From 30aeac65dccceab18e19318e5981118f150c0647 Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Fri, 4 Oct 2002 13:09:10 +0000 Subject: Well, here are all my changes ... don't blame me if things break :D git-svn-id: file:///svn/phpbb/trunk@2923 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/admin/admin_ban.php | 62 ++--- phpBB/admin/admin_board.php | 64 ++--- phpBB/admin/admin_database.php | 493 +++++++++++++++++++------------------- phpBB/admin/admin_disallow.php | 20 +- phpBB/admin/admin_email.php | 36 +-- phpBB/admin/admin_forums.php | 22 +- phpBB/admin/admin_groups.php | 165 +++++++++---- phpBB/admin/admin_permissions.php | 24 +- phpBB/admin/admin_prune.php | 20 +- phpBB/admin/admin_prune_users.php | 30 +-- phpBB/admin/admin_ranks.php | 26 +- phpBB/admin/admin_search.php | 64 ++--- phpBB/admin/admin_smilies.php | 24 +- phpBB/admin/admin_styles.php | 28 +-- phpBB/admin/admin_users.php | 66 ++--- phpBB/admin/admin_viewlogs.php | 24 +- phpBB/admin/admin_words.php | 16 +- phpBB/admin/index.php | 56 ++--- phpBB/admin/pagestart.php | 2 +- 19 files changed, 663 insertions(+), 579 deletions(-) (limited to 'phpBB/admin') diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index 3214c38589..a4f22c2481 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('ban') ) + if ( !$auth->get_acl_admin('ban') ) { return; } @@ -46,7 +46,7 @@ require('pagestart.' . $phpEx); // // Do we have ban permissions? // -if ( !$acl->get_acl_admin('ban') ) +if ( !$auth->get_acl_admin('ban') ) { return; } @@ -74,7 +74,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) $ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban'])); $ban_list_log = implode(', ', $ban_list); - if ( !empty($HTTP_POST_VARS['banlength']) ) + if ( !empty($HTTP_POST_VARS['banlength']) ) { if ( $HTTP_POST_VARS['banlength'] != -1 || empty($HTTP_POST_VARS['banlengthother']) ) { @@ -107,8 +107,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) } } - $sql = "SELECT user_id - FROM " . USERS_TABLE . " + $sql = "SELECT user_id + FROM " . USERS_TABLE . " WHERE username IN (" . implode(', ', $banlist_tmp) . ")"; $result = $db->sql_query($sql); @@ -224,8 +224,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) break; } - $sql = "SELECT $type - FROM " . BANLIST_TABLE . " + $sql = "SELECT $type + FROM " . BANLIST_TABLE . " WHERE $type <> ''"; $result = $db->sql_query($sql); @@ -253,13 +253,13 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) $banlist = array_unique(array_diff($banlist, $banlist_tmp)); unset($banlist_tmp); - } + } if ( sizeof($banlist) ) { for($i = 0; $i < count($banlist); $i++) { - $sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason) + $sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason) VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')"; $db->sql_query($sql); } @@ -276,8 +276,8 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) break; case 'email': - $sql = "SELECT user_id - FROM " . USERS_TABLE . " + $sql = "SELECT user_id + FROM " . USERS_TABLE . " WHERE user_email IN (" . implode(', ', $banlist) . ")"; $result = $db->sql_query($sql); @@ -297,7 +297,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) if ( $sql != '' ) { - $sql = "DELETE FROM " . SESSIONS_TABLE . " + $sql = "DELETE FROM " . SESSIONS_TABLE . " $sql"; $db->sql_query($sql); } @@ -322,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) ) if ( $unban_sql != '' ) { - $sql = "DELETE FROM " . BANLIST_TABLE . " + $sql = "DELETE FROM " . BANLIST_TABLE . " WHERE ban_id IN ($unban_sql)"; $db->sql_query($sql); @@ -339,8 +339,8 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) ) // // Remove timed out bans // -$sql = "DELETE FROM " . BANLIST_TABLE . " - WHERE ban_end < " . time() . " +$sql = "DELETE FROM " . BANLIST_TABLE . " + WHERE ban_end < " . time() . " AND ban_end <> 0"; $db->sql_query($sql); @@ -387,7 +387,7 @@ switch ( $mode ) case 'user': $sql = "SELECT b.*, u.user_id, u.username FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE ( b.ban_end >= " . time() . " + WHERE ( b.ban_end >= " . time() . " OR b.ban_end = 0 ) AND u.user_id = b.ban_userid AND b.ban_userid <> 0 @@ -422,10 +422,10 @@ switch ( $mode ) case 'ip': - $sql = "SELECT * - FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + $sql = "SELECT * + FROM " . BANLIST_TABLE . " + WHERE ( ban_end >= " . time() . " + OR ban_end = 0 ) AND ban_ip <> ''"; $result = $db->sql_query($sql); @@ -456,10 +456,10 @@ switch ( $mode ) case 'email': - $sql = "SELECT * - FROM " . BANLIST_TABLE . " - WHERE ( ban_end >= " . time() . " - OR ban_end = 0 ) + $sql = "SELECT * + FROM " . BANLIST_TABLE . " + WHERE ( ban_end >= " . time() . " + OR ban_end = 0 ) AND ban_email <> ''"; $result = $db->sql_query($sql); @@ -496,17 +496,17 @@ switch ( $mode )

"> - + - + @@ -518,7 +518,7 @@ switch ( $mode ) - +
:
:
   
@@ -528,14 +528,14 @@ switch ( $mode )

- + - + - +
:
diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index bb4061ba1f..e6d62fcfac 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -45,7 +45,7 @@ $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -325,9 +325,6 @@ switch ( $mode ) $activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : ''; $activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : ''; - $gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : ''; - $gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : ''; - $privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : ''; $privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : ''; @@ -347,18 +344,6 @@ switch ( $mode ) :
/>    />
- - :
- - - - :
- - - - : - />    /> - : />    /> @@ -407,14 +392,6 @@ switch ( $mode ) :
- - :
- - - - :
- - : @@ -485,6 +462,13 @@ switch ( $mode ) case 'server': + $ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : ''; + $ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : ''; + $ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : ''; + $ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : ''; + + $gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : ''; + $gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : ''; ?> :
@@ -498,6 +482,30 @@ switch ( $mode ) :
+ + :
+ />    />    />    />    + + + :
+ + + + :
+ + + + : + />    /> + + + :
+ + + + :
+ + sql_query($sql); } diff --git a/phpBB/admin/admin_database.php b/phpBB/admin/admin_database.php index 74783b1c2a..bedb91efff 100644 --- a/phpBB/admin/admin_database.php +++ b/phpBB/admin/admin_database.php @@ -1,6 +1,6 @@ get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } - + $filename = basename(__FILE__); $module['DB']['DB_Backup'] = $filename . "$SID&mode=backup"; @@ -51,9 +48,9 @@ require('pagestart.' . $phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // +// Do we have DB backup/restore permissions? // -// -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -64,46 +61,43 @@ if ( !$acl->get_acl_admin('general') ) // @set_time_limit(1200); +$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : ''; + // // Begin program proper // - -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +switch( $mode ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + case 'backup': - switch( $mode ) - { - case 'backup': - - if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + { + switch ( SQL_LAYER ) { - switch ( SQL_LAYER ) - { - case 'oracle': - $db_type = 'Oracle'; - break; - case 'odbc': - $db_type = 'ODBC'; - break; - case 'mssql': - $db_type = 'MSSQL'; - break; - } - - message_die(MESSAGE, $lang['Backups_not_supported']); - break; + case 'oracle': + $db_type = 'Oracle'; + break; + case 'odbc': + $db_type = 'ODBC'; + break; + case 'mssql': + $db_type = 'MSSQL'; + break; } - $additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' ); - $backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' ); - $search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 ); - $store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' ); - $compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' ); + message_die(MESSAGE, $lang['Backups_not_supported']); + break; + } - if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) ) - { - page_header($lang['DB_Backup']); + $additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' ); + $backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' ); + $search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 ); + $store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' ); + $compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' ); + + if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) ) + { + page_header($lang['DB_Backup']); ?> @@ -132,35 +126,35 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) :   .gz  .zip  .bz2 @@ -170,229 +164,232 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) "; - } - else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) ) - { - $meta = ""; + $message = ( empty($store_path) ) ? $lang['Backup_download'] : $lang['Backup_writing']; - $message = ( empty($store_path) ) ? $lang['Backup_download'] : $lang['Backup_writing']; + page_header($lang['DB_Backup'], $meta); + page_message($lang['DB_Backup'], $message); + page_footer(); + } - page_header($lang['DB_Backup'], $meta); - page_message($lang['DB_Backup'], $message); - page_footer(); - } + $tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables(); + @sort($tables); - $tables = ( SQL_LAYER != 'postgresql' ) ? mysql_get_tables() : pg_get_tables(); - @sort($tables); + if ( !empty($additional_tables) ) + { + $additional_tables = explode(',', $additional_tables); - if ( !empty($additional_tables) ) + for($i = 0; $i < count($additional_tables); $i++) { - $additional_tables = explode(',', $additional_tables); - - for($i = 0; $i < count($additional_tables); $i++) - { - $tables[] = trim($additional_tables[$i]); - } - unset($additional_tables); + $tables[] = trim($additional_tables[$i]); } + unset($additional_tables); + } - // - // Enable output buffering - // - @ob_start(); - @ob_implicit_flush(0); + // + // Enable output buffering + // + @ob_start(); + @ob_implicit_flush(0); - // - // Build the sql script file... - // - echo "#\n"; - echo "# phpBB Backup Script\n"; - echo "# Dump of tables for $dbname\n"; - echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; - echo "#\n"; + // + // Build the sql script file... + // + echo "#\n"; + echo "# phpBB Backup Script\n"; + echo "# Dump of tables for $dbname\n"; + echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; + echo "#\n"; + + if ( SQL_LAYER == 'postgresql' ) + { + echo "\n" . pg_get_sequences("\n", $backup_type); + } + + for($i = 0; $i < count($tables); $i++) + { + $table_name = $tables[$i]; - if ( SQL_LAYER == 'postgresql' ) + if ( SQL_LAYER != 'mysql4' ) { - echo "\n" . pg_get_sequences("\n", $backup_type); + $table_def_function = "get_table_def_" . SQL_LAYER; + $table_content_function = "get_table_content_" . SQL_LAYER; + } + else + { + $table_def_function = "get_table_def_mysql"; + $table_content_function = "get_table_content_mysql"; } - for($i = 0; $i < count($tables); $i++) + if ( $backup_type != 'data' ) { - $table_name = $tables[$i]; + echo "#\n# TABLE: " . $table_name . "\n#\n"; + echo $table_def_function($table_name, "\n") . "\n"; + } - if ( SQL_LAYER != 'mysql4' ) - { - $table_def_function = "get_table_def_" . SQL_LAYER; - $table_content_function = "get_table_content_" . SQL_LAYER; - } - else + if ( $backup_type != 'structure' ) + { + // + // Skip search table data? + // + if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) ) { - $table_def_function = "get_table_def_mysql"; - $table_content_function = "get_table_content_mysql"; + $table_content_function($table_name, "output_table_content"); } + } + } - if ( $backup_type != 'data' ) - { - echo "#\n# TABLE: " . $table_name . "\n#\n"; - echo $table_def_function($table_name, "\n") . "\n"; - } + // + // Flush the buffer, send the file + // + switch ( $compress ) + { + case 'gzip': + $extension = 'sql.gz'; + $contents = gzencode(ob_get_contents()); + ob_end_clean(); + break; - if ( $backup_type != 'structure' ) - { - // - // Skip search table data? - // - if ( $search || ( !$search && !preg_match('/search_word/', $table_name) ) ) - { - $table_content_function($table_name, "output_table_content"); - } - } - } - - // - // Flush the buffer, send the file - // - switch ( $compress ) - { - case 'gzip': - $extension = 'sql.gz'; - $contents = gzencode(ob_get_contents()); - ob_end_clean(); - break; + case 'zip': + $extension = 'zip'; + $zip = new zipfile; + $zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time()); + ob_end_clean(); + $contents = $zip->file(); + break; - case 'zip': - $extension = 'zip'; - $zip = new zipfile; - $zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time()); - ob_end_clean(); - $contents = $zip->file(); - break; + case 'bzip': + $extension = 'bz2'; + $contents = bzcompress(ob_get_contents()); + ob_end_clean(); + break; - case 'bzip': - $extension = 'bz2'; - $contents = bzcompress(ob_get_contents()); - ob_end_clean(); - break; + default: + $extension = 'sql'; + $contents = ob_get_contents(); + ob_end_clean(); + } - default: - $extension = 'sql'; - $contents = ob_get_contents(); - ob_end_clean(); - } + add_admin_log('log_db_backup'); - if ( empty($store_path) ) - { - header("Pragma: no-cache"); - header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\""); - header("Content-disposition: attachment; filename=phpbb_db_backup.$extension"); + if ( empty($store_path) ) + { + header("Pragma: no-cache"); + header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.$extension\""); + header("Content-disposition: attachment; filename=phpbb_db_backup.$extension"); - echo $contents; - unset($contents); + echo $contents; + unset($contents); + } + else + { + if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) ) + { + message_die(ERROR, 'Could not open backup file'); } - else + + if ( !fwrite($fp, $contents) ) { - if ( !($fp = fopen('./../' . $store_path . "/phpbb_db_backup.$extension", 'wb')) ) - { - message_die(ERROR, 'Could not open backup file'); - } + message_die(ERROR, 'Could not write backup file content'); + } - if ( !fwrite($fp, $contents) ) - { - message_die(ERROR, 'Could not write backup file content'); - } + fclose($fp); + unset($contents); + + message_die(MESSAGE, $lang['Backup_success']); + } - fclose($fp); - unset($contents); + exit; + break; - message_die(MESSAGE, $lang['Backup_success']); + case 'restore': + + if ( isset($HTTP_POST_VARS['restorestart']) ) + { + // + // Handle the file upload .... + // If no file was uploaded report an error... + // + if ( !empty($HTTP_POST_VARS['local']) ) + { + $file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']); + $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); + } + else + { + $filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : ''; + $file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; } - exit; - break; + if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) ) + { + message_die(MESSAGE, $lang['Restore_Error_no_file']); + } - case 'restore': + $ext = substr($filename, strrpos($filename, '.') + 1); - if ( isset($HTTP_POST_VARS['restorestart']) ) + if ( !preg_match('/^(sql|gz|bz2)$/', $ext) ) { - // - // Handle the file upload .... - // If no file was uploaded report an error... - // - if ( !empty($HTTP_POST_VARS['local']) ) - { - $file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']); - $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); - } - else - { - $filename = ( !empty($HTTP_POST_FILES['backup_file']['name']) ) ? $HTTP_POST_FILES['backup_file']['name'] : ''; - $file_tmpname = ( $HTTP_POST_FILES['backup_file']['tmp_name'] != 'none' ) ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ''; - } + message_die(MESSAGE, $lang['Restore_Error_filename']); + } - if ( $file_tmpname == '' || $filename == '' || !file_exists($file_tmpname) ) - { - message_die(MESSAGE, $lang['Restore_Error_no_file']); - } + if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) ) + { + message_die(MESSAGE, $lang['Compress_unsupported']); + } - $ext = substr($filename, strrpos($filename, '.') + 1); + $sql_query = ''; + switch ( $ext ) + { + case 'gz': + $fp = gzopen($file_tmpname, 'rb'); + while ( !gzeof($fp) ) + { + $sql_query .= gzgets($fp, 100000); + } + gzclose($fp); + break; - if ( !preg_match('/^(sql|gz|bz2)$/', $ext) ) - { - message_die(MESSAGE, $lang['Restore_Error_filename']); - } + case 'bz2': + $sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname))); + break; - if ( ( !extension_loaded('zlib') && $ext == 'gz' ) || ( !extension_loaded('zip') && $ext == 'zip' ) || ( $ext == 'bz2' && !extension_loaded('bz2') ) ) - { - message_die(MESSAGE, $lang['Compress_unsupported']); - } + default; + $sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname)); + } - $sql_query = ''; - switch ( $ext ) - { - case 'gz': - $fp = gzopen($file_tmpname, 'rb'); - while ( !gzeof($fp) ) - { - $sql_query .= gzgets($fp, 100000); - } - gzclose($fp); - break; - - case 'bz2': - $sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname))); - break; - - default; - $sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname)); - } + if ( $sql_query != '' ) + { + // Strip out sql comments... + $sql_query = remove_remarks($sql_query); + $pieces = split_sql_file($sql_query, ';'); - if ( $sql_query != '' ) + $sql_count = count($pieces); + for($i = 0; $i < $sql_count; $i++) { - // Strip out sql comments... - $sql_query = remove_remarks($sql_query); - $pieces = split_sql_file($sql_query, ';'); + $sql = trim($pieces[$i]); - $sql_count = count($pieces); - for($i = 0; $i < $sql_count; $i++) + if ( !empty($sql) && $sql[0] != '#' ) { - $sql = trim($pieces[$i]); - - if ( !empty($sql) && $sql[0] != '#' ) - { - $db->sql_query($sql); - } + $db->sql_query($sql); } } - - message_die(MESSAGE, $lang['Restore_success']); } - // - // Restore page - // - page_header($lang['DB_Restore']); + add_admin_log('log_db_restore'); + + message_die(MESSAGE, $lang['Restore_success']); + } + + // + // Restore page + // + page_header($lang['DB_Restore']); ?> @@ -404,21 +401,21 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) - :
:
sql'; - if ( extension_loaded('zlib') ) - { - $types .= ', sql.gz'; - } - if ( extension_loaded('bz2') ) - { - $types .= ', bz2'; - } + echo $lang['Supported_extensions']; - echo $types; + $types = ': sql'; + if ( extension_loaded('zlib') ) + { + $types .= ', sql.gz'; + } + if ( extension_loaded('bz2') ) + { + $types .= ', bz2'; + } + + echo $types; ?> @@ -434,7 +431,11 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -45,7 +45,7 @@ require('pagestart.' . $phpEx); // // Do we have user admin permissions? // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -63,7 +63,7 @@ if( isset($HTTP_POST_VARS['add_name']) ) } else { - $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) + $sql = "INSERT INTO " . DISALLOW_TABLE . " (disallow_username) VALUES('" . str_replace("\'", "''", $disallowed_user) . "')"; $result = $db->sql_query( $sql ); @@ -79,8 +79,8 @@ if( isset($HTTP_POST_VARS['add_name']) ) else if( isset($HTTP_POST_VARS['delete_name']) ) { $disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] ); - - $sql = "DELETE FROM " . DISALLOW_TABLE . " + + $sql = "DELETE FROM " . DISALLOW_TABLE . " WHERE disallow_id = $disallowed_id"; $db->sql_query($sql); @@ -95,7 +95,7 @@ else if( isset($HTTP_POST_VARS['delete_name']) ) // // Grab the current list of disallowed usernames... // -$sql = "SELECT * +$sql = "SELECT * FROM " . DISALLOW_TABLE; $result = $db->sql_query($sql); @@ -121,17 +121,17 @@ page_header($lang['Users']);

"> - + - + - + - + diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index e1e6af523d..27dd13e2db 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -21,14 +21,14 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } $filename = basename(__FILE__); $module['General']['Mass_Email'] = $filename . $SID; - + return; } @@ -43,14 +43,14 @@ require('pagestart.' . $phpEx); // // Do we have general admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { return; } // // Set some vars -// +// $message = ''; $subject = ''; @@ -80,7 +80,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) $subject = stripslashes($HTTP_POST_VARS['subject']); $message = stripslashes($HTTP_POST_VARS['message']); - + // // Error checking needs to go here ... if no subject and/or // no message then skip over the send and return to the form @@ -102,7 +102,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) $board_config['smtp_host'] = get_cfg_var('SMTP'); } $emailer = new emailer($board_config['smtp_delivery']); - + $email_headers = 'From: ' . $board_config['board_email'] . "\n"; $bcc_list = ''; @@ -111,7 +111,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) $bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $email_list[$i]['user_email']; } $email_headers .= "Bcc: $bcc_list\n"; - + $email_headers .= 'Return-Path: ' . $userdata['board_email'] . "\n"; $email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n"; $email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n"; @@ -124,8 +124,8 @@ if ( isset($HTTP_POST_VARS['submit']) ) $emailer->extra_headers($email_headers); $emailer->assign_vars(array( - 'SITENAME' => $board_config['sitename'], - 'BOARD_EMAIL' => $board_config['board_email'], + 'SITENAME' => $board_config['sitename'], + 'BOARD_EMAIL' => $board_config['board_email'], 'MESSAGE' => $message) ); @@ -134,13 +134,13 @@ if ( isset($HTTP_POST_VARS['submit']) ) message_die(MESSAGE, $lang['Email_sent']); } -} +} // // Initial selection // -$sql = "SELECT group_id, group_name +$sql = "SELECT group_id, group_name FROM ".GROUPS_TABLE; $result = $db->sql_query($sql); @@ -164,22 +164,22 @@ page_header($lang['Mass_Email']);

">

  

 
- + - + - + - - + + - +
-
+
diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index a15fb902c6..34e842b0fb 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -21,7 +21,7 @@ if (!empty($setmodules)) { - if (!$acl->get_acl_admin('forum')) + if (!$auth->get_acl_admin('forum')) { return; } @@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have forum admin permissions? // -if (!$acl->get_acl_admin('forum')) +if (!$auth->get_acl_admin('forum')) { message_die(MESSAGE, $lang['No_admin']); } @@ -535,7 +535,7 @@ switch ($mode) - +
&mode=remove&f=" method="post"> - + - + @@ -573,11 +573,11 @@ switch ($mode) if ($forum_status != ITEM_CATEGORY) { ?> - + - + @@ -586,18 +586,18 @@ switch ($mode) if ($right_id - $left_id > 1) { ?> - + - + - +
@@ -705,7 +705,7 @@ while ($row = $db->sql_fetchrow($result)) $forum_title = htmlspecialchars($sub_row['forum_name']); $forum_desc = htmlspecialchars($sub_row['forum_desc']); $subforums = ($sub_row['right_id'] - $sub_row['left_id'] - 1) / 2; - + if ($sub_row['forum_status'] != ITEM_CATEGORY) { $colspan = ''; diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php index e3c35f1d93..3a7e7a95fe 100644 --- a/phpBB/admin/admin_groups.php +++ b/phpBB/admin/admin_groups.php @@ -19,10 +19,13 @@ * ***************************************************************************/ -define('IN_PHPBB', 1); - if( !empty($setmodules) ) { + if ( !$auth->get_acl_admin('group') ) + { + return; + } + $filename = basename(__FILE__); $module['Groups']['Create'] = $filename . "$SID&mode=create"; $module['Groups']['Delete'] = $filename . "$SID&mode=delete"; @@ -31,20 +34,29 @@ if( !empty($setmodules) ) return; } +define('IN_PHPBB', 1); // -// Load default header +// Include files // -$phpbb_root_path = "../"; +$phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +// +// Do we have general permissions? +// +if ( !$auth->get_acl_admin('group') ) +{ + message_die(MESSAGE, $lang['No_admin']); +} + if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) { $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); } else { - $group_id = ""; + $group_id = ''; } // @@ -122,7 +134,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) for($i = 0; $i < count($user_list); $i++) { - if( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) + if( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) { $group_moderator = $user_list[$i]['username']; } @@ -136,15 +148,15 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) $template->assign_vars(array( "GROUP_NAME" => $group_info['group_name'], - "GROUP_DESCRIPTION" => $group_info['group_description'], - "GROUP_MODERATOR" => $group_moderator, + "GROUP_DESCRIPTION" => $group_info['group_description'], + "GROUP_MODERATOR" => $group_moderator, "L_GROUP_TITLE" => $lang['Group_administration'], - "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], + "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], "L_GROUP_NAME" => $lang['group_name'], "L_GROUP_DESCRIPTION" => $lang['group_description'], - "L_GROUP_MODERATOR" => $lang['group_moderator'], - "L_FIND_USERNAME" => $lang['Find_username'], + "L_GROUP_MODERATOR" => $lang['group_moderator'], + "L_FIND_USERNAME" => $lang['Find_username'], "L_GROUP_STATUS" => $lang['group_status'], "L_GROUP_OPEN" => $lang['group_open'], "L_GROUP_CLOSED" => $lang['group_closed'], @@ -157,7 +169,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) "L_DELETE_MODERATOR_EXPLAIN" => $lang['delete_moderator_explain'], "L_YES" => $lang['Yes'], - "U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"), + "U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"), "S_GROUP_OPEN_TYPE" => GROUP_OPEN, "S_GROUP_CLOSED_TYPE" => GROUP_CLOSED, @@ -220,7 +232,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); } - + $this_userdata = get_userdata($group_moderator); $group_moderator = $this_userdata['user_id']; @@ -228,7 +240,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); } - + if( $mode == "editgroup" ) { $sql = "SELECT * @@ -243,14 +255,14 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); } - $group_info = $db->sql_fetchrow($result); - + $group_info = $db->sql_fetchrow($result); + if ( $group_info['group_moderator'] != $group_moderator ) { if ( $delete_old_moderator != "" ) { $sql = "DELETE FROM " . USER_GROUP_TABLE . " - WHERE user_id = " . $group_info['group_moderator'] . " + WHERE user_id = " . $group_info['group_moderator'] . " AND group_id = " . $group_id; if ( !$result = $db->sql_query($sql) ) { @@ -265,20 +277,20 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } } $sql = "UPDATE " . GROUPS_TABLE . " - SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator + SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator WHERE group_id = $group_id"; if ( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql); } - + $message = $lang['Updated_group'] . "

" . sprintf($lang['Click_return_groupsadmin'], "", "") . "

" . sprintf($lang['Click_return_admin_index'], "", "");; message_die(GENERAL_MESSAGE, $message); } else if( $mode == "newgroup" ) { - $sql = "SELECT MAX(group_id) AS new_group_id + $sql = "SELECT MAX(group_id) AS new_group_id FROM " . GROUPS_TABLE; if ( !$result = $db->sql_query($sql) ) { @@ -288,7 +300,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) $new_group_id = $row['new_group_id'] + 1; - $sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user) + $sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_type, group_name, group_description, group_moderator, group_single_user) VALUES ($new_group_id, $group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')"; if ( !$result = $db->sql_query($sql) ) { @@ -301,7 +313,7 @@ else if( isset($HTTP_POST_VARS['group_update']) ) { message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql); } - + $message = $lang['Added_new_group'] . "

" . sprintf($lang['Click_return_groupsadmin'], "", "") . "

" . sprintf($lang['Click_return_admin_index'], "", "");; message_die(GENERAL_MESSAGE, $message); @@ -313,48 +325,97 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } } } -else -{ + +page_header($lang['Manage']); + +?> + +

+ +

+ +
"> + + + + " . TRUE . " ORDER BY group_name"; - $g_result = $db->sql_query($sql); - $group_list = $db->sql_fetchrowset($g_result); + $result = $db->sql_query($sql); - $select_list = ""; - - $template->set_filenames(array( - "body" => "admin/group_select_body.tpl") - ); - $template->assign_vars(array( - "L_GROUP_TITLE" => $lang['Group_administration'], - "L_GROUP_EXPLAIN" => $lang['Group_admin_explain'], - "L_GROUP_SELECT" => $lang['Select_group'], - "L_LOOK_UP" => $lang['Look_up_group'], - "L_CREATE_NEW_GROUP" => $lang['New_group'], + $sql = "SELECT ug.group_id, u.user_id, u.username + FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug + WHERE ug.user_pending = 1 + AND u.user_id = ug.user_id + ORDER BY ug.group_id"; + $result = $db->sql_query($sql); - "S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"), - "S_GROUP_SELECT" => $select_list) - ); + $pending = array(); + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $pending[$row['group_id']][] = $row; + } + while ( $row = $db->sql_fetchrow($result) ); + } - // - // Faking the IF... ELSE statements again... - // - if( count($group_list) > 0 ) + foreach ( $groups as $group_ary ) { - $template->assign_block_vars("select_box", array()); + $group_id = $group_ary['group_id']; + $group_name = ( !empty($lang[$group_ary['group_name']]) ) ? $lang[$group_ary['group_name']] : $group_ary['group_name']; + +?> + + + + + + + + + + + + + + + +pparse('body'); -} +?> +
    
No pending users
+ + diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 43d79d4709..656ddcedcd 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('auth') ) + if ( !$auth->get_acl_admin('auth') ) { return; } @@ -46,7 +46,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('auth') ) +if ( !$auth->get_acl_admin('auth') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -101,6 +101,13 @@ switch ( $mode ) break; } +// +// Brief explanation of how things work when updating ... +// +// Granting someone any admin permissions grants them permissions +// to all other options, e.g. Moderator and Forums across the board. +// This is done via the acl class +// if ( isset($HTTP_POST_VARS['update']) ) { switch ( $HTTP_POST_VARS['type'] ) @@ -116,7 +123,7 @@ if ( isset($HTTP_POST_VARS['update']) ) foreach ( $HTTP_POST_VARS['entries'] as $id ) { - $acl->$set($forum_id, $id, $HTTP_POST_VARS['option']); + $auth->$set($forum_id, $id, $HTTP_POST_VARS['option']); } message_die(MESSAGE, 'Permissions updated successfully'); @@ -156,7 +163,7 @@ else if ( isset($HTTP_POST_VARS['delete']) ) foreach ( $HTTP_POST_VARS['entries'] as $id ) { - $acl->$set($forum_id, $id, $option_ids); + $auth->$set($forum_id, $id, $option_ids); } message_die(MESSAGE, 'Permissions updated successfully'); @@ -344,9 +351,16 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators else { + // + // Founder only operations ... these operations can + // only be altered by someone with founder status + // + $founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : ''; + $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " - WHERE auth_value LIKE '" . $type_sql . "_%'"; + WHERE auth_value LIKE '" . $type_sql . "_%' + $founder_sql"; $result = $db->sql_query($sql); $auth_options = array(); diff --git a/phpBB/admin/admin_prune.php b/phpBB/admin/admin_prune.php index f1b531cb7d..12bebe7c0c 100644 --- a/phpBB/admin/admin_prune.php +++ b/phpBB/admin/admin_prune.php @@ -21,11 +21,11 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('forum') ) + if ( !$auth->get_acl_admin('forum') ) { return; } - + $filename = basename(__FILE__); $module['Forums']['Prune'] = $filename . $SID . '&mode=forums'; @@ -39,12 +39,12 @@ define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); +require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('forum') ) +if ( !$auth->get_acl_admin('forum') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -97,10 +97,10 @@ if ( isset($HTTP_POST_VARS['doprune']) ) { $p_result = prune($forum_rows[$i]['forum_id'], $prunedate); sync('forum', $forum_rows[$i]['forum_id']); - + $template->assign_block_vars('prune_results', array( - 'ROW_COLOR' => '#' . $row_color, - 'ROW_CLASS' => $row_class, + 'ROW_COLOR' => '#' . $row_color, + 'ROW_CLASS' => $row_class, 'FORUM_NAME' => $forum_rows[$i]['forum_name'], 'FORUM_TOPICS' => $p_result['topics'], 'FORUM_POSTS' => $p_result['posts']) @@ -161,7 +161,7 @@ else { $forum_name = ( $forum_id == -1 ) ? $lang['All_Forums'] : $forum_rows[0]['forum_name']; - $prune_data = $lang['Prune_topics_not_posted'] . " "; + $prune_data = $lang['Prune_topics_not_posted'] . " "; $prune_data .= ' ' . $lang['Days']; $s_hidden_fields = ''; @@ -175,13 +175,13 @@ else

"> - + - +
diff --git a/phpBB/admin/admin_prune_users.php b/phpBB/admin/admin_prune_users.php index 1169c4415d..ec744510a8 100644 --- a/phpBB/admin/admin_prune_users.php +++ b/phpBB/admin/admin_prune_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -75,7 +75,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) { $l_message .= ( !empty($HTTP_POST_VARS[$field]) ) ? '' : ''; } - + $l_message .= ''; page_header($lang['Prune_users']); @@ -90,7 +90,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) page_message($lang['Confirm'], $l_message, false); page_footer(); - + } else if ( isset($HTTP_POST_VARS['confirm']) ) { @@ -128,8 +128,8 @@ if ( isset($HTTP_POST_VARS['prune']) ) $where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : ''; } - $sql = "SELECT username, user_id FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS . " + $sql = "SELECT username, user_id FROM " . USERS_TABLE . " + WHERE user_id <> " . ANONYMOUS . " $where_sql"; $result = $db->sql_query($sql); @@ -169,8 +169,8 @@ if ( isset($HTTP_POST_VARS['prune']) ) for($i = 0; $i < sizeof($user_ids); $i++) { - $sql = "UPDATE " . POSTS_TABLE . " - SET poster_id = " . ANONYMOUS . ", post_username = '" . $usernames[$i] . "' + $sql = "UPDATE " . POSTS_TABLE . " + SET poster_id = " . ANONYMOUS . ", post_username = '" . $usernames[$i] . "' WHERE user_id = " . $userids[$i]; // $db->sql_query($sql); } @@ -184,7 +184,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) $sql = "UPDATE " . USERS_TABLE . " SET user_active = 0"; } - $sql .= " WHERE user_id <> " . ANONYMOUS . " + $sql .= " WHERE user_id <> " . ANONYMOUS . " $where_sql"; // $db->sql_query($sql); @@ -233,26 +233,26 @@ page_header($lang['Prune_users']);

"> - + - + - + - + - + - + diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index fd87887456..176aa50cf4 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -55,7 +55,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; } -else +else { // // These could be entered via a form button @@ -85,9 +85,9 @@ if ( $mode != '' ) // They want to add a new rank, show the form. // $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; - + $s_hidden_fields = ''; - + if ( $mode == 'edit' ) { if ( empty($rank_id) ) @@ -98,7 +98,7 @@ if ( $mode != '' ) $sql = "SELECT * FROM " . RANKS_TABLE . " WHERE rank_id = $rank_id"; $result = $db->sql_query($sql); - + $rank_info = $db->sql_fetchrow($result); $s_hidden_fields .= ''; @@ -151,7 +151,7 @@ if ( $mode != '' ) // // Ok, they sent us our info, let's update it. // - + $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; $rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : ''; $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0; @@ -194,7 +194,7 @@ if ( $mode != '' ) $message = $lang['Rank_added']; } - + $db->sql_query($sql); $message .= '

' . sprintf($lang['Click_return_rankadmin'], '', '') . '

' . sprintf($lang['Click_return_admin_index'], '', ''); @@ -207,7 +207,7 @@ if ( $mode != '' ) // // Ok, they want to delete their rank // - + if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) { $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); @@ -216,15 +216,15 @@ if ( $mode != '' ) { $rank_id = 0; } - + if ( $rank_id ) { $sql = "DELETE FROM " . RANKS_TABLE . " WHERE rank_id = $rank_id"; $db->sql_query($sql); - - $sql = "UPDATE " . USERS_TABLE . " - SET user_rank = 0 + + $sql = "UPDATE " . USERS_TABLE . " + SET user_rank = 0 WHERE user_rank = $rank_id"; $db->sql_query($sql); diff --git a/phpBB/admin/admin_search.php b/phpBB/admin/admin_search.php index 9adfa2cae4..86d7b820b2 100644 --- a/phpBB/admin/admin_search.php +++ b/phpBB/admin/admin_search.php @@ -1,4 +1,4 @@ -get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -113,8 +113,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) // // Take board offline // - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = '1' + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '1' WHERE config_name = 'board_disable'"; $db->sql_query($sql); @@ -129,7 +129,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) // // Fetch a batch of posts_text entries // - $sql = "SELECT COUNT(*) AS total, MAX(post_id) AS max_post_id, MIN(post_id) AS min_post_id + $sql = "SELECT COUNT(*) AS total, MAX(post_id) AS max_post_id, MIN(post_id) AS min_post_id FROM " . POSTS_TEXT_TABLE; $result = $db->sql_query($sql); @@ -139,18 +139,18 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) $db->sql_freeresult($result); - $sql = "SELECT * - FROM " . POSTS_TEXT_TABLE . " - WHERE post_id - BETWEEN $batchstart + $sql = "SELECT * + FROM " . POSTS_TEXT_TABLE . " + WHERE post_id + BETWEEN $batchstart AND $batchend"; $result = $db->sql_query($sql); - + if ( $row = $db->sql_fetchrow($result) ) { do { - $post_id = $row['post_id']; + $post_id = $row['post_id']; $search_raw_words = array(); $search_raw_words['text'] = split_words(clean_words('post', $row['post_text'], $stopword_array, $synonym_array)); @@ -164,14 +164,14 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) if ( !empty($search_matches) ) { for ($i = 0; $i < count($search_matches); $i++) - { + { $search_matches[$i] = trim($search_matches[$i]); - if ( $search_matches[$i] != '' ) + if ( $search_matches[$i] != '' ) { $word[] = $search_matches[$i]; $word_insert_sql[$word_in] .= ( $word_insert_sql[$word_in] != '' ) ? ", '" . $search_matches[$i] . "'" : "'" . $search_matches[$i] . "'"; - } + } } } } @@ -194,8 +194,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) case 'mssql-odbc': case 'oracle': case 'db2': - $sql = "SELECT word_id, word_text - FROM " . SEARCH_WORD_TABLE . " + $sql = "SELECT word_id, word_text + FROM " . SEARCH_WORD_TABLE . " WHERE word_text IN ($word_text_sql)"; $result = $db->sql_query($sql); @@ -209,7 +209,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) $value_sql = ''; $match_word = array(); for ($i = 0; $i < count($word); $i++) - { + { $new_match = true; if ( isset($check_words[$word[$i]]) ) { @@ -228,8 +228,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) $value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'"; break; default: - $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) - VALUES ('" . $word[$i] . "')"; + $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) + VALUES ('" . $word[$i] . "')"; $db->sql_query($sql); break; } @@ -242,12 +242,12 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) { case 'mysql': case 'mysql4': - $sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text) - VALUES $value_sql"; + $sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text) + VALUES $value_sql"; break; case 'mssql': - $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) - $value_sql"; + $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) + $value_sql"; break; } @@ -261,10 +261,10 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) if ( $match_sql != '' ) { - $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) - SELECT $post_id, word_id, $title_match - FROM " . SEARCH_WORD_TABLE . " - WHERE word_text IN ($match_sql)"; + $sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) + SELECT $post_id, word_id, $title_match + FROM " . SEARCH_WORD_TABLE . " + WHERE word_text IN ($match_sql)"; $db->sql_query($sql); } } @@ -290,8 +290,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) } else { - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = '0' + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '0' WHERE config_name = 'board_disable'"; $db->sql_query($sql); @@ -314,8 +314,8 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) } else if ( isset($HTTP_POST_VARS['cancel']) ) { - $sql = "UPDATE " . CONFIG_TABLE . " - SET config_value = '0' + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '0' WHERE config_name = 'board_disable'"; $db->sql_query($sql); diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 549bac5831..0c832bb3ea 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have general permissions? // -if (!$acl->get_acl_admin('general')) +if (!$auth->get_acl_admin('general')) { message_die(MESSAGE, $lang['No_admin']); } @@ -79,7 +79,7 @@ if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS[ $smilies_images[] = $file; } elseif (preg_match('/\.pak$/i', $file)) - { + { $smilies_paks[] = $file; } } @@ -175,7 +175,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) } } - message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return); + message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return); } else { @@ -200,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak']))

-
:
:
:
:
:
+
@@ -220,7 +220,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) - +
-
+
@@ -313,7 +313,7 @@ function update_smile_dimensions() - +
-
+
- + @@ -430,7 +430,7 @@ function update_smile_dimensions() - +
stripslashes($HTTP_POST_VARS['smile_emotion']), 'smile_on_posting' => (!empty($HTTP_POST_VARS['smile_on_posting'])) ? 1 : 0 ); - + $smile_id = $HTTP_POST_VARS['smile_id']; $smile_order = $HTTP_POST_VARS['smile_order']; diff --git a/phpBB/admin/admin_styles.php b/phpBB/admin/admin_styles.php index afe37454c4..1f6a020b58 100644 --- a/phpBB/admin/admin_styles.php +++ b/phpBB/admin/admin_styles.php @@ -2,7 +2,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('styles') ) + if ( !$auth->get_acl_admin('styles') ) { return; } @@ -27,7 +27,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$acl->get_acl_admin('styles') ) +if ( !$auth->get_acl_admin('styles') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -57,8 +57,8 @@ switch ( $mode ) if ( isset($HTTP_POST_VARS['img_root']) ) { - $sql = "SELECT * - FROM " . STYLES_IMAGE_TABLE . " + $sql = "SELECT * + FROM " . STYLES_IMAGE_TABLE . " WHERE imageset_path LIKE '" . $HTTP_POST_VARS['imgroot'] . "'"; $result = $db->sql_query($sql); @@ -74,7 +74,7 @@ switch ( $mode ) $imageset = array('imageset_path', 'post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_profile', 'icon_pm', 'icon_delete', 'icon_ip', 'icon_quote', 'icon_search', 'icon_edit', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm', 'goto_post', 'goto_post_new', 'goto_post_latest', 'goto_post_newest', 'forum', 'forum_new', 'forum_locked', 'folder', 'folder_new', 'folder_hot', 'folder_hot_new', 'folder_locked', 'folder_locked_new', 'folder_sticky', 'folder_sticky_new', 'folder_announce', 'folder_announce_new', 'topic_watch', 'topic_unwatch', 'poll_left', 'poll_center', 'poll_right', 'rating'); $sql = "SELECT imageset_name, imageset_path - FROM " . STYLES_IMAGE_TABLE . " + FROM " . STYLES_IMAGE_TABLE . " ORDER BY imageset_name"; $result = $db->sql_query($sql); @@ -117,7 +117,7 @@ switch ( $mode ) echo ''; echo 'ImageSourceWidthHeightBorder '; echo ''; - + for($i = 0; $i < count($imageset); $i++) { $class = ( !($i%2) ) ? 'row1' : 'row2'; @@ -246,8 +246,8 @@ switch ( $mode ) if ( isset($HTTP_POST_VARS['update']) ) { - $sql = "SELECT theme_id, theme_name - FROM " . STYLES_CSS_TABLE . " + $sql = "SELECT theme_id, theme_name + FROM " . STYLES_CSS_TABLE . " WHERE theme_id = $theme_id"; $result = $db->sql_query($sql); @@ -258,8 +258,8 @@ switch ( $mode ) $css_data = ( !empty($HTTP_POST_VARS['css_data']) ) ? htmlentities($HTTP_POST_VARS['css_data']) : ''; $css_external = ( !empty($HTTP_POST_VARS['css_data']) ) ? $HTTP_POST_VARS['css_data'] : ''; - $sql = "UPDATE " > STYLES_CSS_TABLE . " - SET css_data = '$css_data', css_external = '$css_external' + $sql = "UPDATE " > STYLES_CSS_TABLE . " + SET css_data = '$css_data', css_external = '$css_external' WHERE theme_id = $theme_id"; $db->sql_query($sql); @@ -271,7 +271,7 @@ switch ( $mode ) page_header($lang['Edit_theme']); - $sql = "SELECT theme_id, theme_name + $sql = "SELECT theme_id, theme_name FROM " . STYLES_CSS_TABLE; $result = $db->sql_query($sql); @@ -290,7 +290,7 @@ switch ( $mode ) $css_external = ''; if ( $theme_id ) { - $sql = "SELECT css_data, css_external + $sql = "SELECT css_data, css_external FROM " . STYLES_CSS_TABLE . " WHERE theme_id = $theme_id"; $result = $db->sql_query($sql); @@ -343,7 +343,7 @@ function get_templates($tplroot = '') global $db; $sql = "SELECT template_name, template_path - FROM " . STYLES_TPL_TABLE . " + FROM " . STYLES_TPL_TABLE . " ORDER BY template_name"; $result = $db->sql_query($sql); @@ -353,7 +353,7 @@ function get_templates($tplroot = '') $selected = ( $tplroot == $row['template_path'] ) ? ' selected="selected"' : ''; $tplroot_options .= ''; } - + return $tplroot_options; } diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index 378636dbd9..9776106e86 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('user') ) + if ( !$auth->get_acl_admin('user') ) { return; } @@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('user') ) +if ( !$auth->get_acl_admin('user') ) { return; } @@ -127,7 +127,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ''; $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; - $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; + $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0; @@ -155,7 +155,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_lang = stripslashes($user_lang); $user_dateformat = stripslashes($user_dateformat); - if ( !isset($HTTP_POST_VARS['cancelavatar'])) + if ( !isset($HTTP_POST_VARS['cancelavatar'])) { $user_avatar = $user_avatar_local; $user_avatar_type = USER_AVATAR_GALLERY; @@ -215,7 +215,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) if( $user_status == 0 ) { // User is (made) inactive. Delete all their sessions. - $sql = "DELETE FROM " . SESSIONS_TABLE . " + $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = $user_id"; $db->sql_query($sql); } @@ -237,7 +237,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); if ( strlen($sig_length_check) > $board_config['max_sig_chars'] ) - { + { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Signature_too_long']; } @@ -388,7 +388,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) ) { - $file_size = $file_data1[1]; + $file_size = $file_data1[1]; $file_type = $file_data2[1]; switch( $file_type ) @@ -512,7 +512,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) { $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY; } - + // // Update entry in DB // @@ -520,10 +520,10 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) { if( $HTTP_POST_VARS['deleteuser'] ) { - $sql = "SELECT g.group_id - FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g - WHERE ug.user_id = $user_id - AND g.group_id = ug.group_id + $sql = "SELECT g.group_id + FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g + WHERE ug.user_id = $user_id + AND g.group_id = ug.group_id AND g.group_single_user = 1"; $result = $db->sql_query($sql); @@ -533,12 +533,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $db->sql_transaction(); $sql = "UPDATE " . POSTS_TABLE . " - SET poster_id = " . ANONYMOUS . ", post_username = '$username' + SET poster_id = " . ANONYMOUS . ", post_username = '$username' WHERE poster_id = $user_id"; $db->sql_query($sql); $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_poster = " . ANONYMOUS . " + SET topic_poster = " . ANONYMOUS . " WHERE topic_poster = $user_id"; $db->sql_query($sql); @@ -677,11 +677,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_lang = $this_userdata['user_lang']; $user_timezone = $this_userdata['user_timezone']; $user_dateformat = $this_userdata['user_dateformat']; - + $user_status = $this_userdata['user_active']; $user_allowavatar = $this_userdata['user_allowavatar']; $user_allowpm = $this_userdata['user_allow_pm']; - + $COPPA = false; $html_status = ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF']; @@ -727,7 +727,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } } } - + @closedir($dir); if( isset($HTTP_POST_VARS['avatarcategory']) ) @@ -794,7 +794,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $s_hidden_fields .= ''; $s_hidden_fields .= ''; $s_hidden_fields .= ''; - $s_hidden_fields .= ''; + $s_hidden_fields .= ''; $s_hidden_fields .= ''; $s_hidden_fields .= ''; $s_hidden_fields .= ''; @@ -807,15 +807,15 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $template->assign_vars(array( "L_USER_TITLE" => $lang['User_admin'], "L_USER_EXPLAIN" => $lang['User_admin_explain'], - "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], - "L_SELECT_AVATAR" => $lang['Select_avatar'], - "L_RETURN_PROFILE" => $lang['Return_profile'], - "L_CATEGORY" => $lang['Select_category'], + "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], + "L_SELECT_AVATAR" => $lang['Select_avatar'], + "L_RETURN_PROFILE" => $lang['Return_profile'], + "L_CATEGORY" => $lang['Select_category'], "L_GO" => $lang['Go'], - "S_OPTIONS_CATEGORIES" => $s_categories, - "S_COLSPAN" => $s_colspan, - "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), + "S_OPTIONS_CATEGORIES" => $s_categories, + "S_COLSPAN" => $s_colspan, + "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), "S_HIDDEN_FIELDS" => $s_hidden_fields) ); } @@ -860,17 +860,17 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) { $rank = $row['rank_title']; $rank_id = $row['rank_id']; - + $selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : ''; $rank_select_box .= ''; } $signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature); - + $template->set_filenames(array( "body" => "admin/user_edit_body.tpl") ); - + // // Let's do an overall check for settings/versions which would prevent // us from doing file uploads.... @@ -918,12 +918,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) 'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '', 'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '', 'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '', - 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', + 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', 'RANK_SELECT_BOX' => $rank_select_box, 'L_USER_TITLE' => $lang['User_admin'], 'L_USER_EXPLAIN' => $lang['User_admin_explain'], - 'L_NEW_PASSWORD' => $lang['New_password'], + 'L_NEW_PASSWORD' => $lang['New_password'], 'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'], 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'], @@ -949,13 +949,13 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'], 'L_HIDE_USER' => $lang['Hide_user'], 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'], - + 'L_SPECIAL' => $lang['User_special'], 'L_SPECIAL_EXPLAIN' => $lang['User_specail_explain'], 'L_USER_ACTIVE' => $lang['User_status'], 'L_ALLOW_PM' => $lang['User_allowpm'], 'L_ALLOW_AVATAR' => $lang['User_allowavatar'], - + 'L_AVATAR_PANEL' => $lang['Avatar_panel'], 'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'], 'L_DELETE_AVATAR' => $lang['Delete_Image'], @@ -981,7 +981,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) 'S_FORM_ENCTYPE' => $form_enctype, 'HTML_STATUS' => $html_status, - 'BBCODE_STATUS' => sprintf($bbcode_status, '', ''), + 'BBCODE_STATUS' => sprintf($bbcode_status, '', ''), 'SMILIES_STATUS' => $smilies_status, 'L_DELETE_USER' => $lang['User_delete'], diff --git a/phpBB/admin/admin_viewlogs.php b/phpBB/admin/admin_viewlogs.php index e09a98030f..acc8844fe3 100644 --- a/phpBB/admin/admin_viewlogs.php +++ b/phpBB/admin/admin_viewlogs.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$acl->get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -44,7 +44,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -73,7 +73,7 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M // // Delete entries if requested and able // -if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $acl->get_acl_admin('clearlogs')) +if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs')) { $where_sql = ''; if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) ) @@ -85,7 +85,7 @@ if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) $where_sql = "WHERE log_id IN ($where_sql)"; } - $sql = "DELETE FROM $table_sql + $sql = "DELETE FROM $table_sql $where_sql"; $db->sql_query($sql); @@ -148,7 +148,7 @@ $forum_options = ''; if ( $mode == 'mod' ) { $sql = "SELECT forum_id, forum_name - FROM " . FORUMS_TABLE . " + FROM " . FORUMS_TABLE . " ORDER BY cat_id, forum_order"; $result = $db->sql_query($sql); @@ -203,7 +203,7 @@ if ( $mode == 'mod' ) :      - + @@ -224,7 +224,7 @@ if ( $log_count ) for($i = 0; $i < sizeof($log_data); $i++) { $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; - + ?> @@ -237,7 +237,7 @@ if ( $log_count ) } - if ( $acl->get_acl_admin('clearlogs') ) + if ( $auth->get_acl_admin('clearlogs') ) { ?> @@ -262,14 +262,14 @@ else - + - + $file ) + foreach ( $action_ary as $action => $file ) { $action = ( !empty($lang[$action]) ) ? $lang[$action] : preg_replace('/_/', ' ', $action); $cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1'; ?> - + sql_query($sql); } - $log_action = ( isset($HTTP_POST_VARS['activate']) ) ? 'log_index_activate' : 'log_index_delete'; + $log_action = ( isset($HTTP_POST_VARS['activate']) ) ? 'log_index_activate' : 'log_index_delete'; add_admin_log($log_action, sizeof($HTTP_POST_VARS['mark'])); } } @@ -264,7 +264,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) if ( preg_match('/^mysql/', SQL_LAYER) ) { $result = $db->sql_query('SELECT VERSION() AS mysql_version'); - + if ( $row = $db->sql_fetchrow($result) ) { $version = $row['mysql_version']; @@ -273,10 +273,10 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) { $db_name = ( preg_match('/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/', $version) ) ? "`$dbname`" : $dbname; - $sql = "SHOW TABLE STATUS + $sql = "SHOW TABLE STATUS FROM " . $db_name; $result = $db->sql_query($sql); - + $dbsize = 0; while ( $row = $db->sql_fetchrow($result) ) { @@ -308,10 +308,10 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) } else if ( preg_match('/^mssql/', SQL_LAYER) ) { - $sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize - FROM sysfiles"; + $sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize + FROM sysfiles"; $result = $db->sql_query($sql); - + $dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $lang['Not_available']; } else @@ -347,37 +347,37 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )

 get_acl_admin('clearlogs') ) + if ( $auth->get_acl_admin('clearlogs') ) { - + ?> ::  

get_acl_admin('general') ) + if ( !$auth->get_acl_admin('general') ) { return; } @@ -42,7 +42,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$acl->get_acl_admin('general') ) +if ( !$auth->get_acl_admin('general') ) { return; } @@ -54,7 +54,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; } -else +else { // // These could be entered via a form button @@ -89,8 +89,8 @@ if( $mode != '' ) message_die(MESSAGE, $lang['No_word_selected']); } - $sql = "SELECT * - FROM " . WORDS_TABLE . " + $sql = "SELECT * + FROM " . WORDS_TABLE . " WHERE word_id = $word_id"; $result = $db->sql_query($sql); @@ -158,7 +158,7 @@ if( $mode != '' ) message_die(MESSAGE, $lang['Must_specify_word']); } - $sql = "DELETE FROM " . WORDS_TABLE . " + $sql = "DELETE FROM " . WORDS_TABLE . " WHERE word_id = $word_id"; $db->sql_query($sql); @@ -189,8 +189,8 @@ else sql_query($sql); diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index 6a6651df6f..115b1199e4 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -37,7 +37,7 @@ require('pagestart.' . $phpEx); // // Do we have any admin permissions at all? // -if ( !$acl->get_acl_admin() ) +if ( !$auth->get_acl_admin() ) { message_die(MESSAGE, 'No_admin', '', true); } @@ -112,20 +112,20 @@ else if ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' ) $cat = ( !empty($lang[$cat . '_cat']) ) ? $lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat); ?> -
»
- + - + - + - + - + - + @@ -393,7 +393,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )

: :
: :
: :
: :
: :
- + @@ -406,7 +406,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) for($i = 0; $i < sizeof($log_data); $i++) { $row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1'; - + ?> @@ -426,17 +426,17 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )

">
- + " . ANONYMOUS . " + $sql = "SELECT user_id, username, user_regdate + FROM " . USERS_TABLE . " + WHERE user_active = 0 + AND user_id <> " . ANONYMOUS . " ORDER BY user_regdate ASC"; $result = $db->sql_query($sql); @@ -479,7 +479,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
- +
::
@@ -506,7 +506,7 @@ else " name="title" noresize marginwidth="0" marginheight="0" scrolling="NO"> - + " name="nav" marginwidth="3" marginheight="3" scrolling="yes"> " name="main" marginwidth="0" marginheight="0" scrolling="auto"> diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 4a02f21154..f1a844a962 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -31,7 +31,7 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start($update); -$acl = new acl($userdata); +$auth->acl($userdata); // // End session management // -- cgit v1.2.1