diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index a4f22c2481..b03880c1ce 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('ban') ) + if ( !$auth->acl_get('a_ban') ) { return; } @@ -36,9 +36,7 @@ if( !empty($setmodules) ) return; } -// // Load default header -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); @@ -46,7 +44,7 @@ require('pagestart.' . $phpEx); // // Do we have ban permissions? // -if ( !$auth->get_acl_admin('ban') ) +if ( !$auth->acl_get('a_ban') ) { return; } @@ -54,9 +52,9 @@ if ( !$auth->get_acl_admin('ban') ) // // Mode setting // -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -68,21 +66,21 @@ $current_time = time(); // // Start program // -if ( isset($HTTP_POST_VARS['bansubmit']) ) +if ( isset($_POST['bansubmit']) ) { - $ban_reason = ( isset($HTTP_POST_VARS['banreason']) ) ? $HTTP_POST_VARS['banreason'] : ''; - $ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban'])); + $ban_reason = ( isset($_POST['banreason']) ) ? $_POST['banreason'] : ''; + $ban_list = array_unique(explode("\n", $_POST['ban'])); $ban_list_log = implode(', ', $ban_list); - if ( !empty($HTTP_POST_VARS['banlength']) ) + if ( !empty($_POST['banlength']) ) { - if ( $HTTP_POST_VARS['banlength'] != -1 || empty($HTTP_POST_VARS['banlengthother']) ) + if ( $_POST['banlength'] != -1 || empty($_POST['banlengthother']) ) { - $ban_end = max($current_time, $current_time + ( intval($HTTP_POST_VARS['banlength']) * 60 )); + $ban_end = max($current_time, $current_time + ( intval($_POST['banlength']) * 60 )); } else { - $ban_other = explode('-', $HTTP_POST_VARS['banlengthother']); + $ban_other = explode('-', $_POST['banlengthother']); $ban_end = max($current_time, gmmktime(0, 0, 0, $ban_other[1], $ban_other[2], $ban_other[0])); } } @@ -130,9 +128,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) { if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) ) { - // // Don't ask about all this, just don't ask ... ! - // $ip_1_counter = $ip_range_explode[1]; $ip_1_end = $ip_range_explode[5]; @@ -312,12 +308,12 @@ if ( isset($HTTP_POST_VARS['bansubmit']) ) message_die(MESSAGE, $message); } -else if ( isset($HTTP_POST_VARS['unbansubmit']) ) +else if ( isset($_POST['unbansubmit']) ) { $unban_sql = ''; - for($i = 0; $i < count($HTTP_POST_VARS['unban']); $i++ ) + for($i = 0; $i < count($_POST['unban']); $i++ ) { - $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($HTTP_POST_VARS['unban'][$i]); + $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($_POST['unban'][$i]); } if ( $unban_sql != '' ) @@ -326,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) ) WHERE ban_id IN ($unban_sql)"; $db->sql_query($sql); - add_admin_log('log_unban_' . $mode, sizeof($HTTP_POST_VARS['unban'])); + add_admin_log('log_unban_' . $mode, sizeof($_POST['unban'])); } message_die(MESSAGE, $lang['Ban_update_sucessful']); diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index e6d62fcfac..c326b41323 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -37,31 +37,29 @@ if ( !empty($setmodules) ) return; } -// // Let's set the root dir for phpBB -// define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -if ( !$auth->get_acl_admin('general') ) +// Are we authed? +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +// Get mod +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ''; } -// // Pull all config data -// $sql = "SELECT * FROM " . CONFIG_TABLE; $result = $db->sql_query($sql); @@ -72,9 +70,9 @@ while ( $row = $db->sql_fetchrow($result) ) $config_value = $row['config_value']; $default_config[$config_name] = $config_value; - $new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name]; + $new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name]; - if ( isset($HTTP_POST_VARS['submit']) ) + if ( isset($_POST['submit']) ) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . str_replace("\'", "''", $new[$config_name]) . "' @@ -83,7 +81,7 @@ while ( $row = $db->sql_fetchrow($result) ) } } -if ( isset($HTTP_POST_VARS['submit']) ) +if ( isset($_POST['submit']) ) { add_admin_log('log_' . $mode . '_config'); message_die(MESSAGE, $lang['Config_updated']); @@ -163,10 +161,6 @@ switch ( $mode ) :
/>    /> - - : - - :
+ + : + + :
@@ -512,18 +510,14 @@ switch ( $mode ) case 'auth': -?> - -get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -50,7 +50,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have DB backup/restore permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -61,7 +61,7 @@ if ( !$auth->get_acl_admin('general') ) // @set_time_limit(1200); -$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : ''; +$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : ''; // // Begin program proper @@ -89,13 +89,13 @@ switch( $mode ) break; } - $additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' ); - $backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' ); - $search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 ); - $store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' ); - $compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' ); + $additional_tables = ( isset($_POST['tables']) ) ? $_POST['tables'] : ( ( isset($_GET['tables']) ) ? $_GET['tables'] : '' ); + $backup_type = ( isset($_POST['type']) ) ? $_POST['type'] : ( ( isset($_GET['type']) ) ? $_GET['type'] : '' ); + $search = ( !empty($_POST['search']) ) ? intval($_POST['search']) : ( ( !empty($_GET['search']) ) ? intval($_GET['search']) : 0 ); + $store_path = ( isset($_POST['store']) ) ? $_POST['store'] : ( ( isset($_GET['store']) ) ? $_GET['store'] : '' ); + $compress = ( !empty($_POST['compress']) ) ? $_POST['compress'] : ( ( !empty($_GET['compress']) ) ? $_GET['compress'] : 'none' ); - if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) ) + if ( !isset($_POST['backupstart']) && !isset($_GET['backupstart']) ) { page_header($lang['DB_Backup']); @@ -166,7 +166,7 @@ switch( $mode ) break; } - else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) ) + else if ( !isset($_POST['startdownload']) && !isset($_GET['startdownload']) ) { $meta = ""; @@ -309,15 +309,15 @@ switch( $mode ) case 'restore': - if ( isset($HTTP_POST_VARS['restorestart']) ) + if ( isset($_POST['restorestart']) ) { // // Handle the file upload .... // If no file was uploaded report an error... // - if ( !empty($HTTP_POST_VARS['local']) ) + if ( !empty($_POST['local']) ) { - $file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']); + $file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']); $filename = substr($file_tmpname, strrpos($file_tmpname, '/')); } else diff --git a/phpBB/admin/admin_disallow.php b/phpBB/admin/admin_disallow.php index 83f9a48a8e..dba6f28455 100644 --- a/phpBB/admin/admin_disallow.php +++ b/phpBB/admin/admin_disallow.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -45,16 +45,16 @@ require('pagestart.' . $phpEx); // // Do we have user admin permissions? // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } -if( isset($HTTP_POST_VARS['add_name']) ) +if( isset($_POST['add_name']) ) { include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); - $disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? $HTTP_POST_VARS['disallowed_user'] : $HTTP_GET_VARS['disallowed_user']; + $disallowed_user = ( isset($_POST['disallowed_user']) ) ? $_POST['disallowed_user'] : $_GET['disallowed_user']; $disallowed_user = str_replace('*', '%', $disallowed_user); if ( !validate_username($disallowed_user) ) @@ -76,9 +76,9 @@ if( isset($HTTP_POST_VARS['add_name']) ) message_die(MESSAGE, $message); } -else if( isset($HTTP_POST_VARS['delete_name']) ) +else if( isset($_POST['delete_name']) ) { - $disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] ); + $disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] ); $sql = "DELETE FROM " . DISALLOW_TABLE . " WHERE disallow_id = $disallowed_id"; diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index 27dd13e2db..775e013ae0 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have general admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { return; } @@ -57,7 +57,7 @@ $subject = ''; // // Do the job ... // -if ( isset($HTTP_POST_VARS['submit']) ) +if ( isset($_POST['submit']) ) { // // Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't @@ -65,7 +65,7 @@ if ( isset($HTTP_POST_VARS['submit']) ) // @set_time_limit(1200); - $group_id = intval($HTTP_POST_VARS['g']); + $group_id = intval($_POST['g']); $sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; $result = $db->sql_query($sql); @@ -78,8 +78,8 @@ if ( isset($HTTP_POST_VARS['submit']) ) // } - $subject = stripslashes($HTTP_POST_VARS['subject']); - $message = stripslashes($HTTP_POST_VARS['message']); + $subject = stripslashes($_POST['subject']); + $message = stripslashes($_POST['message']); // // Error checking needs to go here ... if no subject and/or diff --git a/phpBB/admin/admin_forums.php b/phpBB/admin/admin_forums.php index 34e842b0fb..956bc010b6 100644 --- a/phpBB/admin/admin_forums.php +++ b/phpBB/admin/admin_forums.php @@ -21,7 +21,7 @@ if (!empty($setmodules)) { - if (!$auth->get_acl_admin('forum')) + if (!$auth->acl_get('a_forum')) { return; } @@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Do we have forum admin permissions? // -if (!$auth->get_acl_admin('forum')) +if (!$auth->acl_get('a_forum')) { message_die(MESSAGE, $lang['No_admin']); } diff --git a/phpBB/admin/admin_groups.php b/phpBB/admin/admin_groups.php index 3a7e7a95fe..048673d344 100644 --- a/phpBB/admin/admin_groups.php +++ b/phpBB/admin/admin_groups.php @@ -21,7 +21,7 @@ if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('group') ) + if ( !$auth->acl_get('a_group') ) { return; } @@ -45,14 +45,14 @@ require('pagestart.' . $phpEx); // // Do we have general permissions? // -if ( !$auth->get_acl_admin('group') ) +if ( !$auth->acl_get('a_group') ) { message_die(MESSAGE, $lang['No_admin']); } -if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) +if( isset($_POST[POST_GROUPS_URL]) || isset($_GET[POST_GROUPS_URL]) ) { - $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); + $group_id = ( isset($_POST[POST_GROUPS_URL]) ) ? intval($_POST[POST_GROUPS_URL]) : intval($_GET[POST_GROUPS_URL]); } else { @@ -62,16 +62,16 @@ else // // Mode setting // -if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ""; } -if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) +if( isset($_POST['edit']) || isset($_POST['new']) ) { // // Ok they are editing a group or creating a new group @@ -80,7 +80,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) "body" => "admin/group_edit_body.tpl") ); - if ( isset($HTTP_POST_VARS['edit']) ) + if ( isset($_POST['edit']) ) { // // They're editing. Grab the vars. @@ -105,7 +105,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) $template->assign_block_vars("group_edit", array()); } - else if( isset($HTTP_POST_VARS['new']) ) + else if( isset($_POST['new']) ) { $group_info = array ( "group_name" => "", @@ -152,7 +152,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) "GROUP_MODERATOR" => $group_moderator, "L_GROUP_TITLE" => $lang['Group_administration'], - "L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], + "L_GROUP_EDIT_DELETE" => ( isset($_POST['new']) ) ? $lang['New_group'] : $lang['Edit_group'], "L_GROUP_NAME" => $lang['group_name'], "L_GROUP_DESCRIPTION" => $lang['group_description'], "L_GROUP_MODERATOR" => $lang['group_moderator'], @@ -184,12 +184,12 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) $template->pparse('body'); } -else if( isset($HTTP_POST_VARS['group_update']) ) +else if( isset($_POST['group_update']) ) { // // Ok, they are submitting a group, let's save the data based on if it's new or editing // - if( isset($HTTP_POST_VARS['group_delete']) ) + if( isset($_POST['group_delete']) ) { $sql = "DELETE FROM " . GROUPS_TABLE . " WHERE group_id = " . $group_id; @@ -218,11 +218,11 @@ else if( isset($HTTP_POST_VARS['group_update']) ) } else { - $group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN; - $group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : ""; - $group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : ""; - $group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ""; - $delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? intval($HTTP_POST_VARS['delete_old_moderator']) : ""; + $group_type = isset($_POST['group_type']) ? intval($_POST['group_type']) : GROUP_OPEN; + $group_name = isset($_POST['group_name']) ? trim($_POST['group_name']) : ""; + $group_description = isset($_POST['group_description']) ? trim($_POST['group_description']) : ""; + $group_moderator = isset($_POST['username']) ? $_POST['username'] : ""; + $delete_old_moderator = isset($_POST['delete_old_moderator']) ? intval($_POST['delete_old_moderator']) : ""; if( $group_name == "" ) { diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 656ddcedcd..b3f0bb7740 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('auth') ) + if ( !$auth->acl_get('a_auth') ) { return; } @@ -42,21 +42,18 @@ define('IN_PHPBB', 1); $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); +require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->get_acl_admin('auth') ) +if ( !$auth->acl_get('a_auth') ) { message_die(MESSAGE, $lang['No_admin']); } -// // Define some vars -// -if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) ) +if ( isset($_GET['f']) || isset($_POST['f']) ) { - $forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']); + $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); $forum_sql = " WHERE forum_id = $forum_id"; } else @@ -65,9 +62,9 @@ else $forum_sql = ''; } -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -108,45 +105,49 @@ switch ( $mode ) // to all other options, e.g. Moderator and Forums across the board. // This is done via the acl class // -if ( isset($HTTP_POST_VARS['update']) ) +if ( isset($_POST['update']) ) { - switch ( $HTTP_POST_VARS['type'] ) + $auth_admin = new auth_admin(); + + switch ( $_POST['type'] ) { case 'user': - $set = 'set_acl_user'; + $set = 'acl_set_user'; break; case 'group': - $set = 'set_acl_group'; + $set = 'acl_set_group'; break; } - foreach ( $HTTP_POST_VARS['entries'] as $id ) + foreach ( $_POST['entries'] as $id ) { - $auth->$set($forum_id, $id, $HTTP_POST_VARS['option']); + $auth_admin->$set($forum_id, $id, $_POST['option']); } message_die(MESSAGE, 'Permissions updated successfully'); } -else if ( isset($HTTP_POST_VARS['delete']) ) +else if ( isset($_POST['delete']) ) { - switch ( $HTTP_POST_VARS['type'] ) + $auth_admin = new auth_admin(); + + switch ( $_POST['type'] ) { case 'user': - $set = 'delete_acl_user'; + $set = 'acl_delete_user'; break; case 'group': - $set = 'delete_acl_group'; + $set = 'acl_delete_group'; break; } $option_ids = false; - if ( !empty($HTTP_POST_VARS['option']) ) + if ( !empty($_POST['option']) ) { $sql = "SELECT auth_option_id FROM " . ACL_OPTIONS_TABLE . " - WHERE auth_value LIKE '" . $HTTP_POST_VARS['option'] . "_%'"; + WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; $result = $db->sql_query($sql); if ( $row = $db->sql_fetchrow($result) ) @@ -161,9 +162,9 @@ else if ( isset($HTTP_POST_VARS['delete']) ) $db->sql_freeresult($result); } - foreach ( $HTTP_POST_VARS['entries'] as $id ) + foreach ( $_POST['entries'] as $id ) { - $auth->$set($forum_id, $id, $option_ids); + $auth_admin->$set($forum_id, $id, $option_ids); } message_die(MESSAGE, 'Permissions updated successfully'); @@ -209,22 +210,22 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators switch ( $mode ) { case 'forums': - $type_sql = 'forum'; + $type_sql = 'f'; $forum_sql = "AND a.forum_id = $forum_id"; break; case 'moderators': - $type_sql = 'mod'; + $type_sql = 'm'; $forum_sql = "AND a.forum_id = $forum_id"; break; case 'supermoderators': - $type_sql = 'mod'; + $type_sql = 'm'; $forum_sql = ''; break; case 'administrators': - $type_sql = 'admin'; + $type_sql = 'a'; $forum_sql = ''; break; } @@ -241,7 +242,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } $db->sql_freeresult($result); - if ( empty($HTTP_POST_VARS['advanced']) || empty($HTTP_POST_VARS['entries']) ) + if ( empty($_POST['advanced']) || empty($_POST['entries']) ) { ?> @@ -351,15 +352,14 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators else { - // // Founder only operations ... these operations can // only be altered by someone with founder status - // $founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $type_sql . "_%' + AND auth_value <> '" . $type_sql . "_' $founder_sql"; $result = $db->sql_query($sql); @@ -370,29 +370,29 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } $db->sql_freeresult($result); - if ( $HTTP_POST_VARS['type'] == 'user' && !empty($HTTP_POST_VARS['new']) ) + if ( $_POST['type'] == 'user' && !empty($_POST['new']) ) { - $HTTP_POST_VARS['entries'] = explode("\n", $HTTP_POST_VARS['entries']); + $_POST['entries'] = explode("\n", $_POST['entries']); } $where_sql = ''; - foreach ( $HTTP_POST_VARS['entries'] as $value ) + foreach ( $_POST['entries'] as $value ) { - $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $HTTP_POST_VARS['type'] == 'user' && !empty($HTTP_POST_VARS['new']) ) ? '\'' . $value . '\'' : intval($value) ); + $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $_POST['type'] == 'user' && !empty($_POST['new']) ) ? '\'' . $value . '\'' : intval($value) ); } - switch ( $HTTP_POST_VARS['type'] ) + switch ( $_POST['type'] ) { case 'group': $l_type = 'Group'; - $sql = ( empty($HTTP_POST_VARS['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; + $sql = ( empty($_POST['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; break; case 'user': $l_type = 'User'; - $sql = ( empty($HTTP_POST_VARS['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; + $sql = ( empty($_POST['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; break; } @@ -460,7 +460,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators -    +    @@ -471,19 +471,8 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators } else { - $sql = "SELECT left_id, right_id, forum_id, forum_name - FROM " . FORUMS_TABLE . " - ORDER BY forum_id ASC"; - $result = $db->sql_query($sql); - $select_list = ''; - $sub_forum = ''; - while ( $row = $db->sql_fetchrow($result) ) - { - $select_list .= ''; - $sub_forum .= ( $row['right_id'] - $row['left_id'] > 1 ) ? '  ' : ''; - } - $db->sql_freeresult($result); + $select_list = make_forum_select('f'); page_header($l_title); @@ -498,7 +487,7 @@ else -      +      diff --git a/phpBB/admin/admin_prune.php b/phpBB/admin/admin_prune.php index 12bebe7c0c..0281f1a398 100644 --- a/phpBB/admin/admin_prune.php +++ b/phpBB/admin/admin_prune.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('forum') ) + if ( !$auth->acl_get('a_forum') ) { return; } @@ -41,10 +41,8 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); -// // Do we have forum admin permissions? -// -if ( !$auth->get_acl_admin('forum') ) +if ( !$auth->acl_get('a_forum') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -52,9 +50,9 @@ if ( !$auth->get_acl_admin('forum') ) // // Get the forum ID for pruning // -if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) ) +if ( isset($_GET['f']) || isset($_POST['f']) ) { - $forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']); + $forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']); $forum_sql = ( $forum_id == -1 ) ? '' : "AND forum_id = $forum_id"; } else @@ -65,11 +63,9 @@ else // // Get a list of forum's or the data for the forum that we are pruning. // -$sql = "SELECT f.* - FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c - WHERE c.cat_id = f.cat_id - $forum_sql - ORDER BY c.cat_order ASC, f.forum_order ASC"; +$sql = "SELECT forum_id, forum_name, left_id, right_id + FROM " . FORUMS_TABLE . " + ORDER BY left_id ASC"; $result = $db->sql_query($sql); $forum_rows = array(); @@ -77,13 +73,14 @@ while( $row = $db->sql_fetchrow($result) ) { $forum_rows[] = $row; } +$db->sql_freeresult($result); // // Check for submit to be equal to Prune. If so then proceed with the pruning. // -if ( isset($HTTP_POST_VARS['doprune']) ) +if ( isset($_POST['doprune']) ) { - $prunedays = ( isset($HTTP_POST_VARS['prunedays']) ) ? intval($HTTP_POST_VARS['prunedays']) : 0; + $prunedays = ( isset($_POST['prunedays']) ) ? intval($_POST['prunedays']) : 0; // Convert days to seconds for timestamp functions... $prunedate = time() - ( $prunedays * 86400 ); @@ -133,10 +130,25 @@ else // // Output a selection table if no forum id has been specified. // - $select_list .= ''; - for($i = 0; $i < count($forum_rows); $i++) + $select_list = ''; + + $right = 0; + $subforum = ''; + $forum_list = ''; + foreach ( $forum_rows as $row ) { - $select_list .= ''; + if ( $row['left_id'] < $right ) + { + $subforum .= '   '; + } + else if ( $row['left_id'] > $right + 1 ) + { + $subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 )); + } + + $select_list .= ''; + + $right = $row['right_id']; } ?> diff --git a/phpBB/admin/admin_prune_users.php b/phpBB/admin/admin_prune_users.php index ec744510a8..2dfdedfdfe 100644 --- a/phpBB/admin/admin_prune_users.php +++ b/phpBB/admin/admin_prune_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } @@ -51,9 +51,9 @@ if ( !$auth->get_acl_admin('user') ) // // Set mode // -if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) +if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) { - $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -63,9 +63,9 @@ else // // // -if ( isset($HTTP_POST_VARS['prune']) ) +if ( isset($_POST['prune']) ) { - if ( empty($HTTP_POST_VARS['confirm']) ) + if ( empty($_POST['confirm']) ) { $values = array('prune', 'deactivate', 'delete', 'users', 'username', 'email', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'deleteposts'); @@ -73,7 +73,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) foreach ( $values as $field ) { - $l_message .= ( !empty($HTTP_POST_VARS[$field]) ) ? '' : ''; + $l_message .= ( !empty($_POST[$field]) ) ? '' : ''; } $l_message .= ''; @@ -92,11 +92,11 @@ if ( isset($HTTP_POST_VARS['prune']) ) page_footer(); } - else if ( isset($HTTP_POST_VARS['confirm']) ) + else if ( isset($_POST['confirm']) ) { - if ( !empty($HTTP_POST_VARS['users']) ) + if ( !empty($_POST['users']) ) { - $users = explode("\n", urldecode($HTTP_POST_VARS['users'])); + $users = explode("\n", urldecode($_POST['users'])); $where_sql = ''; foreach ( $users as $username ) @@ -107,15 +107,15 @@ if ( isset($HTTP_POST_VARS['prune']) ) } else { - $username = ( !empty($HTTP_POST_VARS['username']) ) ? urldecode($HTTP_POST_VARS['username']) : ''; - $email = ( !empty($HTTP_POST_VARS['email']) ) ? urldecode($HTTP_POST_VARS['email']) : ''; + $username = ( !empty($_POST['username']) ) ? urldecode($_POST['username']) : ''; + $email = ( !empty($_POST['email']) ) ? urldecode($_POST['email']) : ''; - $joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : 'lt'; - $active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] :'lt'; - $count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : 'eq'; - $joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : array(); - $active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) :array(); - $count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ''; + $joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : 'lt'; + $active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] :'lt'; + $count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : 'eq'; + $joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : array(); + $active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) :array(); + $count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ''; $key_match = array('lt' => '<', 'gt' => '>', 'eq' => '='); $sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit'); @@ -153,9 +153,9 @@ if ( isset($HTTP_POST_VARS['prune']) ) if ( $where_sql != '' ) { $sql = ''; - if ( !empty($HTTP_POST_VARS['delete']) ) + if ( !empty($_POST['delete']) ) { - if ( !empty($HTTP_POST_VARS['deleteposts']) ) + if ( !empty($_POST['deleteposts']) ) { $l_admin_log = 'log_prune_user_del_del'; @@ -178,7 +178,7 @@ if ( isset($HTTP_POST_VARS['prune']) ) $sql = "DELETE FROM " . USERS_TABLE; } - else if ( !empty($HTTP_POST_VARS['deactivate']) ) + else if ( !empty($_POST['deactivate']) ) { $l_admin_log = 'log_prune_user_deac'; diff --git a/phpBB/admin/admin_ranks.php b/phpBB/admin/admin_ranks.php index 176aa50cf4..eadce13d11 100644 --- a/phpBB/admin/admin_ranks.php +++ b/phpBB/admin/admin_ranks.php @@ -23,7 +23,7 @@ define('IN_PHPBB', 1); if( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } @@ -51,20 +51,20 @@ if ( !$auth->get_acl_admin('user') ) // // // -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { // // These could be entered via a form button // - if ( isset($HTTP_POST_VARS['add']) ) + if ( isset($_POST['add']) ) { $mode = 'add'; } - else if ( isset($HTTP_POST_VARS['save']) ) + else if ( isset($_POST['save']) ) { $mode = 'save'; } @@ -84,7 +84,7 @@ if ( $mode != '' ) // // They want to add a new rank, show the form. // - $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; + $rank_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; $s_hidden_fields = ''; @@ -152,11 +152,11 @@ if ( $mode != '' ) // Ok, they sent us our info, let's update it. // - $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; - $rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : ''; - $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0; - $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1; - $rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) ) ? trim($HTTP_POST_VARS['rank_image']) : ''; + $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; + $rank_title = ( isset($_POST['title']) ) ? trim($_POST['title']) : ''; + $special_rank = ( $_POST['special_rank'] == 1 ) ? TRUE : 0; + $min_posts = ( isset($_POST['min_posts']) ) ? intval($_POST['min_posts']) : -1; + $rank_image = ( (isset($_POST['rank_image'])) ) ? trim($_POST['rank_image']) : ''; if ( $rank_title == '' ) { @@ -208,9 +208,9 @@ if ( $mode != '' ) // Ok, they want to delete their rank // - if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) + if ( isset($_POST['id']) || isset($_GET['id']) ) { - $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); + $rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); } else { diff --git a/phpBB/admin/admin_search.php b/phpBB/admin/admin_search.php index 86d7b820b2..452f36a053 100644 --- a/phpBB/admin/admin_search.php +++ b/phpBB/admin/admin_search.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -52,11 +52,11 @@ if ( !$auth->get_acl_admin('general') ) // // Start indexing // -if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) +if ( isset($_POST['start']) || isset($_GET['batchstart']) ) { $batchsize = 200; // Process this many posts per batch - $batchstart = ( !isset($HTTP_GET_VARS['batchstart']) ) ? $row['min_post_id'] : $HTTP_GET_VARS['batchstart']; - $batchcount = ( !isset($HTTP_GET_VARS['batchcount']) ) ? 1 : $HTTP_GET_VARS['batchcount']; + $batchstart = ( !isset($_GET['batchstart']) ) ? $row['min_post_id'] : $_GET['batchstart']; + $batchcount = ( !isset($_GET['batchcount']) ) ? 1 : $_GET['batchcount']; $loopcount = 0; $batchend = $batchstart + $batchsize; @@ -108,7 +108,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) closedir($dir); - if ( !isset($HTTP_GET_VARS['batchstart']) ) + if ( !isset($_GET['batchstart']) ) { // // Take board offline @@ -312,7 +312,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) ) exit; } -else if ( isset($HTTP_POST_VARS['cancel']) ) +else if ( isset($_POST['cancel']) ) { $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '0' diff --git a/phpBB/admin/admin_smilies.php b/phpBB/admin/admin_smilies.php index 0c832bb3ea..aacbb5dbcc 100644 --- a/phpBB/admin/admin_smilies.php +++ b/phpBB/admin/admin_smilies.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -43,7 +43,7 @@ require('pagestart.' . $phpEx); // // Do we have general permissions? // -if (!$auth->get_acl_admin('general')) +if (!$auth->acl_get('a_general')) { message_die(MESSAGE, $lang['No_admin']); } @@ -51,9 +51,9 @@ if (!$auth->get_acl_admin('general')) // // Check to see what mode we should operate in. // -if (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) +if (isset($_POST['mode']) || isset($_GET['mode'])) { - $mode = (!empty($HTTP_POST_VARS['mode'])) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode']; } else { @@ -62,10 +62,8 @@ else $delimiter = '=+:'; $smilies_images = $smilies_paks = array(); -$click_return = '

' . sprintf($lang['Click_return_smileadmin'], '', ''); -$click_return .= '

' . sprintf($lang['Click_return_admin_index'], '', ''); -if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['import_pak'])) +if ($mode == 'edit' || !empty($_POST['add']) || !empty($_POST['import_pak'])) { $dir = @opendir($phpbb_root_path . $board_config['smilies_path']); while ($file = @readdir($dir)) @@ -90,15 +88,15 @@ if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS[ // // Select main mode // -if (isset($HTTP_POST_VARS['import_pak'])) +if (isset($_POST['import_pak'])) { - if (!empty($HTTP_POST_VARS['smilies_pak'])) + if (!empty($_POST['smilies_pak'])) { $smile_order = 0; // // The user has already selected a smilies_pak file.. Import it. // - if (!empty($HTTP_POST_VARS['clear_current'])) + if (!empty($_POST['clear_current'])) { $db->sql_query('DELETE FROM ' . SMILIES_TABLE); } @@ -118,7 +116,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) if (empty($fcontents)) { - message_die(ERROR, 'Could not read smiley pak file' . $click_return); + message_die(ERROR, 'Could not read smiley pak file'); } foreach ($fcontents as $line) @@ -147,7 +145,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) if (!empty($smilies[$code])) { - if (!empty($HTTP_POST_VARS['replace_existing'])) + if (!empty($_POST['replace_existing'])) { $code_sql = str_replace("'", "''", str_replace('\\', '\\\\', $code)); $sql = array( @@ -175,7 +173,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) } } - message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return); + message_die(MESSAGE, $lang['Smilies_import_success']); } else { @@ -202,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
- + @@ -228,7 +226,7 @@ if (isset($HTTP_POST_VARS['import_pak'])) page_footer(); } } -elseif (isset($HTTP_GET_VARS['export_pak'])) +elseif (isset($_GET['export_pak'])) { $smilies_pak = ''; @@ -250,12 +248,12 @@ elseif (isset($HTTP_GET_VARS['export_pak'])) exit; } -elseif (isset($HTTP_POST_VARS['export_pak'])) +elseif (isset($_POST['export_pak'])) { page_header($lang['Export_smilies']); - message_die(MESSAGE, sprintf($lang['Export_smilies_explain'], '', '') . $click_return); + message_die(MESSAGE, sprintf($lang['Export_smilies_explain'], '', '')); } -elseif (isset($HTTP_POST_VARS['add'])) +elseif (isset($_POST['add'])) { $filename_list = ''; foreach ($smilies_images as $smile_url) @@ -290,7 +288,7 @@ function update_smile_dimensions()
- + @@ -324,20 +322,13 @@ function update_smile_dimensions() switch ($mode) { case 'delete': - $db->sql_query('DELETE FROM ' . SMILIES_TABLE . ' WHERE smilies_id = ' . intval($HTTP_GET_VARS['smile_id'])); - message_die(MESSAGE, $lang['Smile_deleted'] . $click_return); + $db->sql_query('DELETE FROM ' . SMILIES_TABLE . ' WHERE smilies_id = ' . intval($_GET['smile_id'])); + message_die(MESSAGE, $lang['Smile_deleted']); break; case 'edit': - $smile_id = intval($HTTP_GET_VARS['smile_id']); + $smile_id = intval($_GET['smile_id']); -/* - $sql = 'SELECT * - FROM ' . SMILIES_TABLE . " - WHERE smilies_id = $smile_id"; - $result = $db->sql_query($sql); - $smile_data = $db->sql_fetchrow($result); -*/ $order_list = ''; $result = $db->sql_query('SELECT * FROM ' . SMILIES_TABLE . ' ORDER BY smile_order DESC'); while ($row = $db->sql_fetchrow($result)) @@ -441,26 +432,26 @@ function update_smile_dimensions() case 'create': case 'modify': - $smile_width = intval($HTTP_POST_VARS['smile_width']); - $smile_height = intval($HTTP_POST_VARS['smile_height']); + $smile_width = intval($_POST['smile_width']); + $smile_height = intval($_POST['smile_height']); if ($smile_width == 0 || $smile_height == 0) { - $img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . stripslashes($HTTP_POST_VARS['smile_url'])); + $img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . stripslashes($_POST['smile_url'])); $smile_width = $img_size[0]; $smile_height = $img_size[1]; } $sql = array( - 'code' => htmlspecialchars(stripslashes($HTTP_POST_VARS['smile_code'])), - 'smile_url' => stripslashes($HTTP_POST_VARS['smile_url']), + 'code' => htmlspecialchars(stripslashes($_POST['smile_code'])), + 'smile_url' => stripslashes($_POST['smile_url']), 'smile_width' => $smile_width, 'smile_height' => $smile_height, 'smile_order' => $smile_order, - 'emoticon' => stripslashes($HTTP_POST_VARS['smile_emotion']), - 'smile_on_posting' => (!empty($HTTP_POST_VARS['smile_on_posting'])) ? 1 : 0 + 'emoticon' => stripslashes($_POST['smile_emotion']), + 'smile_on_posting' => (!empty($_POST['smile_on_posting'])) ? 1 : 0 ); - $smile_id = $HTTP_POST_VARS['smile_id']; - $smile_order = $HTTP_POST_VARS['smile_order']; + $smile_id = $_POST['smile_id']; + $smile_order = $_POST['smile_order']; if ($mode == 'modify') { @@ -500,18 +491,18 @@ function update_smile_dimensions() if ($mode == 'modify') { $db->sql_query_array('UPDATE ' . SMILIES_TABLE . " SET WHERE smilies_id = $smile_id", $sql); - message_die(MESSAGE, $lang['Smile_edited'] . $click_return); + message_die(MESSAGE, $lang['Smile_edited']); } else { $db->sql_query_array('INSERT INTO ' . SMILIES_TABLE, $sql); - message_die(MESSAGE, $lang['Smile_added'] . $click_return); + message_die(MESSAGE, $lang['Smile_added']); } break; case 'move_up': case 'move_down': - $smile_order = intval($HTTP_GET_VARS['smile_order']); + $smile_order = intval($_GET['smile_order']); $order_total = $smile_order * 2 + (($mode == 'move_up') ? -1 : 1); $sql = 'UPDATE ' . SMILIES_TABLE . " diff --git a/phpBB/admin/admin_styles.php b/phpBB/admin/admin_styles.php index 1f6a020b58..c7b5a8888c 100644 --- a/phpBB/admin/admin_styles.php +++ b/phpBB/admin/admin_styles.php @@ -2,7 +2,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('styles') ) + if ( !$auth->acl_get('a_styles') ) { return; } @@ -27,7 +27,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$auth->get_acl_admin('styles') ) +if ( !$auth->acl_get('a_styles') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -48,26 +48,26 @@ closedir($dp); // // // -$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; +$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; switch ( $mode ) { case 'editimageset': - $imgroot = ( isset($HTTP_POST_VARS['imgroot']) ) ? $HTTP_POST_VARS['imgroot'] : 'subSilver'; + $imgroot = ( isset($_POST['imgroot']) ) ? $_POST['imgroot'] : 'subSilver'; - if ( isset($HTTP_POST_VARS['img_root']) ) + if ( isset($_POST['img_root']) ) { $sql = "SELECT * FROM " . STYLES_IMAGE_TABLE . " - WHERE imageset_path LIKE '" . $HTTP_POST_VARS['imgroot'] . "'"; + WHERE imageset_path LIKE '" . $_POST['imgroot'] . "'"; $result = $db->sql_query($sql); $images = $db->sql_fetchrow($result); } - if ( isset($HTTP_POST_VARS['img_addconfig']) ) + if ( isset($_POST['img_addconfig']) ) { } - else if ( isset($HTTP_POST_VARS['img_addlocal']) ) + else if ( isset($_POST['img_addlocal']) ) { } @@ -142,15 +142,15 @@ switch ( $mode ) case 'edittemplate': - $tplcols = ( isset($HTTP_POST_VARS['tplcols']) ) ? max(60, intval($HTTP_POST_VARS['tplcols'])) : 90; - $tplrows = ( isset($HTTP_POST_VARS['tplrows']) ) ? max(4, intval($HTTP_POST_VARS['tplrows'])) : 30; - $tplname = ( isset($HTTP_POST_VARS['tplname']) ) ? $HTTP_POST_VARS['tplname'] : ''; - $tplroot = ( isset($HTTP_POST_VARS['tplroot']) ) ? $HTTP_POST_VARS['tplroot'] : 'subSilver'; + $tplcols = ( isset($_POST['tplcols']) ) ? max(60, intval($_POST['tplcols'])) : 90; + $tplrows = ( isset($_POST['tplrows']) ) ? max(4, intval($_POST['tplrows'])) : 30; + $tplname = ( isset($_POST['tplname']) ) ? $_POST['tplname'] : ''; + $tplroot = ( isset($_POST['tplroot']) ) ? $_POST['tplroot'] : 'subSilver'; $str = ''; - if ( isset($HTTP_POST_VARS['tpl_compile']) && !empty($HTTP_POST_VARS['decompile']) ) + if ( isset($_POST['tpl_compile']) && !empty($_POST['decompile']) ) { - $str = "compile(stripslashes($HTTP_POST_VARS['decompile'])) . "\n?".">"; + $str = "compile(stripslashes($_POST['decompile'])) . "\n?".">"; $fp = fopen($phpbb_root_path . 'templates/cache/' . $tplroot . '/' . $tplname . '.html.' . $phpEx, 'w+'); fwrite ($fp, $str); @@ -162,7 +162,7 @@ switch ( $mode ) exit; } - else if ( !empty($tplname) && isset($HTTP_POST_VARS['tpl_name']) ) + else if ( !empty($tplname) && isset($_POST['tpl_name']) ) { $fp = fopen($phpbb_root_path . 'templates/cache/' . $tplroot . '/' . $tplname . '.html.' . $phpEx, 'r'); while ( !feof($fp) ) @@ -175,10 +175,10 @@ switch ( $mode ) } else { - $str = ( !empty($HTTP_POST_VARS['decompile']) ) ? stripslashes($HTTP_POST_VARS['decompile']) : ''; + $str = ( !empty($_POST['decompile']) ) ? stripslashes($_POST['decompile']) : ''; } - if ( isset($HTTP_POST_VARS['tpl_download']) ) + if ( isset($_POST['tpl_download']) ) { header("Content-Type: text/html; name=\"" . $tplname . ".html\""); header("Content-disposition: attachment; filename=" . $tplname . ".html"); @@ -242,9 +242,9 @@ switch ( $mode ) case 'edittheme': - $theme_id = ( isset($HTTP_POST_VARS['themeroot']) ) ? $HTTP_POST_VARS['themeroot'] : ''; + $theme_id = ( isset($_POST['themeroot']) ) ? $_POST['themeroot'] : ''; - if ( isset($HTTP_POST_VARS['update']) ) + if ( isset($_POST['update']) ) { $sql = "SELECT theme_id, theme_name FROM " . STYLES_CSS_TABLE . " @@ -255,8 +255,8 @@ switch ( $mode ) { $theme_name = $row['theme_name']; - $css_data = ( !empty($HTTP_POST_VARS['css_data']) ) ? htmlentities($HTTP_POST_VARS['css_data']) : ''; - $css_external = ( !empty($HTTP_POST_VARS['css_data']) ) ? $HTTP_POST_VARS['css_data'] : ''; + $css_data = ( !empty($_POST['css_data']) ) ? htmlentities($_POST['css_data']) : ''; + $css_external = ( !empty($_POST['css_data']) ) ? $_POST['css_data'] : ''; $sql = "UPDATE " > STYLES_CSS_TABLE . " SET css_data = '$css_data', css_external = '$css_external' diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index 9776106e86..c260b1d7ad 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('user') ) + if ( !$auth->acl_get('a_user') ) { return; } @@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('user') ) +if ( !$auth->acl_get('a_user') ) { return; } @@ -54,9 +54,9 @@ if ( !$auth->get_acl_admin('user') ) // // Set mode // -if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) +if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) { - $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -66,14 +66,14 @@ else // // Begin program // -if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS['u']) || isset( $HTTP_POST_VARS['u']) ) ) +if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) ) { // // Ok, the profile has been modified and submitted, let's update // - if( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) + if( ( $mode == 'save' && isset( $_POST['submit'] ) ) || isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) { - $user_id = intval( $HTTP_POST_VARS['id'] ); + $user_id = intval( $_POST['id'] ); $this_userdata = get_userdata($user_id); if( !$this_userdata ) @@ -81,46 +81,46 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) message_die(MESSAGE, $lang['No_user_id_specified'] ); } - $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : ''; - $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : ''; + $username = ( !empty($_POST['username']) ) ? trim(strip_tags( $_POST['username'] ) ) : ''; + $email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars( $_POST['email'] ) )) : ''; - $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : ''; - $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : ''; + $password = ( !empty($_POST['password']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password'] ) )) : ''; + $password_confirm = ( !empty($_POST['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password_confirm'] ) )) : ''; - $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : ''; - $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : ''; - $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : ''; - $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : ''; + $icq = ( !empty($_POST['icq']) ) ? trim(strip_tags( $_POST['icq'] ) ) : ''; + $aim = ( !empty($_POST['aim']) ) ? trim(strip_tags( $_POST['aim'] ) ) : ''; + $msn = ( !empty($_POST['msn']) ) ? trim(strip_tags( $_POST['msn'] ) ) : ''; + $yim = ( !empty($_POST['yim']) ) ? trim(strip_tags( $_POST['yim'] ) ) : ''; - $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : ''; - $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : ''; - $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : ''; - $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : ''; - $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('
', "\n", $HTTP_POST_VARS['signature'] ) ) : ''; + $website = ( !empty($_POST['website']) ) ? trim(strip_tags( $_POST['website'] ) ) : ''; + $location = ( !empty($_POST['location']) ) ? trim(strip_tags( $_POST['location'] ) ) : ''; + $occupation = ( !empty($_POST['occupation']) ) ? trim(strip_tags( $_POST['occupation'] ) ) : ''; + $interests = ( !empty($_POST['interests']) ) ? trim(strip_tags( $_POST['interests'] ) ) : ''; + $signature = ( !empty($_POST['signature']) ) ? trim(str_replace('
', "\n", $_POST['signature'] ) ) : ''; validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); - $viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0; - $allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE; - $notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0; - $notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE; - $popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE; - $attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0; + $viewemail = ( isset( $_POST['viewemail']) ) ? ( ( $_POST['viewemail'] ) ? TRUE : 0 ) : 0; + $allowviewonline = ( isset( $_POST['hideonline']) ) ? ( ( $_POST['hideonline'] ) ? 0 : TRUE ) : TRUE; + $notifyreply = ( isset( $_POST['notifyreply']) ) ? ( ( $_POST['notifyreply'] ) ? TRUE : 0 ) : 0; + $notifypm = ( isset( $_POST['notifypm']) ) ? ( ( $_POST['notifypm'] ) ? TRUE : 0 ) : TRUE; + $popuppm = ( isset( $_POST['popup_pm']) ) ? ( ( $_POST['popup_pm'] ) ? TRUE : 0 ) : TRUE; + $attachsig = ( isset( $_POST['attachsig']) ) ? ( ( $_POST['attachsig'] ) ? TRUE : 0 ) : 0; - $allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html']; - $allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode']; - $allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies']; + $allowhtml = ( isset( $_POST['allowhtml']) ) ? intval( $_POST['allowhtml'] ) : $board_config['allow_html']; + $allowbbcode = ( isset( $_POST['allowbbcode']) ) ? intval( $_POST['allowbbcode'] ) : $board_config['allow_bbcode']; + $allowsmilies = ( isset( $_POST['allowsmilies']) ) ? intval( $_POST['allowsmilies'] ) : $board_config['allow_smilies']; - $user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style']; - $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; - $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone']; - $user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template']; - $user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat']; + $user_style = ( $_POST['style'] ) ? intval( $_POST['style'] ) : $board_config['default_style']; + $user_lang = ( $_POST['language'] ) ? $_POST['language'] : $board_config['default_lang']; + $user_timezone = ( isset( $_POST['timezone']) ) ? doubleval( $_POST['timezone'] ) : $board_config['board_timezone']; + $user_template = ( $_POST['template'] ) ? $_POST['template'] : $board_config['board_template']; + $user_dateformat = ( $_POST['dateformat'] ) ? trim( $_POST['dateformat'] ) : $board_config['default_dateformat']; - $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] ) ) ? $HTTP_POST_VARS['avatarlocal'] : '' ); + $user_avatar_local = ( isset( $_POST['avatarselect'] ) && !empty($_POST['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $_POST['avatarselect'] : ( ( isset( $_POST['avatarlocal'] ) ) ? $_POST['avatarlocal'] : '' ); - $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : ''; - $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : ''; + $user_avatar_remoteurl = ( !empty($_POST['avatarremoteurl']) ) ? trim( $_POST['avatarremoteurl'] ) : ''; + $user_avatar_url = ( !empty($_POST['avatarurl']) ) ? trim( $_POST['avatarurl'] ) : ''; $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : ''; $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ''; $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; @@ -129,12 +129,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; - $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; - $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0; - $user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0; - $user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0; + $user_status = ( !empty($_POST['user_status']) ) ? intval( $_POST['user_status'] ) : 0; + $user_allowpm = ( !empty($_POST['user_allowpm']) ) ? intval( $_POST['user_allowpm'] ) : 0; + $user_rank = ( !empty($_POST['user_rank']) ) ? intval( $_POST['user_rank'] ) : 0; + $user_allowavatar = ( !empty($_POST['user_allowavatar']) ) ? intval( $_POST['user_allowavatar'] ) : 0; - if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) + if( isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) { $username = stripslashes($username); $email = stripslashes($email); @@ -155,7 +155,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_lang = stripslashes($user_lang); $user_dateformat = stripslashes($user_dateformat); - if ( !isset($HTTP_POST_VARS['cancelavatar'])) + if ( !isset($_POST['cancelavatar'])) { $user_avatar = $user_avatar_local; $user_avatar_type = USER_AVATAR_GALLERY; @@ -163,7 +163,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } } - if( isset( $HTTP_POST_VARS['submit'] ) ) + if( isset( $_POST['submit'] ) ) { include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); @@ -250,7 +250,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) // Avatar stuff // $avatar_sql = ''; - if( isset($HTTP_POST_VARS['avatardel']) ) + if( isset($_POST['avatardel']) ) { if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) { @@ -518,7 +518,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) // if( !$error ) { - if( $HTTP_POST_VARS['deleteuser'] ) + if( $_POST['deleteuser'] ) { $sql = "SELECT g.group_id FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g @@ -621,11 +621,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $user_dateformat = stripslashes($user_dateformat); } } - else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) ) + else if( !isset( $_POST['submit'] ) && $mode != 'save' && !isset( $_POST['avatargallery'] ) && !isset( $_POST['submitavatar'] ) && !isset( $_POST['cancelavatar'] ) ) { - if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) + if( isset( $_GET[POST_USERS_URL]) || isset( $_POST[POST_USERS_URL]) ) { - $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]); + $user_id = ( isset( $_POST[POST_USERS_URL]) ) ? intval( $_POST[POST_USERS_URL]) : intval( $_GET[POST_USERS_URL]); $this_userdata = get_userdata($user_id); if( !$this_userdata ) { @@ -634,7 +634,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } else { - $this_userdata = get_userdata( $HTTP_POST_VARS['username'] ); + $this_userdata = get_userdata( $_POST['username'] ); if( !$this_userdata ) { message_die(MESSAGE, $lang['No_user_id_specified'] ); @@ -689,11 +689,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) $smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF']; } - if( isset($HTTP_POST_VARS['avatargallery']) && !$error ) + if( isset($_POST['avatargallery']) && !$error ) { if( !$error ) { - $user_id = intval($HTTP_POST_VARS['id']); + $user_id = intval($_POST['id']); $template->set_filenames(array( "body" => "admin/user_avatar_gallery.tpl") @@ -730,9 +730,9 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) @closedir($dir); - if( isset($HTTP_POST_VARS['avatarcategory']) ) + if( isset($_POST['avatarcategory']) ) { - $category = $HTTP_POST_VARS['avatarcategory']; + $category = $_POST['avatarcategory']; } else { @@ -769,7 +769,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) } } - $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE; + $coppa = ( ( !$_POST['coppa'] && !$_GET['coppa'] ) || $mode == "register") ? 0 : TRUE; $s_hidden_fields = ''; $s_hidden_fields .= ''; diff --git a/phpBB/admin/admin_viewlogs.php b/phpBB/admin/admin_viewlogs.php index acc8844fe3..4fe5448bf4 100644 --- a/phpBB/admin/admin_viewlogs.php +++ b/phpBB/admin/admin_viewlogs.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -44,7 +44,7 @@ require('pagestart.' . $phpEx); // // Do we have styles admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { message_die(MESSAGE, $lang['No_admin']); } @@ -52,11 +52,11 @@ if ( !$auth->get_acl_admin('general') ) // // Set some variables // -$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -73,12 +73,12 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M // // Delete entries if requested and able // -if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs')) +if ( ( isset($_POST['delmarked']) || isset($_POST['delall']) ) && $auth->acl_get('a_clearlogs')) { $where_sql = ''; - if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) ) + if ( isset($_POST['delmarked']) && isset($_POST['mark']) ) { - foreach ( $HTTP_POST_VARS['mark'] as $marked ) + foreach ( $_POST['mark'] as $marked ) { $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($marked); } @@ -95,11 +95,11 @@ if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) // // Sorting ... this could become a function // -if ( isset($HTTP_POST_VARS['sort']) || $start ) +if ( isset($_POST['sort']) || $start ) { - if ( !empty($HTTP_POST_VARS['sort_days']) || !empty($HTTP_GET_VARS['sort_days']) ) + if ( !empty($_POST['sort_days']) || !empty($_GET['sort_days']) ) { - $sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']); + $sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']); $where_sql = time() - ( $sort_days * 86400 ); } else @@ -107,8 +107,8 @@ if ( isset($HTTP_POST_VARS['sort']) || $start ) $where_sql = 0; } - $sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key']; - $sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir']; + $sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key']; + $sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir']; } else { @@ -144,30 +144,11 @@ $sort_sql = $sort_by[$sort_key] . ' ' . ( ( $sort_dir == 'd' ) ? 'DESC' : 'ASC' // // Define forum list if we're looking @ mod logs // -$forum_options = ''; +$forum_box = ''; if ( $mode == 'mod' ) { - $sql = "SELECT forum_id, forum_name - FROM " . FORUMS_TABLE . " - ORDER BY cat_id, forum_order"; - $result = $db->sql_query($sql); - - if ( $row = $db->sql_fetchrow($result) ) - { - $forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : $row['forum_id']; - - do - { - $selected = ( $row['forum_id'] == $forum_id ) ? ' selected="selected"' : ''; - $forum_options .= ''; - } - while ( $row = $db->sql_fetchrow($result) ); - } - else - { - $forum_id = 0; - $forum_options = ''; - } + include($phpbb_root_path . '/includes/functions_admin.'.$phpEx); + $forum_box = make_forum_select('f'); } // @@ -190,7 +171,7 @@ if ( $mode == 'mod' ) ?>
- +
: :
get_acl_admin('clearlogs') ) + if ( $auth->acl_get('a_clearlogs') ) { ?> @@ -266,7 +247,7 @@ else   get_acl_admin('clearlogs') ) + if ( $auth->acl_get('a_clearlogs') ) { diff --git a/phpBB/admin/admin_words.php b/phpBB/admin/admin_words.php index ec152d47d7..08c3723ed0 100644 --- a/phpBB/admin/admin_words.php +++ b/phpBB/admin/admin_words.php @@ -21,7 +21,7 @@ if ( !empty($setmodules) ) { - if ( !$auth->get_acl_admin('general') ) + if ( !$auth->acl_get('a_general') ) { return; } @@ -42,7 +42,7 @@ require('pagestart.' . $phpEx); // // Do we have forum admin permissions? // -if ( !$auth->get_acl_admin('general') ) +if ( !$auth->acl_get('a_general') ) { return; } @@ -50,20 +50,20 @@ if ( !$auth->get_acl_admin('general') ) // // // -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; + $mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; } else { // // These could be entered via a form button // - if ( isset($HTTP_POST_VARS['add']) ) + if ( isset($_POST['add']) ) { $mode = 'add'; } - else if ( isset($HTTP_POST_VARS['save']) ) + else if ( isset($_POST['save']) ) { $mode = 'save'; } @@ -79,7 +79,7 @@ if( $mode != '' ) { case 'edit': case 'add': - $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; + $word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; $s_hidden_fields = ''; if ( $mode == 'edit' ) @@ -128,9 +128,9 @@ if( $mode != '' ) break; case 'save': - $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; - $word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : ''; - $replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : ''; + $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; + $word = ( isset($_POST['word']) ) ? trim($_POST['word']) : ''; + $replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : ''; if ( $word == '' || $replacement == '' ) { @@ -149,9 +149,9 @@ if( $mode != '' ) case 'delete': - if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) + if ( isset($_POST['id']) || isset($_GET['id']) ) { - $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']); + $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']); } else { diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index 3de4f0edeb..2580bccef7 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -37,7 +37,7 @@ require('pagestart.' . $phpEx); // // Do we have any admin permissions at all? // -if ( !$auth->get_acl_admin() ) +if ( !$auth->acl_get('a_') ) { message_die(MESSAGE, 'No_admin', '', true); } diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index 9791d1a1e1..59df5b0f40 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -31,55 +31,26 @@ include($phpbb_root_path . 'common.'.$phpEx); // Start session management // $userdata = $session->start($update); -$auth->acl($userdata); +$auth->acl($userdata, false, 'a_'); $user = new user($userdata); // // End session management // -// -// Configure style, language, etc. -// -//$session->configure($userdata); - // ----------------------------- // Functions -// function page_header($sub_title, $meta = '', $table_html = true) { - global $board_config, $db, $lang, $phpEx, $gzip_compress; - global $HTTP_SERVER_VARS; + global $board_config, $db, $lang, $phpEx; define('HEADER_INC', true); - // // gzip_compression - // - $gzip_compress = false; if ( $board_config['gzip_compress'] ) { - $phpver = phpversion(); - - if ( $phpver >= '4.0.4pl1' && strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'compatible') ) + if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() ) { - if ( extension_loaded('zlib') ) - { - ob_start('ob_gzhandler'); - } - } - else if ( $phpver > '4.0' ) - { - if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') ) - { - if ( extension_loaded('zlib') ) - { - $gzip_compress = true; - ob_start(); - ob_implicit_flush(0); - - header("Content-Encoding: gzip"); - } - } + ob_start('ob_gzhandler'); } } @@ -133,7 +104,7 @@ td.cat { background-image: url('images/cellpic1.gif') } function page_footer($copyright_html = true) { - global $board_config, $db, $lang, $phpEx, $gzip_compress; + global $board_config, $db, $lang, $phpEx; ?> @@ -157,37 +128,10 @@ function page_footer($copyright_html = true) } - // // Close our DB connection. - // $db->sql_close(); - // - // Compress buffered output if required - // and send to browser - // - if ( $gzip_compress ) - { - // - // Borrowed from php.net! - // - $gzip_contents = ob_get_contents(); - ob_end_clean(); - - $gzip_size = strlen($gzip_contents); - $gzip_crc = crc32($gzip_contents); - - $gzip_contents = gzcompress($gzip_contents, 9); - $gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4); - - echo "\x1f\x8b\x08\x00\x00\x00\x00\x00"; - echo $gzip_contents; - echo pack("V", $gzip_crc); - echo pack("V", $gzip_size); - } - exit; - } function page_message($title, $message, $show_header = false) @@ -305,7 +249,6 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id return; } -// // End Functions // ----------------------------- diff --git a/phpBB/faq.php b/phpBB/faq.php index e326fb0833..180c0902f5 100644 --- a/phpBB/faq.php +++ b/phpBB/faq.php @@ -24,26 +24,16 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -// // Start session management -// $userdata = $session->start(); $auth->acl($userdata); -// +$user = new user($userdata); // End session management -// -// -// Configure style, language, etc. -// -$session->configure($userdata); - -// // Load the appropriate faq file -// -if ( isset($HTTP_GET_VARS['mode']) ) +if ( isset($_GET['mode']) ) { - switch( $HTTP_GET_VARS['mode'] ) + switch( $_GET['mode'] ) { case 'bbcode': $lang_file = 'lang_bbcode'; @@ -60,11 +50,10 @@ else $lang_file = 'lang_faq'; $l_title = $lang['FAQ']; } -include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/' . $lang_file . '.' . $phpEx); -// +include($user->lang_path . $lang_file . '.' . $phpEx); + // Pull the array data from the lang pack -// $j = 0; $counter = 0; $counter_2 = 0; diff --git a/phpBB/index.php b/phpBB/index.php index a36ef5e66a..087ad7b4b7 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -39,11 +39,9 @@ else // Start session management $userdata = $session->start(); $auth->acl($userdata); +$user = new user($userdata); // End session management -// Configure style, language, etc. -$session->configure($userdata); - // Handle marking posts if ($mark_read == 'forums') { @@ -116,7 +114,7 @@ else { $is_nav = TRUE; - if (!$auth->get_acl($cat_id, 'forum', 'list')) + if (!$auth->acl_get('f_list', $cat_id)) { // TODO: Deal with hidden categories message_die(ERROR, $lang['Category_not_exist']); @@ -194,7 +192,7 @@ while ($row = $db->sql_fetchrow($result)) elseif ($row['display_on_index'] && $row['forum_status'] != ITEM_CATEGORY) { // Subforum, store it for direct linking - if ($auth->get_acl($row['forum_id'], 'forum', 'list')) + if ($auth->acl_get('f_list', $row['forum_id'])) { $subforums[$parent_id][] = $row; } diff --git a/phpBB/install/schemas/mysql_basic.sql b/phpBB/install/schemas/mysql_basic.sql index 31f6ca9425..8c62c70d88 100644 --- a/phpBB/install/schemas/mysql_basic.sql +++ b/phpBB/install/schemas/mysql_basic.sql @@ -86,59 +86,63 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_base_dn', '') INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_uid', ''); # -- auth options -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_list'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_read'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_post'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_reply'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_edit'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_delete'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_poll'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_vote'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_announce'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_sticky'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_attach'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_download'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_html'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_bbcode'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_smilies'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_img'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_flash'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_sigs'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_search'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_email'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_rate'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_print'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_ignoreflood'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_ignorequeue'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_edit'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_delete'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_move'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_lock'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_split'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_merge'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_approve'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_unrate'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_auth'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_list'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_read'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_post'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_reply'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_edit'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_delete'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_poll'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_vote'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_announce'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_sticky'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_attach'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_download'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_html'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_bbcode'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_smilies'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_img'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_flash'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_sigs'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_search'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_email'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_rate'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_print'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_ignoreflood'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_ignorequeue'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_general'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_user'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_group'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_forum'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_post'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_ban'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_auth'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_email'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_styles'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_backup'); -INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_clearlogs'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_edit'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_delete'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_move'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_lock'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_split'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_merge'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_approve'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_unrate'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_auth'); + +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_general'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_user'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_group'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_forum'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_post'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_ban'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_auth'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_email'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_styles'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_backup'); +INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_clearlogs'); # -- phpbb_styles INSERT INTO phpbb_styles (style_id, template_id, theme_id, imageset_id, style_name) VALUES (1, 1, 1, 1, 'subSilver'); # -- phpbb_styles_imageset -INSERT INTO phpbb_styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/icon_quote.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_edit.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_search.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_profile.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_pm.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_email.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_www.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_icq_add.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_aim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_yim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_msnm.gif" width="59" height="18" border="0"', '', '', '', '', '', '', '"imagesets/subSilver/icon_delete.gif" width="16" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_ip.gif" width="16" height="18" border="0"', '"imagesets/subSilver/icon_minipost.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_minipost_new.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_latest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/icon_newest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/folder_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_new_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_locked_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce_new.gif" width="19" height="18" border="0"', '', '', '"imagesets/subSilver/voting_lcap.gif" width="4" height="12" border="0"', '"imagesets/subSilver/voting_rcap.gif" height="12" border="0"', '"imagesets/subSilver/voting_bar.gif" width="4" height="12" border="0"', '"imagesets/subSilver/ratings/{RATE}.gif" width="45" height="17" border="0"'); +INSERT INTO phpbb_styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, sub_forum, sub_forum_new, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/icon_quote.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_edit.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_search.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_profile.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_pm.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_email.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_www.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_icq_add.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_aim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_yim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_msnm.gif" width="59" height="18" border="0"', '', '', '', '', '', '', '"imagesets/subSilver/icon_delete.gif" width="16" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_ip.gif" width="16" height="18" border="0"', '"imagesets/subSilver/icon_minipost.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_minipost_new.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_latest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/icon_newest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/folder_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_new_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_locked_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/subfolder_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/subfolder_new_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce_new.gif" width="19" height="18" border="0"', '', '', '"imagesets/subSilver/voting_lcap.gif" width="4" height="12" border="0"', '"imagesets/subSilver/voting_rcap.gif" height="12" border="0"', '"imagesets/subSilver/voting_bar.gif" width="4" height="12" border="0"', '"imagesets/subSilver/ratings/{RATE}.gif" width="45" height="17" border="0"'); # -- phpbb_styles_template INSERT INTO phpbb_styles_template (template_id, template_name, template_path, poll_length, pm_box_length, compile_crc) VALUES (1, 'subSilver © phpBB Group', 'subSilver', 205, 175, ''); @@ -177,16 +181,17 @@ INSERT INTO phpbb_user_group (group_id, user_id, user_pending) VALUES (5, 2, 0); # -- User auth +INSERT INTO phpbb_auth_users (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'm_%'; # -- Group auth -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 1, 1, auth_option_id, 4 FROM phpbb_auth_options WHERE auth_value IN ('forum_list', 'forum_read', 'forum_post', 'forum_reply'); -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'forum%'; -INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 5, 0, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'admin%'; +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 1, 1, auth_option_id, 4 FROM phpbb_auth_options WHERE auth_value IN ('f_list', 'f_read', 'f_post', 'f_reply'); +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'f_%'; +INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 5, 0, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'a_%'; # -- Prefetch auth -INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 0, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value IN ('forum_list', 'forum_read', 'forum_post', 'forum_reply'); -INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 0, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'admin%'; -INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'forum_mod%'; +INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 0, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value IN ('f_list', 'f_read', 'f_post', 'f_reply'); +INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 0, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'a_%'; +INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'm_%'; # -- Demo Topic diff --git a/phpBB/install/schemas/mysql_schema.sql b/phpBB/install/schemas/mysql_schema.sql index 943e09c506..189f867e0c 100644 --- a/phpBB/install/schemas/mysql_schema.sql +++ b/phpBB/install/schemas/mysql_schema.sql @@ -618,6 +618,7 @@ CREATE TABLE phpbb_users ( user_id mediumint(8) UNSIGNED NOT NULL auto_increment, user_active tinyint(1) DEFAULT '1', user_founder tinyint(1) DEFAULT '0' NOT NULL, + user_permissions text NULL, user_ip varchar(40), user_regdate int(11) DEFAULT '0' NOT NULL, username varchar(30) NOT NULL, diff --git a/phpBB/install/update_script.php b/phpBB/install/update_script.php index 011557b4e6..f03ada3459 100644 --- a/phpBB/install/update_script.php +++ b/phpBB/install/update_script.php @@ -20,7 +20,7 @@ $db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false); // // Updates to this version ... // -$version = '2.1.0 [20020817]'; +$version = '2.1.0 [20020820]'; // ---------------- // BEGIN VARS DEFNS @@ -506,7 +506,9 @@ switch ( $this_version ) $sql_ary = array( "INSERT INTO " . $table_prefix . "styles (style_id, template_id, theme_id, imageset_id, style_name) VALUES (1, 1, 1, 1, 'subSilver')", - "INSERT INTO " . $table_prefix . "styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_quote.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_edit.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_search.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_profile.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_pm.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_email.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_www.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_icq_add.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_aim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_yim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_msnm.gif\" width=\"59\" height=\"18\" border=\"0\"', '', '', '', '', '', '', '\"imagesets/subSilver/icon_delete.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_ip.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/icon_minipost.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_minipost_new.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_latest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_newest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/folder_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_new_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_locked_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '', '', '\"imagesets/subSilver/voting_lcap.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_rcap.gif\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_bar.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/ratings/{RATE}.gif\" width=\"45\" height=\"17\" border=\"0\"')", + "INSERT INTO " . $table_prefix . "styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_quote.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_edit.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_search.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_profile.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_pm.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_email.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_www.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_icq_add.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_aim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_yim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_msnm.gif\" width=\"59\" height=\"18\" border=\"0\"', '', '', '', '', '', '', '\"imagesets/subSilver/icon_delete.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_ip.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/icon_minipost.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_minipost_new.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_latest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_newest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/folder_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_new_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_locked_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '', '', '\"imagesets/subSilver/voting_lcap.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_rcap.gif\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_bar + +.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/ratings/{RATE}.gif\" width=\"45\" height=\"17\" border=\"0\"')", "INSERT INTO " . $table_prefix . "styles_template (template_id, template_name, template_path, poll_length, pm_box_length, compile_crc) VALUES (1, 'subSilver © phpBB Group', 'subSilver', 205, 175, '')", @@ -937,7 +939,11 @@ switch ( $this_version ) gen_str_ok(); - break; + case '2.1.0 [20020817]': + + $sql = "INSERT INTO phpbb_config (config_name, config_value) + VALUES ('ip_check', '4')"; + $db->sql_query($sql); default; print "* No updates needed
\n"; diff --git a/phpBB/language/en/lang_admin.php b/phpBB/language/en/lang_admin.php index c9e5e34053..737f136435 100644 --- a/phpBB/language/en/lang_admin.php +++ b/phpBB/language/en/lang_admin.php @@ -168,7 +168,7 @@ $lang = array_merge($lang, array( 'Restore_Error_no_file' => 'No file was uploaded', 'Permissions_explain' => 'Here you can alter which users and groups can access which forums. Permissions can be set for individual operations such as; reading, posting, voting, etc via the Advanced form. This page only applies to forum permissions. To assign moderators or define administrators please use the appropriate page (see left hand side menu).', 'Permissions_extra_explain' => 'Permissions are based on a; PERMIT, ALLOW, DENY, PREVENT system. By default users and groups are set to DENY access to all operations, to do anything users or groups have to be granted ALLOW access. When conflicts exist, e.g. a user having ALLOW permissions to a function belongs to a group that is set to DENY such a function the user setting takes precidence, i.e. in this case the user would be ALLOWed access to this function. Similarly a user denied access to a function will be denied even if they belong to a group that grants them access. If a user belongs to two groups one of which grants an ALLOW while another is set to DENY the user will be denied access.', - 'Permissions_extra2_explain' => 'There may be times when you want to deny (or allow) access to a group no matter what their individual user settings are, this is what PERMIT and PREVENT are for. By setting a user (or more likely a group) to one of these will PERMIT (ALLOW) or PREVENT (DENY) access to a function no matter what their user settings are. You may find this useful for things such as \"banned\" groups, etc. doing away with any need to check for individual user permissions.', + 'Permissions_extra2_explain' => 'There may be times when you want to deny (or allow) access to a group no matter what their individual user settings are, this is what PERMIT and PREVENT are for. By setting a user (or more likely a group) to one of these will PERMIT (ALLOW) or PREVENT (DENY) access to a function no matter what their user settings are. You may find this useful for things such as "banned" groups, etc. doing away with any need to check for individual user permissions.', 'Moderators' => 'Moderators', 'Moderators_explain' => 'Here you can assign users and groups as forum moderators. You can give users or groups individual access to certain moderator functions as you set fit via the Advanced form. Moderators have additional power in a given forum and by default can post and reply even when a forum or topic is locked.', 'Super_Moderators' => 'Super Moderators', @@ -196,50 +196,50 @@ $lang = array_merge($lang, array( 'Permit' => 'Permit', 'Deny' => 'Deny', 'Prevent' => 'Prevent', - 'acl_admin_general' => 'General Settings', - 'acl_admin_user' => 'Users', - 'acl_admin_group' => 'Groups', - 'acl_admin_forum' => 'Forums', - 'acl_admin_post' => 'Posts', - 'acl_admin_ban' => 'Banning', - 'acl_admin_auth' => 'Permissions', - 'acl_admin_email' => 'Email', - 'acl_admin_styles' => 'Styles', - 'acl_admin_backup' => 'Backups', - 'acl_admin_clearlogs' => 'Clear Admin Log', - 'acl_mod_edit' => 'Edit posts', - 'acl_mod_delete' => 'Delete posts', - 'acl_mod_move' => 'Move posts', - 'acl_mod_lock' => 'Lock topics', - 'acl_mod_split' => 'Split topics', - 'acl_mod_merge' => 'Merge topics', - 'acl_mod_approve' => 'Approve posts', - 'acl_mod_unrate' => 'Un-rate topics', - 'acl_mod_auth' => 'Set permissions', - 'acl_forum_list' => 'See forum', - 'acl_forum_read' => 'Read forum', - 'acl_forum_post' => 'Post in forum', - 'acl_forum_reply' => 'Reply to posts', - 'acl_forum_edit' => 'Edit own posts', - 'acl_forum_delete' => 'Delete own posts', - 'acl_forum_poll' => 'Create polls', - 'acl_forum_vote' => 'Vote in polls', - 'acl_forum_announce' => 'Post announcements', - 'acl_forum_sticky' => 'Post stickies', - 'acl_forum_attach' => 'Attach files', - 'acl_forum_download' => 'Download files', - 'acl_forum_html' => 'Post HTML', - 'acl_forum_bbcode' => 'Post BBCode', - 'acl_forum_smilies' => 'Post smilies', - 'acl_forum_img' => 'Post images', - 'acl_forum_flash' => 'Post Flash', - 'acl_forum_sigs' => 'Use signatures', - 'acl_forum_search' => 'Search the forum', - 'acl_forum_email' => 'Email topics', - 'acl_forum_rate' => 'Rate topics', - 'acl_forum_print' => 'Print topics', - 'acl_forum_ignoreflood' => 'Ignore flood limit', - 'acl_forum_ignorequeue' => 'Ignore mod queue', + 'acl_a_general' => 'General Settings', + 'acl_a_user' => 'Users', + 'acl_a_group' => 'Groups', + 'acl_a_forum' => 'Forums', + 'acl_a_post' => 'Posts', + 'acl_a_ban' => 'Banning', + 'acl_a_auth' => 'Permissions', + 'acl_a_email' => 'Email', + 'acl_a_styles' => 'Styles', + 'acl_a_backup' => 'Backups', + 'acl_a_clearlogs' => 'Clear Admin Log', + 'acl_m__edit' => 'Edit posts', + 'acl_m__delete' => 'Delete posts', + 'acl_m__move' => 'Move posts', + 'acl_m__lock' => 'Lock topics', + 'acl_m__split' => 'Split topics', + 'acl_m__merge' => 'Merge topics', + 'acl_m__approve' => 'Approve posts', + 'acl_m__unrate' => 'Un-rate topics', + 'acl_m__auth' => 'Set permissions', + 'acl_f_list' => 'See forum', + 'acl_f_read' => 'Read forum', + 'acl_f_post' => 'Post in forum', + 'acl_f_reply' => 'Reply to posts', + 'acl_f_edit' => 'Edit own posts', + 'acl_f_delete' => 'Delete own posts', + 'acl_f_poll' => 'Create polls', + 'acl_f_vote' => 'Vote in polls', + 'acl_f_announce' => 'Post announcements', + 'acl_f_sticky' => 'Post stickies', + 'acl_f_attach' => 'Attach files', + 'acl_f_download' => 'Download files', + 'acl_f_html' => 'Post HTML', + 'acl_f_bbcode' => 'Post BBCode', + 'acl_f_smilies' => 'Post smilies', + 'acl_f_img' => 'Post images', + 'acl_f_flash' => 'Post Flash', + 'acl_f_sigs' => 'Use signatures', + 'acl_f_search' => 'Search the forum', + 'acl_f_email' => 'Email topics', + 'acl_f_rate' => 'Rate topics', + 'acl_f_print' => 'Print topics', + 'acl_f_ignoreflood' => 'Ignore flood limit', + 'acl_f_ignorequeue' => 'Ignore mod queue', 'Auth_updated' => 'Permissions have been updated', 'Prune_users' => 'Prune Users', 'Prune_users_explain' => 'Here you can delete (or deactivate) users from you board. This can be done in a variety of ways; by post count, last activity, etc. Each of these criteria can be combined, i.e. you can prune users last active before 2002-01-01 with fewer than 10 posts. Alternatively you can enter a list of users directly into the text box, any criteria entered will be ignored. Take care with this facility! Once a user is deleted there is no way back.', diff --git a/phpBB/language/en/lang_main.php b/phpBB/language/en/lang_main.php index 7f9378594e..6ad21d3c56 100644 --- a/phpBB/language/en/lang_main.php +++ b/phpBB/language/en/lang_main.php @@ -19,7 +19,7 @@ * ***************************************************************************/ - $lang = array_merge($lang, array( +$lang = array_merge($lang, array( 'ENCODING' => 'iso-8859-15', 'DIRECTION' => 'ltr', 'LEFT' => 'left', @@ -711,24 +711,24 @@ '-3' => 'GMT - 3 Hours', '-2' => 'GMT - 2 Hours', '-1' => 'GMT - 1 Hours', - 0 => 'GMT', - 1 => 'GMT + 1 Hour', - 2 => 'GMT + 2 Hours', - 3 => 'GMT + 3 Hours', + '0' => 'GMT', + '1' => 'GMT + 1 Hour', + '2' => 'GMT + 2 Hours', + '3' => 'GMT + 3 Hours', '3.5' => 'GMT + 3.5 Hours', - 4 => 'GMT + 4 Hours', + '4' => 'GMT + 4 Hours', '4.5' => 'GMT + 4.5 Hours', - 5 => 'GMT + 5 Hours', + '5' => 'GMT + 5 Hours', '5.5' => 'GMT + 5.5 Hours', - 6 => 'GMT + 6 Hours', + '6' => 'GMT + 6 Hours', '6.5' => 'GMT + 6.5 Hours', - 7 => 'GMT + 7 Hours', - 8 => 'GMT + 8 Hours', - 9 => 'GMT + 9 Hours', + '7' => 'GMT + 7 Hours', + '8' => 'GMT + 8 Hours', + '9' => 'GMT + 9 Hours', '9.5' => 'GMT + 9.5 Hours', - 10 => 'GMT + 10 Hours', - 11 => 'GMT + 11 Hours', - 12 => 'GMT + 12 Hours', + '10' => 'GMT + 10 Hours', + '11' => 'GMT + 11 Hours', + '12' => 'GMT + 12 Hours', 'tz' => array( '-12' => 'GMT - 12 Hours', '-11' => 'GMT - 11 Hours', @@ -800,8 +800,11 @@ 'Sep' => 'Sep', 'Oct' => 'Oct', 'Nov' => 'Nov', - 'Dec' => 'Dec' + 'Dec' => 'Dec', + 'AM' => 'AM', + 'PM' => 'PM' ), + 'Information' => 'Information', 'Critical_Information' => 'Critical Information', 'General_Error' => 'General Error', diff --git a/phpBB/login.php b/phpBB/login.php index b1c3a9f952..b6f9e54554 100644 --- a/phpBB/login.php +++ b/phpBB/login.php @@ -26,16 +26,11 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -// // Set page ID for session management -// $userdata = $session->start(); $auth = new auth($userdata); - -$session->configure($userdata); -// +$user = new user($userdata); // End session management -// // // This appears to work for IIS5 CGI under Win2K. Uses getenv since this doesn't exist for @@ -43,24 +38,22 @@ $session->configure($userdata); // $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; -extract($HTTP_GET_VARS); -extract($HTTP_POST_VARS); +extract($_GET); +extract($_POST); -$redirect = ( !empty($redirect) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : ''; +$redirect = ( !empty($redirect) ) ? $_SERVER['QUERY_STRING'] : ''; -// // Do the login/logout/form/whatever -// if ( isset($login) || isset($logout) ) { - if ( isset($login) && $userdata['user_id'] == ANONYMOUS ) + if ( isset($login) && !$userdata['user_id'] ) { $autologin = ( !empty($autologin) ) ? true : false; // // Is the board disabled? Are we an admin? No, then back to the index we go // - if ( $board_config['board_disable'] && !$auth->get_acl_admin() ) + if ( $board_config['board_disable'] && !$auth->acl_get('a_') ) { header($header_location . "index.$phpEx$SID"); exit; @@ -76,7 +69,7 @@ if ( isset($login) || isset($logout) ) message_die(MESSAGE, $message); } } - else if ( $userdata['user_id'] != ANONYMOUS ) + else if ( $userdata['user_id'] ) { $session->destroy($userdata); } @@ -89,7 +82,7 @@ if ( isset($login) || isset($logout) ) exit; } -if ( $userdata['user_id'] == ANONYMOUS ) +if ( !$userdata['user_id'] ) { $template->assign_vars(array( 'L_ENTER_PASSWORD' => $lang['Enter_password'], diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 4c0d7dd2a1..584efbeddf 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -24,49 +24,44 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -// // Start session management -// $userdata = $session->start(); $auth->acl($userdata); - -$session->configure($userdata); -// +$user = new user($userdata); // End session management -// -$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; -$form = ( !empty($HTTP_GET_VARS['form']) ) ? $HTTP_GET_VARS['form'] : 0; -$field = ( isset($HTTP_GET_VARS['field']) ) ? $HTTP_GET_VARS['field'] : 'username'; +$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; +$form = ( !empty($_GET['form']) ) ? $_GET['form'] : 0; +$field = ( isset($_GET['field']) ) ? $_GET['field'] : 'username'; -$sort_by = ( !empty($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : ( ( !empty($HTTP_GET_VARS['sort_by']) ) ? $HTTP_GET_VARS['sort_by'] : '4' ); -$sort_order = ( !empty($HTTP_POST_VARS['sort_order']) ) ? $HTTP_POST_VARS['sort_order'] : ( ( !empty($HTTP_GET_VARS['sort_order']) ) ? $HTTP_GET_VARS['sort_order'] : 'd' ); +$sort_by = ( !empty($_POST['sort_by']) ) ? intval($_POST['sort_by']) : ( ( !empty($_GET['sort_by']) ) ? $_GET['sort_by'] : '4' ); +$sort_order = ( !empty($_POST['sort_order']) ) ? $_POST['sort_order'] : ( ( !empty($_GET['sort_order']) ) ? $_GET['sort_order'] : 'd' ); -$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ( ( !empty($HTTP_GET_VARS['username']) ) ? $HTTP_GET_VARS['username'] : '' ); -$email = ( !empty($HTTP_POST_VARS['email']) ) ? $HTTP_POST_VARS['email'] : ( ( !empty($HTTP_GET_VARS['email']) ) ? $HTTP_GET_VARS['email'] : '' ); -$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? intval($HTTP_POST_VARS['icq']) : ( ( !empty($HTTP_GET_VARS['icq']) ) ? $HTTP_GET_VARS['icq'] : '' ); -$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? $HTTP_POST_VARS['aim'] : ( ( !empty($HTTP_GET_VARS['aim']) ) ? $HTTP_GET_VARS['aim'] : '' ); -$yahoo = ( !empty($HTTP_POST_VARS['yahoo']) ) ? $HTTP_POST_VARS['yahoo'] : ( ( !empty($HTTP_GET_VARS['yahoo']) ) ? $HTTP_GET_VARS['yahoo'] : '' ); -$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? $HTTP_POST_VARS['msn'] : ( ( !empty($HTTP_GET_VARS['msn']) ) ? $HTTP_GET_VARS['msn'] : '' ); +$username = ( !empty($_POST['username']) ) ? $_POST['username'] : ( ( !empty($_GET['username']) ) ? $_GET['username'] : '' ); +$email = ( !empty($_POST['email']) ) ? $_POST['email'] : ( ( !empty($_GET['email']) ) ? $_GET['email'] : '' ); +$icq = ( !empty($_POST['icq']) ) ? intval($_POST['icq']) : ( ( !empty($_GET['icq']) ) ? $_GET['icq'] : '' ); +$aim = ( !empty($_POST['aim']) ) ? $_POST['aim'] : ( ( !empty($_GET['aim']) ) ? $_GET['aim'] : '' ); +$yahoo = ( !empty($_POST['yahoo']) ) ? $_POST['yahoo'] : ( ( !empty($_GET['yahoo']) ) ? $_GET['yahoo'] : '' ); +$msn = ( !empty($_POST['msn']) ) ? $_POST['msn'] : ( ( !empty($_GET['msn']) ) ? $_GET['msn'] : '' ); -$joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : ( ( !empty($HTTP_GET_VARS['joined_select']) ) ? $HTTP_GET_VARS['joined_select'] : 'lt' ); -$active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] : ( ( !empty($HTTP_GET_VARS['active_select']) ) ? $HTTP_GET_VARS['active_select'] : 'lt' ); -$count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : ( ( !empty($HTTP_GET_VARS['count_select']) ) ? $HTTP_GET_VARS['count_select'] : 'eq' ); -$joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : ( ( !empty($HTTP_GET_VARS['joined']) ) ? explode('-', $HTTP_GET_VARS['joined']) : array() ); -$active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) : ( ( !empty($HTTP_GET_VARS['active']) ) ? explode('-', $HTTP_GET_VARS['active']) : array() ); -$count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ( ( !empty($HTTP_GET_VARS['count']) ) ? $HTTP_GET_VARS['count'] : '' ); +$joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : ( ( !empty($_GET['joined_select']) ) ? $_GET['joined_select'] : 'lt' ); +$active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] : ( ( !empty($_GET['active_select']) ) ? $_GET['active_select'] : 'lt' ); +$count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : ( ( !empty($_GET['count_select']) ) ? $_GET['count_select'] : 'eq' ); +$joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : ( ( !empty($_GET['joined']) ) ? explode('-', $_GET['joined']) : array() ); +$active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) : ( ( !empty($_GET['active']) ) ? explode('-', $_GET['active']) : array() ); +$count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ( ( !empty($_GET['count']) ) ? $_GET['count'] : '' ); -if ( isset($HTTP_POST_VARS['order']) ) +if ( isset($_POST['order']) ) { - $sort_order = ($HTTP_POST_VARS['order'] == 'a') ? 'ASC' : 'DESC'; + $sort_order = ($_POST['order'] == 'a') ? 'ASC' : 'DESC'; } -else if ( isset($HTTP_GET_VARS['order']) ) +else if ( isset($_GET['order']) ) { - $sort_order = ($HTTP_GET_VARS['order'] == 'a') ? 'ASC' : 'DESC'; + $sort_order = ($_GET['order'] == 'a') ? 'ASC' : 'DESC'; } else { @@ -129,9 +124,9 @@ $template->assign_vars(array( 'S_MODE_ACTION' => "memberlist.$phpEx$SID") ); -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; switch( $mode ) { @@ -181,11 +176,11 @@ if ( $row = $db->sql_fetchrow($result) ) $user_id = $row['user_id']; $from = ( !empty($row['user_from']) ) ? $row['user_from'] : ' '; - $joined = create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']); + $joined = $user->format_date($row['user_regdate'], $lang['DATE_FORMAT']); $posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0; $poster_avatar = ''; - if ( $row['user_avatar_type'] && $user_id != ANONYMOUS && $row['user_allowavatar'] ) + if ( $row['user_avatar_type'] && $user_id && $row['user_allowavatar'] ) { switch( $row['user_avatar_type'] ) { @@ -201,7 +196,7 @@ if ( $row = $db->sql_fetchrow($result) ) } } - if ( $row['user_viewemail'] || $auth->get_acl_admin() ) + if ( $row['user_viewemail'] || $auth->acl_get('a_') ) { $email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&mode=email&u=" . $user_id : 'mailto:' . $row['user_email']; @@ -302,30 +297,30 @@ include($phpbb_root_path . 'includes/page_tail.'.$phpEx); // Username search function username_search() { - global $SID, $HTTP_GET_VARS, $HTTP_POST_VARS, $phpEx, $phpbb_root_path; - global $db, $board_config, $template, $auth, $lang, $theme; + global $SID, $phpEx, $phpbb_root_path; + global $db, $board_config, $template, $auth, $lang, $theme, $user; global $starttime; - $form = ( !empty($HTTP_GET_VARS['form']) ) ? $HTTP_GET_VARS['form'] : 0; - $field = ( isset($HTTP_GET_VARS['field']) ) ? $HTTP_GET_VARS['field'] : 'username'; - $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; + $form = ( !empty($_GET['form']) ) ? $_GET['form'] : 0; + $field = ( isset($_GET['field']) ) ? $_GET['field'] : 'username'; + $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; - $sort_by = ( !empty($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : ( ( !empty($HTTP_GET_VARS['sort_by']) ) ? $HTTP_GET_VARS['sort_by'] : '4' ); - $sort_order = ( !empty($HTTP_POST_VARS['sort_order']) ) ? $HTTP_POST_VARS['sort_order'] : ( ( !empty($HTTP_GET_VARS['sort_order']) ) ? $HTTP_GET_VARS['sort_order'] : 'd' ); + $sort_by = ( !empty($_POST['sort_by']) ) ? intval($_POST['sort_by']) : ( ( !empty($_GET['sort_by']) ) ? $_GET['sort_by'] : '4' ); + $sort_order = ( !empty($_POST['sort_order']) ) ? $_POST['sort_order'] : ( ( !empty($_GET['sort_order']) ) ? $_GET['sort_order'] : 'd' ); - $username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ( ( !empty($HTTP_GET_VARS['username']) ) ? $HTTP_GET_VARS['username'] : '' ); - $email = ( !empty($HTTP_POST_VARS['email']) ) ? $HTTP_POST_VARS['email'] : ( ( !empty($HTTP_GET_VARS['email']) ) ? $HTTP_GET_VARS['email'] : '' ); - $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? intval($HTTP_POST_VARS['icq']) : ( ( !empty($HTTP_GET_VARS['icq']) ) ? $HTTP_GET_VARS['icq'] : '' ); - $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? $HTTP_POST_VARS['aim'] : ( ( !empty($HTTP_GET_VARS['aim']) ) ? $HTTP_GET_VARS['aim'] : '' ); - $yahoo = ( !empty($HTTP_POST_VARS['yahoo']) ) ? $HTTP_POST_VARS['yahoo'] : ( ( !empty($HTTP_GET_VARS['yahoo']) ) ? $HTTP_GET_VARS['yahoo'] : '' ); - $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? $HTTP_POST_VARS['msn'] : ( ( !empty($HTTP_GET_VARS['msn']) ) ? $HTTP_GET_VARS['msn'] : '' ); + $username = ( !empty($_POST['username']) ) ? $_POST['username'] : ( ( !empty($_GET['username']) ) ? $_GET['username'] : '' ); + $email = ( !empty($_POST['email']) ) ? $_POST['email'] : ( ( !empty($_GET['email']) ) ? $_GET['email'] : '' ); + $icq = ( !empty($_POST['icq']) ) ? intval($_POST['icq']) : ( ( !empty($_GET['icq']) ) ? $_GET['icq'] : '' ); + $aim = ( !empty($_POST['aim']) ) ? $_POST['aim'] : ( ( !empty($_GET['aim']) ) ? $_GET['aim'] : '' ); + $yahoo = ( !empty($_POST['yahoo']) ) ? $_POST['yahoo'] : ( ( !empty($_GET['yahoo']) ) ? $_GET['yahoo'] : '' ); + $msn = ( !empty($_POST['msn']) ) ? $_POST['msn'] : ( ( !empty($_GET['msn']) ) ? $_GET['msn'] : '' ); - $joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : ( ( !empty($HTTP_GET_VARS['joined_select']) ) ? $HTTP_GET_VARS['joined_select'] : 'lt' ); - $active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] : ( ( !empty($HTTP_GET_VARS['active_select']) ) ? $HTTP_GET_VARS['active_select'] : 'lt' ); - $count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : ( ( !empty($HTTP_GET_VARS['count_select']) ) ? $HTTP_GET_VARS['count_select'] : 'eq' ); - $joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : ( ( !empty($HTTP_GET_VARS['joined']) ) ? explode('-', $HTTP_GET_VARS['joined']) : array() ); - $active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) : ( ( !empty($HTTP_GET_VARS['active']) ) ? explode('-', $HTTP_GET_VARS['active']) : array() ); - $count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ( ( !empty($HTTP_GET_VARS['count']) ) ? $HTTP_GET_VARS['count'] : '' ); + $joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : ( ( !empty($_GET['joined_select']) ) ? $_GET['joined_select'] : 'lt' ); + $active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] : ( ( !empty($_GET['active_select']) ) ? $_GET['active_select'] : 'lt' ); + $count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : ( ( !empty($_GET['count_select']) ) ? $_GET['count_select'] : 'eq' ); + $joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : ( ( !empty($_GET['joined']) ) ? explode('-', $_GET['joined']) : array() ); + $active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) : ( ( !empty($_GET['active']) ) ? explode('-', $_GET['active']) : array() ); + $count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ( ( !empty($_GET['count']) ) ? $_GET['count'] : '' ); // // @@ -467,9 +462,9 @@ function username_search() $username = $row['username']; $user_id = $row['user_id']; - $joined = create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']); + $joined = $user->format_date($row['user_regdate'], $lang['DATE_FORMAT']); $posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0; - $active = ( !$row['user_lastvisit'] ) ? $lang['Never'] : create_date($lang['DATE_FORMAT'], $row['user_lastvisit'], $board_config['board_timezone']); + $active = ( !$row['user_lastvisit'] ) ? $lang['Never'] : $user->format_date($row['user_lastvisit'], $lang['DATE_FORMAT']); $temp_url = "profile.$phpEx$SID&mode=viewprofile&u=$user_id"; $profile_img = '' . create_img($theme['icon_profile'], $lang['Read_profile']) . ''; diff --git a/phpBB/modcp.php b/phpBB/modcp.php index e64953eb0d..8dc2105934 100644 --- a/phpBB/modcp.php +++ b/phpBB/modcp.php @@ -23,46 +23,45 @@ define('IN_PHPBB', true); $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -include($phpbb_root_path . 'includes/bbcode.'.$phpEx); include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // // Obtain initial var settings // -if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) ) +if ( isset($_GET['f']) || isset($_POST['f']) ) { - $forum_id = (isset($HTTP_POST_VARS['f'])) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']); + $forum_id = (isset($_POST['f'])) ? intval($_POST['f']) : intval($_GET['f']); } else { $forum_id = ''; } -if ( isset($HTTP_GET_VARS['p']) || isset($HTTP_POST_VARS['p']) ) +if ( isset($_GET['p']) || isset($_POST['p']) ) { - $post_id = (isset($HTTP_POST_VARS['p'])) ? intval($HTTP_POST_VARS['p']) : intval($HTTP_GET_VARS['p']); + $post_id = (isset($_POST['p'])) ? intval($_POST['p']) : intval($_GET['p']); } else { $post_id = ''; } -if ( isset($HTTP_GET_VARS['t']) || isset($HTTP_POST_VARS['t']) ) +if ( isset($_GET['t']) || isset($_POST['t']) ) { - $topic_id = (isset($HTTP_POST_VARS['t'])) ? intval($HTTP_POST_VARS['t']) : intval($HTTP_GET_VARS['t']); + $topic_id = (isset($_POST['t'])) ? intval($_POST['t']) : intval($_GET['t']); } else { $topic_id = ''; } -$confirm = ( !empty($HTTP_POST_VARS['confirm']) ) ? TRUE : 0; +$confirm = ( !empty($_POST['confirm']) ) ? TRUE : 0; // // Check if user did or did not confirm // If they did not, forward them to the last page they were on // -if ( isset($HTTP_POST_VARS['cancel']) ) +if ( isset($_POST['cancel']) ) { if ( $topic_id ) { @@ -82,19 +81,26 @@ if ( isset($HTTP_POST_VARS['cancel']) ) exit; } +// Start session management +$userdata = $session->start(); +$auth->acl($userdata, $forum_id); +$user = new user($userdata); +// End session management + + // // Continue var definitions // -$start = ( isset($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0; +$start = ( isset($_GET['start']) ) ? $_GET['start'] : 0; -$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : FALSE; -$move = ( isset($HTTP_POST_VARS['move']) ) ? TRUE : FALSE; -$lock = ( isset($HTTP_POST_VARS['lock']) ) ? TRUE : FALSE; -$unlock = ( isset($HTTP_POST_VARS['unlock']) ) ? TRUE : FALSE; +$delete = ( isset($_POST['delete']) ) ? TRUE : FALSE; +$move = ( isset($_POST['move']) ) ? TRUE : FALSE; +$lock = ( isset($_POST['lock']) ) ? TRUE : FALSE; +$unlock = ( isset($_POST['unlock']) ) ? TRUE : FALSE; -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { @@ -120,16 +126,6 @@ else } } -// -// Start session management -// -$userdata = $session->start(); -$auth->acl($userdata, $forum_id); -// -// End session management -// -$session->configure($userdata); - // // Obtain relevant data // @@ -167,7 +163,7 @@ else // // Auth check // -if ( !$auth->get_acl($forum_id, 'mod') ) +if ( !$auth->acl_get('m_', $forum_id) && !$auth->acl_get('a_') ) { message_die(MESSAGE, $lang['Not_Moderator'], $lang['Not_Authorised']); } @@ -185,7 +181,7 @@ switch( $mode ) { include($phpbb_root_path . 'includes/functions_search.'.$phpEx); - $topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id); + $topics = ( isset($_POST['topic_id_list']) ) ? $_POST['topic_id_list'] : array($topic_id); $topic_id_sql = ''; for($i = 0; $i < count($topics); $i++) @@ -293,16 +289,16 @@ switch( $mode ) { // Not confirmed, show confirmation message - if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) ) + if ( empty($_POST['topic_id_list']) && empty($topic_id) ) { message_die(GENERAL_MESSAGE, $lang['None_selected']); } $hidden_fields = ''; - if ( isset($HTTP_POST_VARS['topic_id_list']) ) + if ( isset($_POST['topic_id_list']) ) { - $topics = $HTTP_POST_VARS['topic_id_list']; + $topics = $_POST['topic_id_list']; for($i = 0; $i < count($topics); $i++) { $hidden_fields .= ''; @@ -343,12 +339,12 @@ switch( $mode ) if ( $confirm ) { - $new_forum_id = $HTTP_POST_VARS['new_forum']; + $new_forum_id = $_POST['new_forum']; $old_forum_id = $forum_id; if ( $new_forum_id != $old_forum_id ) { - $topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id); + $topics = ( isset($_POST['topic_id_list']) ) ? $_POST['topic_id_list'] : array($topic_id); $topic_list = ''; for($i = 0; $i < count($topics); $i++) @@ -372,7 +368,7 @@ switch( $mode ) { $topic_id = $row[$i]['topic_id']; - if ( isset($HTTP_POST_VARS['move_leave_shadow']) ) + if ( isset($_POST['move_leave_shadow']) ) { // Insert topic in the old forum that indicates that the forum has moved. $sql = "INSERT INTO " . TOPICS_TABLE . " (forum_id, topic_title, topic_poster, topic_time, topic_status, topic_type, topic_vote, topic_views, topic_replies, topic_first_post_id, topic_last_post_id, topic_moved_id) @@ -433,16 +429,16 @@ switch( $mode ) } else { - if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) ) + if ( empty($_POST['topic_id_list']) && empty($topic_id) ) { message_die(GENERAL_MESSAGE, $lang['None_selected']); } $hidden_fields = ''; - if ( isset($HTTP_POST_VARS['topic_id_list']) ) + if ( isset($_POST['topic_id_list']) ) { - $topics = $HTTP_POST_VARS['topic_id_list']; + $topics = $_POST['topic_id_list']; for($i = 0; $i < count($topics); $i++) { @@ -482,7 +478,7 @@ switch( $mode ) break; case 'lock': - $topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id); + $topics = ( isset($_POST['topic_id_list']) ) ? $_POST['topic_id_list'] : array($topic_id); $topic_id_sql = ''; for($i = 0; $i < count($topics); $i++) @@ -521,7 +517,7 @@ switch( $mode ) break; case 'unlock': - $topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id); + $topics = ( isset($_POST['topic_id_list']) ) ? $_POST['topic_id_list'] : array($topic_id); $topic_id_sql = ''; for($i = 0; $i < count($topics); $i++) @@ -533,29 +529,26 @@ switch( $mode ) SET topic_status = " . TOPIC_UNLOCKED . " WHERE topic_id IN ($topic_id_sql) AND topic_moved_id = 0"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not update topics table', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); if ( !empty($topic_id) ) { - $redirect_page = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id"); + $redirect_page = "viewtopic.$phpEx$SID&t=$topic_id"; $message = sprintf($lang['Click_return_topic'], '', ''); } else { - $redirect_page = append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id"); + $redirect_page = "modcp.$phpEx$SID&f=$forum_id"; $message = sprintf($lang['Click_return_modcp'], '', ''); } - $message = $message . '

' . sprintf($lang['Click_return_forum'], '', ''); + $message = $message . '

' . sprintf($lang['Click_return_forum'], '', ''); $template->assign_vars(array( 'META' => '') ); - message_die(GENERAL_MESSAGE, $lang['Topics_Unlocked'] . '

' . $message); + message_die(MESSAGE, $lang['Topics_Unlocked'] . '

' . $message); break; @@ -563,42 +556,36 @@ switch( $mode ) $page_title = $lang['Mod_CP']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); - if ( isset($HTTP_POST_VARS['split_type_all']) || isset($HTTP_POST_VARS['split_type_beyond']) ) + if ( isset($_POST['split_type_all']) || isset($_POST['split_type_beyond']) ) { - $posts = $HTTP_POST_VARS['post_id_list']; + $posts = $_POST['post_id_list']; $sql = "SELECT poster_id, topic_id, post_time FROM " . POSTS_TABLE . " WHERE post_id = " . $posts[0]; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not get post information', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); $post_rowset = $db->sql_fetchrow($result); $first_poster = str_replace("\'", "''", $post_rowset['poster_id']); $topic_id = $post_rowset['topic_id']; $post_time = $post_rowset['post_time']; - $post_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject'])); + $post_subject = trim(htmlspecialchars($_POST['subject'])); if ( empty($post_subject) ) { - message_die(GENERAL_MESSAGE, $lang['Empty_subject']); + message_die(MESSAGE, $lang['Empty_subject']); } - $new_forum_id = intval($HTTP_POST_VARS['new_forum_id']); + $new_forum_id = intval($_POST['new_forum_id']); $topic_time = time(); $sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type) VALUES ('" . str_replace("\'", "''", $post_subject) . "', $first_poster, " . $topic_time . ", $new_forum_id, " . TOPIC_UNLOCKED . ", " . POST_NORMAL . ")"; - if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) ) - { - message_die(GENERAL_ERROR, 'Could not insert new topic', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); $new_topic_id = $db->sql_nextid(); - if( !empty($HTTP_POST_VARS['split_type_all']) ) + if( !empty($_POST['split_type_all']) ) { $post_id_sql = ''; for($i = 0; $i < count($posts); $i++) @@ -610,7 +597,7 @@ switch( $mode ) SET topic_id = $new_topic_id, forum_id = $new_forum_id WHERE post_id IN ($post_id_sql)"; } - else if( !empty($HTTP_POST_VARS['split_type_beyond']) ) + else if( !empty($_POST['split_type_beyond']) ) { $sql = "UPDATE " . POSTS_TABLE . " SET topic_id = $new_topic_id, forum_id = $new_forum_id @@ -618,10 +605,7 @@ switch( $mode ) AND topic_id = $topic_id"; } - if( !$db->sql_query($sql, END_TRANSACTION) ) - { - message_die(GENERAL_ERROR, 'Could not update posts table', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); sync('topic', $new_topic_id); sync('topic', $topic_id); @@ -629,11 +613,11 @@ switch( $mode ) sync('forum', $forum_id); $template->assign_vars(array( - 'META' => '') + 'META' => '') ); - $message = $lang['Topic_split'] . '

' . sprintf($lang['Click_return_topic'], '', ''); - message_die(GENERAL_MESSAGE, $message); + $message = $lang['Topic_split'] . '

' . sprintf($lang['Click_return_topic'], '', ''); + message_die(MESSAGE, $message); } else { @@ -650,12 +634,9 @@ switch( $mode ) AND p.poster_id = u.user_id AND p.post_id = pt.post_id ORDER BY p.post_time ASC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not get topic/post information', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); - $s_hidden_fields = ''; + $s_hidden_fields = ''; if( ( $total_posts = $db->sql_numrows($result) ) > 0 ) { @@ -680,9 +661,9 @@ switch( $mode ) 'FORUM_NAME' => $forum_name, - 'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"), + 'U_VIEW_FORUM' => "viewforum.$phpEx$SID&f=$forum_id", - 'S_SPLIT_ACTION' => append_sid("modcp.$phpEx"), + 'S_SPLIT_ACTION' => "modcp.$phpEx$SID", 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_FORUM_SELECT' => make_forum_select("new_forum_id")) ); @@ -693,7 +674,7 @@ switch( $mode ) $poster_id = $postrow[$i]['user_id']; $poster = $postrow[$i]['username']; - $post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']); + $post_date = $user->format_date($postrow[$i]['post_time']); $bbcode_uid = $postrow[$i]['bbcode_uid']; $message = $postrow[$i]['post_text']; @@ -738,14 +719,9 @@ switch( $mode ) $message = str_replace("\n", '
', $message); - $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; - $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; - $checkbox = ( $i > 0 ) ? '' : ' '; $template->assign_block_vars('postrow', array( - 'ROW_COLOR' => '#' . $row_color, - 'ROW_CLASS' => $row_class, 'POSTER_NAME' => $poster, 'POST_DATE' => $post_date, 'POST_SUBJECT' => $post_subject, @@ -765,11 +741,11 @@ switch( $mode ) $page_title = $lang['Mod_CP']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); - $rdns_ip_num = ( isset($HTTP_GET_VARS['rdns']) ) ? $HTTP_GET_VARS['rdns'] : ""; + $rdns_ip_num = ( isset($_GET['rdns']) ) ? $_GET['rdns'] : ''; if ( !$post_id ) { - message_die(GENERAL_MESSAGE, $lang['No_such_post']); + message_die(MESSAGE, $lang['No_such_post']); } // @@ -783,14 +759,11 @@ switch( $mode ) $sql = "SELECT poster_ip, poster_id FROM " . POSTS_TABLE . " WHERE post_id = $post_id"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not get poster IP information', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); if ( !($post_row = $db->sql_fetchrow($result)) ) { - message_die(GENERAL_MESSAGE, $lang['No_such_post']); + message_die(MESSAGE, $lang['No_such_post']); } $ip_this_post = $post_row['poster_ip']; @@ -810,7 +783,7 @@ switch( $mode ) 'IP' => $ip_this_post, - 'U_LOOKUP_IP' => append_sid("modcp.$phpEx?mode=ip&" . POST_POST_URL . "=$post_id&" . POST_TOPIC_URL . "=$topic_id&rdns=" . $ip_this_post)) + 'U_LOOKUP_IP' => "modcp.$phpEx$SID&mode=ip&p=$post_id&t=$topic_id&rdns=" . $ip_this_post) ); // @@ -821,10 +794,7 @@ switch( $mode ) WHERE poster_id = $poster_id GROUP BY poster_ip ORDER BY postings DESC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not get IP information for this user', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); if ( $row = $db->sql_fetchrow($result) ) { @@ -842,16 +812,11 @@ switch( $mode ) $ip = $row['poster_ip']; $ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? gethostbyaddr($ip) : $ip; - $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; - $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; - $template->assign_block_vars('iprow', array( - 'ROW_COLOR' => '#' . $row_color, - 'ROW_CLASS' => $row_class, 'IP' => $ip, 'POSTS' => $row['postings'] . ' ' . ( ( $row['postings'] == 1 ) ? $lang['Post'] : $lang['Posts'] ), - 'U_LOOKUP_IP' => append_sid("modcp.$phpEx?mode=ip&" . POST_POST_URL . "=$post_id&" . POST_TOPIC_URL . "=$topic_id&rdns=" . $row['poster_ip'])) + 'U_LOOKUP_IP' => "modcp.$phpEx$SID&mode=ip&p=$post_id&t=$topic_id&rdns=" . $row['poster_ip']) ); $i++; @@ -868,10 +833,7 @@ switch( $mode ) AND p.poster_ip = '" . $post_row['poster_ip'] . "' GROUP BY u.user_id, u.username ORDER BY postings DESC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not get posters information based on IP', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); if ( $row = $db->sql_fetchrow($result) ) { @@ -879,20 +841,15 @@ switch( $mode ) do { $id = $row['user_id']; - $username = ( $id == ANONYMOUS ) ? $lang['Guest'] : $row['username']; - - $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; - $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; + $username = ( !$id ) ? $lang['Guest'] : $row['username']; $template->assign_block_vars('userrow', array( - 'ROW_COLOR' => '#' . $row_color, - 'ROW_CLASS' => $row_class, 'USERNAME' => $username, 'POSTS' => $row['postings'] . ' ' . ( ( $row['postings'] == 1 ) ? $lang['Post'] : $lang['Posts'] ), 'L_SEARCH_POSTS' => sprintf($lang['Search_user_posts'], $username), - 'U_PROFILE' => append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$id"), - 'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&showresults=topics")) + 'U_PROFILE' => "profile.$phpEx$SID&mode=viewprofile&u=$id", + 'U_SEARCHPOSTS' => "search.$phpEx$SID&search_author=" . urlencode($username) . "&showresults=topics") ); $i++; @@ -1012,7 +969,7 @@ switch( $mode ) $u_view_topic = "modcp.$phpEx$SID&mode=split&t=$topic_id"; $topic_replies = $row['topic_replies']; - $last_post_time = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']); + $last_post_time = $user->format_date($row['post_time']); $template->assign_block_vars('topicrow', array( 'U_VIEW_TOPIC' => $u_view_topic, diff --git a/phpBB/posting.php b/phpBB/posting.php index 61c8e3aa73..9989d57cb9 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -26,12 +26,15 @@ include($phpbb_root_path . 'common.'.$phpEx); include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); include($phpbb_root_path . 'includes/bbcode.'.$phpEx); +extract($_GET); +extract($_POST); // Check and impose var types? $vars = array( 'intval' => array( 'forum_id' => 'f', - 'post_id' => 'p' + 'post_id' => 'p', + 'topic_id' => 't', ) ); @@ -43,12 +46,6 @@ foreach ( $vars as $vartype => $varcheck) } } - - - -extract($_GET); -extract($_POST); - $refresh = $preview || $poll_add || $poll_edit || $poll_delete; // ------------------------------------------------ @@ -57,11 +54,10 @@ $refresh = $preview || $poll_add || $poll_edit || $poll_delete; // Start session management $userdata = $session->start(); -$auth->acl($userdata, $f); -$session->configure($userdata); -// +$auth->acl($userdata, $f, array('f_post', 'f_edit', 'f_delete', 'f_attach', 'f_poll', 'f_img', 'f_flash', 'f_bbcode', 'f_html', 'f_smilies', 'f_vote', 'f_sticky', 'f_announce')); +$user = new user($userdata); // End session management -// + // Was cancel pressed? If so then redirect to the appropriate // page, no point in continuing with any further checks @@ -332,7 +328,7 @@ if ( $row = $db->sql_fetchrow($result) ) $topic_type_toggle = ''; if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) { - if ( $auth->get_acl($f, 'forum', 'sticky') ) + if ( $auth->acl_get('f_sticky', $forum_id) ) { $topic_type_toggle .= 'get_acl($f, 'forum', 'announce') ) + if ( $auth->acl_get('f_announce', $forum_id) ) { $topic_type_toggle .= 'get_acl($f, 'forum', 'html') ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF']; -$bbcode_status = ( $board_config['allow_bbcode'] && $auth->get_acl($f, 'forum', 'bbcode') ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF']; -$smilies_status = ( $board_config['allow_smilies'] && $auth->get_acl($f, 'forum', 'smilies') ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF']; -$img_status = ( $board_config['allow_img'] && $auth->get_acl($f, 'forum', 'img') ) ? $lang['Images_are_ON'] : $lang['Images_are_OFF']; -$flash_status = ( $board_config['allow_flash'] && $auth->get_acl($f, 'forum', 'flash') ) ? $lang['Flash_is_ON'] : $lang['Flash_is_OFF']; +$html_status = ( $board_config['allow_html'] && $auth->acl_get('f_html', $f) ) ? true : false; +$bbcode_status = ( $board_config['allow_bbcode'] && $auth->acl_get('f_bbcode', $f) ) ? true : false; +$smilies_status = ( $board_config['allow_smilies'] && $auth->acl_get('f_smilies', $f) ) ? true : false; +$img_status = ( $board_config['allow_img'] && $auth->acl_get('f_img', $f) ) ? true : false; +$flash_status = ( $board_config['allow_flash'] && $auth->acl_get('f_flash', $f) ) ? true : false; // Page title/hidden fields $s_hidden_fields = ''; @@ -393,11 +389,11 @@ $template->assign_vars(array( 'USERNAME' => $username, 'SUBJECT' => $subject, 'MESSAGE' => $message, - 'HTML_STATUS' => $html_status, - 'BBCODE_STATUS' => sprintf($bbcode_status, '', ''), - 'SMILIES_STATUS' => $smilies_status, - 'IMG_STATUS' => $img_status, - 'FLASH_STATUS' => $flash_status, + 'HTML_STATUS' => ( $html_status ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'], + 'BBCODE_STATUS' => ( $bbcode_status ) ? sprintf($lang['BBCode_is_ON'], '', '') : sprintf($lang['BBCode_is_OFF'], '', ''), + 'SMILIES_STATUS' => ( $smilies_status ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'], + 'IMG_STATUS' => ( $img_status ) ? $lang['Images_are_ON'] : $lang['Images_are_OFF'], + 'FLASH_STATUS' => ( $flash_status ) ? $lang['Flash_is_ON'] : $lang['Flash_is_OFF'], 'L_POST_A' => $page_title, 'L_POST_SUBJECT' => $lang['Post_subject'], @@ -457,13 +453,13 @@ $template->assign_vars(array( 'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '', 'S_DISPLAY_USERNAME' => ( !$userdata['user_id'] || ( $mode == 'editpost' && $post_info['post_username'] ) ) ? true : false, - 'S_SAVE_ALLOWED' => ( $auth->get_acl($f, 'forum', 'save') ) ? true : false, - 'S_HTML_ALLOWED' => ( $board_config['allow_html'] && $auth->get_acl($f, 'forum', 'html') ) ? true : false, - 'S_BBCODE_ALLOWED' => ( $board_config['allow_bbcode'] && $auth->get_acl($f, 'forum', 'bbcode') ) ? true : false, - 'S_SMILIES_ALLOWED' => ( $board_config['allow_smilies'] && $auth->get_acl($f, 'forum', 'smilies') ) ? true : false, - 'S_SIG_ALLOWED' => ( $auth->get_acl($f, 'forum', 'sigs') ) ? true : false, + 'S_SAVE_ALLOWED' => ( $auth->acl_get('f_save', $f) ) ? true : false, + 'S_HTML_ALLOWED' => $html_status, + 'S_BBCODE_ALLOWED' => $bbcode_status, + 'S_SMILIES_ALLOWED' => $smilies_status, + 'S_SIG_ALLOWED' => ( $auth->acl_get('f_sigs', $f) ) ? true : false, 'S_NOTIFY_ALLOWED' => ( $userdata['user_id'] ) ? true : false, - 'S_DELETE_ALLOWED' => ( $mode == 'editpost' && ( ( $auth->get_acl($f, 'forum', 'delete') && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $auth->get_acl($f, 'mod') ) ) ? true : false, + 'S_DELETE_ALLOWED' => ( $mode == 'editpost' && ( ( $auth->acl_get('f_delete', $f) && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $auth->acl_is_mod($f) ) ) ? true : false, 'S_TYPE_TOGGLE' => $topic_type_toggle, 'S_TOPIC_ID' => $t, @@ -474,7 +470,7 @@ $template->assign_vars(array( // // Poll entry // -if ( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) && $auth->get_acl($f, 'forum', 'poll') ) +if ( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) && $auth->acl_get('f_poll', $f) ) { $template->assign_vars(array( 'S_SHOW_POLL_BOX' => true, @@ -509,10 +505,8 @@ if ( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] } } -// // Attachment entry -// -if ( $auth->get_acl($f, 'forum', 'attach') ) +if ( $auth->acl_get('f_attach', $f) ) { $template->assign_vars(array( 'S_SHOW_ATTACH_BOX' => true, @@ -525,21 +519,16 @@ if ( $auth->get_acl($f, 'forum', 'attach') ) ); } -// // Output page ... -// include($phpbb_root_path . 'includes/page_header.'.$phpEx); - $template->set_filenames(array( 'body' => 'posting_body.html', 'reviewbody' => 'posting_topic_review.html') ); make_jumpbox('viewforum.'.$phpEx); -// // Topic review -// if ( $mode == 'reply' ) { require($phpbb_root_path . 'includes/topic_review.'.$phpEx); diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php index 8beee81fae..f28ec3095f 100644 --- a/phpBB/privmsg.php +++ b/phpBB/privmsg.php @@ -25,14 +25,14 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); include($phpbb_root_path . 'includes/bbcode.'.$phpEx); -include($phpbb_root_path . 'includes/functions_post.'.$phpEx); +include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); // // Is PM disabled? // if ( !empty($board_config['privmsg_disable']) ) { - message_die(GENERAL_MESSAGE, 'PM_disabled'); + message_die(MESSAGE, 'PM_disabled'); } $html_entities_match = array('#&#', '#<#', '#>#'); @@ -41,22 +41,22 @@ $html_entities_replace = array('&', '<', '>'); // // Parameters // -$submit = ( isset($HTTP_POST_VARS['post']) ) ? TRUE : 0; -$submit_search = ( isset($HTTP_POST_VARS['usersubmit']) ) ? TRUE : 0; -$submit_msgdays = ( isset($HTTP_POST_VARS['submit_msgdays']) ) ? TRUE : 0; -$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0; -$preview = ( isset($HTTP_POST_VARS['preview']) ) ? TRUE : 0; -$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0; -$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0; -$delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0; +$submit = ( isset($_POST['post']) ) ? TRUE : 0; +$submit_search = ( isset($_POST['usersubmit']) ) ? TRUE : 0; +$submit_msgdays = ( isset($_POST['submit_msgdays']) ) ? TRUE : 0; +$cancel = ( isset($_POST['cancel']) ) ? TRUE : 0; +$preview = ( isset($_POST['preview']) ) ? TRUE : 0; +$confirm = ( isset($_POST['confirm']) ) ? TRUE : 0; +$delete = ( isset($_POST['delete']) ) ? TRUE : 0; +$delete_all = ( isset($_POST['deleteall']) ) ? TRUE : 0; $refresh = $preview || $submit_search; -$mark_list = ( !empty($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : 0; +$mark_list = ( !empty($_POST['mark']) ) ? $_POST['mark'] : 0; -if ( isset($HTTP_POST_VARS['folder']) || isset($HTTP_GET_VARS['folder']) ) +if ( isset($_POST['folder']) || isset($_GET['folder']) ) { - $folder = ( isset($HTTP_POST_VARS['folder']) ) ? $HTTP_POST_VARS['folder'] : $HTTP_GET_VARS['folder']; + $folder = ( isset($_POST['folder']) ) ? $_POST['folder'] : $_GET['folder']; if ( $folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox' ) { @@ -78,32 +78,29 @@ if ( $cancel ) exit; } -// // Start session management -// $userdata = $session->start(); $auth->acl($userdata); -// +$user = new user($userdata); // End session management -// // // Var definitions // -if ( !empty($HTTP_POST_VARS['mode']) || !empty($HTTP_GET_VARS['mode']) ) +if ( !empty($_POST['mode']) || !empty($_GET['mode']) ) { - $mode = ( !empty($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( !empty($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ''; } -$start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ( !empty($_GET['start']) ) ? intval($_GET['start']) : 0; -if ( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) ) +if ( isset($_POST['p']) || isset($_GET['p']) ) { - $privmsg_id = ( isset($HTTP_POST_VARS[POST_POST_URL]) ) ? intval($HTTP_POST_VARS[POST_POST_URL]) : intval($HTTP_GET_VARS[POST_POST_URL]); + $privmsg_id = ( isset($_POST['p']) ) ? intval($_POST['p']) : intval($_GET['p']); } else { @@ -141,7 +138,7 @@ if ( $mode == 'newpm' ) 'body' => 'privmsgs_popup.tpl') ); - if ( $userdata['session_logged_in'] ) + if ( $userdata['user_id'] ) { if ( $userdata['user_new_privmsg'] ) { @@ -171,16 +168,16 @@ if ( $mode == 'newpm' ) } else if ( $mode == 'read' ) { - if ( !empty($HTTP_GET_VARS[POST_POST_URL]) ) + if ( !empty($_GET['p']) ) { - $privmsgs_id = intval($HTTP_GET_VARS[POST_POST_URL]); + $privmsgs_id = intval($_GET['p']); } else { - message_die(GENERAL_ERROR, $lang['No_post_id']); + message_die(MESSAGE, $lang['No_post_id']); } - if ( !$userdata['session_logged_in'] ) + if ( !$userdata['user_id'] ) { $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode&" . POST_POST_URL . "=$privmsgs_id", true)); @@ -219,7 +216,7 @@ else if ( $mode == 'read' ) )"; break; default: - message_die(GENERAL_ERROR, $lang['No_such_folder']); + message_die(MESSAGE, $lang['No_such_folder']); break; } @@ -233,10 +230,7 @@ else if ( $mode == 'read' ) $pm_sql_user AND u.user_id = pm.privmsgs_from_userid AND u2.user_id = pm.privmsgs_to_userid"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not query private message post information', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); // // Did the query return any data? @@ -258,18 +252,12 @@ else if ( $mode == 'read' ) $sql = "UPDATE " . PRIVMSGS_TABLE . " SET privmsgs_type = " . PRIVMSGS_READ_MAIL . " WHERE privmsgs_id = " . $privmsg['privmsgs_id']; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not update private message read status', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); $sql = "UPDATE " . USERS_TABLE . " SET user_unread_privmsg = user_unread_privmsg - 1 WHERE user_id = " . $userdata['user_id']; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not update private message read status for user', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); // // Check to see if the poster has a 'full' sent box @@ -278,10 +266,7 @@ else if ( $mode == 'read' ) FROM " . PRIVMSGS_TABLE . " WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . " AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid']; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; @@ -293,10 +278,7 @@ else if ( $mode == 'read' ) WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . " AND privmsgs_date = " . $sent_info['oldest_post_time'] . " AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid']; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); } } @@ -307,19 +289,13 @@ else if ( $mode == 'read' ) // $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig) VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_subject'])) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', " . $privmsg['privmsgs_enable_html'] . ", " . $privmsg['privmsgs_enable_bbcode'] . ", " . $privmsg['privmsgs_enable_smilies'] . ", " . $privmsg['privmsgs_attach_sig'] . ")"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); $privmsg_sent_id = $db->sql_nextid(); $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text) VALUES ($privmsg_sent_id, '" . $privmsg['privmsgs_bbcode_uid'] . "', '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_text'])) . "')"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); } // @@ -462,19 +438,19 @@ else if ( $mode == 'read' ) $username_to = $privmsg['username_2']; $user_id_to = $privmsg['user_id_2']; - $post_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']); + $post_date = $user->format_date($privmsg['privmsgs_date']); - $temp_url = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . '=' . $user_id_from); + $temp_url = append_sid("profile.$phpEx?mode=viewprofile&u=$user_id_from"); $profile_img = '' . $lang['Read_profile'] . ''; $profile = '' . $lang['Read_profile'] . ''; - $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$poster_id"); + $temp_url = append_sid("privmsg.$phpEx?mode=post&u=$poster_id"); $pm_img = '' . $lang['Send_private_message'] . ''; $pm = '' . $lang['Send_private_message'] . ''; - if ( !empty($privmsg['user_viewemail']) || $userdata['user_level'] == ADMIN ) + if ( !empty($privmsg['user_viewemail']) || $auth->acl_get('a_') ) { - $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL .'=' . $user_id_from) : 'mailto:' . $privmsg['user_email']; + $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&u$user_id_from") : 'mailto:' . $privmsg['user_email']; $email_img = '' . $lang['Send_email'] . ''; $email = '' . $lang['Send_email'] . ''; @@ -504,7 +480,7 @@ else if ( $mode == 'read' ) $aim_img = ( $privmsg['user_aim'] ) ? '' . $lang['AIM'] . '' : ''; $aim = ( $privmsg['user_aim'] ) ? '' . $lang['AIM'] . '' : ''; - $temp_url = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$poster_id"); + $temp_url = append_sid("profile.$phpEx?mode=viewprofile&u=$poster_id"); $msn_img = ( $privmsg['user_msnm'] ) ? '' . $lang['MSNM'] . '' : ''; $msn = ( $privmsg['user_msnm'] ) ? '' . $lang['MSNM'] . '' : ''; @@ -579,7 +555,7 @@ else if ( $mode == 'read' ) $private_message = smilies_pass($private_message); } - $private_message = str_replace("\n", '
', $private_message); + $private_message = nl2br($private_message); // // Dump it to the templating engine @@ -622,7 +598,7 @@ else if ( $mode == 'read' ) } else if ( ( $delete && $mark_list ) || $delete_all ) { - if ( !$userdata['session_logged_in'] ) + if ( !$userdata['user_id'] ) { $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); @@ -636,7 +612,7 @@ else if ( ( $delete && $mark_list ) || $delete_all ) if ( !$confirm ) { $s_hidden_fields = ''; - $s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '' : ''; + $s_hidden_fields .= ( isset($_POST['delete']) ) ? '' : ''; for($i = 0; $i < count($mark_list); $i++) { @@ -697,10 +673,7 @@ else if ( ( $delete && $mark_list ) || $delete_all ) $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " WHERE $delete_type"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain id list to delete all messages', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); while ( $row = $db->sql_fetchrow($result) ) { @@ -714,11 +687,9 @@ else if ( ( $delete && $mark_list ) || $delete_all ) { $delete_sql_id = implode(', ', $mark_list); - // // Need to decrement the new message counter of recipient // problem is this doesn't affect the unread counter even // though it may be the one that needs changing ... hhmmm - // if ( $folder == 'outbox' ) { $sql = "SELECT privmsgs_to_userid @@ -726,10 +697,7 @@ else if ( ( $delete && $mark_list ) || $delete_all ) WHERE privmsgs_id IN ($delete_sql_id) AND privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_NEW_MAIL; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); $update_pm_sql = ''; while( $row = $db->sql_fetchrow($result) ) @@ -742,10 +710,7 @@ else if ( ( $delete && $mark_list ) || $delete_all ) $sql = "UPDATE " . USERS_TABLE . " SET user_new_privmsg = user_new_privmsg - 1 WHERE user_id IN ($update_pm_sql)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not update users new msg counters', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); } $sql = "SELECT privmsgs_to_userid @@ -753,10 +718,7 @@ else if ( ( $delete && $mark_list ) || $delete_all ) WHERE privmsgs_id IN ($delete_sql_id) AND privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_UNREAD_MAIL; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); $update_pm_sql = ''; while( $row = $db->sql_fetchrow($result) ) @@ -769,10 +731,7 @@ else if ( ( $delete && $mark_list ) || $delete_all ) $sql = "UPDATE " . USERS_TABLE . " SET user_unread_privmsg = user_unread_privmsg - 1 WHERE user_id IN ($update_pm_sql)"; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not update users new msg counters', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); } } @@ -806,21 +765,14 @@ else if ( ( $delete && $mark_list ) || $delete_all ) break; } - if ( !$db->sql_query($delete_sql, BEGIN_TRANSACTION) ) - { - message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql); - } - - if ( !$db->sql_query($delete_text_sql, END_TRANSACTION) ) - { - message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql); - } + $db->sql_query($delete_sql); + $db->sql_query($delete_text_sql); } } } else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' ) { - if ( !$userdata['session_logged_in'] ) + if ( !$userdata['user_id'] ) { $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); @@ -835,10 +787,7 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' ) AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) OR ( privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; @@ -852,10 +801,7 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' ) OR ( privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") ) AND privmsgs_date = " . $saved_info['oldest_post_time']; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); } } @@ -898,19 +844,16 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' ) $saved_sql .= " AND privmsgs_id IN ($saved_sql_id)"; - if ( !$db->sql_query($saved_sql) ) - { - message_die(GENERAL_ERROR, 'Could not save private messages', '', __LINE__, __FILE__, $saved_sql); - } + $db->sql_query($saved_sql); } } else if ( $submit || $refresh || $mode != '' ) { - if ( !$userdata['session_logged_in'] ) + if ( !$userdata['user_id'] ) { - $user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? '&' . POST_USERS_URL . '=' . intval($HTTP_GET_VARS[POST_USERS_URL]) : ''; + $user_id = ( isset($_GET['u']) ) ? '&u=' . intval($_GET['u']) : ''; $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true)); } @@ -924,7 +867,7 @@ else if ( $submit || $refresh || $mode != '' ) } else { - $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml']; + $html_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml']; } if ( !$board_config['allow_bbcode'] ) @@ -933,7 +876,7 @@ else if ( $submit || $refresh || $mode != '' ) } else { - $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode']; + $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode']; } if ( !$board_config['allow_smilies'] ) @@ -942,42 +885,37 @@ else if ( $submit || $refresh || $mode != '' ) } else { - $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile']; + $smilies_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile']; } - $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig']; + $attach_sig = ( $submit || $refresh ) ? ( ( !empty($_POST['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig']; $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : ""; if ( $submit && $mode != 'edit' ) { - // // Flood control - // $sql = "SELECT MAX(privmsgs_date) AS last_post_time FROM " . PRIVMSGS_TABLE . " WHERE privmsgs_from_userid = " . $userdata['user_id']; - if ( $result = $db->sql_query($sql) ) + $result = $db->sql_query($sql); + + $db_row = $db->sql_fetchrow($result); + + $last_post_time = $db_row['last_post_time']; + $current_time = time(); + + if ( ( $current_time - $last_post_time ) < $board_config['flood_interval']) { - $db_row = $db->sql_fetchrow($result); - - $last_post_time = $db_row['last_post_time']; - $current_time = time(); - - if ( ( $current_time - $last_post_time ) < $board_config['flood_interval']) - { - message_die(GENERAL_MESSAGE, $lang['Flood_Error']); - } + message_die(MESSAGE, $lang['Flood_Error']); } - // // End Flood control - // } if ( $submit ) { - if ( !empty($HTTP_POST_VARS['username']) ) + if ( !empty($_POST['username']) ) { - $to_username = $HTTP_POST_VARS['username']; + $to_username = $_POST['username']; $sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active FROM " . USERS_TABLE . " @@ -997,14 +935,14 @@ else if ( $submit || $refresh || $mode != '' ) $error_msg .= ( ( !empty($error_msg) ) ? '
' : '' ) . $lang['No_to_user']; } - $privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject'])); + $privmsg_subject = trim(strip_tags($_POST['subject'])); if ( empty($privmsg_subject) ) { $error = TRUE; $error_msg .= ( ( !empty($error_msg) ) ? '
' : '' ) . $lang['Empty_subject']; } - if ( !empty($HTTP_POST_VARS['message']) ) + if ( !empty($_POST['message']) ) { if ( !$error ) { @@ -1013,7 +951,7 @@ else if ( $submit || $refresh || $mode != '' ) $bbcode_uid = make_bbcode_uid(); } - $privmsg_message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid); + $privmsg_message = prepare_message($_POST['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid); } } @@ -1032,7 +970,7 @@ else if ( $submit || $refresh || $mode != '' ) if ( !$userdata['user_allow_pm'] ) { $message = $lang['Cannot_send_privmsg']; - message_die(GENERAL_MESSAGE, $message); + message_die(MESSAGE, $message); } $msg_time = time(); @@ -1048,10 +986,7 @@ else if ( $submit || $refresh || $mode != '' ) OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) AND privmsgs_to_userid = " . $to_userdata['user_id']; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_MESSAGE, $lang['No_such_user']); - } + $result = $db->sql_query($sql); $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; @@ -1065,10 +1000,7 @@ else if ( $submit || $refresh || $mode != '' ) OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) AND privmsgs_date = " . $inbox_info['oldest_post_time'] . " AND privmsgs_to_userid = " . $to_userdata['user_id']; - if ( !$db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs', '', __LINE__, __FILE__, $sql); - } + $db->sql_query($sql); } } @@ -1082,10 +1014,7 @@ else if ( $submit || $refresh || $mode != '' ) WHERE privmsgs_id = $privmsg_id"; } - if ( !($result = $db->sql_query($sql_info, BEGIN_TRANSACTION)) ) - { - message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info); - } + $db->sql_query($sql_info); if ( $mode != 'edit' ) { @@ -1101,10 +1030,7 @@ else if ( $submit || $refresh || $mode != '' ) WHERE privmsgs_text_id = $privmsg_id"; } - if ( !$db->sql_query($sql, END_TRANSACTION) ) - { - message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info); - } + $db->sql_query($sql); if ( $mode != 'edit' ) { @@ -1156,7 +1082,7 @@ else if ( $submit || $refresh || $mode != '' ) $msg = $lang['Message_sent'] . '

' . sprintf($lang['Click_return_inbox'], '', ' ') . '

' . sprintf($lang['Click_return_index'], '', ''); - message_die(GENERAL_MESSAGE, $msg); + message_die(GMESSAGE, $msg); } else if ( $preview || $refresh || $error ) { @@ -1166,9 +1092,9 @@ else if ( $submit || $refresh || $mode != '' ) // passed to the script, process it a little, do some checks // where neccessary, etc. // - $to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : ''; - $privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : ''; - $privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : ''; + $to_username = ( isset($_POST['username']) ) ? trim(strip_tags(stripslashes($_POST['username']))) : ''; + $privmsg_subject = ( isset($_POST['subject']) ) ? trim(strip_tags(stripslashes($_POST['subject']))) : ''; + $privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : ''; $privmsg_message = preg_replace('##si', '</textarea>', $privmsg_message); - $msg_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']); + $msg_date = $user->format_date($privmsg['privmsgs_date']); $privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]'; @@ -1332,7 +1249,7 @@ else if ( $submit || $refresh || $mode != '' ) if ( !$userdata['user_allow_pm'] && $mode != 'edit' ) { $message = $lang['Cannot_send_privmsg']; - message_die(GENERAL_MESSAGE, $message); + message_die(MESSAGE, $message); } // @@ -1397,14 +1314,14 @@ else if ( $submit || $refresh || $mode != '' ) } $preview_message = make_clickable($preview_message); - $preview_message = str_replace("\n", '
', $preview_message); + $preview_message = nl2br($preview_message); $s_hidden_fields = ''; $s_hidden_fields .= ''; if ( isset($privmsg_id) ) { - $s_hidden_fields .= ''; + $s_hidden_fields .= ''; } $template->set_filenames(array( @@ -1416,7 +1333,7 @@ else if ( $submit || $refresh || $mode != '' ) 'POST_SUBJECT' => $preview_subject, 'MESSAGE_TO' => $to_username, 'MESSAGE_FROM' => $userdata['username'], - 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']), + 'POST_DATE' => $user->date_format(time()), 'MESSAGE' => $preview_message, 'S_HIDDEN_FIELDS' => $s_hidden_fields, @@ -1581,23 +1498,6 @@ else if ( $submit || $refresh || $mode != '' ) 'L_BBCODE_F_HELP' => $lang['bbcode_f_help'], 'L_EMPTY_MESSAGE' => $lang['Empty_message'], - 'L_FONT_COLOR' => $lang['Font_color'], - 'L_COLOR_DEFAULT' => $lang['color_default'], - 'L_COLOR_DARK_RED' => $lang['color_dark_red'], - 'L_COLOR_RED' => $lang['color_red'], - 'L_COLOR_ORANGE' => $lang['color_orange'], - 'L_COLOR_BROWN' => $lang['color_brown'], - 'L_COLOR_YELLOW' => $lang['color_yellow'], - 'L_COLOR_GREEN' => $lang['color_green'], - 'L_COLOR_OLIVE' => $lang['color_olive'], - 'L_COLOR_CYAN' => $lang['color_cyan'], - 'L_COLOR_BLUE' => $lang['color_blue'], - 'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'], - 'L_COLOR_INDIGO' => $lang['color_indigo'], - 'L_COLOR_VIOLET' => $lang['color_violet'], - 'L_COLOR_WHITE' => $lang['color_white'], - 'L_COLOR_BLACK' => $lang['color_black'], - 'L_FONT_SIZE' => $lang['Font_size'], 'L_FONT_TINY' => $lang['font_tiny'], 'L_FONT_SMALL' => $lang['font_small'], @@ -1620,7 +1520,7 @@ else if ( $submit || $refresh || $mode != '' ) 'U_VIEW_FORUM' => append_sid("privmsg.$phpEx")) ); - $template->pparse('body'); + $template->display('body'); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } @@ -1628,47 +1528,33 @@ else if ( $submit || $refresh || $mode != '' ) // // Default page // -if ( !$userdata['session_logged_in'] ) +if ( !$userdata['user_id'] ) { $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); } -// // Update unread status -// $sql = "UPDATE " . USERS_TABLE . " SET user_unread_privmsg = user_unread_privmsg + user_new_privmsg, user_new_privmsg = 0, user_last_privmsg = " . $userdata['session_start'] . " WHERE user_id = " . $userdata['user_id']; -if ( !$db->sql_query($sql) ) -{ - message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql); -} +$db->sql_query($sql); $sql = "UPDATE " . PRIVMSGS_TABLE . " SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . " AND privmsgs_to_userid = " . $userdata['user_id']; -if ( !$db->sql_query($sql) ) -{ - message_die(GENERAL_ERROR, 'Could not update private message new/read status (2) for user', '', __LINE__, __FILE__, $sql); -} +$db->sql_query($sql); -// // Reset PM counters -// $userdata['user_new_privmsg'] = 0; $userdata['user_unread_privmsg'] = ( $userdata['user_new_privmsg'] + $userdata['user_unread_privmsg'] ); -// // Generate page -// $page_title = $lang['Private_Messaging']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); -// // Load templates -// $template->set_filenames(array( 'body' => 'privmsgs_body.tpl') ); @@ -1736,22 +1622,22 @@ switch( $folder ) break; default: - message_die(GENERAL_MESSAGE, $lang['No_such_folder']); + message_die(MESSAGE, $lang['No_such_folder']); break; } // // Show messages over previous x days/months // -if ( $submit_msgdays && ( !empty($HTTP_POST_VARS['msgdays']) || !empty($HTTP_GET_VARS['msgdays']) ) ) +if ( $submit_msgdays && ( !empty($_POST['msgdays']) || !empty($_GET['msgdays']) ) ) { - $msg_days = ( !empty($HTTP_POST_VARS['msgdays']) ) ? intval($HTTP_POST_VARS['msgdays']) : intval($HTTP_GET_VARS['msgdays']); + $msg_days = ( !empty($_POST['msgdays']) ) ? intval($_POST['msgdays']) : intval($_GET['msgdays']); $min_msg_time = time() - ($msg_days * 86400); $limit_msg_time_total = " AND privmsgs_date > $min_msg_time"; $limit_msg_time = " AND pm.privmsgs_date > $min_msg_time "; - if ( !empty($HTTP_POST_VARS['msgdays']) ) + if ( !empty($_POST['msgdays']) ) { $start = 0; } @@ -1769,18 +1655,10 @@ $sql_tot .= $limit_msg_time_total; // // Get messages // -if ( !($result = $db->sql_query($sql_tot)) ) -{ - message_die(GENERAL_ERROR, 'Could not query private message information', '', __LINE__, __FILE__, $sql_tot); -} - +$result = $db->sql_query($sql_tot); $pm_total = ( $row = $db->sql_fetchrow($result) ) ? $row['total'] : 0; -if ( !($result = $db->sql_query($sql_all_tot)) ) -{ - message_die(GENERAL_ERROR, 'Could not query private message information', '', __LINE__, __FILE__, $sql_tot); -} - +$result = $db->sql_query($sql_all_tot); $pm_all_total = ( $row = $db->sql_fetchrow($result) ) ? $row['total'] : 0; // @@ -1802,8 +1680,8 @@ for($i = 0; $i < count($previous_days); $i++) if ( $folder == 'inbox' ) { $post_pm_img = '' . $lang['Post_new_pm'] . ''; - $reply_pm_img = '' . $lang['Post_reply_pm'] . ''; - $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; + $reply_pm_img = '' . $lang['Post_reply_pm'] . ''; + $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; $edit_pm_img = ''; $l_box_name = $lang['Inbox']; @@ -1813,15 +1691,15 @@ else if ( $folder == 'outbox' ) $post_pm_img = '' . $lang['Post_new_pm'] . ''; $reply_pm_img = ''; $quote_pm_img = ''; - $edit_pm_img = '' . $lang['Edit_pm'] . ''; + $edit_pm_img = '' . $lang['Edit_pm'] . ''; $l_box_name = $lang['Outbox']; } else if ( $folder == 'savebox' ) { $post_pm_img = '' . $lang['Post_new_pm'] . ''; - $reply_pm_img = '' . $lang['Post_reply_pm'] . ''; - $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; + $reply_pm_img = '' . $lang['Post_reply_pm'] . ''; + $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; $edit_pm_img = ''; $l_box_name = $lang['Savedbox']; @@ -1830,7 +1708,7 @@ else if ( $folder == 'sentbox' ) { $post_pm_img = '' . $lang['Post_new_pm'] . ''; $reply_pm_img = ''; - $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; + $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; $edit_pm_img = ''; $l_box_name = $lang['Sentbox']; @@ -1930,13 +1808,8 @@ $template->assign_vars(array( 'U_POST_NEW_TOPIC' => $post_new_topic_url) ); -// // Okay, let's build the correct folder -// -if ( !($result = $db->sql_query($sql)) ) -{ - message_die(GENERAL_ERROR, 'Could not query private messages', '', __LINE__, __FILE__, $sql); -} +$result = $db->sql_query($sql); if ( $row = $db->sql_fetchrow($result) ) { @@ -1952,7 +1825,7 @@ if ( $row = $db->sql_fetchrow($result) ) $msg_userid = $row['user_id']; $msg_username = $row['username']; - $u_from_user_profile = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$msg_userid"); + $u_from_user_profile = append_sid("profile.$phpEx?mode=viewprofile&u=$msg_userid"); $msg_subject = $row['privmsgs_subject']; @@ -1961,9 +1834,9 @@ if ( $row = $db->sql_fetchrow($result) ) $msg_subject = preg_replace($orig_word, $replacement_word, $msg_subject); } - $u_subject = append_sid("privmsg.$phpEx?folder=$folder&mode=read&" . POST_POST_URL . "=$privmsg_id"); + $u_subject = append_sid("privmsg.$phpEx?folder=$folder&mode=read&p=$privmsg_id"); - $msg_date = create_date($board_config['default_dateformat'], $row['privmsgs_date'], $board_config['board_timezone']); + $msg_date = $user_format_date($row['privmsgs_date']); if ( $flag == PRIVMSGS_NEW_MAIL && $folder == 'inbox' ) { diff --git a/phpBB/profile.php b/phpBB/profile.php index 7a17ac4d91..6c195ad358 100644 --- a/phpBB/profile.php +++ b/phpBB/profile.php @@ -25,23 +25,13 @@ $phpbb_root_path = './'; include($phpbb_root_path . 'extension.inc'); include($phpbb_root_path . 'common.'.$phpEx); -// // Start session management -// $userdata = $session->start(); $auth->acl($userdata); -// +$user = new user($userdata); // End session management -// -// -// Configure style, language, etc. -// -$session->configure($userdata); - -// // Set default email variables -// $script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path'])); $script_name = ( $script_name != '' ) ? $script_name . '/profile.'.$phpEx : 'profile.'.$phpEx; $server_name = trim($board_config['server_name']); @@ -75,9 +65,9 @@ function gen_rand_string($hash) // // Start of program proper // -if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) +if ( isset($_GET['mode']) || isset($_POST['mode']) ) { - $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; + $mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; if ( $mode == 'viewprofile' ) { @@ -86,13 +76,13 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) } else if ( $mode == 'editprofile' || $mode == 'register' ) { - if ( $userdata['user_id'] == ANONYMOUS && $mode == 'editprofile' ) + if ( !$userdata['user_id'] && $mode == 'editprofile' ) { $header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: "; header($header_location . "login.$phpEx$SID&redirect=profile.$phpEx&mode=editprofile"); exit; } - else if ( $userdata['user_id'] != ANONYMOUS && $mode == 'register' ) + else if ( $userdata['user_id'] && $mode == 'register' ) { $header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: "; header($header_location . "index.$phpEx$SID"); diff --git a/phpBB/search.php b/phpBB/search.php index 61e1ebef75..4c8dd0bc06 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -26,95 +26,88 @@ include($phpbb_root_path . 'common.'.$phpEx); include($phpbb_root_path . 'includes/bbcode.'.$phpEx); include($phpbb_root_path . 'includes/functions_posting.'.$phpEx); -// // Start session management -// $userdata = $session->start(); $auth->acl($userdata); -// +$user = new user($userdata); // End session management -// -$session->configure($userdata); - -// // Define initial vars -// -if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +if ( isset($_POST['mode']) || isset($_GET['mode']) ) { - $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; + $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ''; } -if ( isset($HTTP_POST_VARS['search_keywords']) || isset($HTTP_GET_VARS['search_keywords']) ) +if ( isset($_POST['search_keywords']) || isset($_GET['search_keywords']) ) { - $search_keywords = ( isset($HTTP_POST_VARS['search_keywords']) ) ? $HTTP_POST_VARS['search_keywords'] : $HTTP_GET_VARS['search_keywords']; + $search_keywords = ( isset($_POST['search_keywords']) ) ? $_POST['search_keywords'] : $_GET['search_keywords']; } else { $search_keywords = ''; } -if ( isset($HTTP_POST_VARS['search_author']) || isset($HTTP_GET_VARS['search_author'])) +if ( isset($_POST['search_author']) || isset($_GET['search_author'])) { - $search_author = ( isset($HTTP_POST_VARS['search_author']) ) ? $HTTP_POST_VARS['search_author'] : $HTTP_GET_VARS['search_author']; + $search_author = ( isset($_POST['search_author']) ) ? $_POST['search_author'] : $_GET['search_author']; } else { $search_author = ''; } -$search_id = ( isset($HTTP_GET_VARS['search_id']) ) ? $HTTP_GET_VARS['search_id'] : ''; +$search_id = ( isset($_GET['search_id']) ) ? $_GET['search_id'] : ''; -$show_results = ( isset($HTTP_POST_VARS['show_results']) ) ? $HTTP_POST_VARS['show_results'] : 'posts'; +$show_results = ( isset($_POST['show_results']) ) ? $_POST['show_results'] : 'posts'; -if ( isset($HTTP_POST_VARS['search_terms']) ) +if ( isset($_POST['search_terms']) ) { - $search_terms = ( $HTTP_POST_VARS['search_terms'] == 'all' ) ? 1 : 0; + $search_terms = ( $_POST['search_terms'] == 'all' ) ? 1 : 0; } else { $search_terms = 0; } -if ( isset($HTTP_POST_VARS['search_fields']) ) +if ( isset($_POST['search_fields']) ) { - $search_fields = ( $HTTP_POST_VARS['search_fields'] == 'all' ) ? 1 : 0; + $search_fields = ( $_POST['search_fields'] == 'all' ) ? 1 : 0; } else { $search_fields = 0; } -$return_chars = ( isset($HTTP_POST_VARS['return_chars']) ) ? intval($HTTP_POST_VARS['return_chars']) : 200; +$return_chars = ( isset($_POST['return_chars']) ) ? intval($_POST['return_chars']) : 200; -$search_cat = ( isset($HTTP_POST_VARS['search_cat']) ) ? intval($HTTP_POST_VARS['search_cat']) : -1; -$search_forum = ( isset($HTTP_POST_VARS['search_forum']) ) ? intval($HTTP_POST_VARS['search_forum']) : -1; +$search_cat = ( isset($_POST['search_cat']) ) ? intval($_POST['search_cat']) : -1; +$search_forum = ( isset($_POST['search_forum']) ) ? intval($_POST['search_forum']) : -1; -$sort_by = ( isset($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : 0; +$sort_by = ( isset($_POST['sort_by']) ) ? intval($_POST['sort_by']) : 0; -if ( isset($HTTP_POST_VARS['sort_dir']) ) +if ( isset($_POST['sort_dir']) ) { - $sort_dir = ( $HTTP_POST_VARS['sort_dir'] == 'DESC' ) ? 'DESC' : 'ASC'; + $sort_dir = ( $_POST['sort_dir'] == 'DESC' ) ? 'DESC' : 'ASC'; } else { $sort_dir = 'DESC'; } -if ( !empty($HTTP_POST_VARS['search_time']) || !empty($HTTP_GET_VARS['search_time'])) +if ( !empty($_POST['search_time']) || !empty($_GET['search_time'])) { - $search_time = time() - ( ( ( !empty($HTTP_POST_VARS['search_time']) ) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']) ) * 86400 ); + $search_time = time() - ( ( ( !empty($_POST['search_time']) ) ? intval($_POST['search_time']) : intval($_GET['search_time']) ) * 86400 ); } else { $search_time = 0; } -$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['Sort_Topic_Title'], $lang['Sort_Author'], $lang['Sort_Forum']); @@ -324,7 +317,7 @@ if ( $search_keywords != '' || $search_author != '' || $search_id ) $auth_sql = ''; if ( $search_forum != -1 ) { - if ( !$auth->get_acl($search_forum, 'forum', 'read') ) + if ( !$auth->acl_get($search_forum, 'forum', 'read') ) { message_die(MESSAGE, $lang['No_searchable_forums']); } @@ -338,7 +331,7 @@ if ( $search_keywords != '' || $search_author != '' || $search_id ) $auth_sql = "f.cat_id = $search_cat"; } /* - $auth_ary = $auth->get_acl(); + $auth_ary = $auth->acl_get(); @reset($auth_ary); $allowed_forum_sql = ''; @@ -1164,7 +1157,7 @@ $result = $db->sql_query($sql); $s_forums = ''; while( $row = $db->sql_fetchrow($result) ) { - if ( $auth->get_acl($row['forum_id'], 'forum', 'read') ) + if ( $auth->acl_get($row['forum_id'], 'forum', 'read') ) { $s_forums .= ''; if ( empty($list_cat[$row['cat_id']]) ) diff --git a/phpBB/templates/subSilver/jumpbox.html b/phpBB/templates/subSilver/jumpbox.html index 2000e92056..e6519ac3c8 100644 --- a/phpBB/templates/subSilver/jumpbox.html +++ b/phpBB/templates/subSilver/jumpbox.html @@ -1,6 +1,6 @@ - - +
+
{L_JUMP_TO}: {S_JUMPBOX_SELECT} 
diff --git a/phpBB/templates/subSilver/overall_footer.html b/phpBB/templates/subSilver/overall_footer.html index 326b38d3af..d9cec7d3ea 100644 --- a/phpBB/templates/subSilver/overall_footer.html +++ b/phpBB/templates/subSilver/overall_footer.html @@ -3,10 +3,10 @@ diff --git a/phpBB/templates/subSilver/overall_header.html b/phpBB/templates/subSilver/overall_header.html index 62220409c2..5ab687b165 100644 --- a/phpBB/templates/subSilver/overall_header.html +++ b/phpBB/templates/subSilver/overall_header.html @@ -31,21 +31,22 @@ - - - -
{L_INDEX}{SITENAME}
{SITE_DESCRIPTION}
  - - - - - - - -
 {L_FAQ}{L_FAQ}   {L_SEARCH}{L_SEARCH}   {L_MEMBERLIST}{L_MEMBERLIST}   {L_USERGROUPS}{L_USERGROUPS}  - -  {L_REGISTER}{L_REGISTER}  - -
 {L_PROFILE}{L_PROFILE}   {PRIVATE_MESSAGE_INFO}{PRIVATE_MESSAGE_INFO}   {L_LOGIN_LOGOUT}{L_LOGIN_LOGOUT} 
+ -
+ + + + +
+ + + + + + + + + +
{SITENAME}
{SITE_DESCRIPTION}
 
 {L_LOGIN_LOGOUT}{L_LOGIN_LOGOUT}   {PRIVATE_MESSAGE_INFO}{PRIVATE_MESSAGE_INFO}  {L_REGISTER}{L_REGISTER} {L_FAQ}{L_FAQ}   {L_SEARCH}{L_SEARCH}   {L_MEMBERLIST}{L_MEMBERLIST}   {L_USERGROUPS}{L_USERGROUPS}   {L_PROFILE}{L_PROFILE} 
+ +
diff --git a/phpBB/templates/subSilver/posting_topic_review.html b/phpBB/templates/subSilver/posting_topic_review.html index 7b8960c0fa..026fc9e904 100644 --- a/phpBB/templates/subSilver/posting_topic_review.html +++ b/phpBB/templates/subSilver/posting_topic_review.html @@ -1,12 +1,13 @@ - + - + -
{L_TOPIC_REVIEW}
- + \ No newline at end of file diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index f32d2b96e2..14b2454996 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -27,65 +27,54 @@ include($phpbb_root_path . 'common.'.$phpEx); // // Start initial var setup // -if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) ) +if ( isset($_GET['f']) || isset($_POST['f']) ) { - $forum_id = ( isset($HTTP_GET_VARS['f']) ) ? intval($HTTP_GET_VARS['f']) : intval($HTTP_POST_VARS['f']); + $forum_id = ( isset($_GET['f']) ) ? intval($_GET['f']) : intval($_POST['f']); } else { $forum_id = ''; } -if ( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) ) +if ( isset($_GET['mark']) || isset($_POST['mark']) ) { - $mark_read = ( isset($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : $HTTP_GET_VARS['mark']; + $mark_read = ( isset($_POST['mark']) ) ? $_POST['mark'] : $_GET['mark']; } else { $mark_read = ''; } -$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; // // End initial var setup // -// // Start session management -// $userdata = $session->start(); -$auth->acl($userdata, $forum_id); -// // End session management -// -// // Check if the user has actually sent a forum ID with his/her request // If not give them a nice error page. -// if (empty($forum_id)) { message_die(MESSAGE, 'Forum_not_exist'); } - if (!$forum_branch = get_forum_branch($forum_id)) { message_die(MESSAGE, 'Forum_not_exist'); } -// // Configure style, language, etc. +$user = new user($userdata, false, $forum_branch['forum_style']); +$auth->acl($userdata, $forum_id, array('m_', 'f_read', 'f_post', 'f_attach', 'f_reply', 'f_edit', 'f_delete')); // -$userdata['user_style'] = ( $forum_data['forum_style'] ) ? $forum_data['forum_style'] : $userdata['user_style']; -$session->configure($userdata); -// // Auth check -// -if (!$auth->get_acl($forum_id, 'forum', 'read')) +if (!$auth->acl_get('f_read', $forum_id)) { - if ( $userdata['user_id'] ) + if ( !$userdata['user_id'] ) { $redirect = "f=$forum_id" . ( ( isset($start) ) ? "&start=$start" : '' ); $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; @@ -93,15 +82,12 @@ if (!$auth->get_acl($forum_id, 'forum', 'read')) exit; } - // // The user is not authed to read this forum ... - // message_die(MESSAGE, $lang['Sorry_auth_read']); } -// // End of auth check -// +// Build subforum if applicable $type = 'parent'; $forum_rows = array(); @@ -155,7 +141,7 @@ foreach ($forum_branch as $row) } elseif ($row['forum_status'] != ITEM_CATEGORY) { - if ($auth->get_acl($row['forum_id'], 'forum', 'list')) + if ($auth->acl_get('f_list', $row['forum_id'])) { $subforums[$parent_id][] = $row; } @@ -166,8 +152,8 @@ foreach ($forum_branch as $row) // // Topic read tracking cookie info // -$mark_topics = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t'])) : array(); -$mark_forums = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f'])) : array(); +$mark_topics = ( isset($_COOKIE[$board_config['cookie_name'] . '_t']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_t'])) : array(); +$mark_forums = ( isset($_COOKIE[$board_config['cookie_name'] . '_f']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_f'])) : array(); // // Handle marking posts @@ -195,7 +181,7 @@ if ( $mark_read == 'topics' ) // // Do the forum Prune // -if ( $auth->get_acl($forum_id, 'mod', 'prune') && $board_config['prune_enable'] ) +if ( $auth->acl_get('m_prune', $forum_id) && $board_config['prune_enable'] ) { if ( $forum_data['prune_next'] < time() && $forum_data['prune_enable'] ) { @@ -231,11 +217,11 @@ $previous_days = array(0 => $lang['All_Topics'], 1 => $lang['1_Day'], 7 => $lang $sort_by_text = array('a' => $lang['Author'], 't' => $lang['Post_time'], 'r' => $lang['Replies'], 's' => $lang['Subject'], 'v' => $lang['Views']); $sort_by = array('a' => 'u.username', 't' => 't.topic_last_post_id', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views'); -if ( isset($HTTP_POST_VARS['sort']) ) +if ( isset($_POST['sort']) ) { - if ( !empty($HTTP_POST_VARS['sort_days']) ) + if ( !empty($_POST['sort_days']) ) { - $sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']); + $sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']); $min_topic_time = time() - ( $sort_days * 86400 ); // @@ -256,8 +242,8 @@ if ( isset($HTTP_POST_VARS['sort']) ) $topics_count = ( $forum_data['forum_topics'] ) ? $forum_data['forum_topics'] : 1; } - $sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key']; - $sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir']; + $sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key']; + $sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir']; } else { @@ -388,9 +374,7 @@ if ( $start ) $db->sql_freeresult($result); } -// -// topic icon join requires full table scan ... not good -// +// topic icon join requires full table scan ... not good ... order by is a killer too $sql = "SELECT t.*, i.icons_url, i.icons_width, i.icons_height, u.username, u.user_id, u2.username as user2, u2.user_id as id2 FROM " . TOPICS_TABLE . " t, " . ICONS_TABLE . " i, " . USERS_TABLE . " u, " . USERS_TABLE . " u2 WHERE t.forum_id = $forum_id @@ -467,9 +451,9 @@ if ( $total_topics ) if ( $userdata['user_id'] && $topic_rowset[$i]['topic_last_post_time'] > $userdata['user_lastvisit'] ) { $unread_topic = true; - if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all']) ) + if ( isset($_COOKIE[$board_config['cookie_name'] . '_f_all']) ) { - if ( $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all'] > $topic_rowset[$i]['topic_last_post_time'] ) + if ( $_COOKIE[$board_config['cookie_name'] . '_f_all'] > $topic_rowset[$i]['topic_last_post_time'] ) { $unread_topic = false; } @@ -539,15 +523,15 @@ if ( $total_topics ) $topic_author = ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? '' : ''; $topic_author .= ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? $topic_rowset[$i]['username'] : ( ( $topic_rowset[$i]['topic_first_poster_name'] != '' ) ? $topic_rowset[$i]['topic_first_poster_name'] : $lang['Guest'] ); - $topic_author .= ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? '' : ''; + $topic_author .= ( $topic_rowset[$i]['user_id'] ) ? '' : ''; - $first_post_time = create_date($board_config['default_dateformat'], $topic_rowset[$i]['topic_time'], $board_config['board_timezone']); + $first_post_time = $user->format_date($topic_rowset[$i]['topic_time'], $board_config['board_timezone']); - $last_post_time = create_date($board_config['default_dateformat'], $topic_rowset[$i]['topic_last_post_time'], $board_config['board_timezone']); + $last_post_time = $user->format_date($topic_rowset[$i]['topic_last_post_time']); - $last_post_author = ( $topic_rowset[$i]['id2'] == ANONYMOUS ) ? ( ( $topic_rowset[$i]['topic_last_poster_name'] != '' ) ? $topic_rowset[$i]['topic_last_poster_name'] . ' ' : $lang['Guest'] . ' ' ) : '' . $topic_rowset[$i]['user2'] . ''; + $last_post_author = ( !$topic_rowset[$i]['id2'] ) ? ( ( $topic_rowset[$i]['topic_last_poster_name'] != '' ) ? $topic_rowset[$i]['topic_last_poster_name'] . ' ' : $lang['Guest'] . ' ' ) : '' . $topic_rowset[$i]['user2'] . ''; - $last_post_url = '' . create_img($theme['goto_post_latest'], $lang['View_latest_post']) . ''; + $last_post_url = '' . create_img($theme['goto_post_latest'], $lang['View_latest_post']) . ''; // // Send vars to template @@ -597,7 +581,7 @@ include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'body' => 'viewforum_body.html' )); -make_jumpbox('viewforum.'.$phpEx); +make_jumpbox('viewforum.'.$phpEx . $SID); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); diff --git a/phpBB/viewonline.php b/phpBB/viewonline.php index 89ae2fe2f6..b3952d7d88 100644 --- a/phpBB/viewonline.php +++ b/phpBB/viewonline.php @@ -65,7 +65,7 @@ while ( $row = $db->sql_fetchrow($result) ) { $view_online = false; - if ( $row['user_id'] != ANONYMOUS ) + if ( $row['user_id'] ) { $user_id = $row['user_id']; @@ -80,7 +80,7 @@ while ( $row = $db->sql_fetchrow($result) ) if ( !$row['user_allow_viewonline'] ) { - $view_online = ( $auth->get_acl_admin() ) ? true : false; + $view_online = ( $auth->acl_get('a_') ) ? true : false; $hidden_users++; $username = '' . $username . ''; @@ -128,7 +128,7 @@ while ( $row = $db->sql_fetchrow($result) ) preg_match('/f=([0-9]+)/', $row['session_page'], $forum_id); $forum_id = $forum_id[1]; - if ( $auth->get_acl($forum_id, 'forum' , 'list') ) + if ( $auth->acl_get('f_list', $forum_id) ) { $location = ''; switch ( $on_page[1] ) @@ -183,7 +183,7 @@ while ( $row = $db->sql_fetchrow($result) ) break; } - $template->assign_block_vars("$which_row", array( + $template->assign_block_vars($which_row, array( 'USERNAME' => $username, 'LASTUPDATE' => $user->format_date($row['session_time']), 'FORUM_LOCATION' => $location, diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 76a4cd7f2a..125360ca00 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -28,9 +28,9 @@ include($phpbb_root_path . 'includes/bbcode.'.$phpEx); // // Start initial var setup // -$topic_id = ( isset($HTTP_GET_VARS['t']) ) ? intval($HTTP_GET_VARS['t']) : 0; -$post_id = ( isset($HTTP_GET_VARS['p'])) ? intval($HTTP_GET_VARS['p']) : 0; -$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; +$topic_id = ( isset($_GET['t']) ) ? intval($_GET['t']) : 0; +$post_id = ( isset($_GET['p'])) ? intval($_GET['p']) : 0; +$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; if ( empty($topic_id) && empty($post_id) ) { @@ -41,9 +41,9 @@ if ( empty($topic_id) && empty($post_id) ) // Find topic id if user requested a newer // or older topic // -if ( isset($HTTP_GET_VARS['view']) && empty($post_id) ) +if ( isset($_GET['view']) && empty($post_id) ) { - if ( $HTTP_GET_VARS['view'] == 'newest' ) + if ( $_GET['view'] == 'newest' ) { $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; @@ -78,10 +78,10 @@ if ( isset($HTTP_GET_VARS['view']) && empty($post_id) ) header($header_location . 'index.' . $phpEx); exit; } - else if ( $HTTP_GET_VARS['view'] == 'next' || $HTTP_GET_VARS['view'] == 'previous' ) + else if ( $_GET['view'] == 'next' || $_GET['view'] == 'previous' ) { - $sql_condition = ( $HTTP_GET_VARS['view'] == 'next' ) ? '>' : '<'; - $sql_ordering = ( $HTTP_GET_VARS['view'] == 'next' ) ? 'ASC' : 'DESC'; + $sql_condition = ( $_GET['view'] == 'next' ) ? '>' : '<'; + $sql_ordering = ( $_GET['view'] == 'next' ) ? 'ASC' : 'DESC'; $sql = "SELECT t.topic_id FROM " . TOPICS_TABLE . " t, " . TOPICS_TABLE . " t2 @@ -94,7 +94,7 @@ if ( isset($HTTP_GET_VARS['view']) && empty($post_id) ) if ( !($row = $db->sql_fetchrow($result)) ) { - $message = ( $HTTP_GET_VARS['view'] == 'next' ) ? 'No_newer_topics' : 'No_older_topics'; + $message = ( $_GET['view'] == 'next' ) ? 'No_newer_topics' : 'No_older_topics'; message_die(MESSAGE, $message); } else @@ -112,7 +112,7 @@ $userdata = $session->start(); // End session management // -if ( $userdata['user_id'] != ANONYMOUS && isset($HTTP_POST_VARS['rating']) ) +if ( $userdata['user_id'] && isset($_POST['rating']) ) { $sql = "SELECT rating FROM " . TOPICS_RATINGS_TABLE . " @@ -122,12 +122,12 @@ if ( $userdata['user_id'] != ANONYMOUS && isset($HTTP_POST_VARS['rating']) ) $rating = ( $row = $db->sql_fetchrow($result) ) ? $row['rating'] : ''; - if ( empty($HTTP_POST_VARS['rating_value']) && $rating != '' ) + if ( empty($_POST['rating_value']) && $rating != '' ) { } else { - $new_rating = intval($HTTP_POST_VARS['rating']); + $new_rating = intval($_POST['rating']); $sql = ( $rating != '' ) ? "UPDATE " . TOPICS_RATING_TABLE . " SET rating = $new_rating WHERE user_id = " . $userdata['user_id'] . " AND topic_id = $topic_id" : "INSERT INTO " . TOPICS_RATING_TABLE . " (topic_id, user_id, rating) VALUES ($topic_id, " . $userdata['user_id'] . ", $new_rating)"; } @@ -155,20 +155,17 @@ if ( !(extract($db->sql_fetchrow($result))) ) message_die(MESSAGE, 'Topic_post_not_exist'); } -// // Configure style, language, etc. -// -$userdata['user_style'] = ( $forum_style ) ? $forum_style : $userdata['user_style']; -$session->configure($userdata); - -$auth->acl($userdata, $forum_id); +$user = new user($userdata, false, $forum_style); +$auth->acl($userdata, $forum_id, array('f_read', 'f_post', 'f_reply', 'f_attach')); +// End configure // // Start auth check // -if ( !$auth->get_acl($forum_id, 'forum', 'read') ) +if ( !$auth->acl_get('f_read', $forum_id) ) { - if ( $userdata['user_id'] != ANONYMOUS ) + if ( $userdata['user_id'] ) { $redirect = ( isset($post_id) ) ? "p=$post_id" : "t=$topic_id"; $redirect .= ( isset($start) ) ? "&start=$start" : ''; @@ -177,9 +174,7 @@ if ( !$auth->get_acl($forum_id, 'forum', 'read') ) exit; } - $message = sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']); - - message_die(MESSAGE, $message); + message_die(MESSAGE, $lang['Sorry_auth_read']); } // // End auth check @@ -201,11 +196,11 @@ $previous_days = array(0 => $lang['All_Posts'], 1 => $lang['1_Day'], 7 => $lang[ $sort_by_text = array('a' => $lang['Author'], 't' => $lang['Post_time'], 's' => $lang['Subject']); $sort_by = array('a' => 'u.username', 't' => 'p.post_id', 's' => 'pt.post_subject'); -if ( isset($HTTP_POST_VARS['sort']) ) +if ( isset($_POST['sort']) ) { - if ( !empty($HTTP_POST_VARS['sort_days']) ) + if ( !empty($_POST['sort_days']) ) { - $sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']); + $sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']); $min_post_time = time() - ( $sort_days * 86400 ); $sql = "SELECT COUNT(post_id) AS num_posts @@ -224,8 +219,8 @@ if ( isset($HTTP_POST_VARS['sort']) ) $topic_replies++; } - $sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key']; - $sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir']; + $sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key']; + $sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir']; } else { @@ -305,14 +300,14 @@ if ( $userdata['user_id'] ) // taken from vB but we did already have a highlighter in place // in search itself ... it's just been extended a bit! // -if ( isset($HTTP_GET_VARS['highlight']) ) +if ( isset($_GET['highlight']) ) { $highlight_match = array(); // // Split words and phrases // - $words = explode(' ', trim(urldecode($HTTP_GET_VARS['highlight']))); + $words = explode(' ', trim(urldecode($_GET['highlight']))); for($i = 0; $i < count($words); $i++) { @@ -343,16 +338,16 @@ $s_forum_rules = ''; get_forum_rules('topic', $s_forum_rules, $forum_id); $topic_mod = ''; -$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'lock') ) ? ( ( $topic_status == TOPIC_UNLOCKED ) ? '' : '' ) : ''; -$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'delete') ) ? '' : ''; -$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'move') ) ? '' : ''; -$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'split') ) ? '' : ''; -$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'merge') ) ? '' : ''; +$topic_mod .= ( $auth->acl_get('m_lock', $forum_id) ) ? ( ( $topic_status == TOPIC_UNLOCKED ) ? '' : '' ) : ''; +$topic_mod .= ( $auth->acl_get('m_delete', $forum_id) ) ? '' : ''; +$topic_mod .= ( $auth->acl_get('m_move', $forum_id) ) ? '' : ''; +$topic_mod .= ( $auth->acl_get('m_split', $forum_id) ) ? '' : ''; +$topic_mod .= ( $auth->acl_get('m_merge', $forum_id) ) ? '' : ''; // // If we've got a hightlight set pass it on to pagination. // -$pagination = ( $highlight_active ) ? generate_pagination("viewtopic.$phpEx$SID&t=$topic_id&postdays=$post_days&postorder=$post_order&highlight=" . $HTTP_GET_VARS['highlight'], $topic_replies, $board_config['posts_per_page'], $start) : generate_pagination("viewtopic.$phpEx$SID&t=$topic_id&postdays=$post_days&postorder=$post_order", $topic_replies, $board_config['posts_per_page'], $start); +$pagination = ( $highlight_active ) ? generate_pagination("viewtopic.$phpEx$SID&t=$topic_id&postdays=$post_days&postorder=$post_order&highlight=" . $_GET['highlight'], $topic_replies, $board_config['posts_per_page'], $start) : generate_pagination("viewtopic.$phpEx$SID&t=$topic_id&postdays=$post_days&postorder=$post_order", $topic_replies, $board_config['posts_per_page'], $start); // // Post, reply and other URL generation for @@ -441,7 +436,7 @@ $template->assign_vars(array( 'S_MOD_ACTION' => "modcp.$phpEx$SID", 'S_WATCH_TOPIC' => $s_watching_topic, - 'U_VIEW_TOPIC' => "viewtopic.$phpEx$SID&t=$topic_id&start=$start&postdays=$post_days&postorder=$post_order&highlight=" . $HTTP_GET_VARS['highlight'], + 'U_VIEW_TOPIC' => "viewtopic.$phpEx$SID&t=$topic_id&start=$start&postdays=$post_days&postorder=$post_order&highlight=" . $_GET['highlight'], 'U_VIEW_FORUM' => $view_forum_url, 'U_VIEW_OLDER_TOPIC' => $view_prev_topic_url, 'U_VIEW_NEWER_TOPIC' => $view_next_topic_url, @@ -494,9 +489,9 @@ if ( !empty($poll_start) ) $user_voted = ( $row = $db->sql_fetchrow($result) ) ? TRUE : 0; $db->sql_freeresult($result); - if ( isset($HTTP_GET_VARS['vote']) || isset($HTTP_POST_VARS['vote']) ) + if ( isset($_GET['vote']) || isset($_POST['vote']) ) { - $view_result = ( ( ( isset($HTTP_GET_VARS['vote']) ) ? $HTTP_GET_VARS['vote'] : $HTTP_POST_VARS['vote'] ) == 'viewresult' ) ? TRUE : 0; + $view_result = ( ( ( isset($_GET['vote']) ) ? $_GET['vote'] : $_POST['vote'] ) == 'viewresult' ) ? TRUE : 0; } else { @@ -505,7 +500,7 @@ if ( !empty($poll_start) ) $poll_expired = ( $vote_info[0]['vote_length'] ) ? ( ( $vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time() ) ? TRUE : 0 ) : 0; - if ( $user_voted || $view_result || $poll_expired || !$auth->get_acl($forum_id, 'forum', 'vote') || $topic_status == TOPIC_LOCKED ) + if ( $user_voted || $view_result || $poll_expired || !$auth->acl_get('f_vote', $forum_id) || $topic_status == TOPIC_LOCKED ) { $vote_results_sum = 0; for($i = 0; $i < $vote_options; $i++) @@ -611,22 +606,20 @@ if ( $row = $db->sql_fetchrow($result) ) do { $poster_id = $row['user_id']; - $poster = ( $poster_id == ANONYMOUS ) ? $lang['Guest'] : $row['username']; + $poster = ( !$poster_id ) ? $lang['Guest'] : $row['username']; - $post_date = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']); + $poster_posts = ( $row['user_id'] ) ? $lang['Posts'] . ': ' . $row['user_posts'] : ''; - $poster_posts = ( $row['user_id'] != ANONYMOUS ) ? $lang['Posts'] . ': ' . $row['user_posts'] : ''; - - $poster_from = ( $row['user_from'] && $row['user_id'] != ANONYMOUS ) ? $lang['Location'] . ': ' . $row['user_from'] : ''; + $poster_from = ( $row['user_from'] && $row['user_id'] ) ? $lang['Location'] . ': ' . $row['user_from'] : ''; if ( !isset($poster_details[$poster_id]['joined']) ) { - $poster_details[$poster_id]['joined'] = ( $row['user_id'] != ANONYMOUS ) ? $lang['Joined'] . ': ' . create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']) : ''; + $poster_details[$poster_id]['joined'] = ( $row['user_id'] ) ? $lang['Joined'] . ': ' . $user->format_date($row['user_regdate'], $lang['DATE_FORMAT']) : ''; } if ( !isset($poster_details[$poster_id]['avatar']) ) { - if ( $row['user_avatar_type'] && $poster_id != ANONYMOUS && $row['user_allowavatar'] ) + if ( $row['user_avatar_type'] && $poster_id && $row['user_allowavatar'] ) { switch( $row['user_avatar_type'] ) { @@ -679,13 +672,13 @@ if ( $row = $db->sql_fetchrow($result) ) // // Handle anon users posting with usernames // - if ( $poster_id == ANONYMOUS && $row['post_username'] != '' ) + if ( !$poster_id && $row['post_username'] != '' ) { $poster = $row['post_username']; $poster_rank = $lang['Guest']; } - if ( !isset($poster_details[$poster_id]['profile']) && $poster_id != ANONYMOUS ) + if ( !isset($poster_details[$poster_id]['profile']) && $poster_id ) { $temp_url = "profile.$phpEx$SID&mode=viewprofile&u=$poster_id"; $poster_details[$poster_id]['profile_img'] = '' . create_img($theme['icon_profile'], $lang['Read_profile']) . ''; @@ -695,7 +688,7 @@ if ( $row = $db->sql_fetchrow($result) ) $poster_details[$poster_id]['pm_img'] = '' . create_img($theme['icon_pm'], $lang['Send_private_message']) . ''; $poster_details[$poster_id]['pm'] = '' . $lang['Send_private_message'] . ''; - if ( !empty($row['user_viewemail']) || $auth->get_acl($forum_id, 'mod') ) + if ( !empty($row['user_viewemail']) || $auth->acl_get('m_', $forum_id) ) { $email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&mode=email&u=" . $poster_id : 'mailto:' . $row['user_email']; @@ -734,7 +727,7 @@ if ( $row = $db->sql_fetchrow($result) ) $poster_details[$poster_id]['yim_img'] = ( $row['user_yim'] ) ? '' . create_img($theme['icon_yim'], $lang['YIM']) . '' : ''; $poster_details[$poster_id]['yim'] = ( $row['user_yim'] ) ? '' . $lang['YIM'] . '' : ''; - if ( $auth->get_acl($forum_id, 'forum', 'search') ) + if ( $auth->acl_get('f_search', $forum_id) ) { $temp_url = 'search.' . $phpEx . $SID . '&search_author=' . urlencode($row['username']) .'"&showresults=posts'; $search_img = '' . create_img($theme['icon_search'], $lang['Search_user_posts']) . ''; @@ -747,7 +740,7 @@ if ( $row = $db->sql_fetchrow($result) ) } } - else if ( $poster_id == ANONYMOUS ) + else if ( !$poster_id ) { $poster_details[$poster_id]['profile_img'] = ''; $poster_details[$poster_id]['profile'] = ''; @@ -775,7 +768,7 @@ if ( $row = $db->sql_fetchrow($result) ) $quote_img = '' . create_img($theme['icon_quote'], $lang['Reply_with_quote']) . ''; $quote = '' . $lang['Reply_with_quote'] . ''; - if ( ( $userdata['user_id'] == $poster_id && $auth->get_acl($forum_id, 'forum', 'edit') ) || $auth->get_acl($forum_id, 'mod', 'edit') ) + if ( ( $userdata['user_id'] == $poster_id && $auth->acl_get('f_edit', $forum_id) ) || $auth->acl_get('m_edit', $forum_id) || $auth->acl_get('a_') ) { $temp_url = "posting.$phpEx$SID&mode=editpost&p=" . $row['post_id']; $edit_img = '' . create_img($theme['icon_edit'], $lang['Edit_delete_post']) . ''; @@ -787,7 +780,7 @@ if ( $row = $db->sql_fetchrow($result) ) $edit = ''; } - if ( $auth->get_acl($forum_id, 'mod', 'ip') ) + if ( $auth->acl_get('m_ip', $forum_id) ) { $temp_url = "modcp.$phpEx$SID&mode=ip&p=" . $row['post_id'] . "&t=" . $topic_id; $ip_img = '' . create_img($theme['icon_ip'], $lang['View_IP']) . ''; @@ -799,7 +792,7 @@ if ( $row = $db->sql_fetchrow($result) ) $ip = ''; } - if ( ( $userdata['user_id'] == $poster_id && $auth->get_acl($forum_id, 'forum', 'delete') && $forum_topic_data['topic_last_post_id'] == $row['post_id'] ) || $auth->get_acl($forum_id, 'mod', 'delete') ) + if ( ( $userdata['user_id'] == $poster_id && $auth->acl_get('f_delete', $forum_id) && $forum_topic_data['topic_last_post_id'] == $row['post_id'] ) || $auth->acl_get('m_delete', $forum_id) ) { $temp_url = "posting.$phpEx$SID&mode=delete&p=" . $row['post_id']; $delpost_img = '' . create_img($theme['icon_delete'], $lang['Delete_post']) . ''; @@ -825,9 +818,9 @@ if ( $row = $db->sql_fetchrow($result) ) // If the board has HTML off but the post has HTML // on then we process it, else leave it alone // - if ( !$auth->get_acl($forum_id, 'forum', 'html') ) + if ( !$auth->acl_get('f_html', $forum_id) ) { - if ( $row['enable_html'] && $auth->get_acl($forum_id, 'forum', 'bbcode') ) + if ( $row['enable_html'] && $auth->acl_get('f_bbcode', $forum_id) ) { $message = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $message); } @@ -838,12 +831,12 @@ if ( $row = $db->sql_fetchrow($result) ) // if ( $bbcode_uid != '' ) { - $message = ( $auth->get_acl($forum_id, 'forum', 'bbcode') ) ? bbencode_second_pass($message, $bbcode_uid, $auth->get_acl($forum_id, 'forum', 'img')) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message); +// $message = ( $auth->acl_get('f_bbcode', $forum_id) ) ? bbencode_second_pass($message, $bbcode_uid, $auth->acl_get('f_img', $forum_id)) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message); } if ( $row['enable_magic_url'] ) { - $message = make_clickable($message); +// $message = make_clickable($message); } // @@ -933,9 +926,9 @@ if ( $row = $db->sql_fetchrow($result) ) $message = preg_replace($orig_word, $replacement_word, $message); } - if ( $row['enable_smilies'] && $auth->get_acl($forum_id, 'forum', 'smilies') ) + if ( $row['enable_smilies'] && $auth->acl_get('f_smilies', $forum_id) ) { - $message = smilies_pass($message); +// $message = smilies_pass($message); } $message = nl2br($message); @@ -947,7 +940,7 @@ if ( $row = $db->sql_fetchrow($result) ) { $l_edit_time_total = ( $row['post_edit_count'] == 1 ) ? $lang['Edited_time_total'] : $lang['Edited_times_total']; - $l_edited_by = '

' . sprintf($l_edit_time_total, $poster, create_date($board_config['default_dateformat'], $row['post_edit_time'], $board_config['board_timezone']), $row['post_edit_count']); + $l_edited_by = '

' . sprintf($l_edit_time_total, $poster, $user->format_date($row['post_edit_time']), $row['post_edit_count']); } else { @@ -962,20 +955,20 @@ if ( $row = $db->sql_fetchrow($result) ) $user_sig = ( $row['enable_sig'] && $row['user_sig'] != '' && $board_config['allow_sig'] ) ? $row['user_sig'] : ''; $user_sig_bbcode_uid = $row['user_sig_bbcode_uid']; - if ( $user_sig != '' && $user_sig_bbcode_uid != '' && $auth->get_acl($forum_id, 'forum', 'sigs') ) + if ( $user_sig != '' && $user_sig_bbcode_uid != '' && $auth->acl_get('f_sigs', $forum_id) ) { - if ( !$auth->get_acl($forum_id, 'forum', 'html') && $userdata['user_allowhtml'] ) + if ( !$auth->acl_get('f_html', $forum_id) && $userdata['user_allowhtml'] ) { $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig); } - $poster_details[$poster_id]['sig'] = bbencode_second_pass($user_sig, $user_sig_bbcode_uid, $auth->get_acl($forum_id, 'forum', 'img')); +// $poster_details[$poster_id]['sig'] = bbencode_second_pass($user_sig, $user_sig_bbcode_uid, $auth->acl_get('f_img', $forum_id)); - $poster_details[$poster_id]['sig'] = make_clickable($poster_details[$poster_id]['sig']); +// $poster_details[$poster_id]['sig'] = make_clickable($poster_details[$poster_id]['sig']); if ( $row['user_allowsmile'] ) { - $poster_details[$poster_id]['sig'] = smilies_pass($poster_details[$poster_id]['sig']); +// $poster_details[$poster_id]['sig'] = smilies_pass($poster_details[$poster_id]['sig']); } if ( count($orig_word) ) @@ -1008,7 +1001,7 @@ if ( $row = $db->sql_fetchrow($result) ) 'POSTER_POSTS' => $poster_posts, 'POSTER_FROM' => $poster_from, 'POSTER_AVATAR' => $poster_details[$poster_id]['avatar'], - 'POST_DATE' => $post_date, + 'POST_DATE' => $user->format_date($row['post_time']), 'POST_SUBJECT' => $post_subject, 'MESSAGE' => $message,