From 3cb990df4d8d8d09b46a16918e10c6ba2d0fde19 Mon Sep 17 00:00:00 2001
From: Henry Sudhof <kellanved@phpbb.com>
Date: Fri, 29 Jun 2007 13:37:21 +0000
Subject: [PATCH] #12461

git-svn-id: file:///svn/phpbb/trunk@7809 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/docs/CHANGELOG.html            |  3 +-
 phpBB/includes/acp/acp_bots.php      | 67 +++++++++++++++++++++++++---
 phpBB/includes/acp/acp_icons.php     |  6 +--
 phpBB/includes/functions_convert.php |  2 +-
 phpBB/language/en/acp/bots.php       |  3 +-
 5 files changed, 68 insertions(+), 13 deletions(-)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 7e24558e3c..f3cb2a2dca 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -198,7 +198,8 @@ p a {
 		<li>[Fix] Correctly escape banned ip/email using wildcard for ban check (Bug #12815)</li>
 		<li>[Fix] Fixed some very nasty opera bugs (dropdown list bug, cpu spike bug) (Bug #12763, #11609)</li>
 		<li>[Fix] Font colour list having the correct height in IE (Bug #9571)</li>
-
+		<li>[Feature] Added mark/unmark all links to the bots page (Bug #12461)</li>
+		<li>[Fix] Introduced check on duplicate usernames during bot creation/edit (Bug #12461)</li>
 	</ul>
 
 	</div>
diff --git a/phpBB/includes/acp/acp_bots.php b/phpBB/includes/acp/acp_bots.php
index 3c7fe9f1f3..d75a29b748 100644
--- a/phpBB/includes/acp/acp_bots.php
+++ b/phpBB/includes/acp/acp_bots.php
@@ -162,7 +162,32 @@ class acp_bots
 					{
 						$error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA'];
 					}
+					
+					$bot_name = false;
+					if ($bot_id)
+					{
+						$sql = 'SELECT u.username_clean
+							FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
+							WHERE b.bot_id = $bot_id
+								AND u.user_id = b.user_id";
+						$result = $db->sql_query($sql);
+						$row = $db->sql_fetchrow($result);
+						$db->sql_freeresult($result);
 
+						if (!$bot_row)
+						{
+							$error[] = $user->lang['NO_BOT'];
+						}
+						else
+						{
+							$bot_name = $row['username_clean'];
+						}
+					}
+					if (!$this->validate_botname($bot_row['bot_name'], $bot_name))
+					{
+						$error[] = $user->lang['BOT_NAME_TAKEN'];
+					}
+					
 					if (!sizeof($error))
 					{
 						// New bot? Create a new user and group entry
@@ -180,6 +205,7 @@ class acp_bots
 							{
 								trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"), E_USER_WARNING);
 							}
+						
 
 							$user_id = user_add(array(
 								'user_type'				=> (int) USER_IGNORE, 
@@ -193,7 +219,7 @@ class acp_bots
 								'user_style'			=> (int) $bot_row['bot_style'],
 								'user_allow_massemail'	=> 0,
 							));
-
+	
 							$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 								'user_id'		=> (int) $user_id,
 								'bot_name'		=> (string) $bot_row['bot_name'], 
@@ -202,7 +228,7 @@ class acp_bots
 								'bot_ip'		=> (string) $bot_row['bot_ip'])
 							);
 							$db->sql_query($sql);
-
+	
 							$log = 'ADDED';
 						}
 						else if ($bot_id)
@@ -249,11 +275,13 @@ class acp_bots
 
 							$log = 'UPDATED';
 						}
-
-						$cache->destroy('_bots');
-
-						add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']);
-						trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"));
+						if ($bot_id)
+						{
+							$cache->destroy('_bots');
+	
+							add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']);
+							trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"));
+						}
 					}
 				}
 				else if ($bot_id)
@@ -348,6 +376,31 @@ class acp_bots
 		}
 		$db->sql_freeresult($result);
 	}
+	
+	function validate_botname($newname, $oldname = false)
+	{
+		global $db;
+		if ($oldname && utf8_clean_string($newname) === $oldname)
+		{
+			return true;
+		}
+		 // Admins might want to use names otherwise forbidden, thus we only check for duplicates.
+		$sql = 'SELECT username
+			FROM ' . USERS_TABLE . "
+			WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'";
+		$result = $db->sql_query($sql);
+		$row = $db->sql_fetchrow($result);
+		$db->sql_freeresult($result);
+		
+		if ($row)
+		{
+			return false;
+		}
+		else
+		{
+			return true;
+		}
+	}
 }
 
 ?>
\ No newline at end of file
diff --git a/phpBB/includes/acp/acp_icons.php b/phpBB/includes/acp/acp_icons.php
index 66bc377490..ebf058850f 100644
--- a/phpBB/includes/acp/acp_icons.php
+++ b/phpBB/includes/acp/acp_icons.php
@@ -276,14 +276,14 @@ class acp_icons
 				$image_height	= (isset($_POST['height'])) ? request_var('height', array('' => 0)) : array();
 				$image_add		= (isset($_POST['add_img'])) ? request_var('add_img', array('' => 0)) : array();
 				$image_emotion	= request_var('emotion', array('' => ''), true);
-				$image_code		= request_var('code', array('' => ''));
+				$image_code		= request_var('code', array('' => ''), true);
 				$image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array('' => 0)) : array();
 
 				// Ok, add the relevant bits if we are adding new codes to existing emoticons...
 				if (!empty($_POST['add_additional_code']))
 				{
 					$add_image			= request_var('add_image', '');
-					$add_code			= request_var('add_code', '');
+					$add_code			= request_var('add_code', '', true);
 					$add_emotion		= request_var('add_emotion', '', true);
 
 					if ($add_image && $add_emotion && $add_code)
@@ -336,7 +336,7 @@ class acp_icons
 						}
 
 						// Image_order holds the 'new' order value
-						if (!empty($image_order[$image]))
+						if (!empty($image_order[$image]) && !empty($$image_id[$image]))
 						{
 							$img_sql = array_merge($img_sql, array(
 								$fields . '_order'	=>	$image_order[$image])
diff --git a/phpBB/includes/functions_convert.php b/phpBB/includes/functions_convert.php
index 0aa3c205f5..4037fb4872 100644
--- a/phpBB/includes/functions_convert.php
+++ b/phpBB/includes/functions_convert.php
@@ -227,7 +227,7 @@ function validate_website($url)
 	if ($url === 'http://'){
 		return '';
 	}
-	else if (strstr('http://', $url) !== 0)
+	else if (strpos(strtolower($url), 'http://') !== 0)
 	{
 		return 'http://' . $url;
 	}
diff --git a/phpBB/language/en/acp/bots.php b/phpBB/language/en/acp/bots.php
index d06a90d363..689009bd3b 100644
--- a/phpBB/language/en/acp/bots.php
+++ b/phpBB/language/en/acp/bots.php
@@ -33,7 +33,7 @@ if (empty($lang) || !is_array($lang))
 // Bot settings
 $lang = array_merge($lang, array(
 	'BOTS'				=> 'Manage bots',
-	'BOTS_EXPLAIN'		=> 'Bots or crawlers are automated agents most commonly used by search engines to update their databases. Since they rarely make proper use of sessions they can distort visitor counts, increase load and sometimes fail to index sites correctly. Here you can define a special type of user to overcome these problems.',
+	'BOTS_EXPLAIN'		=> '&quot;Bots&quot;, &quot;spiders&quot; or &quot;crawlers&quot; are automated agents most commonly used by search engines to update their databases. Since they rarely make proper use of sessions they can distort visitor counts, increase load and sometimes fail to index sites correctly. Here you can define a special type of user to overcome these problems.',
 	'BOT_ACTIVATE'		=> 'Activate',
 	'BOT_ACTIVE'		=> 'Bot active',
 	'BOT_ADD'			=> 'Add bot',
@@ -51,6 +51,7 @@ $lang = array_merge($lang, array(
 	'BOT_IP_EXPLAIN'	=> 'Partial matches are allowed, separate addresses with a comma.',
 	'BOT_NAME'			=> 'Bot name',
 	'BOT_NAME_EXPLAIN'	=> 'Used only for your own information.',
+	'BOT_NAME_TAKEN'	=> 'The name is already in use on your board and can\'t be used for the Bot.',
 	'BOT_NEVER'			=> 'Never',
 	'BOT_STYLE'			=> 'Bot style',
 	'BOT_STYLE_EXPLAIN'	=> 'The style used for the board by the bot.',