{L_USER_ADMIN_EXPLAIN}
diff --git a/phpBB/download.php b/phpBB/download.php index 41d09287de..cec44eaf1c 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -265,21 +265,20 @@ function send_file_to_browser($attachment, $upload_dir, $category) exit; } -/* +/** * Get a browser friendly UTF-8 encoded filename */ function header_filename($file) { // There be dragons here... - // IE follows no RFC, follow the RFC for extended filename for the rest - if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) + // IE and Safari follows no RFC. + if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'Safari') !== false) { return "filename=" . rawurlencode($file); } - else - { - return "filename*=UTF-8''" . rawurlencode($file); - } + + // follow the RFC for extended filename for the rest + return "filename*=UTF-8''" . rawurlencode($file); } /** diff --git a/phpBB/includes/acp/acp_bots.php b/phpBB/includes/acp/acp_bots.php index 72fb40216d..43984c5a5c 100644 --- a/phpBB/includes/acp/acp_bots.php +++ b/phpBB/includes/acp/acp_bots.php @@ -94,12 +94,15 @@ class acp_bots WHERE bot_id $sql_id"; $db->sql_query($sql); - $_tables = array(USERS_TABLE, USER_GROUP_TABLE); - foreach ($_tables as $table) + if (sizeof($user_id_ary)) { - $sql = "DELETE FROM $table - WHERE " . $db->sql_in_set('user_id', $user_id_ary); - $db->sql_query($sql); + $_tables = array(USERS_TABLE, USER_GROUP_TABLE); + foreach ($_tables as $table) + { + $sql = "DELETE FROM $table + WHERE " . $db->sql_in_set('user_id', $user_id_ary); + $db->sql_query($sql); + } } $db->sql_transaction('commit'); diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index 6b2904b245..57d03ff67e 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -55,6 +55,7 @@ class acp_email { if ($usernames) { + // If giving usernames the admin is able to email inactive users too... $sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . ' @@ -66,18 +67,20 @@ class acp_email if ($group_id) { $sql = 'SELECT u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type - FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug - WHERE ug.group_id = $group_id + FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug + WHERE ug.group_id = ' . $group_id . ' AND ug.user_pending = 0 AND u.user_id = ug.user_id AND u.user_allow_massemail = 1 - ORDER BY u.user_lang, u.user_notify_type"; + AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') + ORDER BY u.user_lang, u.user_notify_type'; } else { $sql = 'SELECT username, username_clean, user_email, user_jabber, user_notify_type, user_lang FROM ' . USERS_TABLE . ' WHERE user_allow_massemail = 1 + AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') ORDER BY user_lang, user_notify_type'; } } @@ -172,17 +175,25 @@ class acp_email $messenger->save_queue(); - if ($group_id) + if ($usernames) { - $group_name = get_group_name($group_id); + $usernames = explode("\n", $usernames); + add_log('admin', 'LOG_MASS_EMAIL', implode(', ', $usernames)); } else { - // Not great but the logging routine doesn't cope well with localising on the fly - $group_name = $user->lang['ALL_USERS']; - } + if ($group_id) + { + $group_name = get_group_name($group_id); + } + else + { + // Not great but the logging routine doesn't cope well with localising on the fly + $group_name = $user->lang['ALL_USERS']; + } - add_log('admin', 'LOG_MASS_EMAIL', $group_name); + add_log('admin', 'LOG_MASS_EMAIL', $group_name); + } if (!$errored) { diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php index c7e9e31d66..b0a163fc60 100644 --- a/phpBB/includes/acp/acp_permissions.php +++ b/phpBB/includes/acp/acp_permissions.php @@ -355,7 +355,10 @@ class acp_permissions case 'usergroup': case 'usergroup_view': - if (sizeof($user_id) || sizeof($group_id)) + $all_users = (isset($_POST['all_users'])) ? true : false; + $all_groups = (isset($_POST['all_groups'])) ? true : false; + + if ((sizeof($user_id) && !$all_users) || (sizeof($group_id) && !$all_groups)) { if (sizeof($user_id)) { @@ -370,11 +373,8 @@ class acp_permissions continue 2; } - $items = $this->retrieve_defined_user_groups($permission_scope, $forum_id, $permission_type); - // Now we check the users... because the "all"-selection is different here (all defined users/groups) - $all_users = (isset($_POST['all_users'])) ? true : false; - $all_groups = (isset($_POST['all_groups'])) ? true : false; + $items = $this->retrieve_defined_user_groups($permission_scope, $forum_id, $permission_type); if ($all_users && sizeof($items['user_ids'])) { @@ -565,17 +565,20 @@ class acp_permissions break; } - $sql = "SELECT $sql_id - FROM $table - WHERE " . $db->sql_in_set($sql_id, $ids); - $result = $db->sql_query($sql); - - $ids = array(); - while ($row = $db->sql_fetchrow($result)) + if (sizeof($ids)) { - $ids[] = $row[$sql_id]; + $sql = "SELECT $sql_id + FROM $table + WHERE " . $db->sql_in_set($sql_id, $ids); + $result = $db->sql_query($sql); + + $ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $ids[] = $row[$sql_id]; + } + $db->sql_freeresult($result); } - $db->sql_freeresult($result); if (!sizeof($ids)) { diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 24fd028bad..87744660a2 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -134,7 +134,8 @@ class acp_users 'U_BACK' => $this->u_action, 'U_MODE_SELECT' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&u=$user_id"), 'U_ACTION' => $this->u_action . '&u=' . $user_id, - 'S_FORM_OPTIONS' => $s_form_options) + 'S_FORM_OPTIONS' => $s_form_options, + 'MANAGED_USERNAME' => $user_row['username']) ); // Prevent normal users/admins change/view founders if they are not a founder by themselves @@ -398,44 +399,6 @@ class acp_users if (confirm_box(true)) { - $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts - FROM ' . POSTS_TABLE . " - WHERE poster_id = $user_id - GROUP BY topic_id"; - $result = $db->sql_query($sql); - - $topic_id_ary = array(); - while ($row = $db->sql_fetchrow($result)) - { - $topic_id_ary[$row['topic_id']] = $row['total_posts']; - } - $db->sql_freeresult($result); - - if (sizeof($topic_id_ary)) - { - $sql = 'SELECT topic_id, topic_replies, topic_replies_real - FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary)); - $result = $db->sql_query($sql); - - $del_topic_ary = array(); - while ($row = $db->sql_fetchrow($result)) - { - if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']]) - { - $del_topic_ary[] = $row['topic_id']; - } - } - $db->sql_freeresult($result); - - if (sizeof($del_topic_ary)) - { - $sql = 'DELETE FROM ' . TOPICS_TABLE . ' - WHERE ' . $db->sql_in_set('topic_id', $del_topic_ary); - $db->sql_query($sql); - } - } - // Delete posts, attachments, etc. delete_posts('poster_id', $user_id); diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 7208aee113..e0b7b8a554 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -598,7 +598,7 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync = } $approved_posts = 0; - $post_ids = $topic_ids = $forum_ids = $post_counts = array(); + $post_ids = $topic_ids = $forum_ids = $post_counts = $remove_topics = array(); $sql = 'SELECT post_id, poster_id, post_approved, post_postcount, topic_id, forum_id FROM ' . POSTS_TABLE . ' @@ -653,6 +653,25 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync = } } + // Remove topics now having no posts? + if (sizeof($topic_ids)) + { + $sql = 'SELECT topic_id + FROM ' . POSTS_TABLE . ' + WHERE ' . $db->sql_in_set('topic_id', $topic_ids) . ' + GROUP BY topic_id'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $remove_topics[] = $row['topic_id']; + } + $db->sql_freeresult($result); + + // Actually, those not within remove_topics should be removed. ;) + $remove_topics = array_diff($topic_ids, $remove_topics); + } + // Remove the message from the search index $search_type = basename($config['search_type']); @@ -695,6 +714,12 @@ function delete_posts($where_type, $where_ids, $auto_sync = true, $posted_sync = set_config('num_posts', $config['num_posts'] - $approved_posts, true); } + // We actually remove topics now to not be inconsistent (the delete_topics function calls this function too) + if (sizeof($remove_topics)) + { + delete_topics('topic_id', $remove_topics); + } + return sizeof($post_ids); } diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php index e96cf5aaf1..08ecd7c5e7 100644 --- a/phpBB/includes/functions_convert.php +++ b/phpBB/includes/functions_convert.php @@ -308,6 +308,13 @@ function decode_ip($int_ip) } $hexipbang = explode('.', chunk_split($int_ip, 2, '.')); + + // Any mod changing the way ips are stored? Then we are not able to convert. + if (sizeof($hexipbang) != 4) + { + return ''; + } + return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]); } diff --git a/phpBB/includes/mcp/mcp_forum.php b/phpBB/includes/mcp/mcp_forum.php index cf41df646d..2f02a21a3f 100644 --- a/phpBB/includes/mcp/mcp_forum.php +++ b/phpBB/includes/mcp/mcp_forum.php @@ -117,6 +117,7 @@ function mcp_forum_view($id, $mode, $action, $forum_info) ORDER BY t.topic_type DESC, $sort_order_sql"; $result = $db->sql_query_limit($sql, $topics_per_page, $start); + $topic_list = $topic_tracking_info = array(); while ($row = $db->sql_fetchrow($result)) { $topic_rows[$row['topic_id']] = $row; @@ -124,15 +125,23 @@ function mcp_forum_view($id, $mode, $action, $forum_info) } $db->sql_freeresult($result); - $topic_tracking_info = array(); - // Get topic tracking info - if ($config['load_db_lastread']) + // If there is more than one page, but we have no topic list, then the start parameter is... erm... out of sync + if (!sizeof($topic_list) && $forum_topics && $start > 0) { - $topic_tracking_info = get_topic_tracking($forum_id, $topic_list, $topic_rows, array($forum_id => $forum_info['mark_time']), array()); + redirect($url . "&i=$id&action=$action&mode=$mode"); } - else + + // Get topic tracking info + if (sizeof($topic_list)) { - $topic_tracking_info = get_complete_topic_tracking($forum_id, $topic_list, array()); + if ($config['load_db_lastread']) + { + $topic_tracking_info = get_topic_tracking($forum_id, $topic_list, $topic_rows, array($forum_id => $forum_info['mark_time']), array()); + } + else + { + $topic_tracking_info = get_complete_topic_tracking($forum_id, $topic_list, array()); + } } foreach ($topic_rows as $topic_id => $row) diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 78fa02cccc..a57dadb301 100755 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -192,7 +192,7 @@ class mcp_reports $forum_info = array(); $forum_list_reports = get_forum_list('m_report', false, true); - if ($topic_id) + if ($topic_id && $forum_id) { $topic_info = get_topic_data(array($topic_id)); @@ -204,6 +204,10 @@ class mcp_reports $topic_info = $topic_info[$topic_id]; $forum_id = $topic_info['forum_id']; } + else if ($topic_id && !$forum_id) + { + $topic_id = 0; + } $forum_list = array(); diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php index b68eab59be..0e4b0381f0 100644 --- a/phpBB/install/database_update.php +++ b/phpBB/install/database_update.php @@ -1354,12 +1354,15 @@ function add_bots() WHERE bot_id $sql_id"; $db->sql_query($sql); - $_tables = array(USERS_TABLE, USER_GROUP_TABLE); - foreach ($_tables as $table) + if (sizeof($user_id_ary)) { - $sql = "DELETE FROM $table - WHERE " . $db->sql_in_set('user_id', $user_id_ary); - $db->sql_query($sql); + $_tables = array(USERS_TABLE, USER_GROUP_TABLE); + foreach ($_tables as $table) + { + $sql = "DELETE FROM $table + WHERE " . $db->sql_in_set('user_id', $user_id_ary); + $db->sql_query($sql); + } } } else