From 91384d8395166ec21995103410e35f7ba28ac830 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 24 Mar 2012 15:05:02 +0100 Subject: [ticket/10714] Add casts to integer values. PHPBB3-10714 --- phpBB/includes/functions_admin.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 5e2ee8c8f6..e05ed3cdde 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2603,6 +2603,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id $log = array(); while ($row = $db->sql_fetchrow($result)) { + $row['forum_id'] = (int) $row['forum_id']; if ($row['topic_id']) { $topic_id_list[] = $row['topic_id']; @@ -2614,20 +2615,20 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id } $log[$i] = array( - 'id' => $row['log_id'], + 'id' => (int) $row['log_id'], - 'reportee_id' => $row['reportee_id'], + 'reportee_id' => (int) $row['reportee_id'], 'reportee_username' => '', 'reportee_username_full'=> '', - 'user_id' => $row['user_id'], + 'user_id' => (int) $row['user_id'], 'username' => $row['username'], 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], false, $profile_url), 'ip' => $row['log_ip'], - 'time' => $row['log_time'], - 'forum_id' => $row['forum_id'], - 'topic_id' => $row['topic_id'], + 'time' => (int) $row['log_time'], + 'forum_id' => (int) $row['forum_id'], + 'topic_id' => (int) $row['topic_id'], 'viewforum' => ($row['forum_id'] && $auth->acl_get('f_read', $row['forum_id'])) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : false, 'action' => (isset($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : '{' . ucfirst(str_replace('_', ' ', $row['log_operation'])) . '}', @@ -2689,6 +2690,7 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id while ($row = $db->sql_fetchrow($result)) { + $row['forum_id'] = (int) $row['forum_id']; if ($auth->acl_get('f_read', $row['forum_id'])) { $is_auth[$row['topic_id']] = $row['forum_id']; -- cgit v1.2.1 From f5063a6eda49d2a35b2aed486f86cde76e0f04a8 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 24 Mar 2012 15:06:13 +0100 Subject: [ticket/10714] Add incorrect offset calculation in view_log function PHPBB3-10714 --- phpBB/includes/functions_admin.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index e05ed3cdde..fd1f5568ab 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2584,9 +2584,13 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id return 0; } - if ($offset >= $log_count) + if ($log_count) { - $offset = ($offset - $limit < 0) ? 0 : $offset - $limit; + // Return the user to the last page that is valid + while ($offset >= $log_count) + { + $offset = ($offset - $limit < 0) ? 0 : $offset - $limit; + } } $sql = "SELECT l.*, u.username, u.username_clean, u.user_colour -- cgit v1.2.1 From 9248b9b25fdc3c05cc9fb1e99f607817f8ec7bcb Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 24 Mar 2012 15:06:32 +0100 Subject: [ticket/10714] Add doc block for view_log function PHPBB3-10714 --- phpBB/includes/functions_admin.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index fd1f5568ab..49c34f7fff 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2470,7 +2470,21 @@ function cache_moderators() /** * View log -* If $log_count is set to false, we will skip counting all entries in the database. +* +* @param string $mode The mode defines which log_type is used and in which log the entry is displayed. +* @param array &$log The result array with the logs +* @param mixed &$log_count If $log_count is set to false, we will skip counting all entries in the database. +* Otherwise an integer with the number of total matching entries is returned. +* @param int $limit Limit the number of entries that are returned +* @param int $offset Offset when fetching the log entries, f.e. on paginations +* @param mixed $forum_id Restrict the log entries to the given forum_id (can also be an array of forum_ids) +* @param int $topic_id Restrict the log entries to the given topic_id +* @param int $user_id Restrict the log entries to the given user_id +* @param int $log_time Only get log entries newer than the given timestamp +* @param string $sort_by SQL order option, e.g. 'l.log_time DESC' +* @param string $keywords Will only return log entries that have the keywords in log_operation or log_data +* +* @return int Returns the offset of the last valid page, if the specified offset was invalid (too high) */ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id = 0, $topic_id = 0, $user_id = 0, $limit_days = 0, $sort_by = 'l.log_time DESC', $keywords = '') { -- cgit v1.2.1 From 97290647fae683ecce842541a682e3403b7717ee Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 24 Mar 2012 16:39:03 +0100 Subject: [ticket/10714] Use phpbb_log class in view_log() PHPBB3-10714 --- phpBB/includes/functions_admin.php | 273 +++---------------------------------- 1 file changed, 16 insertions(+), 257 deletions(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 49c34f7fff..e7aed85e15 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2488,275 +2488,34 @@ function cache_moderators() */ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id = 0, $topic_id = 0, $user_id = 0, $limit_days = 0, $sort_by = 'l.log_time DESC', $keywords = '') { - global $db, $user, $auth, $phpEx, $phpbb_root_path, $phpbb_admin_path; + // This is all just an ugly hack to add "Dependency Injection" to a function + // the only real code is the function call which maps this function to a method. + static $static_log = null; - $topic_id_list = $reportee_id_list = $is_auth = $is_mod = array(); - - $profile_url = (defined('IN_ADMIN')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&mode=overview') : append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile'); - - switch ($mode) + if ($mode instanceof phpbb_log_interface) { - case 'admin': - $log_type = LOG_ADMIN; - $sql_forum = ''; - break; - - case 'mod': - $log_type = LOG_MOD; - $sql_forum = ''; - - if ($topic_id) - { - $sql_forum = 'AND l.topic_id = ' . (int) $topic_id; - } - else if (is_array($forum_id)) - { - $sql_forum = 'AND ' . $db->sql_in_set('l.forum_id', array_map('intval', $forum_id)); - } - else if ($forum_id) - { - $sql_forum = 'AND l.forum_id = ' . (int) $forum_id; - } - break; - - case 'user': - $log_type = LOG_USERS; - $sql_forum = 'AND l.reportee_id = ' . (int) $user_id; - break; - - case 'users': - $log_type = LOG_USERS; - $sql_forum = ''; - break; - - case 'critical': - $log_type = LOG_CRITICAL; - $sql_forum = ''; - break; - - default: - return; - } - - // Use no preg_quote for $keywords because this would lead to sole backslashes being added - // We also use an OR connection here for spaces and the | string. Currently, regex is not supported for searching (but may come later). - $keywords = preg_split('#[\s|]+#u', utf8_strtolower($keywords), 0, PREG_SPLIT_NO_EMPTY); - $sql_keywords = ''; - - if (!empty($keywords)) - { - $keywords_pattern = array(); - - // Build pattern and keywords... - for ($i = 0, $num_keywords = sizeof($keywords); $i < $num_keywords; $i++) - { - $keywords_pattern[] = preg_quote($keywords[$i], '#'); - $keywords[$i] = $db->sql_like_expression($db->any_char . $keywords[$i] . $db->any_char); - } - - $keywords_pattern = '#' . implode('|', $keywords_pattern) . '#ui'; - - $operations = array(); - foreach ($user->lang as $key => $value) - { - if (substr($key, 0, 4) == 'LOG_' && preg_match($keywords_pattern, $value)) - { - $operations[] = $key; - } - } - - $sql_keywords = 'AND ('; - if (!empty($operations)) - { - $sql_keywords .= $db->sql_in_set('l.log_operation', $operations) . ' OR '; - } - $sql_lower = $db->sql_lower_text('l.log_data'); - $sql_keywords .= "$sql_lower " . implode(" OR $sql_lower ", $keywords) . ')'; + $static_log = $mode; + return true; } - - if ($log_count !== false) + else if ($mode === false) { - $sql = 'SELECT COUNT(l.log_id) AS total_entries - FROM ' . LOG_TABLE . ' l, ' . USERS_TABLE . " u - WHERE l.log_type = $log_type - AND l.user_id = u.user_id - AND l.log_time >= $limit_days - $sql_keywords - $sql_forum"; - $result = $db->sql_query($sql); - $log_count = (int) $db->sql_fetchfield('total_entries'); - $db->sql_freeresult($result); + return false; } - // $log_count may be false here if false was passed in for it, - // because in this case we did not run the COUNT() query above. - // If we ran the COUNT() query and it returned zero rows, return; - // otherwise query for logs below. - if ($log_count === 0) - { - // Save the queries, because there are no logs to display - return 0; - } + $tmp_log = $static_log; - if ($log_count) + // no log class set, create a temporary one ourselves to keep backwards compatability + if ($tmp_log === null) { - // Return the user to the last page that is valid - while ($offset >= $log_count) - { - $offset = ($offset - $limit < 0) ? 0 : $offset - $limit; - } + $tmp_log = new phpbb_log(LOG_TABLE); } - $sql = "SELECT l.*, u.username, u.username_clean, u.user_colour - FROM " . LOG_TABLE . " l, " . USERS_TABLE . " u - WHERE l.log_type = $log_type - AND u.user_id = l.user_id - " . (($limit_days) ? "AND l.log_time >= $limit_days" : '') . " - $sql_keywords - $sql_forum - ORDER BY $sort_by"; - $result = $db->sql_query_limit($sql, $limit, $offset); - - $i = 0; - $log = array(); - while ($row = $db->sql_fetchrow($result)) - { - $row['forum_id'] = (int) $row['forum_id']; - if ($row['topic_id']) - { - $topic_id_list[] = $row['topic_id']; - } - - if ($row['reportee_id']) - { - $reportee_id_list[] = $row['reportee_id']; - } - - $log[$i] = array( - 'id' => (int) $row['log_id'], - - 'reportee_id' => (int) $row['reportee_id'], - 'reportee_username' => '', - 'reportee_username_full'=> '', - - 'user_id' => (int) $row['user_id'], - 'username' => $row['username'], - 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour'], false, $profile_url), + $count_logs = ($log_count !== false); - 'ip' => $row['log_ip'], - 'time' => (int) $row['log_time'], - 'forum_id' => (int) $row['forum_id'], - 'topic_id' => (int) $row['topic_id'], + $log = $tmp_log->get_logs($mode, $count_logs, $limit, $offset, $forum_id, $topic_id, $user_id, $limit_days, $sort_by, $keywords); + $log_count = $tmp_log->get_log_count(); - 'viewforum' => ($row['forum_id'] && $auth->acl_get('f_read', $row['forum_id'])) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : false, - 'action' => (isset($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : '{' . ucfirst(str_replace('_', ' ', $row['log_operation'])) . '}', - ); - - if (!empty($row['log_data'])) - { - $log_data_ary = @unserialize($row['log_data']); - $log_data_ary = ($log_data_ary === false) ? array() : $log_data_ary; - - if (isset($user->lang[$row['log_operation']])) - { - // Check if there are more occurrences of % than arguments, if there are we fill out the arguments array - // It doesn't matter if we add more arguments than placeholders - if ((substr_count($log[$i]['action'], '%') - sizeof($log_data_ary)) > 0) - { - $log_data_ary = array_merge($log_data_ary, array_fill(0, substr_count($log[$i]['action'], '%') - sizeof($log_data_ary), '')); - } - - $log[$i]['action'] = vsprintf($log[$i]['action'], $log_data_ary); - - // If within the admin panel we do not censor text out - if (defined('IN_ADMIN')) - { - $log[$i]['action'] = bbcode_nl2br($log[$i]['action']); - } - else - { - $log[$i]['action'] = bbcode_nl2br(censor_text($log[$i]['action'])); - } - } - else if (!empty($log_data_ary)) - { - $log[$i]['action'] .= '
' . implode('', $log_data_ary); - } - - /* Apply make_clickable... has to be seen if it is for good. :/ - // Seems to be not for the moment, reconsider later... - $log[$i]['action'] = make_clickable($log[$i]['action']); - */ - } - - $i++; - } - $db->sql_freeresult($result); - - if (sizeof($topic_id_list)) - { - $topic_id_list = array_unique($topic_id_list); - - // This query is not really needed if move_topics() updates the forum_id field, - // although it's also used to determine if the topic still exists in the database - $sql = 'SELECT topic_id, forum_id - FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', array_map('intval', $topic_id_list)); - $result = $db->sql_query($sql); - - $default_forum_id = 0; - - while ($row = $db->sql_fetchrow($result)) - { - $row['forum_id'] = (int) $row['forum_id']; - if ($auth->acl_get('f_read', $row['forum_id'])) - { - $is_auth[$row['topic_id']] = $row['forum_id']; - } - - if ($auth->acl_gets('a_', 'm_', $row['forum_id'])) - { - $is_mod[$row['topic_id']] = $row['forum_id']; - } - } - $db->sql_freeresult($result); - - foreach ($log as $key => $row) - { - $log[$key]['viewtopic'] = (isset($is_auth[$row['topic_id']])) ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $is_auth[$row['topic_id']] . '&t=' . $row['topic_id']) : false; - $log[$key]['viewlogs'] = (isset($is_mod[$row['topic_id']])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=logs&mode=topic_logs&t=' . $row['topic_id'], true, $user->session_id) : false; - } - } - - if (sizeof($reportee_id_list)) - { - $reportee_id_list = array_unique($reportee_id_list); - $reportee_names_list = array(); - - $sql = 'SELECT user_id, username, user_colour - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('user_id', $reportee_id_list); - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $reportee_names_list[$row['user_id']] = $row; - } - $db->sql_freeresult($result); - - foreach ($log as $key => $row) - { - if (!isset($reportee_names_list[$row['reportee_id']])) - { - continue; - } - - $log[$key]['reportee_username'] = $reportee_names_list[$row['reportee_id']]['username']; - $log[$key]['reportee_username_full'] = get_username_string('full', $row['reportee_id'], $reportee_names_list[$row['reportee_id']]['username'], $reportee_names_list[$row['reportee_id']]['user_colour'], false, $profile_url); - } - } - - return $offset; + return $tmp_log->get_valid_offset(); } /** -- cgit v1.2.1 From d289bc13acc0ab0329cac25742ae22560a80c607 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 21 Aug 2012 16:49:08 +0200 Subject: [ticket/10714] Remove dependency injection and use global instead This avoids loading functions_admin.php globally and was suggested by naderman PHPBB3-10714 --- phpBB/includes/functions_admin.php | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index e7aed85e15..2a87feed51 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2488,34 +2488,20 @@ function cache_moderators() */ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id = 0, $topic_id = 0, $user_id = 0, $limit_days = 0, $sort_by = 'l.log_time DESC', $keywords = '') { - // This is all just an ugly hack to add "Dependency Injection" to a function - // the only real code is the function call which maps this function to a method. - static $static_log = null; - - if ($mode instanceof phpbb_log_interface) - { - $static_log = $mode; - return true; - } - else if ($mode === false) - { - return false; - } - - $tmp_log = $static_log; + global $phpbb_log; // no log class set, create a temporary one ourselves to keep backwards compatability - if ($tmp_log === null) + if ($phpbb_log === null) { - $tmp_log = new phpbb_log(LOG_TABLE); + $phpbb_log = new phpbb_log(LOG_TABLE); } $count_logs = ($log_count !== false); - $log = $tmp_log->get_logs($mode, $count_logs, $limit, $offset, $forum_id, $topic_id, $user_id, $limit_days, $sort_by, $keywords); - $log_count = $tmp_log->get_log_count(); + $log = $phpbb_log->get_logs($mode, $count_logs, $limit, $offset, $forum_id, $topic_id, $user_id, $limit_days, $sort_by, $keywords); + $log_count = $phpbb_log->get_log_count(); - return $tmp_log->get_valid_offset(); + return $phpbb_log->get_valid_offset(); } /** -- cgit v1.2.1 From 70d23380aa55c2aab33c1c2e5cea57f186314584 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 7 Dec 2012 15:11:56 +0100 Subject: [ticket/10714] Rely on global instead of creating an instance PHPBB3-10714 --- phpBB/includes/functions_admin.php | 6 ------ 1 file changed, 6 deletions(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 2a87feed51..8a1f34e76d 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2490,12 +2490,6 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id { global $phpbb_log; - // no log class set, create a temporary one ourselves to keep backwards compatability - if ($phpbb_log === null) - { - $phpbb_log = new phpbb_log(LOG_TABLE); - } - $count_logs = ($log_count !== false); $log = $phpbb_log->get_logs($mode, $count_logs, $limit, $offset, $forum_id, $topic_id, $user_id, $limit_days, $sort_by, $keywords); -- cgit v1.2.1 From c0ab3f3ddddefa8f902ffa57c864e6db5bf1f440 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 22 Jan 2013 15:45:20 +0100 Subject: [ticket/10714] Fix several doc blocks and comments PHPBB3-10714 --- phpBB/includes/functions_admin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_admin.php') diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 18b11182d0..60591e98d3 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -2489,12 +2489,12 @@ function cache_moderators() /** * View log * -* @param string $mode The mode defines which log_type is used and in which log the entry is displayed. +* @param string $mode The mode defines which log_type is used and from which log the entry is retrieved * @param array &$log The result array with the logs * @param mixed &$log_count If $log_count is set to false, we will skip counting all entries in the database. * Otherwise an integer with the number of total matching entries is returned. * @param int $limit Limit the number of entries that are returned -* @param int $offset Offset when fetching the log entries, f.e. on paginations +* @param int $offset Offset when fetching the log entries, f.e. when paginating * @param mixed $forum_id Restrict the log entries to the given forum_id (can also be an array of forum_ids) * @param int $topic_id Restrict the log entries to the given topic_id * @param int $user_id Restrict the log entries to the given user_id -- cgit v1.2.1