- {
- $data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
- }
-
- $var_ary = array(
+ $error = validate_data($data, array(
'icq' => array(
array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')),
@@ -294,9 +288,7 @@ class ucp_profile
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
// validate custom profile fields
$cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error);
@@ -510,26 +502,19 @@ class ucp_profile
if ($submit)
{
- $var_ary = array(
- 'uploadurl' => (string) '',
- 'remotelink' => (string) '',
- 'width' => (string) '',
- 'height' => (string) '',
+ $data = array(
+ 'uploadurl' => request_var('uploadurl', ''),
+ 'remotelink' => request_var('remotelink', ''),
+ 'width' => request_var('width', ''),
+ 'height' => request_var('height', ''),
);
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = request_var($var, $default);
- }
-
- $var_ary = array(
+ $error = validate_data($data, array(
'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
if (!sizeof($error))
{
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 9db221520f..897a24fdc9 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -59,7 +59,7 @@ class ucp_register
$cp = new custom_profile();
- $error = $data = $cp_data = $cp_error = array();
+ $error = $cp_data = $cp_error = array();
//
if (!$agreed)
@@ -110,36 +110,22 @@ class ucp_register
$timezone = $config['board_timezone'];
}
- $var_ary = array(
- 'username' => (string) '',
- 'password_confirm' => (string) '',
- 'new_password' => (string) '',
- 'cur_password' => (string) '',
- 'email' => (string) '',
- 'email_confirm' => (string) '',
- 'confirm_code' => (string) '',
- 'lang' => (string) $user->lang_name,
- 'tz' => (float) $timezone,
+ $data = array(
+ 'username' => request_var('username', '', true),
+ 'password_confirm' => request_var('password_confirm', '', true),
+ 'new_password' => request_var('new_password', '', true),
+ 'cur_password' => request_var('cur_password', '', true),
+ 'email' => request_var('email', ''),
+ 'email_confirm' => request_var('email_confirm', ''),
+ 'confirm_code' => request_var('confirm_code', ''),
+ 'lang' => request_var('lang', $user->lang_name),
+ 'tz' => request_var('tz', (float) $timezone),
);
- // If we change the language inline, we do not want to display errors, but pre-fill already filled out values
- if ($change_lang)
- {
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
- }
- }
-
// Check and initialize some variables if needed
if ($submit)
{
- foreach ($var_ary as $var => $default)
- {
- $data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
- }
-
- $var_ary = array(
+ $error = validate_data($data, array(
'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username')),
@@ -154,9 +140,7 @@ class ucp_register
'confirm_code' => array('string', !$config['enable_confirm'], 5, 8),
'tz' => array('num', false, -14, 14),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
- );
-
- $error = validate_data($data, $var_ary);
+ ));
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
@@ -481,9 +465,6 @@ class ucp_register
$user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\w]+' => 'USERNAME_ALPHA_ONLY', '[\w_\+\. \-\[\]]+' => 'USERNAME_ALPHA_SPACERS');
$pass_char_ary = array('.*' => 'PASS_TYPE_ANY', '[a-zA-Z]' => 'PASS_TYPE_CASE', '[a-zA-Z0-9]' => 'PASS_TYPE_ALPHA', '[a-zA-Z\W]' => 'PASS_TYPE_SYMBOL');
- $data['lang'] = (isset($data['lang'])) ? $data['lang'] : $config['default_lang'];
- $data['tz'] = (isset($data['tz'])) ? $data['tz'] : $timezone;
-
//
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php
index df834a367e..ec1e4d776e 100755
--- a/phpBB/install/install_install.php
+++ b/phpBB/install/install_install.php
@@ -404,7 +404,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
$connect_test = false;
@@ -546,7 +546,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@@ -718,7 +718,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@@ -873,7 +873,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@@ -957,7 +957,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@@ -1231,7 +1231,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
$dbpasswd = htmlspecialchars_decode($dbpasswd);
@@ -1500,7 +1500,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
// Fill the config array - it is needed by those functions we call
@@ -1582,7 +1582,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
- $$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
+ $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
}
// Load the basic configuration data
generated by cgit v1.2.1 (git 2.21.0) at 2025-04-04 12:12:25 +0000