makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

- now username changes should work as desired

Browse source 
- removed some extract() calls


git-svn-id: file:///svn/phpbb/trunk@6517 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-10-22 13:32:33 +00:00
parent 44ea780de6
commit 22129be21f
12 changed files with 172 additions and 166 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
phpBB/includes/acp/acp_styles.php
View file

@ -1353,16 +1353,19 @@ pagination_sep = \'{PAGINATION_SEP}\'
if ($imageset_id)
{
$sql_select = ($imgname) ? ", $imgname" : '';
$sql = "SELECT imageset_path, imageset_name, imageset_copyright$sql_select
FROM " . STYLES_IMAGESET_TABLE . "
WHERE imageset_id = $imageset_id";
$result = $db->sql_query($sql);
$imageset_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!extract($db->sql_fetchrow($result)))
if (!$imageset_row)
{
trigger_error($user->lang['NO_IMAGESET'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$db->sql_freeresult($result);
extract($imageset_row);
// Check to see whether the selected image exists in the table
$valid_name = ($update) ? false : true;

4
phpBB/includes/acp/acp_users.php
View file

@ -635,7 +635,7 @@ class acp_users
// Get the data from the form. Use data from the database if no info is provided
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default);
$data[$var] = ($var == 'user') ? request_var($var, $default, true) : request_var($var, $default);
}
// We use user within the form to circumvent auto filling
@ -984,7 +984,7 @@ class acp_users
foreach ($var_ary as $var => $default)
{
$data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : $data[$var] = request_var($var, $default);
$data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
}
$var_ary = array(

2
phpBB/includes/auth.php
View file

@ -707,7 +707,7 @@ class auth
// we are going to use the user_add function so include functions_user.php if it wasn't defined yet
if (!function_exists('user_add'))
{
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
user_add($login['user_row'], (isset($login['cp_data'])) ? $login['cp_data'] : false);

6
phpBB/includes/functions.php
View file

@ -2249,7 +2249,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
if (!class_exists('bbcode'))
{
global $phpbb_root_path, $phpEx;
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
}
if (empty($bbcode))
@ -2287,7 +2287,7 @@ function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bb
if (!class_exists('parse_message'))
{
include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
}
$message_parser = new parse_message($text);
@ -2419,7 +2419,7 @@ function parse_inline_attachments(&$text, &$attachments, &$update_count, $forum_
if (!function_exists('display_attachments'))
{
global $phpbb_root_path, $phpEx;
include_once("{$phpbb_root_path}includes/functions_display.$phpEx");
include("{$phpbb_root_path}includes/functions_display.$phpEx");
}
$attachments = display_attachments($forum_id, NULL, $attachments, $update_count, false, true);

6
phpBB/includes/template.php
View file

@ -197,7 +197,11 @@ class template
global $db, $phpbb_root_path;
include_once($phpbb_root_path . 'includes/functions_template.' . $phpEx);
if (!class_exists('template_compile'))
{
include($phpbb_root_path . 'includes/functions_template.' . $phpEx);
}
$compile = new template_compile($this);
// If the file for this handle is already loaded and compiled, do nothing.

199
phpBB/includes/ucp/ucp_profile.php
View file

@ -33,20 +33,20 @@ class ucp_profile
{
case 'reg_details':
$data = array(
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'email_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
);
if ($submit)
{
$var_ary = array(
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'email_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
);
foreach ($var_ary as $var => $default)
foreach ($data as $var => $default)
{
$data[$var] = request_var($var, $default);
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
// Do not check cur_password, it is the old one.
@ -70,26 +70,24 @@ class ucp_profile
}
$error = validate_data($data, $var_ary);
extract($data);
unset($data);
if ($auth->acl_get('u_chgpasswd') && $new_password && $password_confirm != $new_password)
if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
{
$error[] = 'NEW_PASSWORD_ERROR';
}
if (($new_password || ($auth->acl_get('u_chgemail') && $email != $user->data['user_email']) || ($username != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && md5($cur_password) != $user->data['user_password'])
if (($data['new_password'] || ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) || ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && md5($data['cur_password']) != $user->data['user_password'])
{
$error[] = 'CUR_PASSWORD_ERROR';
}
// Only check the new password against the previous password if there have been no errors
if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $new_password && md5($new_password) == $user->data['user_password'])
if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && md5($data['new_password']) == $user->data['user_password'])
{
$error[] = 'SAME_PASSWORD_ERROR';
}
if ($auth->acl_get('u_chgemail') && $email != $user->data['user_email'] && $email_confirm != $email)
if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email'])
{
$error[] = 'NEW_EMAIL_ERROR';
}
@ -97,31 +95,31 @@ class ucp_profile
if (!sizeof($error))
{
$sql_ary = array(
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($username) : $user->data['username_clean'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
'user_passchg' => ($auth->acl_get('u_chgpasswd') && $new_password) ? time() : 0,
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'],
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($data['email'])) . strlen($data['email']) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? md5($data['new_password']) : $user->data['user_password'],
'user_passchg' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? time() : 0,
);
if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $username != $user->data['username'])
if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $data['username'] != $user->data['username'])
{
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $username);
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']);
}
if ($auth->acl_get('u_chgpasswd') && $new_password && md5($new_password) != $user->data['user_password'])
if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && md5($data['new_password']) != $user->data['user_password'])
{
$user->reset_login_keys();
add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $username);
add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']);
}
if ($auth->acl_get('u_chgemail') && $email != $user->data['user_email'])
if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'])
{
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $username, $user->data['user_email'], $email);
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $data['username'], $user->data['user_email'], $data['email']);
}
if ($config['email_enable'] && $email != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
if ($config['email_enable'] && $data['email'] != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
@ -138,7 +136,7 @@ class ucp_profile
$messenger->template($template_file, $user->data['user_lang']);
$messenger->replyto($config['board_contact']);
$messenger->to($email, $username);
$messenger->to($data['email'], $data['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
@ -147,7 +145,7 @@ class ucp_profile
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'USERNAME' => html_entity_decode($username),
'USERNAME' => html_entity_decode($username, ENT_QUOTES, 'UTF-8'),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
@ -157,12 +155,21 @@ class ucp_profile
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
// Grab an array of user_id's with a_user permissions
// Grab an array of user_id's with a_user permissions ... these users can activate a user
$admin_ary = $auth->acl_get_list(false, 'a_user', false);
$admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();
// Also include founders
$where_sql = ' WHERE user_type = ' . USER_FOUNDER;
if (sizeof($admin_ary))
{
$where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
}
$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', $admin_ary[0]['a_user']);
FROM ' . USERS_TABLE . ' ' .
$where_sql;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@ -173,7 +180,7 @@ class ucp_profile
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
'USERNAME' => html_entity_decode($username),
'USERNAME' => html_entity_decode($username, ENT_QUOTES, 'UTF-8'),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
@ -202,9 +209,9 @@ class ucp_profile
}
// Need to update config, forum, topic, posting, messages, etc.
if ($username != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])
if ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])
{
user_update_name($user->data['username'], $username);
user_update_name($user->data['username'], $data['username']);
}
meta_refresh(3, $this->u_action);
@ -222,10 +229,10 @@ class ucp_profile
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => (isset($username)) ? $username : $user->data['username'],
'EMAIL' => (isset($email)) ? $email : $user->data['user_email'],
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'NEW_PASSWORD' => (isset($new_password)) ? $new_password : '',
'USERNAME' => $data['username'],
'EMAIL' => $data['email'],
'PASSWORD_CONFIRM' => $data['password_confirm'],
'NEW_PASSWORD' => $data['new_password'],
'CUR_PASSWORD' => '',
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
@ -246,24 +253,29 @@ class ucp_profile
$cp_data = $cp_error = array();
$data = array(
'icq' => (string) $user->data['user_icq'],
'aim' => (string) $user->data['user_aim'],
'msn' => (string) $user->data['user_msnm'],
'yim' => (string) $user->data['user_yim'],
'jabber' => (string) $user->data['user_jabber'],
'website' => (string) $user->data['user_website'],
'location' => (string) $user->data['user_from'],
'occupation' => (string) $user->data['user_occ'],
'interests' => (string) $user->data['user_interests'],
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
if ($user->data['user_birthday'])
{
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']);
}
if ($submit)
{
$var_ary = array(
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'location' => (string) '',
'occupation' => (string) '',
'interests' => (string) '',
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
foreach ($var_ary as $var => $default)
foreach ($data as $var => $default)
{
$data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
}
@ -290,8 +302,6 @@ class ucp_profile
);
$error = validate_data($data, $var_ary);
extract($data);
unset($data);
// validate custom profile fields
$cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error);
@ -304,16 +314,16 @@ class ucp_profile
if (!sizeof($error))
{
$sql_ary = array(
'user_icq' => $icq,
'user_aim' => $aim,
'user_msnm' => $msn,
'user_yim' => $yim,
'user_jabber' => $jabber,
'user_website' => $website,
'user_from' => $location,
'user_occ' => $occupation,
'user_interests'=> $interests,
'user_birthday' => sprintf('%2d-%2d-%4d', $bday_day, $bday_month, $bday_year),
'user_icq' => $data['icq'],
'user_aim' => $data['aim'],
'user_msnm' => $data['msn'],
'user_yim' => $data['yim'],
'user_jabber' => $data['jabber'],
'user_website' => $data['website'],
'user_from' => $data['location'],
'user_occ' => $data['occupation'],
'user_interests'=> $data['interests'],
'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
);
$sql = 'UPDATE ' . USERS_TABLE . '
@ -351,38 +361,26 @@ class ucp_profile
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
if (!isset($bday_day))
{
if ($user->data['user_birthday'])
{
list($bday_day, $bday_month, $bday_year) = explode('-', $user->data['user_birthday']);
}
else
{
$bday_day = $bday_month = $bday_year = 0;
}
}
$s_birthday_day_options = '<option value="0"' . ((!$bday_day) ? ' selected="selected"' : '') . '>--</option>';
$s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 32; $i++)
{
$selected = ($i == $bday_day) ? ' selected="selected"' : '';
$selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
$s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
}
$s_birthday_month_options = '<option value="0"' . ((!$bday_month) ? ' selected="selected"' : '') . '>--</option>';
$s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 13; $i++)
{
$selected = ($i == $bday_month) ? ' selected="selected"' : '';
$selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
$s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
}
$s_birthday_year_options = '';
$now = getdate();
$s_birthday_year_options = '<option value="0"' . ((!$bday_year) ? ' selected="selected"' : '') . '>--</option>';
$s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = $now['year'] - 100; $i < $now['year']; $i++)
{
$selected = ($i == $bday_year) ? ' selected="selected"' : '';
$selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
$s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
}
unset($now);
@ -390,15 +388,15 @@ class ucp_profile
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ICQ' => (isset($icq)) ? $icq : $user->data['user_icq'],
'YIM' => (isset($yim)) ? $yim : $user->data['user_yim'],
'AIM' => (isset($aim)) ? $aim : $user->data['user_aim'],
'MSN' => (isset($msn)) ? $msn : $user->data['user_msnm'],
'JABBER' => (isset($jabber)) ? $jabber : $user->data['user_jabber'],
'WEBSITE' => (isset($website)) ? $website : $user->data['user_website'],
'LOCATION' => (isset($location)) ? $location : $user->data['user_from'],
'OCCUPATION'=> (isset($occupation)) ? $occupation : $user->data['user_occ'],
'INTERESTS' => (isset($interests)) ? $interests : $user->data['user_interests'],
'ICQ' => $data['icq'],
'YIM' => $data['yim'],
'AIM' => $data['aim'],
'MSN' => $data['msn'],
'JABBER' => $data['jabber'],
'WEBSITE' => $data['website'],
'LOCATION' => $data['location'],
'OCCUPATION'=> $data['occupation'],
'INTERESTS' => $data['interests'],
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
@ -607,9 +605,6 @@ class ucp_profile
trigger_error($message);
}
extract($data);
unset($data);
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
@ -653,8 +648,8 @@ class ucp_profile
$template->assign_vars(array(
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'WIDTH' => (isset($width)) ? $width : $user->data['user_avatar_width'],
'HEIGHT' => (isset($height)) ? $height : $user->data['user_avatar_height'],
'WIDTH' => (isset($data['width'])) ? $data['width'] : $user->data['user_avatar_width'],
'HEIGHT' => (isset($data['height'])) ? $data['height'] : $user->data['user_avatar_height'],
'S_UPLOAD_AVATAR_FILE' => $can_upload,
'S_UPLOAD_AVATAR_URL' => $can_upload,

52
phpBB/includes/ucp/ucp_register.php
View file

@ -127,7 +127,7 @@ class ucp_register
{
foreach ($var_ary as $var => $default)
{
$$var = request_var($var, $default, true);
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
}
@ -136,7 +136,7 @@ class ucp_register
{
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default, true);
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
$var_ary = array(
@ -157,8 +157,6 @@ class ucp_register
);
$error = validate_data($data, $var_ary);
extract($data);
unset($data);
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
@ -197,7 +195,7 @@ class ucp_register
if ($row)
{
if (strcasecmp($row['code'], $confirm_code) === 0)
if (strcasecmp($row['code'], $data['confirm_code']) === 0)
{
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
@ -221,12 +219,12 @@ class ucp_register
if (!sizeof($error))
{
if ($new_password != $password_confirm)
if ($data['new_password'] != $data['password_confirm'])
{
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
if ($email != $email_confirm)
if ($data['email'] != $data['email_confirm'])
{
$error[] = $user->lang['NEW_EMAIL_ERROR'];
}
@ -262,6 +260,7 @@ class ucp_register
$key_len = 54 - (strlen($server_url));
$key_len = ($key_len < 6) ? 6 : $key_len;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
@ -275,13 +274,13 @@ class ucp_register
}
$user_row = array(
'username' => $username,
'user_password' => md5($new_password),
'user_email' => $email,
'username' => $data['username'],
'user_password' => md5($data['new_password']),
'user_email' => $data['email'],
'group_id' => (int) $group_id,
'user_timezone' => (float) $tz,
'user_timezone' => (float) $data['tz'],
'user_dst' => $is_dst,
'user_lang' => $lang,
'user_lang' => $data['lang'],
'user_type' => $user_type,
'user_actkey' => $user_actkey,
'user_ip' => $user->ip,
@ -326,10 +325,10 @@ class ucp_register
$messenger = new messenger(false);
$messenger->template($email_template, $lang);
$messenger->template($email_template, $data['lang']);
$messenger->replyto($config['board_contact']);
$messenger->to($email, $username);
$messenger->to($data['email'], $data['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
@ -339,7 +338,7 @@ class ucp_register
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']),
'USERNAME' => html_entity_decode($username),
'USERNAME' => html_entity_decode($username, ENT_QUOTES, 'UTF-8'),
'PASSWORD' => html_entity_decode($password_confirm),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
@ -351,7 +350,7 @@ class ucp_register
$messenger->assign_vars(array(
'FAX_INFO' => $config['coppa_fax'],
'MAIL_INFO' => $config['coppa_mail'],
'EMAIL_ADDRESS' => $email,
'EMAIL_ADDRESS' => $data['email'],
'SITENAME' => $config['sitename'])
);
}
@ -385,7 +384,7 @@ class ucp_register
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
'USERNAME' => html_entity_decode($username),
'USERNAME' => html_entity_decode($username, ENT_QUOTES, 'UTF-8'),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
@ -396,7 +395,6 @@ class ucp_register
$db->sql_freeresult($result);
}
}
unset($data);
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
trigger_error($message);
@ -489,17 +487,17 @@ class ucp_register
$user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\w]+' => 'USERNAME_ALPHA_ONLY', '[\w_\+\. \-\[\]]+' => 'USERNAME_ALPHA_SPACERS');
$pass_char_ary = array('.*' => 'PASS_TYPE_ANY', '[a-zA-Z]' => 'PASS_TYPE_CASE', '[a-zA-Z0-9]' => 'PASS_TYPE_ALPHA', '[a-zA-Z\W]' => 'PASS_TYPE_SYMBOL');
$lang = (isset($lang)) ? $lang : $config['default_lang'];
$tz = (isset($tz)) ? $tz : $timezone;
$data['lang'] = (isset($data['lang'])) ? $data['lang'] : $config['default_lang'];
$data['tz'] = (isset($data['tz'])) ? $data['tz'] : $timezone;
//
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => (isset($username)) ? $username : '',
'PASSWORD' => (isset($new_password)) ? $new_password : '',
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'EMAIL' => (isset($email)) ? $email : '',
'EMAIL_CONFIRM' => (isset($email_confirm)) ? $email_confirm : '',
'USERNAME' => (isset($data['username'])) ? $data['username'] : '',
'PASSWORD' => (isset($data['new_password'])) ? $data['new_password'] : '',
'PASSWORD_CONFIRM' => (isset($data['password_confirm'])) ? $data['password_confirm'] : '',
'EMAIL' => (isset($data['email'])) ? $data['email'] : '',
'EMAIL_CONFIRM' => (isset($data['email_confirm'])) ? $data['email_confirm'] : '',
'CONFIRM_IMG' => $confirm_image,
'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlentities($config['board_contact']) . '">', '</a>'),
@ -507,8 +505,8 @@ class ucp_register
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_NEW_PASSWORD_EXPLAIN' => sprintf($user->lang[$pass_char_ary[str_replace('\\\\', '\\', $config['pass_complex'])] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_LANG_OPTIONS' => language_select($lang),
'S_TZ_OPTIONS' => tz_select($tz),
'S_LANG_OPTIONS' => language_select($data['lang']),
'S_TZ_OPTIONS' => tz_select($data['tz']),
'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
'S_COPPA' => $coppa,
'S_HIDDEN_FIELDS' => $s_hidden_fields,

2
phpBB/includes/ucp/ucp_zebra.php
View file

@ -37,7 +37,7 @@ class ucp_zebra
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default);
$data[$var] = request_var($var, $default, true);
}
if ($data['add'])

6
phpBB/includes/utf/utf_tools.php
View file

@ -901,19 +901,19 @@ function utf8_case_fold($text, $option = 'full')
// common is always set
if (!isset($uniarray['c']))
{
$uniarray['c'] = include_once($phpbb_root_path . 'includes/utf/data/case_fold_c.' . $phpEx);
$uniarray['c'] = include($phpbb_root_path . 'includes/utf/data/case_fold_c.' . $phpEx);
}
// only set full if we need to
if ($option === 'full' && !isset($uniarray['f']))
{
$uniarray['f'] = include_once($phpbb_root_path . 'includes/utf/data/case_fold_f.' . $phpEx);
$uniarray['f'] = include($phpbb_root_path . 'includes/utf/data/case_fold_f.' . $phpEx);
}
// only set simple if we need to
if ($option !== 'full' && !isset($uniarray['s']))
{
$uniarray['s'] = include_once($phpbb_root_path . 'includes/utf/data/case_fold_s.' . $phpEx);
$uniarray['s'] = include($phpbb_root_path . 'includes/utf/data/case_fold_s.' . $phpEx);
}
$text = strtr($text, $uniarray['c']);

16
phpBB/install/install_install.php
View file

@ -404,7 +404,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
$connect_test = false;
@ -546,7 +546,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@ -718,7 +718,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@ -873,7 +873,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@ -957,7 +957,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
if ($dbms == '')
@ -1231,7 +1231,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
$dbpasswd = html_entity_decode($dbpasswd);
@ -1500,7 +1500,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
// Fill the config array - it is needed by those functions we call
@ -1582,7 +1582,7 @@ class install_install extends module
// Obtain any submitted data
foreach ($this->request_vars as $var)
{
$$var = request_var($var, '');
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, '');
}
// Load the basic configuration data

41
phpBB/search.php
View file

@ -623,7 +623,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
// Does this post have an attachment? If so, add it to the list
if ($row['post_attachment'] && $config['allow_attachments'])
{
$attach_list[] = $row['post_id'];
$attach_list[$row['forum_id']][] = $row['post_id'];
}
}
}
@ -639,26 +639,33 @@ if ($keywords || $author || $author_id || $search_id || $submit)
// Pull attachment data
if (sizeof($attach_list))
{
if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id))
{
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $attach_list) . '
AND in_message = 0
ORDER BY filetime ' . ((!$config['display_order']) ? 'DESC' : 'ASC') . ', post_msg_id ASC';
$result = $db->sql_query($sql);
$use_attach_list = $attach_list;
$attach_list = array();
while ($row = $db->sql_fetchrow($result))
{
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
else
foreach ($use_attach_list as $forum_id => $_list)
{
$display_notice = true;
if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id))
{
$attach_list = array_merge($attach_list, $_list);
}
}
}
if (sizeof($attach_list))
{
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('post_msg_id', $attach_list) . '
AND in_message = 0
ORDER BY filetime ' . ((!$config['display_order']) ? 'DESC' : 'ASC') . ', post_msg_id ASC';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$attachments[$row['post_msg_id']][] = $row;
}
$db->sql_freeresult($result);
}
}
if ($hilit)

3
phpBB/viewtopic.php
View file

@ -16,6 +16,7 @@ $phpbb_root_path = './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
// Start session management
$user->session_begin();
@ -726,7 +727,6 @@ if (!empty($topic_data['poll_start']))
if ($poll_info[0]['bbcode_bitfield'])
{
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
$poll_bbcode = new bbcode();
}
else
@ -1227,7 +1227,6 @@ if (sizeof($attach_list))
// Instantiate BBCode if need be
if ($bbcode_bitfield !== '')
{
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
$bbcode = new bbcode(base64_encode($bbcode_bitfield));
}