makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 22:28:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

Well, here are all my changes ... don't blame me if things break :D

Browse source 
git-svn-id: file:///svn/phpbb/trunk@2923 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-10-04 13:09:10 +00:00
parent b5bbc005a5
commit 30aeac65dc
63 changed files with 2217 additions and 2728 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/admin/admin_ban.php
View file

@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('ban') )
if ( !$auth->get_acl_admin('ban') )
{
return;
}
@ -46,7 +46,7 @@ require('pagestart.' . $phpEx);
//
// Do we have ban permissions?
//
if ( !$acl->get_acl_admin('ban') )
if ( !$auth->get_acl_admin('ban') )
{
return;
}

58
phpBB/admin/admin_board.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -45,7 +45,7 @@ $phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@ -325,9 +325,6 @@ switch ( $mode )
$activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? 'checked="checked"' : '';
$activation_disable = ( $new['require_activation'] == USER_ACTIVATION_DISABLE ) ? 'checked="checked"' : '';
$gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : '';
$gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : '';
$privmsg_on = ( !$new['privmsg_disable'] ) ? 'checked="checked"' : '';
$privmsg_off = ( $new['privmsg_disable'] ) ? 'checked="checked"' : '';
@ -347,18 +344,6 @@ switch ( $mode )
<td class="row1"><?php echo $lang['Board_disable']; ?>: <br /><span class="gensmall"><?php echo $lang['Board_disable_explain']; ?></span></td>
<td class="row2"><input type="radio" name="board_disable" value="1" <?php echo $disable_board_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="board_disable" value="0" <?php echo $disable_board_no; ?> /> <?php echo $lang['No']; ?><br /><input type="text" name="board_disable_msg" maxlength="255" size="40" value="<?php echo $new['board_disable_msg']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Enable_gzip']; ?>: </td>
<td class="row2"><input type="radio" name="gzip_compress" value="1" <?php echo $gzip_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="gzip_compress" value="0" <?php echo $gzip_no; ?> /> <?php echo $lang['No']; ?></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Enable_prune']; ?>: </td>
<td class="row2"><input type="radio" name="prune_enable" value="1" <?php echo $prune_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="prune_enable" value="0" <?php echo $prune_no; ?> /> <?php echo $lang['No']; ?></td>
@ -407,14 +392,6 @@ switch ( $mode )
<td class="row1"><?php echo $lang['Max_search_chars']; ?>: <br /><span class="gensmall"><?php echo $lang['Max_search_chars_explain']; ?></span</td>
<td class="row2"><input type="text" size="3" maxlength="3" name="max_search_chars" value="<?php echo $new['max_search_chars']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Smilies_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Smilies_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="smilies_path" value="<?php echo $new['smilies_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Icons_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Icons_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="icons_path" value="<?php echo $new['icons_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Topics_per_page']; ?>: </td>
<td class="row2"><input type="text" name="topics_per_page" size="3" maxlength="4" value="<?php echo $new['topics_per_page']; ?>" /></td>
@ -485,6 +462,13 @@ switch ( $mode )
case 'server':
$ip_all = ( $new['ip_check'] == 4 ) ? 'checked="checked"' : '';
$ip_classc = ( $new['ip_check'] == 3 ) ? 'checked="checked"' : '';
$ip_classb = ( $new['ip_check'] == 2 ) ? 'checked="checked"' : '';
$ip_none = ( $new['ip_check'] == 0 ) ? 'checked="checked"' : '';
$gzip_yes = ( $new['gzip_compress'] ) ? 'checked="checked"' : '';
$gzip_no = ( !$new['gzip_compress'] ) ? 'checked="checked"' : '';
?>
<tr>
<td class="row1"><?php echo $lang['Server_name']; ?>: <br /><span class="gensmall"><?php echo $lang['Server_name_explain']; ?></span></td>
@ -498,6 +482,30 @@ switch ( $mode )
<td class="row1"><?php echo $lang['Script_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Script_path_explain']; ?></span></td>
<td class="row2"><input type="text" maxlength="255" name="script_path" value="<?php echo $new['script_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['IP_valid']; ?>: <br /><span class="gensmall"><?php echo $lang['IP_valid_explain']; ?></span></td>
<td class="row2"><input type="radio" name="ip_check" value="4" <?php echo $ip_all; ?> /> <?php echo $lang['All']; ?>&nbsp;&nbsp;<input type="radio" name="ip_check" value="3" <?php echo $ip_classc; ?> /> <?php echo $lang['Class_C']; ?>&nbsp;&nbsp;<input type="radio" name="ip_check" value="2" <?php echo $ip_classb; ?> /> <?php echo $lang['Class_B']; ?>&nbsp;&nbsp;<input type="radio" name="ip_check" value="0" <?php echo $ip_none; ?> /> <?php echo $lang['None']; ?>&nbsp;&nbsp;</td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td>
<td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Enable_gzip']; ?>: </td>
<td class="row2"><input type="radio" name="gzip_compress" value="1" <?php echo $gzip_yes; ?> /> <?php echo $lang['Yes']; ?>&nbsp;&nbsp;<input type="radio" name="gzip_compress" value="0" <?php echo $gzip_no; ?> /> <?php echo $lang['No']; ?></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Smilies_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Smilies_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="smilies_path" value="<?php echo $new['smilies_path']; ?>" /></td>
</tr>
<tr>
<td class="row1"><?php echo $lang['Icons_path']; ?>: <br /><span class="gensmall"><?php echo $lang['Icons_path_explain']; ?></span></td>
<td class="row2"><input type="text" size="20" maxlength="255" name="icons_path" value="<?php echo $new['icons_path']; ?>" /></td>
</tr>
<?php
break;

29
phpBB/admin/admin_database.php
View file

@ -1,6 +1,6 @@
<?php
/***************************************************************************
* admin_db_utilities.php
* admin_database.php
* -------------------
* begin : Thu May 31, 2001
* copyright : (C) 2001 The phpBB Group
@ -18,13 +18,10 @@
* (at your option) any later version.
*
***************************************************************************/
//
// Some functions are adapted phpMyAdmin 2.2.0.
//
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -51,9 +48,9 @@ require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have DB backup/restore permissions?
//
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@ -64,14 +61,11 @@ if ( !$acl->get_acl_admin('general') )
//
@set_time_limit(1200);
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : '';
//
// Begin program proper
//
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
switch( $mode )
{
case 'backup':
@ -171,7 +165,6 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
<?php
break;
}
else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )
{
@ -282,6 +275,8 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
ob_end_clean();
}
add_admin_log('log_db_backup');
if ( empty($store_path) )
{
header("Pragma: no-cache");
@ -386,6 +381,8 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
}
}
add_admin_log('log_db_restore');
message_die(MESSAGE, $lang['Restore_success']);
}
@ -434,7 +431,11 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
<?php
}
break;
default:
exit;
}
page_footer();

4
phpBB/admin/admin_disallow.php
View file

@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@ -45,7 +45,7 @@ require('pagestart.' . $phpEx);
//
// Do we have user admin permissions?
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}

4
phpBB/admin/admin_email.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
// Do we have general admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}

4
phpBB/admin/admin_forums.php
View file

@ -21,7 +21,7 @@
if (!empty($setmodules))
{
if (!$acl->get_acl_admin('forum'))
if (!$auth->get_acl_admin('forum'))
{
return;
}
@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have forum admin permissions?
//
if (!$acl->get_acl_admin('forum'))
if (!$auth->get_acl_admin('forum'))
{
message_die(MESSAGE, $lang['No_admin']);
}

155
phpBB/admin/admin_groups.php
View file

@ -19,10 +19,13 @@
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$auth->get_acl_admin('group') )
{
return;
}
$filename = basename(__FILE__);
$module['Groups']['Create'] = $filename . "$SID&amp;mode=create";
$module['Groups']['Delete'] = $filename . "$SID&amp;mode=delete";
@ -31,20 +34,29 @@ if( !empty($setmodules) )
return;
}
define('IN_PHPBB', 1);
//
// Load default header
// Include files
//
$phpbb_root_path = "../";
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have general permissions?
//
if ( !$auth->get_acl_admin('group') )
{
message_die(MESSAGE, $lang['No_admin']);
}
if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
{
$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
}
else
{
$group_id = "";
$group_id = '';
}
//
@ -313,48 +325,97 @@ else if( isset($HTTP_POST_VARS['group_update']) )
}
}
}
else
{
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
WHERE group_single_user <> " . TRUE . "
ORDER BY group_name";
$g_result = $db->sql_query($sql);
$group_list = $db->sql_fetchrowset($g_result);
$select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
for($i = 0; $i < count($group_list); $i++)
{
$select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
}
$select_list .= "</select>";
$template->set_filenames(array(
"body" => "admin/group_select_body.tpl")
);
$template->assign_vars(array(
"L_GROUP_TITLE" => $lang['Group_administration'],
"L_GROUP_EXPLAIN" => $lang['Group_admin_explain'],
"L_GROUP_SELECT" => $lang['Select_group'],
"L_LOOK_UP" => $lang['Look_up_group'],
"L_CREATE_NEW_GROUP" => $lang['New_group'],
"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
"S_GROUP_SELECT" => $select_list)
);
//
// Faking the IF... ELSE statements again...
//
if( count($group_list) > 0 )
{
$template->assign_block_vars("select_box", array());
}
$template->pparse('body');
}
include('page_footer_admin.'.$phpEx);
page_header($lang['Manage']);
?>
<h1><?php echo $lang['Manage']; ?></h1>
<p><?php echo $lang['Group_manage_explain']; ?></p>
<form method="post" action="<?php echo "admin_groups.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="3"><?php echo $lang['Manage']; ?></th>
</tr>
<?php
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
ORDER BY group_name";
$result = $db->sql_query($sql);
$groups = array();
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$groups[] = $row;
}
while ( $row = $db->sql_fetchrow($result) );
}
$sql = "SELECT ug.group_id, u.user_id, u.username
FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug
WHERE ug.user_pending = 1
AND u.user_id = ug.user_id
ORDER BY ug.group_id";
$result = $db->sql_query($sql);
$pending = array();
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$pending[$row['group_id']][] = $row;
}
while ( $row = $db->sql_fetchrow($result) );
}
foreach ( $groups as $group_ary )
{
$group_id = $group_ary['group_id'];
$group_name = ( !empty($lang[$group_ary['group_name']]) ) ? $lang[$group_ary['group_name']] : $group_ary['group_name'];
?>
<tr>
<td class="cat"><span class="cattitle"><?php echo $group_name;?></span></td>
<td class="cat" align="center">&nbsp;<input class="liteoption" type="submit" name="edit[<?php echo $group_id; ?>]" value="<?php echo $lang['Edit'];?>" />&nbsp;</td>
<td class="cat" align="center">&nbsp;<input class="liteoption" type="submit" name="delete[<?php echo $group_id; ?>]" value="<?php echo $lang['Delete'];?>" />&nbsp;</td>
</tr>
<?php
if ( is_array($pending[$group_id]) )
{
$row_class = '';
foreach( $pending[$group_id] as $pending_ary )
{
$row_class = ( $row_class != 'row1' ) ? 'row1' : 'row2';
?>
<tr>
<td class="<?php echo $row_class; ?>"><?php echo $pending_ary['username'];?></td>
<td class="<?php echo $row_class; ?>" align="center"><input class="liteoption" type="submit" name="approve[<?php echo $pending_ary['user_id']; ?>]" value="<?php echo $lang['Approve_selected'];?>" /></td>
<td class="<?php echo $row_class; ?>" align="center"><input class="liteoption" type="submit" name="decline[<?php echo $pending_ary['user_id']; ?>]" value="<?php echo $lang['Deny_selected'];?>" /></td>
</tr>
<?php
}
}
else
{
?>
<tr>
<td class="row1" colspan="4" align="center">No pending users</td>
</tr>
<?php
}
}
?>
</table></form>
<?php
page_footer();
?>

24
phpBB/admin/admin_permissions.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('auth') )
if ( !$auth->get_acl_admin('auth') )
{
return;
}
@ -46,7 +46,7 @@ require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('auth') )
if ( !$auth->get_acl_admin('auth') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@ -101,6 +101,13 @@ switch ( $mode )
break;
}
//
// Brief explanation of how things work when updating ...
//
// Granting someone any admin permissions grants them permissions
// to all other options, e.g. Moderator and Forums across the board.
// This is done via the acl class
//
if ( isset($HTTP_POST_VARS['update']) )
{
switch ( $HTTP_POST_VARS['type'] )
@ -116,7 +123,7 @@ if ( isset($HTTP_POST_VARS['update']) )
foreach ( $HTTP_POST_VARS['entries'] as $id )
{
$acl->$set($forum_id, $id, $HTTP_POST_VARS['option']);
$auth->$set($forum_id, $id, $HTTP_POST_VARS['option']);
}
message_die(MESSAGE, 'Permissions updated successfully');
@ -156,7 +163,7 @@ else if ( isset($HTTP_POST_VARS['delete']) )
foreach ( $HTTP_POST_VARS['entries'] as $id )
{
$acl->$set($forum_id, $id, $option_ids);
$auth->$set($forum_id, $id, $option_ids);
}
message_die(MESSAGE, 'Permissions updated successfully');
@ -344,9 +351,16 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
else
{
//
// Founder only operations ... these operations can
// only be altered by someone with founder status
//
$founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : '';
$sql = "SELECT auth_option_id, auth_value
FROM " . ACL_OPTIONS_TABLE . "
WHERE auth_value LIKE '" . $type_sql . "_%'";
WHERE auth_value LIKE '" . $type_sql . "_%'
$founder_sql";
$result = $db->sql_query($sql);
$auth_options = array();

4
phpBB/admin/admin_prune.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('forum') )
if ( !$auth->get_acl_admin('forum') )
{
return;
}
@ -44,7 +44,7 @@ require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('forum') )
if ( !$auth->get_acl_admin('forum') )
{
message_die(MESSAGE, $lang['No_admin']);
}

4
phpBB/admin/admin_prune_users.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}

4
phpBB/admin/admin_ranks.php
View file

@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
//
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}

4
phpBB/admin/admin_search.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}

18
phpBB/admin/admin_smilies.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
//
// Do we have general permissions?
//
if (!$acl->get_acl_admin('general'))
if (!$auth->get_acl_admin('general'))
{
message_die(MESSAGE, $lang['No_admin']);
}
@ -200,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
<p><?php echo $lang['Import_smilies_explain'] ?></p>
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th class="thHead" colspan="2"><?php echo $lang['Smilies_import'] ?></th>
</tr>
@ -220,7 +220,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
</td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center"><input class="mainoption" name="import_pak" type="submit" value="<?php echo $lang['Import_smilies'] ?>" /></td>
<td class="cat" colspan="2" align="center"><input class="mainoption" name="import_pak" type="submit" value="<?php echo $lang['Import_smilies'] ?>" /></td>
</tr>
</table></form>
<?php
@ -288,7 +288,7 @@ function update_smile_dimensions()
//-->
</script>
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=create"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=create"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th class="thHead" colspan="2"><?php echo $lang['smile_config'] ?></th>
</tr>
@ -313,7 +313,7 @@ function update_smile_dimensions()
<td class="row2"><input type="text" name="smile_emotion" /></td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center"><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
<td class="cat" colspan="2" align="center"><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
</tr>
</table></form>
<?php
@ -397,9 +397,9 @@ function update_smile_dimensions()
//-->
</script>
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=modify"><table class="forumline" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=modify"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th class="thHead" colspan="2"><?php echo $lang['Smile_config'] ?></th>
<th class="th" colspan="2"><?php echo $lang['Smile_config'] ?></th>
</tr>
<tr>
<td class="row2"><?php echo $lang['Smile_code'] ?></td>
@ -430,7 +430,7 @@ function update_smile_dimensions()
<td class="row2"><select name="smile_order"><?php echo $order_list ?></select></td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center"><input type="hidden" name="smile_id" value="<?php echo $smile_data['smilies_id'] ?>" /><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
<td class="cat" colspan="2" align="center"><input type="hidden" name="smile_id" value="<?php echo $smile_data['smilies_id'] ?>" /><input class="mainoption" type="submit" value="<?php echo $lang['Submit'] ?>" /></td>
</tr>
</table></form>
<?php

4
phpBB/admin/admin_styles.php
View file

@ -2,7 +2,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('styles') )
if ( !$auth->get_acl_admin('styles') )
{
return;
}
@ -27,7 +27,7 @@ require('pagestart.' . $phpEx);
//
// Do we have styles admin permissions?
//
if ( !$acl->get_acl_admin('styles') )
if ( !$auth->get_acl_admin('styles') )
{
message_die(MESSAGE, $lang['No_admin']);
}

4
phpBB/admin/admin_users.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}
@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('user') )
if ( !$auth->get_acl_admin('user') )
{
return;
}

10
phpBB/admin/admin_viewlogs.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -44,7 +44,7 @@ require('pagestart.' . $phpEx);
//
// Do we have styles admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
message_die(MESSAGE, $lang['No_admin']);
}
@ -73,7 +73,7 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M
//
// Delete entries if requested and able
//
if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $acl->get_acl_admin('clearlogs'))
if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs'))
{
$where_sql = '';
if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) )
@ -237,7 +237,7 @@ if ( $log_count )
}
if ( $acl->get_acl_admin('clearlogs') )
if ( $auth->get_acl_admin('clearlogs') )
{
?>
@ -266,7 +266,7 @@ else
<td align="left" valign="top">&nbsp;<span class="nav"><?php echo on_page($log_count, $board_config['topics_per_page'], $start); ?></span></td>
<td align="right" valign="top" nowrap="nowrap"><?php
if ( $acl->get_acl_admin('clearlogs') )
if ( $auth->get_acl_admin('clearlogs') )
{

4
phpBB/admin/admin_words.php
View file

@ -21,7 +21,7 @@
if ( !empty($setmodules) )
{
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}
@ -42,7 +42,7 @@ require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$acl->get_acl_admin('general') )
if ( !$auth->get_acl_admin('general') )
{
return;
}

2
phpBB/admin/index.php
View file

@ -37,7 +37,7 @@ require('pagestart.' . $phpEx);
//
// Do we have any admin permissions at all?
//
if ( !$acl->get_acl_admin() )
if ( !$auth->get_acl_admin() )
{
message_die(MESSAGE, 'No_admin', '', true);
}

2
phpBB/admin/pagestart.php
View file

@ -31,7 +31,7 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Start session management
//
$userdata = $session->start($update);
$acl = new acl($userdata);
$auth->acl($userdata);
//
// End session management
//

37
phpBB/common.php
View file

@ -25,7 +25,7 @@ if ( !defined('IN_PHPBB') )
}
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
set_magic_quotes_runtime(0);
require($phpbb_root_path . 'config.'.$phpEx);
@ -35,9 +35,9 @@ if ( !defined('PHPBB_INSTALLED') )
exit;
}
//
//set_error_handler('message');
// Define some constants/variables
//
define('ANONYMOUS', 0);
// User related
@ -122,6 +122,7 @@ define('VOTE_DESC_TABLE', $table_prefix.'vote_desc');
define('VOTE_RESULTS_TABLE', $table_prefix.'vote_results');
define('VOTE_USERS_TABLE', $table_prefix.'vote_voters');
// If magic quotes is off, addslashes
if ( !get_magic_quotes_gpc() )
{
$HTTP_GET_VARS = slash_input_data($HTTP_GET_VARS);
@ -135,25 +136,23 @@ $theme = array();
$images = array();
$lang = array();
//
// Include files
//
require($phpbb_root_path . 'includes/template.'.$phpEx);
require($phpbb_root_path . 'includes/session.'.$phpEx);
require($phpbb_root_path . 'includes/functions.'.$phpEx);
require($phpbb_root_path . 'db/' . $dbms . '.'.$phpEx);
// Instantiate some basic classes
$session = new session();
$auth = new auth();
$template = new Template();
$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false);
//
// Obtain users IP, not encoded in 2.2
//
if ( $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] != '' || $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'] != '' )
// Obtain users IP
if ( $_SERVER['HTTP_X_FORWARDED_FOR'] != '' || $_ENV['HTTP_X_FORWARDED_FOR'] != '' )
{
$user_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
$x_ip = ( !empty($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']) ) ? $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] : $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'];
$user_ip = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : ( ( !empty($_ENV['REMOTE_ADDR']) ) ? $_ENV['REMOTE_ADDR'] : $REMOTE_ADDR );
$x_ip = ( !empty($_SERVER['HTTP_X_FORWARDED_FOR']) ) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_ENV['HTTP_X_FORWARDED_FOR'];
if ( preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/', $x_ip, $ip_list) )
{
@ -163,35 +162,29 @@ if ( $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'] != '' || $HTTP_ENV_VARS['HTTP_X_F
}
else
{
$user_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
$user_ip = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : ( ( !empty($_ENV['REMOTE_ADDR']) ) ? $_ENV['REMOTE_ADDR'] : $REMOTE_ADDR );
}
//
// Setup forum wide options, if this fails we output a CRITICAL_ERROR since
// basic forum information is not available
//
$sql = "SELECT *
FROM " . CONFIG_TABLE;
$result = $db->sql_query($sql);
$result = $db->sql_query($sql, false);
while ( $row = $db->sql_fetchrow($result) )
{
$board_config[$row['config_name']] = $row['config_value'];
}
//
// Show 'Board is disabled' message if needed.
//
// Show 'Board is disabled' message
if ( $board_config['board_disable'] && !defined('IN_ADMIN') && !defined('IN_LOGIN') )
{
$message = ( !empty($board_config['board_disable_msg']) ) ? $board_config['board_disable_msg'] : 'Board_disable';
message_die(MESSAGE, $message, 'Information');
//trigger_error($message);
}
//
// addslashes to vars if magic_quotes_gpc is off this is a security precaution
// to prevent someone trying to break out of a SQL statement.
//
// addslashes to vars if magic_quotes_gpc is off
function slash_input_data(&$data)
{
if ( is_array($data) )

2
phpBB/faq.php
View file

@ -28,7 +28,7 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$auth->acl($userdata);
//
// End session management
//

2
phpBB/groupcp.php
View file

@ -112,7 +112,7 @@ function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$auth->acl($userdata);
//
// End session management
//

BIN
phpBB/imagesets/subSilver/en/icon_aim.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 753 B

BIN
phpBB/imagesets/subSilver/en/icon_edit.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 798 B

BIN
phpBB/imagesets/subSilver/en/icon_email.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 820 B

BIN
phpBB/imagesets/subSilver/en/icon_icq_add.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 724 B

BIN
phpBB/imagesets/subSilver/en/icon_ip.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 275 B

BIN
phpBB/imagesets/subSilver/en/icon_msnm.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 783 B

BIN
phpBB/imagesets/subSilver/en/icon_pm.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 833 B

BIN
phpBB/imagesets/subSilver/en/icon_profile.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 801 B

BIN
phpBB/imagesets/subSilver/en/icon_quote.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 794 B

BIN
phpBB/imagesets/subSilver/en/icon_search.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 758 B

BIN
phpBB/imagesets/subSilver/en/icon_www.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 733 B

BIN
phpBB/imagesets/subSilver/en/icon_yim.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 799 B

BIN
phpBB/imagesets/subSilver/en/msg_newpost.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
phpBB/imagesets/subSilver/en/post.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
phpBB/imagesets/subSilver/en/reply-locked.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
phpBB/imagesets/subSilver/en/reply.gif Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.7 KiB

16
phpBB/includes/auth/auth_ldap.php
View file

@ -41,6 +41,10 @@ function login_ldap(&$username, &$password)
return false;
}
//
// This function is used to output any required fields in the authentication
// admin panel. It also defines any required configuration table fields.
//
function admin_ldap(&$new)
{
global $lang;
@ -67,4 +71,16 @@ function admin_ldap(&$new)
}
//
// Would be nice to allow syncing of 'appropriate' data when user updates
// their username, password, etc. ... should be up to the plugin what data
// is updated.
//
// $mode perhaps being one of NEW, UPDATE, DELETE
//
function usercp_ldap($mode)
{
}
?>

2
phpBB/includes/emailer.php
View file

@ -88,7 +88,7 @@ class emailer
$template_lang = $board_config['default_lang'];
}
$this->tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.tpl';
$this->tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.txt';
if ( !file_exists($this->tpl_file) )
{
message_die(ERROR, 'Could not find email template file ' . $template_file);

2
phpBB/includes/forums_display.php
View file

@ -45,7 +45,7 @@ foreach ($forum_rows as $row)
unset($stored_cat);
}
if ($acl->get_acl($forum_id, 'forum', 'list'))
if ($auth->get_acl($forum_id, 'forum', 'list'))
{
switch ($forum_status)
{

88
phpBB/includes/functions.php
View file

@ -165,15 +165,15 @@ function get_moderators(&$forum_moderators, $forum_id = false)
//
function get_forum_rules($mode, &$rules, &$forum_id)
{
global $SID, $acl, $lang, $phpEx;
global $SID, $auth, $lang, $phpEx;
$rules .= ( ( $acl->get_acl($forum_id, 'forum', 'post') ) ? $lang['Rules_post_can'] : $lang['Rules_post_cannot'] ) . '<br />';
$rules .= ( ( $acl->get_acl($forum_id, 'forum', 'reply') ) ? $lang['Rules_reply_can'] : $lang['Rules_reply_cannot'] ) . '<br />';
$rules .= ( ( $acl->get_acl($forum_id, 'forum', 'edit') ) ? $lang['Rules_edit_can'] : $lang['Rules_edit_cannot'] ) . '<br />';
$rules .= ( ( $acl->get_acl($forum_id, 'forum', 'delete') || $acl->get_acl($forum_id, 'mod', 'delete') ) ? $lang['Rules_delete_can'] : $lang['Rules_delete_cannot'] ) . '<br />';
$rules .= ( ( $acl->get_acl($forum_id, 'forum', 'attach') ) ? $lang['Rules_attach_can'] : $lang['Rules_attach_cannot'] ) . '<br />';
$rules .= ( ( $auth->get_acl($forum_id, 'forum', 'post') ) ? $lang['Rules_post_can'] : $lang['Rules_post_cannot'] ) . '<br />';
$rules .= ( ( $auth->get_acl($forum_id, 'forum', 'reply') ) ? $lang['Rules_reply_can'] : $lang['Rules_reply_cannot'] ) . '<br />';
$rules .= ( ( $auth->get_acl($forum_id, 'forum', 'edit') ) ? $lang['Rules_edit_can'] : $lang['Rules_edit_cannot'] ) . '<br />';
$rules .= ( ( $auth->get_acl($forum_id, 'forum', 'delete') || $auth->get_acl($forum_id, 'mod', 'delete') ) ? $lang['Rules_delete_can'] : $lang['Rules_delete_cannot'] ) . '<br />';
$rules .= ( ( $auth->get_acl($forum_id, 'forum', 'attach') ) ? $lang['Rules_attach_can'] : $lang['Rules_attach_cannot'] ) . '<br />';
if ( $acl->get_acl($forum_id, 'mod') )
if ( $auth->get_acl($forum_id, 'mod') )
{
$rules .= sprintf($lang['Rules_moderate'], '<a href="modcp.' . $phpEx . $SID . '&amp;f=' . $forum_id . '">', '</a>');
}
@ -183,7 +183,7 @@ function get_forum_rules($mode, &$rules, &$forum_id)
function make_jumpbox($action, $match_forum_id = 0)
{
global $SID, $acl, $template, $lang, $db, $nav_links, $phpEx;
global $SID, $auth, $template, $lang, $db, $nav_links, $phpEx;
// $sql = "SELECT f.*, p.post_time, p.post_username, u.username, u.user_id
// FROM (( " . FORUMS_TABLE . " f
@ -209,7 +209,7 @@ function make_jumpbox($action, $match_forum_id = 0)
{
if ( $row['forum_left_id'] > $last_forum_right_id )
{
if ( $acl->get_acl($row['forum_id'], 'forum', 'list') )
if ( $auth->get_acl($row['forum_id'], 'forum', 'list') )
{
$selected = ( $row['forum_id'] == $match_forum_id ) ? 'selected="selected"' : '';
$boxstring .= '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $row['forum_name'] . '</option>';
@ -496,58 +496,31 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
$on_page = floor($start_item / $per_page) + 1;
$page_string = '';
if ( $total_pages > 10 )
{
$init_page_max = ( $total_pages > 3 ) ? 3 : $total_pages;
$page_string = ( $on_page == 1 ) ? '<b>1</b>' : '<a href="' . $base_url . "&amp;start=" . ( ( $on_page - 2 ) * $per_page ) . '">' . $lang['Previous'] . '</a>&nbsp;&nbsp;<a href="' . $base_url . '">1</a>';
for($i = 1; $i < $init_page_max + 1; $i++)
if ( $total_pages > 5 )
{
$start_cnt = min(max(1, $on_page - 4), $total_pages - 5);
$end_cnt = max(min($total_pages, $on_page + 4), 6);
$page_string .= ( $start_cnt > 1 ) ? ' ... ' : ', ';
for($i = $start_cnt + 1; $i < $end_cnt; $i++)
{
$page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>';
if ( $i < $init_page_max )
{
$page_string .= ", ";
}
}
if ( $total_pages > 3 )
{
if ( $on_page > 1 && $on_page < $total_pages )
{
$page_string .= ( $on_page > 5 ) ? ' ... ' : ', ';
$init_page_min = ( $on_page > 4 ) ? $on_page : 5;
$init_page_max = ( $on_page < $total_pages - 4 ) ? $on_page : $total_pages - 4;
for($i = $init_page_min - 1; $i < $init_page_max + 2; $i++)
{
$page_string .= ($i == $on_page) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>';
if ( $i < $init_page_max + 1 )
if ( $i < $end_cnt - 1 )
{
$page_string .= ', ';
}
}
$page_string .= ( $on_page < $total_pages - 4 ) ? ' ... ' : ', ';
$page_string .= ( $end_cnt < $total_pages ) ? ' ... ' : ', ';
}
else
{
$page_string .= ' ... ';
}
$page_string .= ', ';
for($i = $total_pages - 2; $i < $total_pages + 1; $i++)
{
$page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>';
if( $i < $total_pages )
{
$page_string .= ", ";
}
}
}
}
else
{
for($i = 1; $i < $total_pages + 1; $i++)
for($i = 2; $i < $total_pages; $i++)
{
$page_string .= ( $i == $on_page ) ? '<b>' . $i . '</b>' : '<a href="' . $base_url . "&amp;start=" . ( ( $i - 1 ) * $per_page ) . '">' . $i . '</a>';
if ( $i < $total_pages )
@ -557,19 +530,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
}
}
if ( $add_prevnext_text )
{
if ( $on_page > 1 )
{
$page_string = ' <a href="' . $base_url . "&amp;start=" . ( ( $on_page - 2 ) * $per_page ) . '">' . $lang['Previous'] . '</a>&nbsp;&nbsp;' . $page_string;
}
if ( $on_page < $total_pages )
{
$page_string .= '&nbsp;&nbsp;<a href="' . $base_url . "&amp;start=" . ( $on_page * $per_page ) . '">' . $lang['Next'] . '</a>';
}
}
$page_string .= ( $on_page == $total_pages ) ? '<b>' . $total_pages . '</b>' : '<a href="' . $base_url . '&amp;start=' . ( ( $total_pages - 1 ) * $per_page ) . '">' . $total_pages . '</a>&nbsp;&nbsp;<a href="' . $base_url . "&amp;start=" . ( $on_page * $per_page ) . '">' . $lang['Next'] . '</a>';
$page_string = $lang['Goto_page'] . ' ' . $page_string;
@ -640,9 +601,10 @@ function obtain_word_list(&$orig_word, &$replacement_word)
// failures, etc.
// -> ERROR : Use for any error, a simple page will be output
//
// $errno, $errstr, $errfile, $errline
function message_die($msg_code, $msg_text = '', $msg_title = '')
{
global $db, $session, $acl, $template, $board_config, $theme, $lang, $userdata, $user_ip;
global $db, $session, $auth, $template, $board_config, $theme, $lang, $userdata, $user_ip;
global $phpEx, $phpbb_root_path, $nav_links, $starttime;
switch ( $msg_code )

1123
phpBB/includes/functions_posting.php
View file

File diff suppressed because it is too large Load diff

51
phpBB/includes/page_header.php
View file

@ -26,9 +26,7 @@ if ( !defined('IN_PHPBB') )
define('HEADER_INC', TRUE);
//
// gzip_compression
//
if ( $board_config['gzip_compress'] )
{
if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() )
@ -37,35 +35,25 @@ if ( $board_config['gzip_compress'] )
}
}
//
// Generate logged in/logged out status
//
if ( $userdata['user_id'] != ANONYMOUS )
if ( $userdata['user_id'] )
{
$u_login_logout = 'login.'.$phpEx.'?logout=true';
$u_login_logout = 'login.'.$phpEx. $SID . '&amp;logout=true';
$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
}
else
{
$u_login_logout = 'login.'.$phpEx;
$u_login_logout = 'login.'.$phpEx . $SID;
$l_login_logout = $lang['Login'];
}
$s_last_visit = ( $userdata['user_id'] != ANONYMOUS ) ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : '';
// Last visit date/time
$s_last_visit = ( $userdata['user_id'] ) ? create_date($board_config['default_dateformat'], $userdata['session_last_visit'], $board_config['board_timezone']) : '';
//
// Get basic (usernames + totals) online
// situation
//
$user_forum_sql = ( !empty($forum_id) ) ? "AND s.session_page LIKE '%f=$forum_id%'" : '';
$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_colour, s.session_ip
FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE ." s
WHERE u.user_id = s.session_user_id
AND s.session_time >= ".( time() - 300 ) . "
$user_forum_sql
ORDER BY u.username ASC, s.session_ip ASC";
$result = $db->sql_query($sql);
// Timezone : $user->dst
$s_timezone = ( $userdata['user_dst'] ) ? sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])], $lang['tz']['dst']) : sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])], '');
// Get users online list
$userlist_ary = array();
$userlist_visible = array();
@ -76,11 +64,20 @@ $online_userlist = '';
$prev_user_id = 0;
$prev_user_ip = '';
// && $auth->get_acl('forum', 'read', $forum_id)
$user_forum_sql = ( is_int($forum_id)) ? '' : "AND s.session_page LIKE '%f=$forum_id%'";
$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_colour, s.session_ip
FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE ." s
WHERE s.session_time >= ".( time() - 300 ) . "
$user_forum_sql
AND u.user_id = s.session_user_id
ORDER BY u.username ASC, s.session_ip ASC";
$result = $db->sql_query($sql, false);
while( $row = $db->sql_fetchrow($result) )
{
// User is logged in and therefor not a guest
if ( $row['user_id'] != ANONYMOUS )
if ( $row['user_id'] )
{
// Skip multiple sessions for one user
if ( $row['user_id'] != $prev_user_id )
@ -101,7 +98,7 @@ while( $row = $db->sql_fetchrow($result) )
$logged_hidden_online++;
}
if ( $row['user_allow_viewonline'] || $acl->get_acl_admin() )
if ( $row['user_allow_viewonline'] || $auth->get_acl_admin() )
{
$online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link;
}
@ -215,17 +212,17 @@ $l_online_users .= sprintf($l_g_user_s, $guests_online);
// Obtain number of new private messages
// if user is logged in
//
if ( $userdata['user_id'] != ANONYMOUS )
if ( $userdata['user_id'] )
{
if ( $userdata['user_new_privmsg'] )
{
$l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms'];
$l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']);
if ( $userdata['user_last_privmsg'] > $userdata['user_lastvisit'] )
if ( $userdata['user_last_privmsg'] > $userdata['session_last_visit'] )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_last_privmsg = " . $userdata['user_lastvisit'] . "
SET user_last_privmsg = " . $userdata['session_last_visit'] . "
WHERE user_id = " . $userdata['user_id'];
$db->sql_query($sql);
@ -341,14 +338,14 @@ $template->assign_vars(array(
'U_MEMBERSLIST' => 'memberlist.'.$phpEx.$SID,
'U_GROUP_CP' => 'groupcp.'.$phpEx.$SID,
'S_USER_LOGGED_IN' => ( $userdata['user_id'] == ANONYMOUS ) ? false : true,
'S_USER_LOGGED_IN' => ( $userdata['user_id'] ) ? true : false,
'S_USER_PM_POPUP' => ( !empty($userdata['user_popup_pm']) ) ? true : false,
'S_USER_BROWSER' => $userdata['session_browser'],
'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
'S_CONTENT_ENCODING' => $lang['ENCODING'],
'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
'S_TIMEZONE' => sprintf($lang['All_times'], $lang[floatval($board_config['board_timezone'])]),
'S_TIMEZONE' => $s_timezone,
'S_LOGIN_ACTION' => 'login.'.$phpEx.$SID,
'T_STYLESHEET_DATA' => $theme['css_data'],

4
phpBB/includes/page_tail.php
View file

@ -40,12 +40,12 @@ if (defined('DEBUG'))
exit;
}
$debug_output = sprintf('<br /><br />[ Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $board_config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . ( ( $session->load ) ? $session->load : 'N/A') . ' | <a href="' . $_SERVER['REQUEST_URI'] . '&explain=1">Explain</a> ]', $totaltime);
$debug_output = sprintf('<br /><br />[ Time : %.3fs | ' . $db->sql_num_queries() . ' Queries | GZIP : ' . ( ( $board_config['gzip_compress'] ) ? 'On' : 'Off' ) . ' | Load : ' . ( ( $session->load ) ? $session->load : 'N/A') . ' | <a href="' . $_SERVER['REQUEST_URI'] . '&amp;explain=1">Explain</a> ]', $totaltime);
}
$template->assign_vars(array(
'PHPBB_VERSION' => $board_config['version'],
'ADMIN_LINK' => ( $acl->get_acl_admin() ) ? '<a href="' . "admin/index.$phpEx$SID" . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '',
'ADMIN_LINK' => ( $auth->get_acl_admin() ) ? '<a href="' . "admin/index.$phpEx$SID" . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '',
'DEBUG_OUTPUT' => ( defined('DEBUG') ) ? $debug_output : '')
);

279
phpBB/includes/session.php
View file

@ -22,34 +22,34 @@
class session {
var $session_id = '';
var $browser = '';
var $page = '';
var $load;
// Called at each page start ... checks for, updates and/or creates a session
function start($update = true)
{
global $SID, $db, $board_config, $user_ip;
global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_GET_VARS;
$user_browser = ( !empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']) ) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : $HTTP_ENV_VARS['HTTP_USER_AGENT'];
$user_page = ( !empty($HTTP_SERVER_VARS['PHP_SELF']) ) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF'];
$user_page .= '&' . ( ( !empty($HTTP_SERVER_VARS['QUERY_STRING']) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : $HTTP_ENV_VARS['QUERY_STRING'] );
$current_time = time();
$this->browser = ( !empty($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT'];
$this->page = ( !empty($_SERVER['PHP_SELF']) ) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF'];
$this->page .= '&' . ( ( !empty($_SERVER['QUERY_STRING']) ) ? $_SERVER['QUERY_STRING'] : $_ENV['QUERY_STRING'] );
if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data']) )
if ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) || isset($_COOKIE[$board_config['cookie_name'] . '_data']) )
{
$sessiondata = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data'])) : '';
$this->session_id = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) ) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid'] : '';
$sessiondata = ( isset($_COOKIE[$board_config['cookie_name'] . '_data']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_data'])) : '';
$this->session_id = ( isset($_COOKIE[$board_config['cookie_name'] . '_sid']) ) ? $_COOKIE[$board_config['cookie_name'] . '_sid'] : '';
$SID = '?sid=';
}
else
{
$sessiondata = '';
$this->session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$this->session_id = ( isset($_GET['sid']) ) ? $_GET['sid'] : '';
$SID = '?sid=' . $this->session_id;
}
//
// Load limit check (if applicable)
//
if ( !empty($board_config['limit_load']) && file_exists('/proc/loadavg') )
{
if ( $load = @file('/proc/loadavg') )
@ -63,18 +63,7 @@ class session {
}
}
//
// Garbage collection ... remove old sessions updating user information
// if necessary. It means (potentially) lots of queries but only infrequently
//
if ( $current_time - $board_config['session_gc'] > $board_config['session_last_gc'] )
{
$this->gc($current_time);
}
//
// session_id exists so go ahead and attempt to grab all data in preparation
//
if ( !empty($this->session_id) )
{
$sql = "SELECT u.*, s.*
@ -86,28 +75,27 @@ class session {
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
//
// Did the session exist in the DB?
//
if ( isset($userdata['user_id']) )
{
//
// Do not check IP assuming equivalence, if IPv4 we'll check only first 24
// bits ... I've been told (by vHiker) this should alleviate problems with
// load balanced et al proxies while retaining some reliance on IP security.
//
// Validate IP length according to admin ... has no effect on IPv6
$ip_check_s = explode('.', $userdata['session_ip']);
$ip_check_u = explode('.', $user_ip);
if ( $ip_check_s[0].'.'.$ip_check_s[1].'.'.$ip_check_s[2] == $ip_check_u[0].'.'.$ip_check_u[1].'.'.$ip_check_u[2] )
$u_ip = $s_ip = '';
for($i = 0; $i < $board_config['ip_check']; $i++)
{
$u_ip .= $ip_check_u[$i] . '.';
$s_ip .= $ip_check_s[$i] . '.';
}
if ( $u_ip == $s_ip )
{
//
// Only update session DB a minute or so after last update or if page changes
//
if ( ( $current_time - $userdata['session_time'] > 60 || $userdata['session_page'] != $user_page ) && $update )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_time = $current_time, session_page = '$user_page'
SET session_time = $current_time, session_page = '$this->page'
WHERE session_id = '" . $this->session_id . "'";
$db->sql_query($sql);
}
@ -117,29 +105,23 @@ class session {
}
}
//
// If we reach here then no (valid) session exists. So we'll create a new one,
// using the cookie user_id if available to pull basic user prefs.
//
$autologin = ( isset($sessiondata['autologinid']) ) ? $sessiondata['autologinid'] : '';
$user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS;
return $this->create($user_id, $autologin, $user_page, $user_browser);
return $this->create($user_id, $autologin);
}
//
// Create a new session
//
function create(&$user_id, &$autologin, &$user_page, &$user_browser)
function create(&$user_id, &$autologin)
{
global $SID, $db, $board_config, $user_ip;
$sessiondata = array();
$current_time = time();
//
// Limit sessions in 1 minute period
//
$sql = "SELECT COUNT(*) AS sessions
FROM " . SESSIONS_TABLE . "
WHERE session_time >= " . ( $current_time - 60 );
@ -153,9 +135,14 @@ class session {
message_die(MESSAGE, 'Board_unavailable');
}
//
// Garbage collection ... remove old sessions updating user information
// if necessary. It means (potentially) 22 queries but only infrequently
if ( $current_time - $board_config['session_gc'] > $board_config['session_last_gc'] )
{
$this->gc($current_time);
}
// Grab user data
//
$sql = "SELECT *
FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
@ -164,9 +151,7 @@ class session {
$userdata = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
//
// Check autologin request, is it valid?
//
if ( $userdata['user_password'] != $autologin || !$userdata['user_active'] || $user_id == ANONYMOUS )
{
$autologin = '';
@ -195,13 +180,11 @@ class session {
}
$db->sql_freeresult($result);
//
// Create or update the session
//
$db->sql_return_on_error(true);
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_browser = '$user_browser', session_page = '$user_page'
SET session_user_id = $user_id, session_last_visit = " . $userdata['user_lastvisit'] . ", session_start = $current_time, session_time = $current_time, session_browser = '$this->browser', session_page = '$this->page'
WHERE session_id = '" . $this->session_id . "'";
if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
{
@ -209,8 +192,8 @@ class session {
$this->session_id = md5(uniqid($user_ip));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
(session_id, session_user_id, session_start, session_time, session_ip, session_browser, session_page)
VALUES ('" . $this->session_id . "', $user_id, $current_time, $current_time, '$user_ip', '$user_browser', '$user_page')";
(session_id, session_user_id, session_last_visit, session_start, session_time, session_ip, session_browser, session_page)
VALUES ('" . $this->session_id . "', $user_id, " . $userdata['user_lastvisit'] . ", $current_time, $current_time, '$user_ip', '$this->browser', '$this->page')";
$db->sql_query($sql);
}
$db->sql_return_on_error(false);
@ -220,29 +203,31 @@ class session {
$sessiondata['autologinid'] = ( $autologin && $user_id != ANONYMOUS ) ? $autologin : '';
$sessiondata['userid'] = $user_id;
setcookie($board_config['cookie_name'] . '_data', serialize($sessiondata), $current_time + 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
setcookie($board_config['cookie_name'] . '_sid', $this->session_id, 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
$this->set_cookie('data', serialize($sessiondata), $current_time + 31536000);
$this->set_cookie('sid', $this->session_id, 0);
$SID = '?sid=' . $this->session_id;
// Events ...
if ( $userdata['user_id'] )
{
// do_events();
}
return $userdata;
}
//
// Destroy a session
//
function destroy(&$userdata)
{
global $SID, $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS;
$current_time = time();
setcookie($board_config['cookie_name'] . '_data', '', $current_time - 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
setcookie($board_config['cookie_name'] . '_sid', '', $current_time - 31536000, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
$this->set_cookie('data', '', $current_time - 31536000);
$this->set_cookie('sid', '', $current_time - 31536000);
$SID = '?sid=';
//
// Delete existing session, update last visit info first!
//
$sql = "UPDATE " . USERS_TABLE . "
SET user_lastvisit = " . $userdata['session_time'] . ", user_session_page = '" . $userdata['session_page'] . "'
WHERE user_id = " . $userdata['user_id'];
@ -253,15 +238,34 @@ class session {
AND session_user_id = " . $userdata['user_id'];
$db->sql_query($sql);
$SID = '?sid=';
$this->session_id = '';
return true;
}
// Set a cookie
function set_cookie($name, $cookiedata, $cookietime)
{
global $board_config;
setcookie($board_config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
}
// This just won't work correctly as it stands ... if a user has more than one session in
// the DB and gc subsequently runs, updating their user_lastvisit time it will screw up
// marking of forums, etc. since it will be reflected immediately in the users current session
//
// One way around this would be to store the last visit time within each session and use
// that rather than user_lastvisit in the relevant places. However, the 'problem' still
// persists of a user creating a new session (after leaving the board) before gc has run
// and not having their "true" last visit time be used (i.e. their user_lastvisit won't
// have yet been updated). This behaviour seems to be that of vB and our users seemed to
// dislike this approach when a similar issue arose during 2.0.0 development ... could
// possibly check sessions table before creating new session to see if user is already
// listed ... if they are then use the last session_time from there ... adds another
// query during create though
// Garbage collection
//
function gc(&$current_time)
{
global $db, $board_config, $user_ip;
@ -269,6 +273,7 @@ class session {
$sql = "SELECT *
FROM " . SESSIONS_TABLE . "
WHERE session_time < " . ( $current_time - $board_config['session_length'] ) . "
ORDER BY session_user_id, session_time
LIMIT 10";
$result = $db->sql_query($sql);
@ -290,9 +295,7 @@ class session {
if ( $del_session_id != '' )
{
//
// Delete expired sessions
//
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_id IN ($del_session_id)";
$db->sql_query($sql);
@ -300,10 +303,8 @@ class session {
if ( $del_sessions < 10 )
{
//
// Less than 10 sessions, update gc timer ... else we want gc
// called again to delete other sessions
//
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$current_time'
WHERE config_name = 'session_last_gc'";
@ -313,9 +314,7 @@ class session {
return;
}
//
//
//
// Taken over by user class ... for now at least
function configure($userdata, $lang_set = false)
{
global $db, $template, $lang, $board_config, $theme, $images;
@ -323,25 +322,14 @@ class session {
if ( $userdata['user_id'] )
{
$board_config['default_lang'] = $userdata['user_lang'];
$board_config['default_lang'] = ( file_exists($phpbb_root_path . 'language/lang_' . $userdata['user_lang']) ) ? $userdata['user_lang'] : $board_config['default_lang'];
$board_config['default_dateformat'] = $userdata['user_dateformat'];
$board_config['board_timezone'] = $userdata['user_timezone'];
}
if ( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx) )
{
$board_config['default_lang'] = 'english';
}
include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
if ( defined('IN_ADMIN') )
{
if ( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx) )
{
$board_config['default_lang'] = 'english';
}
include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx);
}
@ -369,22 +357,128 @@ class session {
$i10n = array('post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_quote', 'icon_edit', 'icon_search', 'icon_profile', 'icon_pm', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_delete', 'icon_ip', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm');
for($i = 0; $i < sizeof($i10n); $i++)
foreach ( $i10n as $icon )
{
$theme[$i10n[$i]] = str_replace('{LANG}', 'lang_' . $img_lang, $theme[$i10n[$i]]);
$theme[$icon] = str_replace('{LANG}', 'lang_' . $img_lang, $theme[$icon]);
}
return;
}
}
// Contains (at present) basic user methods such as configuration
// creating date/time ... keep this?
class user
{
var $lang_name;
var $lang_path;
var $date_format;
var $timezone;
var $dst;
function user(&$userdata, $lang_set = false, $style = false)
{
global $db, $template, $lang, $board_config, $theme, $images;
global $phpEx, $phpbb_root_path;
if ( $userdata['user_id'] )
{
$this->lang_name = ( file_exists($phpbb_root_path . 'language/' . $userdata['user_lang']) ) ? $userdata['user_lang'] : $board_config['default_lang'];
$this->lang_path = $phpbb_root_path . 'language/' . $this->lang_name;
$this->date_format = $userdata['user_dateformat'];
$this->timezone = $userdata['user_timezone'];
$this->dst = $userdata['user_dst'] * 3600;
}
else if ( isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) )
{
$accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
foreach ( $accept_lang_ary as $accept_lang )
{
// Set correct format ... guess full xx_YY form
$accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2));
if ( file_exists($phpbb_root_path . 'language/' . $accept_lang) )
{
$this->lang_name = $accept_lang;
$this->lang_path = $phpbb_root_path . 'language/' . $accept_lang;
break;
}
else
{
// No match on xx_YY so try xx
$accept_lang = substr($accept_lang, 0, 2);
if ( file_exists($phpbb_root_path . 'language/' . $accept_lang) )
{
$this->lang_name = $accept_lang;
$this->lang_path = $phpbb_root_path . 'language/' . $accept_lang;
break;
}
}
}
$this->date_format = $board_config['default_dateformat'];
$this->timezone = $board_config['board_timezone'];
$this->dst = 0;
}
include($this->lang_path . '/lang_main.' . $phpEx);
if ( defined('IN_ADMIN') )
{
include($this->lang_path . '/lang_admin.' . $phpEx);
}
// Set up style
$style = ( $style ) ? $style : ( ( !$board_config['override_user_style'] && $userdata['user_id'] ) ? $userdata['user_style'] : $board_config['default_style'] );
$sql = "SELECT t.template_path, t.poll_length, t.pm_box_length, c.css_data, c.css_external, i.*
FROM " . STYLES_TABLE . " s, " . STYLES_TPL_TABLE . " t, " . STYLES_CSS_TABLE . " c, " . STYLES_IMAGE_TABLE . " i
WHERE s.style_id = $style
AND t.template_id = s.template_id
AND c.theme_id = s.style_id
AND i.imageset_id = s.imageset_id";
$result = $db->sql_query($sql);
if ( !($theme = $db->sql_fetchrow($result)) )
{
message_die(ERROR, 'Could not get style data');
}
$template->set_template($theme['template_path']);
$img_lang = ( file_exists('imageset/' . $theme['imageset_path'] . '/' . $this->lang_name) ) ? $this->lang_name : $board_config['default_lang'];
$i10n = array('post_new', 'post_locked', 'post_pm', 'reply_new', 'reply_pm', 'reply_locked', 'icon_quote', 'icon_edit', 'icon_search', 'icon_profile', 'icon_pm', 'icon_email', 'icon_www', 'icon_icq', 'icon_aim', 'icon_yim', 'icon_msnm', 'icon_delete', 'icon_ip', 'icon_no_email', 'icon_no_www', 'icon_no_icq', 'icon_no_aim', 'icon_no_yim', 'icon_no_msnm');
foreach ( $i10n as $icon )
{
$theme[$icon] = str_replace('{LANG}', $img_lang, $theme[$icon]);
}
return;
}
function format_date($gmepoch)
{
global $lang;
static $lang_dates;
if ( empty($lang_dates) )
{
foreach ( $lang['datetime'] as $match => $replace )
{
$lang_dates[$match] = $replace;
}
}
return strtr(@gmdate($this->date_format, $gmepoch + (3600 * $this->timezone) + $this->dst), $lang_dates);
}
}
//
// Will be keeping my eye of 'other products' to ensure these things don't
// mysteriously appear elsewhere, think up your own solutions!
//
class acl
class auth
{
var $founder = false;
var $acl = false;
@ -636,22 +730,11 @@ class acl
$auth_sql";
$db->sql_query($sql);
}
}
//
// Authentication plug-ins is largely down to
// Sergey Kanareykin, our thanks to him.
//
class login
{
// Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
function login($username, $password, $autologin = false)
{
global $SID, $db, $board_config, $lang, $user_ip, $session;
global $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $phpEx;
$user_page = ( !empty($HTTP_SERVER_VARS['PHP_SELF']) ) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF'];
$user_page .= '&' . ( ( !empty($HTTP_SERVER_VARS['QUERY_STRING']) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : $HTTP_ENV_VARS['QUERY_STRING'] );
$this_browser = ( !empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']) ) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : $HTTP_ENV_VARS['HTTP_USER_AGENT'];
global $board_config, $session, $phpEx;
$method = trim($board_config['auth_method']);
@ -669,7 +752,7 @@ class login
$autologin = ( isset($autologin) ) ? md5($password) : '';
return ( $user['user_active'] ) ? $session->create($user['user_id'], $autologin, $user_page, $this_browser) : false;
return ( $user['user_active'] ) ? $session->create($user['user_id'], $autologin) : false;
}
}

13
phpBB/includes/template.php
View file

@ -138,11 +138,7 @@ class Template {
}
$str = '';
while ( !feof($fp) )
{
$str .= fread($fp, 4096);
}
$str = fread($fp, filesize($this->files[$handle]));
@fclose($fp);
$this->uncompiled_code[$handle] = trim($str);
@ -177,6 +173,7 @@ class Template {
echo $db->sql_report;
return TRUE;
}
$_str = '';
if (!$this->compile_load($_str, $handle, true))
@ -186,9 +183,7 @@ class Template {
message_die("Template->pparse(): Couldn't load template file for handle $handle");
}
//
// Actually compile the code now.
//
$this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]);
$this->compile_write($handle, $this->compiled_code[$handle]);
@ -561,9 +556,7 @@ class Template {
return "include('" . $this->root . '/' . $tag_args . "');\n";
}
//
// This is from Smarty
//
function _parse_is_expr($is_arg, $tokens)
{
$expr_end = 0;
@ -697,9 +690,7 @@ class Template {
$filename = $this->cachedir . $this->filename[$handle] . '.' . $phpEx;
//
// Recompile page if the original template is newer, otherwise load the compiled version
//
if ( file_exists($filename) && @filemtime($filename) >= @filemtime($this->files[$handle]) )
{
$_str = '';

2
phpBB/includes/usercp_viewprofile.php
View file

@ -113,7 +113,7 @@ else
}
}
if ( $profiledata['user_viewemail'] || $acl->get_acl_admin() )
if ( $profiledata['user_viewemail'] || $auth->get_acl_admin() )
{
$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $profiledata['user_id'] : 'mailto:' . $profiledata['user_email'];

38
phpBB/index.php
View file

@ -24,6 +24,9 @@ $phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
// Get posted/get info
$cat_id = (!empty($_GET['c'])) ? intval($_GET['c']) : 0;
if (isset($_GET['mark']) || isset($_POST['mark']))
{
$mark_read = (isset($_POST['mark'])) ? $_POST['mark'] : $_GET['mark'];
@ -33,23 +36,15 @@ else
$mark_read = '';
}
//
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
//
$auth->acl($userdata);
// End session management
//
//
// Configure style, language, etc.
//
$session->configure($userdata);
//
// Handle marking posts
//
if ($mark_read == 'forums')
{
if ($userdata['user_id'])
@ -64,16 +59,13 @@ if ($mark_read == 'forums')
$message = $lang['Forums_marked_read'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a> ');
message_die(MESSAGE, $message);
}
//
// End handle marking posts
//
// Topic/forum marked read info
$mark_topics = (isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t'])) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t'])) : array();
$mark_forums = (isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f'])) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f'])) : array();
//
// Set some stats, get posts count from forums data if we... hum... retrieve all forums data
//
$total_users = $board_config['num_users'];
$newest_user = $board_config['newest_username'];
$newest_uid = $board_config['newest_user_id'];
@ -91,10 +83,12 @@ else
$l_total_user_s = $lang['Registered_users_total'];
}
// Forum moderators ... a static template var could allow us
// to drop these queries ...
$forum_moderators = array();
get_moderators($forum_moderators);
$cat_id = (!empty($_GET['c'])) ? intval($_GET['c']) : 0;
// Set some vars
$root_id = $branch_root_id = $cat_id;
$forum_rows = $subforums = $nav_forums = array();
@ -122,17 +116,13 @@ else
{
$is_nav = TRUE;
if (!$acl->get_acl($cat_id, 'forum', 'list'))
if (!$auth->get_acl($cat_id, 'forum', 'list'))
{
//
// TODO: Deal with hidden categories
//
message_die(ERROR, $lang['Category_not_exist']);
}
//
// NOTE: make sure that categories post count is set to 0
//
$sql = 'SELECT SUM(forum_posts) AS total
FROM ' . FORUMS_TABLE . '
WHERE post_count_inc = 1';
@ -186,9 +176,7 @@ while ($row = $db->sql_fetchrow($result))
{
if ($row['parent_id'] == $cat_id)
{
//
// Root-level forum
//
$forum_rows[] = $row;
$parent_id = $row['forum_id'];
@ -199,18 +187,14 @@ while ($row = $db->sql_fetchrow($result))
}
elseif ($row['parent_id'] == $branch_root_id)
{
//
// Forum directly under a category
//
$forum_rows[] = $row;
$parent_id = $row['forum_id'];
}
elseif ($row['display_on_index'] && $row['forum_status'] != ITEM_CATEGORY)
{
//
// Subforum, store it for direct linking
//
if ($acl->get_acl($row['forum_id'], 'forum', 'list'))
if ($auth->get_acl($row['forum_id'], 'forum', 'list'))
{
$subforums[$parent_id][] = $row;
}
@ -282,9 +266,7 @@ foreach ($nav_forums as $row)
));
}
//
// Start output of page
//
$page_title = $lang['Index'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

67
phpBB/install/schemas/mysql_basic.sql
View file

@ -5,7 +5,6 @@
#
# -- Config
INSERT INTO phpbb_config (config_name, config_value) VALUES ('config_id','1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_disable','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_disable_msg','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('sitename','yourdomain.com');
@ -34,28 +33,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('override_user_styl
INSERT INTO phpbb_config (config_name, config_value) VALUES ('posts_per_page','10');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page','30');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('hot_threshold','25');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_post_chars', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_post_smilies', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_sig_chars','255');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_poll_options','10');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_search_chars','3');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_search_chars','20');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pm_max_boxes','4');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pm_max_msgs','50');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_sig','Thanks, The Management');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email','youraddress@yourdomain.com');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_delivery','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_host','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_username','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_password','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('auth_method','db');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval','15');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_interval','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_form','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_filesize','6144');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_width','90');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_height','90');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_path','images/avatars/upload');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_gallery_path','images/avatars/gallery');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smilies_path','images/smiles');
@ -64,9 +42,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('prune_enable','1')
INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_enable','1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('privmsg_disable','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('gzip_compress','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('coppa_enable','1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('coppa_fax', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('coppa_mail', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_users', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', '');
@ -81,12 +56,38 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('limit_load', '2.0'
INSERT INTO phpbb_config (config_name, config_value) VALUES ('active_sessions', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('session_gc', '3600');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('session_last_gc', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ip_check', '4');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '2.1.0 [20020926]');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_post_chars', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_post_smilies', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_sig_chars','255');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_poll_options','10');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_search_chars','3');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_search_chars','20');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pm_max_boxes','4');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pm_max_msgs','50');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_sig','Thanks, The Management');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email','youraddress@yourdomain.com');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_delivery','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_host','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_username','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_password','');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval','15');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_interval','0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_filesize','6144');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_width','90');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_height','90');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('coppa_enable','1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('coppa_fax', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('coppa_mail', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('auth_method','db');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_server', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_base_dn', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_uid', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '2.1.0 [20021003]');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '2.1.0 [20021004]');
# -- auth options
INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_list');
@ -211,39 +212,27 @@ INSERT INTO phpbb_icons (icons_id, icons_url, icons_width, icons_height) VALUES
# -- Smilies
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':D', 'icon_biggrin.gif', 'Very Happy');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':-D', 'icon_biggrin.gif', 'Very Happy');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':grin:', 'icon_biggrin.gif', 'Very Happy');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':)', 'icon_smile.gif', 'Smile');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':smile:', 'icon_smile.gif', 'Smile');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':(', 'icon_sad.gif', 'Sad');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':sad:', 'icon_sad.gif', 'Sad');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':o', 'icon_surprised.gif', 'Surprised');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':eek:', 'icon_surprised.gif', 'Surprised');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( '8O', 'icon_eek.gif', 'Shocked');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( '8-O', 'icon_eek.gif', 'Shocked');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':shock:', 'icon_eek.gif', 'Shocked');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':?', 'icon_confused.gif', 'Confused');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':???:', 'icon_confused.gif', 'Confused');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( '8)', 'icon_cool.gif', 'Cool');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':cool:', 'icon_cool.gif', 'Cool');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':lol:', 'icon_lol.gif', 'Laughing');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':x', 'icon_mad.gif', 'Mad');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':mad:', 'icon_mad.gif', 'Mad');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':P', 'icon_razz.gif', 'Razz');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':razz:', 'icon_razz.gif', 'Razz');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':oops:', 'icon_redface.gif', 'Embarassed');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':cry:', 'icon_cry.gif', 'Crying or Very sad');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':evil:', 'icon_evil.gif', 'Evil or Very Mad');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':twisted:', 'icon_twisted.gif', 'Twisted Evil');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':roll:', 'icon_rolleyes.gif', 'Rolling Eyes');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':wink:', 'icon_wink.gif', 'Wink');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ';)', 'icon_wink.gif', 'Wink');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':!:', 'icon_exclaim.gif', 'Exclamation');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':?:', 'icon_question.gif', 'Question');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':idea:', 'icon_idea.gif', 'Idea');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':arrow:', 'icon_arrow.gif', 'Arrow');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':|', 'icon_neutral.gif', 'Neutral');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':neutral:', 'icon_neutral.gif', 'Neutral');
INSERT INTO phpbb_smilies (code, smile_url, emoticon) VALUES ( ':mrgreen:', 'icon_mrgreen.gif', 'Mr. Green');

6
phpBB/install/schemas/mysql_schema.sql
View file

@ -40,7 +40,7 @@ CREATE TABLE phpbb_auth_groups (
CREATE TABLE phpbb_auth_options (
auth_option_id tinyint(4) NOT NULL auto_increment,
auth_value char(20) NOT NULL,
auth_founder_only tinyint(1) DEFAULT '0' NOT NULL,
founder_only tinyint(1) DEFAULT '0' NOT NULL,
PRIMARY KEY (auth_option_id),
KEY auth_value (auth_value)
);
@ -157,7 +157,7 @@ CREATE TABLE phpbb_forums (
KEY left_id (left_id),
KEY forum_last_post_id (forum_last_post_id)
);
# forum_last_topic_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
# --------------------------------------------------------
#
@ -310,6 +310,7 @@ CREATE TABLE phpbb_posts (
CREATE TABLE phpbb_posts_text (
post_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
bbcode_uid varchar(10) NOT NULL,
bbcode_bitfield int(11) UNSIGNED DEFAULT '0' NOT NULL,
post_checksum varchar(32) NOT NULL,
post_subject varchar(60),
post_text text,
@ -412,6 +413,7 @@ CREATE TABLE phpbb_search_wordmatch (
CREATE TABLE phpbb_sessions (
session_id varchar(32) DEFAULT '' NOT NULL,
session_user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
session_last_visit int(11) DEFAULT '0' NOT NULL,
session_start int(11) DEFAULT '0' NOT NULL,
session_time int(11) DEFAULT '0' NOT NULL,
session_ip varchar(40) DEFAULT '0' NOT NULL,

6
phpBB/login.php
View file

@ -30,7 +30,7 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Set page ID for session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$auth = new auth($userdata);
$session->configure($userdata);
//
@ -60,13 +60,13 @@ if ( isset($login) || isset($logout) )
//
// Is the board disabled? Are we an admin? No, then back to the index we go
//
if ( $board_config['board_disable'] && !$acl->get_acl_admin() )
if ( $board_config['board_disable'] && !$auth->get_acl_admin() )
{
header($header_location . "index.$phpEx$SID");
exit;
}
if ( new login($username, $password, $autologin) )
if ( !$auth->login($username, $password, $autologin) )
{
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx$SID&amp;redirect=$redirect" . '">')

201
phpBB/memberlist.php
View file

@ -28,7 +28,7 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$auth->acl($userdata);
$session->configure($userdata);
//
@ -201,7 +201,7 @@ if ( $row = $db->sql_fetchrow($result) )
}
}
if ( $row['user_viewemail'] || $acl->get_acl_admin() )
if ( $row['user_viewemail'] || $auth->get_acl_admin() )
{
$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $user_id : 'mailto:' . $row['user_email'];
@ -299,4 +299,201 @@ make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
// Username search
function username_search()
{
global $SID, $HTTP_GET_VARS, $HTTP_POST_VARS, $phpEx, $phpbb_root_path;
global $db, $board_config, $template, $auth, $lang, $theme;
global $starttime;
$form = ( !empty($HTTP_GET_VARS['form']) ) ? $HTTP_GET_VARS['form'] : 0;
$field = ( isset($HTTP_GET_VARS['field']) ) ? $HTTP_GET_VARS['field'] : 'username';
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
$sort_by = ( !empty($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : ( ( !empty($HTTP_GET_VARS['sort_by']) ) ? $HTTP_GET_VARS['sort_by'] : '4' );
$sort_order = ( !empty($HTTP_POST_VARS['sort_order']) ) ? $HTTP_POST_VARS['sort_order'] : ( ( !empty($HTTP_GET_VARS['sort_order']) ) ? $HTTP_GET_VARS['sort_order'] : 'd' );
$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ( ( !empty($HTTP_GET_VARS['username']) ) ? $HTTP_GET_VARS['username'] : '' );
$email = ( !empty($HTTP_POST_VARS['email']) ) ? $HTTP_POST_VARS['email'] : ( ( !empty($HTTP_GET_VARS['email']) ) ? $HTTP_GET_VARS['email'] : '' );
$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? intval($HTTP_POST_VARS['icq']) : ( ( !empty($HTTP_GET_VARS['icq']) ) ? $HTTP_GET_VARS['icq'] : '' );
$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? $HTTP_POST_VARS['aim'] : ( ( !empty($HTTP_GET_VARS['aim']) ) ? $HTTP_GET_VARS['aim'] : '' );
$yahoo = ( !empty($HTTP_POST_VARS['yahoo']) ) ? $HTTP_POST_VARS['yahoo'] : ( ( !empty($HTTP_GET_VARS['yahoo']) ) ? $HTTP_GET_VARS['yahoo'] : '' );
$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? $HTTP_POST_VARS['msn'] : ( ( !empty($HTTP_GET_VARS['msn']) ) ? $HTTP_GET_VARS['msn'] : '' );
$joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : ( ( !empty($HTTP_GET_VARS['joined_select']) ) ? $HTTP_GET_VARS['joined_select'] : 'lt' );
$active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] : ( ( !empty($HTTP_GET_VARS['active_select']) ) ? $HTTP_GET_VARS['active_select'] : 'lt' );
$count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : ( ( !empty($HTTP_GET_VARS['count_select']) ) ? $HTTP_GET_VARS['count_select'] : 'eq' );
$joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : ( ( !empty($HTTP_GET_VARS['joined']) ) ? explode('-', $HTTP_GET_VARS['joined']) : array() );
$active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) : ( ( !empty($HTTP_GET_VARS['active']) ) ? explode('-', $HTTP_GET_VARS['active']) : array() );
$count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ( ( !empty($HTTP_GET_VARS['count']) ) ? $HTTP_GET_VARS['count'] : '' );
//
//
//
$sort_by_types_text = array($lang['Sort_Username'], $lang['Sort_Email'], $lang['Sort_Post_count'], $lang['Sort_Joined'], $lang['Sort_Last_active']);
$s_sort_by = '';
for($i = 0; $i < count($sort_by_types_text); $i++)
{
$selected = ( $sort_by == $i ) ? ' selected="selected"' : '';
$s_sort_by .= '<option value="' . $i . '"' . $selected . '>' . $sort_by_types_text[$i] . '</option>';
}
$sort_order_text = array('a' => $lang['Ascending'], 'd' => $lang['Descending']);
$s_sort_order = '';
foreach ( $sort_order_text as $key => $value )
{
$selected = ( $sort_order == $key ) ? ' selected="selected"' : '';
$s_sort_order .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$find_count = array('lt' => $lang['Less_than'], 'eq' => $lang['Equal_to'], 'gt' => $lang['More_than']);
$s_find_count = '';
foreach ( $find_count as $key => $value )
{
$selected = ( $count_select == $key ) ? ' selected="selected"' : '';
$s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$find_time = array('lt' => $lang['Before'], 'gt' => $lang['After']);
$s_find_join_time = '';
foreach ( $find_time as $key => $value )
{
$selected = ( $joined_select == $key ) ? ' selected="selected"' : '';
$s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$s_find_active_time = '';
foreach ( $find_time as $key => $value )
{
$selected = ( $active_select == $key ) ? ' selected="selected"' : '';
$s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
//
//
//
$key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
$where_sql = '';
$where_sql .= ( $username ) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : '';
$where_sql .= ( $email ) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : '';
$where_sql .= ( $icq ) ? " AND user_icq LIKE '" . str_replace('*', '%', $icq) ."' " : '';
$where_sql .= ( $aim ) ? " AND user_aim LIKE '" . str_replace('*', '%', $aim) ."' " : '';
$where_sql .= ( $yahoo ) ? " AND user_yim LIKE '" . str_replace('*', '%', $yahoo) ."' " : '';
$where_sql .= ( $msn ) ? " AND user_msnm LIKE '" . str_replace('*', '%', $msn) ."' " : '';
$where_sql .= ( $joined ) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$where_sql .= ( $count ) ? " AND user_posts " . $key_match[$count_select] . " $count " : '';
$where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
$order_by = $sort_by_types[$sort_by] . ' ' . ( ( $sort_order == 'a' ) ? 'ASC' : 'DESC' );
$sql = "SELECT COUNT(user_id) AS total_users
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
$where_sql";
$result = $db->sql_query($sql);
$total_users = ( $row = $db->sql_fetchrow($result) ) ? $row['total_users'] : 0;
$pagination = generate_pagination("search.$phpEx$SID&amp;mode=searchuser&amp;form=$form&amp;field=$field&amp;username=" . urlencode($username) . "&amp;email=" . urlencode($email) . "&amp;icq=$icq&amp;aim=" . urlencode($aim) . "&amp;yahoo=" . urlencode($yahoo) . "&amp;msn=" . urlencode($msn) . "&amp;joined=" . urlencode(implode('-', $joined)) . "&amp;active=" . urlencode(implode('-', $active)) . "&amp;count=$count&amp;sort_order=$sort_order&amp;sort_by=$sort_by&amp;joined_select=$joined_select&amp;active_select=$active_select&amp;count_select=$count_select", $total_users, $board_config['topics_per_page'], $start);
//
//
//
$page_title = $lang['Search'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'search_user_body' => 'search_username.html')
);
$template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
'ICQ' => $icq,
'AIM' => $aim,
'YAHOO' => $yahoo,
'MSNM' => $msn,
'JOINED' => implode('-', $joined),
'ACTIVE' => implode('-', $active),
'COUNT' => $count,
'PAGINATION' => $pagination,
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $total_users / $board_config['topics_per_page'] )),
'L_SEARCH_USERNAME' => $lang['Find_username'],
'L_SEARCH_EXPLAIN' => $lang['Find_username_explain'],
'L_RESET' => $lang['Reset'],
'L_EMAIL' => $lang['Email'],
'L_ICQ_NUMBER' => $lang['ICQ'],
'L_MESSENGER' => $lang['MSNM'],
'L_YAHOO' => $lang['YIM'],
'L_AIM' => $lang['AIM'],
'L_JOINED' => $lang['Joined'],
'L_ACTIVE' => $lang['Last_active'],
'L_POSTS' => $lang['Posts'],
'L_SORT_BY' => $lang['Sort_by'],
'L_SORT_ASCENDING' => $lang['Sort_Ascending'],
'L_SORT_DESCENDING' => $lang['Sort_Descending'],
'L_SELECT_MARKED' => $lang['Select_marked'],
'L_MARK' => $lang['Mark'],
'L_MARK_ALL' => $lang['Mark_all'],
'L_UNMARK_ALL' => $lang['Unmark_all'],
'S_FORM_NAME' => $form,
'S_FIELD_NAME' => $field,
'S_COUNT_OPTIONS' => $s_find_count,
'S_JOINED_TIME_OPTIONS' => $s_find_join_time,
'S_ACTIVE_TIME_OPTIONS' => $s_find_active_time,
'S_SORT_OPTIONS' => $s_sort_by,
'S_SORT_ORDER' => $s_sort_order,
'S_USERNAME_OPTIONS' => $username_list,
'S_SEARCH_ACTION' => "search.$phpEx$SID&amp;mode=searchuser&amp;field=$field")
);
$sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_email, user_lastvisit
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
$where_sql
ORDER BY $order_by
LIMIT $start, " . $board_config['topics_per_page'];
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
$i = 0;
do
{
$username = $row['username'];
$user_id = $row['user_id'];
$joined = create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']);
$posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
$active = ( !$row['user_lastvisit'] ) ? $lang['Never'] : create_date($lang['DATE_FORMAT'], $row['user_lastvisit'], $board_config['board_timezone']);
$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$profile_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_profile'], $lang['Read_profile']) . '</a>';
$profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
$template->assign_block_vars('memberrow', array(
'ROW_NUMBER' => $i + ( $start + 1 ),
'USERNAME' => $username,
'JOINED' => $joined,
'POSTS' => $posts,
'ACTIVE' => $active,
'PROFILE_IMG' => $profile_img,
'PROFILE' => $profile)
);
$i++;
}
while ( $row = $db->sql_fetchrow($result) );
}
$template->display('search_user_body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
exit;
}
?>

4
phpBB/modcp.php
View file

@ -124,7 +124,7 @@ else
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata, $forum_id);
$auth->acl($userdata, $forum_id);
//
// End session management
//
@ -167,7 +167,7 @@ else
//
// Auth check
//
if ( !$acl->get_acl($forum_id, 'mod') )
if ( !$auth->get_acl($forum_id, 'mod') )
{
message_die(MESSAGE, $lang['Not_Moderator'], $lang['Not_Authorised']);
}

1067
phpBB/posting.php
View file

File diff suppressed because it is too large Load diff

2
phpBB/privmsg.php
View file

@ -82,7 +82,7 @@ if ( $cancel )
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$auth->acl($userdata);
//
// End session management
//

2
phpBB/profile.php
View file

@ -29,7 +29,7 @@ include($phpbb_root_path . 'common.'.$phpEx);
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$auth->acl($userdata);
//
// End session management
//

299
phpBB/search.php
View file

@ -30,7 +30,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata, false, 'read');
$auth->acl($userdata);
//
// End session management
//
@ -121,16 +121,7 @@ $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['So
//
// Begin core code
//
if ( $mode == 'searchuser' )
{
//
// This handles the simple windowed user search functions called from various other scripts
//
username_search();
exit;
}
else if ( $search_keywords != '' || $search_author != '' || $search_id )
if ( $search_keywords != '' || $search_author != '' || $search_id )
{
$store_vars = array('search_results', 'total_match_count', 'split_search', 'sort_by', 'sort_dir', 'show_results', 'return_chars');
@ -143,11 +134,11 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
{
if ( $search_id == 'newposts' )
{
if ( $userdata['session_logged_in'] )
if ( $userdata['user_id'] )
{
$sql = "SELECT post_id
FROM " . POSTS_TABLE . "
WHERE post_time >= " . $userdata['user_lastvisit'];
WHERE post_time >= " . $userdata['session_last_visit'];
}
else
{
@ -184,10 +175,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE username LIKE '" . str_replace("\'", "''", $search_author) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(ERROR, "Couldn't obtain list of matching users (searching for: $search_author)", "", __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
$matching_userids = '';
if ( $row = $db->sql_fetchrow($result) )
@ -336,12 +324,12 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$auth_sql = '';
if ( $search_forum != -1 )
{
if ( !$acl->get_acl($search_forum, 'forum', 'read') )
if ( !$auth->get_acl($search_forum, 'forum', 'read') )
{
message_die(MESSAGE, $lang['No_searchable_forums']);
}
$auth_sql = "f.forum_id = $search_forum";
// $auth_sql = "f.forum_id = $search_forum";
}
else
{
@ -349,8 +337,8 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
{
$auth_sql = "f.cat_id = $search_cat";
}
$auth_ary = $acl->get_acl();
/*
$auth_ary = $auth->get_acl();
@reset($auth_ary);
$allowed_forum_sql = '';
@ -363,7 +351,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
$auth_sql .= ( $auth_sql != '' ) ? " AND f.forum_id IN ($allowed_forum_sql) " : "f.forum_id IN ($allowed_forum_sql) ";
}
*/ }
//
// Author name search
@ -415,7 +403,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
GROUP BY p.topic_id";
}
if ( !($result = $db->sql_query($sql)) )
if ( !($result = $db->sql_query($sql, false)) )
{
message_die(ERROR, 'Could not obtain topic ids', '', __LINE__, __FILE__, $sql);
}
@ -455,7 +443,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$sql = "SELECT p.post_id
FROM $from_sql
WHERE $where_sql";
if ( !($result = $db->sql_query($sql)) )
if ( !($result = $db->sql_query($sql, false)) )
{
message_die(ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
}
@ -490,7 +478,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
AND topic_moved_id = 0";
}
if ( !($result = $db->sql_query($sql)) )
if ( !($result = $db->sql_query($sql, false)) )
{
message_die(ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
}
@ -650,7 +638,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
$sql .= " $sort_dir LIMIT $start, " . $per_page;
if ( !$result = $db->sql_query($sql) )
if ( !$result = $db->sql_query($sql, false) )
{
message_die(ERROR, 'Could not obtain search results', '', __LINE__, __FILE__, $sql);
}
@ -673,22 +661,6 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
//
// Output header
//
$page_title = $lang['Search'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
if ( $show_results == 'posts' )
{
$template->set_filenames(array(
'body' => 'search_results_posts.tpl')
);
}
else
{
$template->set_filenames(array(
'body' => 'search_results_topics.tpl')
);
}
make_jumpbox('viewforum.'.$phpEx);
$l_search_matches = ( $total_match_count == 1 ) ? sprintf($lang['Found_search_match'], $total_match_count) : sprintf($lang['Found_search_matches'], $total_match_count);
@ -728,9 +700,9 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
for($i = 0; $i < count($searchset); $i++)
{
$forum_url = append_sid("viewforum.$phpEx?" . POST_FORUM_URL . '=' . $searchset[$i]['forum_id']);
$topic_url = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . '=' . $searchset[$i]['topic_id'] . "&amp;highlight=$highlight_active");
$post_url = append_sid("viewtopic.$phpEx?" . POST_POST_URL . '=' . $searchset[$i]['post_id'] . "&amp;highlight=$highlight_active") . '#' . $searchset[$i]['post_id'];
$forum_url = "viewforum.$phpEx$SID&amp;f=" . $searchset[$i]['forum_id'];
$topic_url = "viewtopic.$phpEx$SID&amp;t=" . $searchset[$i]['topic_id'] . "&amp;highlight=$highlight_active";
$post_url = "viewtopic.$phpEx$SID&amp;p=" . $searchset[$i]['post_id'] . "&amp;highlight=$highlight_active" . '#' . $searchset[$i]['post_id'];
$post_date = create_date($board_config['default_dateformat'], $searchset[$i]['post_time'], $board_config['board_timezone']);
@ -876,11 +848,11 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
$poster = ( $searchset[$i]['user_id'] != ANONYMOUS ) ? '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $searchset[$i]['user_id']) . '">' : '';
$poster .= ( $searchset[$i]['user_id'] != ANONYMOUS ) ? $searchset[$i]['username'] : ( ( $searchset[$i]['post_username'] != "" ) ? $searchset[$i]['post_username'] : $lang['Guest'] );
$poster .= ( $searchset[$i]['user_id'] != ANONYMOUS ) ? '</a>' : '';
$poster = ( !$searchset[$i]['user_id'] ) ? '<a href="' . "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $searchset[$i]['user_id'] . '">' : '';
$poster .= ( $searchset[$i]['user_id'] ) ? $searchset[$i]['username'] : ( ( $searchset[$i]['post_username'] != "" ) ? $searchset[$i]['post_username'] : $lang['Guest'] );
$poster .= ( $searchset[$i]['user_id'] ) ? '</a>' : '';
if ( $userdata['session_logged_in'] && $searchset[$i]['post_time'] > $userdata['user_lastvisit'] )
if ( $userdata['session_logged_in'] && $searchset[$i]['post_time'] > $userdata['session_last_visit'] )
{
if ( !empty($tracking_topics[$topic_id]) && !empty($tracking_forums[$forum_id]) )
{
@ -966,7 +938,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$times = 1;
for($j = 0; $j < $replies + 1; $j += $board_config['posts_per_page'])
{
$goto_page .= '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=" . $topic_id . "&amp;start=$j") . '">' . $times . '</a>';
$goto_page .= '<a href="' . "viewtopic.$phpEx$SID&amp;t=" . $topic_id . "&amp;start=$j" . '">' . $times . '</a>';
if ( $times == 1 && $total_pages > 4 )
{
$goto_page .= ' ... ';
@ -1027,7 +999,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
if ( $userdata['session_logged_in'] )
{
if ( $searchset[$i]['post_time'] > $userdata['user_lastvisit'] )
if ( $searchset[$i]['post_time'] > $userdata['session_last_visit'] )
{
if ( !empty($tracking_topics) || !empty($tracking_forums) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all']) )
{
@ -1063,7 +1035,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$folder_image = $folder_new;
$folder_alt = $lang['New_posts'];
$newest_post_img = '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;view=newest") . '"><img src="' . $images['icon_newest_reply'] . '" alt="' . $lang['View_newest_post'] . '" title="' . $lang['View_newest_post'] . '" border="0" /></a> ';
$newest_post_img = '<a href="' . "viewtopic.$phpEx$SID&amp;t=$topic_id&amp;view=newest" . '"><img src="' . $images['icon_newest_reply'] . '" alt="' . $lang['View_newest_post'] . '" title="' . $lang['View_newest_post'] . '" border="0" /></a> ';
}
else
{
@ -1075,12 +1047,12 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
}
else if ( $searchset[$i]['post_time'] > $userdata['user_lastvisit'] )
else if ( $searchset[$i]['post_time'] > $userdata['session_last_visit'] )
{
$folder_image = $folder_new;
$folder_alt = $lang['New_posts'];
$newest_post_img = '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;view=newest") . '"><img src="' . $images['icon_newest_reply'] . '" alt="' . $lang['View_newest_post'] . '" title="' . $lang['View_newest_post'] . '" border="0" /></a> ';
$newest_post_img = '<a href="' . "viewtopic.$phpEx$SID&amp;t=$topic_id&amp;view=newest" . '"><img src="' . $images['icon_newest_reply'] . '" alt="' . $lang['View_newest_post'] . '" title="' . $lang['View_newest_post'] . '" border="0" /></a> ';
}
else
{
@ -1105,18 +1077,18 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
}
$topic_author = ( $searchset[$i]['user_id'] != ANONYMOUS ) ? '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $searchset[$i]['user_id']) . '">' : '';
$topic_author .= ( $searchset[$i]['user_id'] != ANONYMOUS ) ? $searchset[$i]['username'] : ( ( $searchset[$i]['post_username'] != '' ) ? $searchset[$i]['post_username'] : $lang['Guest'] );
$topic_author = ( $searchset[$i]['user_id'] ) ? '<a href="' . "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $searchset[$i]['user_id'] . '">' : '';
$topic_author .= ( $searchset[$i]['user_id'] ) ? $searchset[$i]['username'] : ( ( $searchset[$i]['post_username'] != '' ) ? $searchset[$i]['post_username'] : $lang['Guest'] );
$topic_author .= ( $searchset[$i]['user_id'] != ANONYMOUS ) ? '</a>' : '';
$topic_author .= ( $searchset[$i]['user_id'] ) ? '</a>' : '';
$first_post_time = create_date($board_config['default_dateformat'], $searchset[$i]['topic_time'], $board_config['board_timezone']);
$last_post_time = create_date($board_config['default_dateformat'], $searchset[$i]['post_time'], $board_config['board_timezone']);
$last_post_author = ( $searchset[$i]['id2'] == ANONYMOUS ) ? ( ($searchset[$i]['post_username2'] != '' ) ? $searchset[$i]['post_username2'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $searchset[$i]['id2']) . '">' . $searchset[$i]['user2'] . '</a>';
$last_post_author = ( $searchset[$i]['id2'] ) ? ( ($searchset[$i]['post_username2'] != '' ) ? $searchset[$i]['post_username2'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="' . "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $searchset[$i]['id2'] . '">' . $searchset[$i]['user2'] . '</a>';
$last_post_url = '<a href="' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . '=' . $searchset[$i]['topic_last_post_id']) . '#' . $searchset[$i]['topic_last_post_id'] . '"><img src="' . $images['icon_latest_reply'] . '" alt="' . $lang['View_latest_post'] . '" title="' . $lang['View_latest_post'] . '" border="0" /></a>';
$last_post_url = '<a href="' . "viewtopic.$phpEx$SID&amp;p=" . $searchset[$i]['topic_last_post_id'] . '#' . $searchset[$i]['topic_last_post_id'] . '"><img src="' . $images['icon_latest_reply'] . '" alt="' . $lang['View_latest_post'] . '" title="' . $lang['View_latest_post'] . '" border="0" /></a>';
$template->assign_block_vars('searchresults', array(
'FORUM_NAME' => $searchset[$i]['forum_name'],
@ -1164,7 +1136,13 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
'L_GOTO_PAGE' => $lang['Goto_page'])
);
$template->pparse('body');
$page_title = $lang['Search'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => ( $show_results == 'posts' ) ? 'search_results_posts.html' : 'search_results_topics.html')
);
make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
@ -1186,7 +1164,7 @@ $result = $db->sql_query($sql);
$s_forums = '';
while( $row = $db->sql_fetchrow($result) )
{
if ( $acl->get_acl($row['forum_id'], 'forum', 'read') )
if ( $auth->get_acl($row['forum_id'], 'forum', 'read') )
{
$s_forums .= '<option value="' . $row['forum_id'] . '">' . $row['forum_name'] . '</option>';
if ( empty($list_cat[$row['cat_id']]) )
@ -1295,203 +1273,4 @@ make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
//
// Username search
//
function username_search()
{
global $SID, $HTTP_GET_VARS, $HTTP_POST_VARS, $phpEx, $phpbb_root_path;
global $db, $board_config, $template, $acl, $lang, $theme;
global $starttime;
$form = ( !empty($HTTP_GET_VARS['form']) ) ? $HTTP_GET_VARS['form'] : 0;
$field = ( isset($HTTP_GET_VARS['field']) ) ? $HTTP_GET_VARS['field'] : 'username';
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
$sort_by = ( !empty($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : ( ( !empty($HTTP_GET_VARS['sort_by']) ) ? $HTTP_GET_VARS['sort_by'] : '4' );
$sort_order = ( !empty($HTTP_POST_VARS['sort_order']) ) ? $HTTP_POST_VARS['sort_order'] : ( ( !empty($HTTP_GET_VARS['sort_order']) ) ? $HTTP_GET_VARS['sort_order'] : 'd' );
$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ( ( !empty($HTTP_GET_VARS['username']) ) ? $HTTP_GET_VARS['username'] : '' );
$email = ( !empty($HTTP_POST_VARS['email']) ) ? $HTTP_POST_VARS['email'] : ( ( !empty($HTTP_GET_VARS['email']) ) ? $HTTP_GET_VARS['email'] : '' );
$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? intval($HTTP_POST_VARS['icq']) : ( ( !empty($HTTP_GET_VARS['icq']) ) ? $HTTP_GET_VARS['icq'] : '' );
$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? $HTTP_POST_VARS['aim'] : ( ( !empty($HTTP_GET_VARS['aim']) ) ? $HTTP_GET_VARS['aim'] : '' );
$yahoo = ( !empty($HTTP_POST_VARS['yahoo']) ) ? $HTTP_POST_VARS['yahoo'] : ( ( !empty($HTTP_GET_VARS['yahoo']) ) ? $HTTP_GET_VARS['yahoo'] : '' );
$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? $HTTP_POST_VARS['msn'] : ( ( !empty($HTTP_GET_VARS['msn']) ) ? $HTTP_GET_VARS['msn'] : '' );
$joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : ( ( !empty($HTTP_GET_VARS['joined_select']) ) ? $HTTP_GET_VARS['joined_select'] : 'lt' );
$active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] : ( ( !empty($HTTP_GET_VARS['active_select']) ) ? $HTTP_GET_VARS['active_select'] : 'lt' );
$count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : ( ( !empty($HTTP_GET_VARS['count_select']) ) ? $HTTP_GET_VARS['count_select'] : 'eq' );
$joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : ( ( !empty($HTTP_GET_VARS['joined']) ) ? explode('-', $HTTP_GET_VARS['joined']) : array() );
$active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) : ( ( !empty($HTTP_GET_VARS['active']) ) ? explode('-', $HTTP_GET_VARS['active']) : array() );
$count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ( ( !empty($HTTP_GET_VARS['count']) ) ? $HTTP_GET_VARS['count'] : '' );
//
//
//
$sort_by_types_text = array($lang['Sort_Username'], $lang['Sort_Email'], $lang['Sort_Post_count'], $lang['Sort_Joined'], $lang['Sort_Last_active']);
$s_sort_by = '';
for($i = 0; $i < count($sort_by_types_text); $i++)
{
$selected = ( $sort_by == $i ) ? ' selected="selected"' : '';
$s_sort_by .= '<option value="' . $i . '"' . $selected . '>' . $sort_by_types_text[$i] . '</option>';
}
$sort_order_text = array('a' => $lang['Ascending'], 'd' => $lang['Descending']);
$s_sort_order = '';
foreach ( $sort_order_text as $key => $value )
{
$selected = ( $sort_order == $key ) ? ' selected="selected"' : '';
$s_sort_order .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$find_count = array('lt' => $lang['Less_than'], 'eq' => $lang['Equal_to'], 'gt' => $lang['More_than']);
$s_find_count = '';
foreach ( $find_count as $key => $value )
{
$selected = ( $count_select == $key ) ? ' selected="selected"' : '';
$s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$find_time = array('lt' => $lang['Before'], 'gt' => $lang['After']);
$s_find_join_time = '';
foreach ( $find_time as $key => $value )
{
$selected = ( $joined_select == $key ) ? ' selected="selected"' : '';
$s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
$s_find_active_time = '';
foreach ( $find_time as $key => $value )
{
$selected = ( $active_select == $key ) ? ' selected="selected"' : '';
$s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
}
//
//
//
$key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
$where_sql = '';
$where_sql .= ( $username ) ? " AND username LIKE '" . str_replace('*', '%', $username) ."'" : '';
$where_sql .= ( $email ) ? " AND user_email LIKE '" . str_replace('*', '%', $email) ."' " : '';
$where_sql .= ( $icq ) ? " AND user_icq LIKE '" . str_replace('*', '%', $icq) ."' " : '';
$where_sql .= ( $aim ) ? " AND user_aim LIKE '" . str_replace('*', '%', $aim) ."' " : '';
$where_sql .= ( $yahoo ) ? " AND user_yim LIKE '" . str_replace('*', '%', $yahoo) ."' " : '';
$where_sql .= ( $msn ) ? " AND user_msnm LIKE '" . str_replace('*', '%', $msn) ."' " : '';
$where_sql .= ( $joined ) ? " AND user_regdate " . $key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$where_sql .= ( $count ) ? " AND user_posts " . $key_match[$count_select] . " $count " : '';
$where_sql .= ( $active ) ? " AND user_lastvisit " . $key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
$order_by = $sort_by_types[$sort_by] . ' ' . ( ( $sort_order == 'a' ) ? 'ASC' : 'DESC' );
$sql = "SELECT COUNT(user_id) AS total_users
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
$where_sql";
$result = $db->sql_query($sql);
$total_users = ( $row = $db->sql_fetchrow($result) ) ? $row['total_users'] : 0;
$pagination = generate_pagination("search.$phpEx$SID&amp;mode=searchuser&amp;form=$form&amp;field=$field&amp;username=" . urlencode($username) . "&amp;email=" . urlencode($email) . "&amp;icq=$icq&amp;aim=" . urlencode($aim) . "&amp;yahoo=" . urlencode($yahoo) . "&amp;msn=" . urlencode($msn) . "&amp;joined=" . urlencode(implode('-', $joined)) . "&amp;active=" . urlencode(implode('-', $active)) . "&amp;count=$count&amp;sort_order=$sort_order&amp;sort_by=$sort_by&amp;joined_select=$joined_select&amp;active_select=$active_select&amp;count_select=$count_select", $total_users, $board_config['topics_per_page'], $start);
//
//
//
$page_title = $lang['Search'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'search_user_body' => 'search_username.html')
);
$template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
'ICQ' => $icq,
'AIM' => $aim,
'YAHOO' => $yahoo,
'MSNM' => $msn,
'JOINED' => implode('-', $joined),
'ACTIVE' => implode('-', $active),
'COUNT' => $count,
'PAGINATION' => $pagination,
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $total_users / $board_config['topics_per_page'] )),
'L_SEARCH_USERNAME' => $lang['Find_username'],
'L_SEARCH_EXPLAIN' => $lang['Find_username_explain'],
'L_RESET' => $lang['Reset'],
'L_EMAIL' => $lang['Email'],
'L_ICQ_NUMBER' => $lang['ICQ'],
'L_MESSENGER' => $lang['MSNM'],
'L_YAHOO' => $lang['YIM'],
'L_AIM' => $lang['AIM'],
'L_JOINED' => $lang['Joined'],
'L_ACTIVE' => $lang['Last_active'],
'L_POSTS' => $lang['Posts'],
'L_SORT_BY' => $lang['Sort_by'],
'L_SORT_ASCENDING' => $lang['Sort_Ascending'],
'L_SORT_DESCENDING' => $lang['Sort_Descending'],
'L_SELECT_MARKED' => $lang['Select_marked'],
'L_MARK' => $lang['Mark'],
'L_MARK_ALL' => $lang['Mark_all'],
'L_UNMARK_ALL' => $lang['Unmark_all'],
'S_FORM_NAME' => $form,
'S_FIELD_NAME' => $field,
'S_COUNT_OPTIONS' => $s_find_count,
'S_JOINED_TIME_OPTIONS' => $s_find_join_time,
'S_ACTIVE_TIME_OPTIONS' => $s_find_active_time,
'S_SORT_OPTIONS' => $s_sort_by,
'S_SORT_ORDER' => $s_sort_order,
'S_USERNAME_OPTIONS' => $username_list,
'S_SEARCH_ACTION' => "search.$phpEx$SID&amp;mode=searchuser&amp;field=$field")
);
$sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_email, user_lastvisit
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
$where_sql
ORDER BY $order_by
LIMIT $start, " . $board_config['topics_per_page'];
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
$i = 0;
do
{
$username = $row['username'];
$user_id = $row['user_id'];
$joined = create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']);
$posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
$active = ( !$row['user_lastvisit'] ) ? $lang['Never'] : create_date($lang['DATE_FORMAT'], $row['user_lastvisit'], $board_config['board_timezone']);
$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$profile_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_profile'], $lang['Read_profile']) . '</a>';
$profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
$template->assign_block_vars('memberrow', array(
'ROW_NUMBER' => $i + ( $start + 1 ),
'USERNAME' => $username,
'JOINED' => $joined,
'POSTS' => $posts,
'ACTIVE' => $active,
'PROFILE_IMG' => $profile_img,
'PROFILE' => $profile)
);
$i++;
}
while ( $row = $db->sql_fetchrow($result) );
}
$template->display('search_user_body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
exit;
}
?>

5
phpBB/templates/subSilver/posting_poll_body.html
View file

@ -1,4 +1,3 @@
<tr>
<th class="thHead" colspan="2">{L_ADD_A_POLL}</th>
</tr>
@ -23,9 +22,9 @@
<td class="row1"><span class="gen"><b>{L_POLL_LENGTH}</b></span></td>
<td class="row2"><span class="genmed"><input type="text" name="poll_length" size="3" maxlength="3" class="post" value="{POLL_LENGTH}" /></span>&nbsp;<span class="gen"><b>{L_DAYS}</b></span> &nbsp; <span class="gensmall">{L_POLL_LENGTH_EXPLAIN}</span></td>
</tr>
<!-- BEGIN switch_poll_delete_toggle -->
<!-- IF S_POLL_DELETE -->
<tr>
<td class="row1"><span class="gen"><b>{L_POLL_DELETE}</b></span></td>
<td class="row2"><input type="checkbox" name="poll_delete" /></td>
</tr>
<!-- END switch_poll_delete_toggle -->
<!-- ENDIF -->

23
phpBB/templates/subSilver/posting_smilies.html
View file

@ -1,8 +1,10 @@
<!-- INCLUDE simple_header.html -->
<script language="javascript" type="text/javascript">
<!--
function emoticon(text) {
text = ' ' + text + ' ';
if (opener.document.forms['post'].message.createTextRange && opener.document.forms['post'].message.caretPos) {
var caretPos = opener.document.forms['post'].message.caretPos;
caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? text + ' ' : text;
@ -15,27 +17,14 @@ function emoticon(text) {
//-->
</script>
<table width="100%" border="0" cellspacing="0" cellpadding="10">
<table width="100%" cellspacing="0" cellpadding="10" border="0">
<tr>
<td><table width="100%" border="0" cellspacing="1" cellpadding="4" class="forumline">
<td><table class="forumline" width="100%" cellspacing="1" cellpadding="4" border="0">
<tr>
<th class="thHead" height="25">{L_EMOTICONS}</th>
</tr>
<tr>
<td><table width="100" border="0" cellspacing="0" cellpadding="5">
<!-- BEGIN smilies_row -->
<tr align="center" valign="middle">
<!-- BEGIN smilies_col -->
<td><a href="javascript:emoticon('{smilies_row.smilies_col.SMILEY_CODE}')"><img src="{smilies_row.smilies_col.SMILEY_IMG}" border="0" alt="{smilies_row.smilies_col.SMILEY_DESC}" title="{smilies_row.smilies_col.SMILEY_DESC}" /></a></td>
<!-- END smilies_col -->
</tr>
<!-- END smilies_row -->
<!-- BEGIN switch_smilies_extra -->
<tr align="center">
<td colspan="{S_SMILIES_COLSPAN}"><span class="nav"><a href="{U_MORE_SMILIES}" onclick="open_window('{U_MORE_SMILIES}', 250, 300);return false" target="_smilies" class="nav">{L_MORE_SMILIES}</a></td>
</tr>
<!-- END switch_smilies_extra -->
</table></td>
<td align="center" valign="middle"><!-- BEGIN emoticon --> <a href="javascript:emoticon('{emoticon.SMILEY_CODE}')"><img src="{emoticon.SMILEY_IMG}" width="{emoticon.SMILEY_WIDTH}" height="{emoticon.SMILEY_HEIGHT}" border="0" alt="{emoticon.SMILEY_DESC}" title="{emoticon.SMILEY_DESC}" hspace="2" vspace="2" onclick="emoticon('{emoticon.SMILEY_CODE}');return false" /></a> <!-- END emoticon --></td>
</tr>
<tr>
<td align="center"><br /><span class="genmed"><a href="javascript:window.close();" class="genmed">{L_CLOSE_WINDOW}</a></span></td>
@ -43,3 +32,5 @@ function emoticon(text) {
</table></td>
</tr>
</table>
<!-- INCLUDE simple_footer.html -->

8
phpBB/viewforum.php
View file

@ -54,7 +54,7 @@ $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) :
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata, $forum_id);
$auth->acl($userdata, $forum_id);
//
// End session management
//
@ -83,7 +83,7 @@ $session->configure($userdata);
//
// Auth check
//
if (!$acl->get_acl($forum_id, 'forum', 'read'))
if (!$auth->get_acl($forum_id, 'forum', 'read'))
{
if ( $userdata['user_id'] )
{
@ -155,7 +155,7 @@ foreach ($forum_branch as $row)
}
elseif ($row['forum_status'] != ITEM_CATEGORY)
{
if ($acl->get_acl($row['forum_id'], 'forum', 'list'))
if ($auth->get_acl($row['forum_id'], 'forum', 'list'))
{
$subforums[$parent_id][] = $row;
}
@ -195,7 +195,7 @@ if ( $mark_read == 'topics' )
//
// Do the forum Prune
//
if ( $acl->get_acl($forum_id, 'mod', 'prune') && $board_config['prune_enable'] )
if ( $auth->get_acl($forum_id, 'mod', 'prune') && $board_config['prune_enable'] )
{
if ( $forum_data['prune_next'] < time() && $forum_data['prune_enable'] )
{

18
phpBB/viewonline.php
View file

@ -24,19 +24,11 @@ $phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
//
// Start session management
//
$userdata = $session->start();
$acl = new acl($userdata);
//
$auth->acl($userdata);
$user = new user($userdata);
// End session management
//
//
// Configure style, language, etc.
//
$session->configure($userdata);
//
// Forum info
@ -88,7 +80,7 @@ while ( $row = $db->sql_fetchrow($result) )
if ( !$row['user_allow_viewonline'] )
{
$view_online = ( $acl->get_acl_admin() ) ? true : false;
$view_online = ( $auth->get_acl_admin() ) ? true : false;
$hidden_users++;
$username = '<i>' . $username . '</i>';
@ -136,7 +128,7 @@ while ( $row = $db->sql_fetchrow($result) )
preg_match('/f=([0-9]+)/', $row['session_page'], $forum_id);
$forum_id = $forum_id[1];
if ( $acl->get_acl($forum_id, 'forum' , 'list') )
if ( $auth->get_acl($forum_id, 'forum' , 'list') )
{
$location = '';
switch ( $on_page[1] )
@ -193,7 +185,7 @@ while ( $row = $db->sql_fetchrow($result) )
$template->assign_block_vars("$which_row", array(
'USERNAME' => $username,
'LASTUPDATE' => create_date($board_config['default_dateformat'], $row['session_time'], $board_config['board_timezone']),
'LASTUPDATE' => $user->format_date($row['session_time']),
'FORUM_LOCATION' => $location,
'S_ROW_COUNT' => $$which_counter,

40
phpBB/viewtopic.php
View file

@ -161,12 +161,12 @@ if ( !(extract($db->sql_fetchrow($result))) )
$userdata['user_style'] = ( $forum_style ) ? $forum_style : $userdata['user_style'];
$session->configure($userdata);
$acl = new acl($userdata, $forum_id);
$auth->acl($userdata, $forum_id);
//
// Start auth check
//
if ( !$acl->get_acl($forum_id, 'forum', 'read') )
if ( !$auth->get_acl($forum_id, 'forum', 'read') )
{
if ( $userdata['user_id'] != ANONYMOUS )
{
@ -343,11 +343,11 @@ $s_forum_rules = '';
get_forum_rules('topic', $s_forum_rules, $forum_id);
$topic_mod = '';
$topic_mod .= ( $acl->get_acl($forum_id, 'mod', 'lock') ) ? ( ( $topic_status == TOPIC_UNLOCKED ) ? '<option value="lock">' . $lang['Lock_topic'] . '</option>' : '<option value="unlock">' . $lang['Unlock_topic'] . '</option>' ) : '';
$topic_mod .= ( $acl->get_acl($forum_id, 'mod', 'delete') ) ? '<option value="delete">' . $lang['Delete_topic'] . '</option>' : '';
$topic_mod .= ( $acl->get_acl($forum_id, 'mod', 'move') ) ? '<option value="move">' . $lang['Move_topic'] . '</option>' : '';
$topic_mod .= ( $acl->get_acl($forum_id, 'mod', 'split') ) ? '<option value="split">' . $lang['Split_topic'] . '</option>' : '';
$topic_mod .= ( $acl->get_acl($forum_id, 'mod', 'merge') ) ? '<option value="merge">' . $lang['Merge_topic'] . '</option>' : '';
$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'lock') ) ? ( ( $topic_status == TOPIC_UNLOCKED ) ? '<option value="lock">' . $lang['Lock_topic'] . '</option>' : '<option value="unlock">' . $lang['Unlock_topic'] . '</option>' ) : '';
$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'delete') ) ? '<option value="delete">' . $lang['Delete_topic'] . '</option>' : '';
$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'move') ) ? '<option value="move">' . $lang['Move_topic'] . '</option>' : '';
$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'split') ) ? '<option value="split">' . $lang['Split_topic'] . '</option>' : '';
$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'merge') ) ? '<option value="merge">' . $lang['Merge_topic'] . '</option>' : '';
//
// If we've got a hightlight set pass it on to pagination.
@ -505,7 +505,7 @@ if ( !empty($poll_start) )
$poll_expired = ( $vote_info[0]['vote_length'] ) ? ( ( $vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time() ) ? TRUE : 0 ) : 0;
if ( $user_voted || $view_result || $poll_expired || !$acl->get_acl($forum_id, 'forum', 'vote') || $topic_status == TOPIC_LOCKED )
if ( $user_voted || $view_result || $poll_expired || !$auth->get_acl($forum_id, 'forum', 'vote') || $topic_status == TOPIC_LOCKED )
{
$vote_results_sum = 0;
for($i = 0; $i < $vote_options; $i++)
@ -695,7 +695,7 @@ if ( $row = $db->sql_fetchrow($result) )
$poster_details[$poster_id]['pm_img'] = '<a href="' . $temp_url . '">' . create_img($theme['icon_pm'], $lang['Send_private_message']) . '</a>';
$poster_details[$poster_id]['pm'] = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
if ( !empty($row['user_viewemail']) || $acl->get_acl($forum_id, 'mod') )
if ( !empty($row['user_viewemail']) || $auth->get_acl($forum_id, 'mod') )
{
$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $poster_id : 'mailto:' . $row['user_email'];
@ -734,7 +734,7 @@ if ( $row = $db->sql_fetchrow($result) )
$poster_details[$poster_id]['yim_img'] = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . create_img($theme['icon_yim'], $lang['YIM']) . '</a>' : '';
$poster_details[$poster_id]['yim'] = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
if ( $acl->get_acl($forum_id, 'forum', 'search') )
if ( $auth->get_acl($forum_id, 'forum', 'search') )
{
$temp_url = 'search.' . $phpEx . $SID . '&amp;search_author=' . urlencode($row['username']) .'"&amp;showresults=posts';
$search_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_search'], $lang['Search_user_posts']) . '</a>';
@ -775,7 +775,7 @@ if ( $row = $db->sql_fetchrow($result) )
$quote_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_quote'], $lang['Reply_with_quote']) . '</a>';
$quote = '<a href="' . $temp_url . '">' . $lang['Reply_with_quote'] . '</a>';
if ( ( $userdata['user_id'] == $poster_id && $acl->get_acl($forum_id, 'forum', 'edit') ) || $acl->get_acl($forum_id, 'mod', 'edit') )
if ( ( $userdata['user_id'] == $poster_id && $auth->get_acl($forum_id, 'forum', 'edit') ) || $auth->get_acl($forum_id, 'mod', 'edit') )
{
$temp_url = "posting.$phpEx$SID&amp;mode=editpost&amp;p=" . $row['post_id'];
$edit_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_edit'], $lang['Edit_delete_post']) . '</a>';
@ -787,7 +787,7 @@ if ( $row = $db->sql_fetchrow($result) )
$edit = '';
}
if ( $acl->get_acl($forum_id, 'mod', 'ip') )
if ( $auth->get_acl($forum_id, 'mod', 'ip') )
{
$temp_url = "modcp.$phpEx$SID&amp;mode=ip&amp;p=" . $row['post_id'] . "&amp;t=" . $topic_id;
$ip_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_ip'], $lang['View_IP']) . '</a>';
@ -799,7 +799,7 @@ if ( $row = $db->sql_fetchrow($result) )
$ip = '';
}
if ( ( $userdata['user_id'] == $poster_id && $acl->get_acl($forum_id, 'forum', 'delete') && $forum_topic_data['topic_last_post_id'] == $row['post_id'] ) || $acl->get_acl($forum_id, 'mod', 'delete') )
if ( ( $userdata['user_id'] == $poster_id && $auth->get_acl($forum_id, 'forum', 'delete') && $forum_topic_data['topic_last_post_id'] == $row['post_id'] ) || $auth->get_acl($forum_id, 'mod', 'delete') )
{
$temp_url = "posting.$phpEx$SID&amp;mode=delete&amp;p=" . $row['post_id'];
$delpost_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_delete'], $lang['Delete_post']) . '</a>';
@ -825,9 +825,9 @@ if ( $row = $db->sql_fetchrow($result) )
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
if ( !$acl->get_acl($forum_id, 'forum', 'html') )
if ( !$auth->get_acl($forum_id, 'forum', 'html') )
{
if ( $row['enable_html'] && $acl->get_acl($forum_id, 'forum', 'bbcode') )
if ( $row['enable_html'] && $auth->get_acl($forum_id, 'forum', 'bbcode') )
{
$message = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $message);
}
@ -838,7 +838,7 @@ if ( $row = $db->sql_fetchrow($result) )
//
if ( $bbcode_uid != '' )
{
$message = ( $acl->get_acl($forum_id, 'forum', 'bbcode') ) ? bbencode_second_pass($message, $bbcode_uid, $acl->get_acl($forum_id, 'forum', 'img')) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
$message = ( $auth->get_acl($forum_id, 'forum', 'bbcode') ) ? bbencode_second_pass($message, $bbcode_uid, $auth->get_acl($forum_id, 'forum', 'img')) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
}
if ( $row['enable_magic_url'] )
@ -933,7 +933,7 @@ if ( $row = $db->sql_fetchrow($result) )
$message = preg_replace($orig_word, $replacement_word, $message);
}
if ( $row['enable_smilies'] && $acl->get_acl($forum_id, 'forum', 'smilies') )
if ( $row['enable_smilies'] && $auth->get_acl($forum_id, 'forum', 'smilies') )
{
$message = smilies_pass($message);
}
@ -962,14 +962,14 @@ if ( $row = $db->sql_fetchrow($result) )
$user_sig = ( $row['enable_sig'] && $row['user_sig'] != '' && $board_config['allow_sig'] ) ? $row['user_sig'] : '';
$user_sig_bbcode_uid = $row['user_sig_bbcode_uid'];
if ( $user_sig != '' && $user_sig_bbcode_uid != '' && $acl->get_acl($forum_id, 'forum', 'sigs') )
if ( $user_sig != '' && $user_sig_bbcode_uid != '' && $auth->get_acl($forum_id, 'forum', 'sigs') )
{
if ( !$acl->get_acl($forum_id, 'forum', 'html') && $userdata['user_allowhtml'] )
if ( !$auth->get_acl($forum_id, 'forum', 'html') && $userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $user_sig);
}
$poster_details[$poster_id]['sig'] = bbencode_second_pass($user_sig, $user_sig_bbcode_uid, $acl->get_acl($forum_id, 'forum', 'img'));
$poster_details[$poster_id]['sig'] = bbencode_second_pass($user_sig, $user_sig_bbcode_uid, $auth->get_acl($forum_id, 'forum', 'img'));
$poster_details[$poster_id]['sig'] = make_clickable($poster_details[$poster_id]['sig']);