From 59573cce8b69bf48ffc81da3ffb14e2b403f6583 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Wed, 25 Jun 2003 19:49:59 +0000 Subject: [PATCH] some updates... git-svn-id: file:///svn/phpbb/trunk@4175 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/adm/admin_attachments.php | 359 ++++++------------------- phpBB/includes/emailer.php | 2 +- phpBB/includes/functions_display.php | 39 +-- phpBB/includes/functions_posting.php | 371 ++------------------------ phpBB/includes/message_parser.php | 2 +- phpBB/install/schemas/schema_data.sql | 7 - phpBB/templates/subSilver/editor.js | 30 ++- 7 files changed, 128 insertions(+), 682 deletions(-) diff --git a/phpBB/adm/admin_attachments.php b/phpBB/adm/admin_attachments.php index bdf8849ade..bc0f5593d8 100644 --- a/phpBB/adm/admin_attachments.php +++ b/phpBB/adm/admin_attachments.php @@ -50,8 +50,7 @@ foreach ($config_sizes as $cfg_key => $var) $submit = (isset($_POST['submit'])) ? TRUE : FALSE; $search_imagick = (isset($_POST['search_imagick'])) ? TRUE : FALSE; -$error = $notify = false; -$error_msg = $notify_msg = ''; +$error = $notify = array(); // Pull all config data $sql = 'SELECT * @@ -75,14 +74,7 @@ while ($row = $db->sql_fetchrow($result)) if (!$submit && $config_name == $cfg_key) { - if ($new[$config_name] >= 1048576) - { - $new[$config_name] = round($new[$config_name] / 1048576 * 100) / 100; - } - else if($new[$config_name] >= 1024) - { - $new[$config_name] = round($new[$config_name] / 1024 * 100) / 100; - } + $new[$config_name] = ($new[$config_name] >= 1048576) ? round($new[$config_name] / 1048576 * 100) / 100 : (($new[$config_name] >= 1024) ? round($new[$config_name] / 1024 * 100) / 100 : $new[$config_name]); } if ($submit && $mode == 'manage' && $config_name == $cfg_key) @@ -122,19 +114,11 @@ while ($row = $db->sql_fetchrow($result)) if ($submit && ($mode == 'manage' || $mode == 'cats')) { add_log('admin', 'LOG_ATTACH_CONFIG'); - $notify = TRUE; - $notify_msg = $user->lang['ATTACH_CONFIG_UPDATED']; + $notify[] = $user->lang['ATTACH_CONFIG_UPDATED']; } -// Adjust the Upload Directory -if (!$new['use_ftp_upload']) -{ - $upload_dir = ($new['upload_dir'][0] == '/' || ($new['upload_dir'][0] != '/' && $new['upload_dir'][1] == ':')) ? $new['upload_dir'] : $phpbb_root_path . $new['upload_dir']; -} -else -{ - $upload_dir = $new['download_path']; -} +// Adjust the Upload Directory - relative or absolute, this is the question here. +$upload_dir = ($new['upload_dir'][0] == '/' || ($new['upload_dir'][0] != '/' && $new['upload_dir'][1] == ':')) ? $new['upload_dir'] : $phpbb_root_path . $new['upload_dir']; switch ($mode) { @@ -189,21 +173,20 @@ if ($search_imagick) // Check Settings if ($submit && $mode == 'manage') { - test_upload($error, $error_msg, $upload_dir, $new['ftp_path'], $new['use_ftp_upload'], false); + test_upload($error, $upload_dir, false); } - if ($submit && $mode == 'cats') { - test_upload($error, $error_msg, $upload_dir, $new['ftp_path'] . '/thumbs', $new['use_ftp_upload'], true); + test_upload($error, $upload_dir . '/thumbs', true); } if ($submit && $mode == 'extensions') { // Change Extensions ? - $extension_change_list = (isset($_POST['extension_change_list'])) ? $_POST['extension_change_list'] : array(); - $extension_explain_list = (isset($_POST['extension_explain_list'])) ? $_POST['extension_explain_list'] : array(); - $group_select_list = (isset($_POST['group_select'])) ? $_POST['group_select'] : array(); + $extension_change_list = (isset($_POST['extension_change_list'])) ? array_map('intval', $_POST['extension_change_list']) : array(); + $extension_explain_list = (isset($_POST['extension_explain_list'])) ? array_map('trim', $_POST['extension_explain_list']) : array(); + $group_select_list = (isset($_POST['group_select'])) ? array_map('intval', $_POST['group_select']) : array(); // Generate correct Change List $extensions = array(); @@ -211,7 +194,7 @@ if ($submit && $mode == 'extensions') for ($i = 0; $i < count($extension_change_list); $i++) { $extensions[$extension_change_list[$i]]['comment'] = stripslashes(htmlspecialchars($extension_explain_list[$i])); - $extensions[$extension_change_list[$i]]['group_id'] = intval($group_select_list[$i]); + $extensions[$extension_change_list[$i]]['group_id'] = $group_select_list[$i]; } $sql = 'SELECT * @@ -221,7 +204,7 @@ if ($submit && $mode == 'extensions') while ($row = $db->sql_fetchrow($result)) { - if ($row['comment'] != $extensions[$row['extension_id']]['comment'] || intval($row['group_id']) != intval($extensions[$row['extension_id']]['group_id'])) + if ($row['comment'] != $extensions[$row['extension_id']]['comment'] || $row['group_id'] != $extensions[$row['extension_id']]['group_id']) { $sql = "UPDATE " . EXTENSIONS_TABLE . " SET comment = '" . $extensions[$row['extension_id']]['comment'] . "', group_id = " . $extensions[$row['extension_id']]['group_id'] . " @@ -233,29 +216,28 @@ if ($submit && $mode == 'extensions') $db->sql_freeresult($result); // Delete Extension ? - $extension_id_list = (isset($_POST['extension_id_list'])) ? $_POST['extension_id_list'] : array(); - $extension_id_sql = implode(', ', $extension_id_list); + $extension_id_list = (isset($_POST['extension_id_list'])) ? array_map('intval', $_POST['extension_id_list']) : array(); - if ($extension_id_sql != '') + if (count($extension_id_list)) { - $sql = 'DELETE - FROM ' . EXTENSIONS_TABLE . " - WHERE extension_id IN ($extension_id_sql)"; + $sql = "DELETE + FROM " . EXTENSIONS_TABLE . " + WHERE extension_id IN (" . implode(', ', $extension_id_list) . ")"; $db->sql_query($sql); - $sql = 'SELECT extension - FROM ' . EXTENSIONS_TABLE . " - WHERE extension_id IN ($extension_id_sql)"; + $sql = "SELECT extension + FROM " . EXTENSIONS_TABLE . " + WHERE extension_id IN (" . implode(', ', $extension_id_list) . ")"; $result = $db->sql_query($sql); - $extension_list = array(); + $extension_list = ''; while ($row = $db->sql_fetchrow($result)) { - $extension_list[] = $row['extension']; + $extension_list .= ($extension_list == '') ? $row['extension'] : ', ' . $row['extension']; } $db->sql_freeresult($result); - add_log('admin', 'LOG_ATTACH_EXT_DEL', implode(', ', $extension_list)); + add_log('admin', 'LOG_ATTACH_EXT_DEL', $extension_list); } // Add Extension ? @@ -266,73 +248,50 @@ if ($submit && $mode == 'extensions') if ($add_extension != '' && $add) { - if (!$error) + if (!count($error)) { - // check extension - $sql = 'SELECT extension - FROM ' . EXTENSIONS_TABLE; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - if ($row['extension'] == $add_extension) - { - $error = TRUE; - if( isset($error_msg) ) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($user->lang['EXTENSION_EXIST'], $add_extension); - } - } - $db->sql_freeresult($result); + $extension_check = array(EXTENSIONS_TABLE => 'EXTENSION_EXIST', FORBIDDEN_EXTENSIONS_TABLE => 'CANNOT_ADD_FORBIDDEN_EXTENSION'); - // Extension Forbidden ? - if (!$error) + foreach ($extension_check as $table => $error_msg) { - $sql = 'SELECT extension - FROM ' . FORBIDDEN_EXTENSIONS_TABLE; + $sql = "SELECT extension + FROM $table"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if ($row['extension'] == $add_extension) { - $error = TRUE; - if( isset($error_msg) ) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($user->lang['CANNOT_ADD_FORBIDDEN_EXTENSION'], $add_extension); + $error[] = sprintf($user->lang[$error_msg], $add_extension); } } + $db->sql_freeresult($result); } - if (!$error) + if (!count($error)) { $sql = 'INSERT INTO ' . EXTENSIONS_TABLE . " (group_id, extension, comment) - VALUES ($add_extension_group, '" . $add_extension . "', '" . trim($add_extension_explain) . "')"; - $db->sql_query($sql); + VALUES ($add_extension_group, '" . $add_extension . "', '" . $add_extension_explain . "')"; + $db->sql_query($sql); add_log('admin', 'LOG_ATTACH_EXT_ADD', $add_extension); } } } - if (!$error) + if (!count($error)) { - $notify = true; - $notify_msg = $user->lang['EXTENSIONS_UPDATED']; + $notify[] = $user->lang['EXTENSIONS_UPDATED']; } } if ($submit && $mode == 'ext_groups') { // Change Extension Groups ? - $group_change_list = (isset($_POST['group_change_list'])) ? $_POST['group_change_list'] : array(); + $group_change_list = (isset($_POST['group_change_list'])) ? array_map('intval', $_POST['group_change_list']) : array(); $extension_group_list = (isset($_POST['extension_group_list'])) ? $_POST['extension_group_list'] : array(); - $group_allowed_list = (isset($_POST['allowed_list'])) ? $_POST['allowed_list'] : array(); + $group_allowed_list = (isset($_POST['allowed_list'])) ? array_map('intval', $_POST['allowed_list']) : array(); $download_mode_list = (isset($_POST['download_mode_list'])) ? $_POST['download_mode_list'] : array(); - $category_list = (isset($_POST['category_list'])) ? $_POST['category_list'] : array(); + $category_list = (isset($_POST['category_list'])) ? array_map('intval', $_POST['category_list']) : array(); $upload_icon_list = (isset($_POST['upload_icon_list'])) ? $_POST['upload_icon_list'] : array(); $filesize_list = (isset($_POST['max_filesize_list'])) ? $_POST['max_filesize_list'] : array(); $size_select_list = (isset($_POST['size_select_list'])) ? $_POST['size_select_list'] : array(); @@ -357,7 +316,7 @@ if ($submit && $mode == 'ext_groups') $filesize_list[$i] = ($size_select_list[$i] == 'kb') ? round($filesize_list[$i] * 1024) : (($size_select_list[$i] == 'mb') ? round($filesize_list[$i] * 1048576) : $filesize_list[$i]); $group_sql = array( - 'group_name' => $extension_group_list[$i], + 'group_name' => trim(htmlspecialchars($extension_group_list[$i])), 'cat_id' => $category_list[$i], 'allow_group' => $allowed, 'download_mode' => $download_mode_list[$i], @@ -365,14 +324,14 @@ if ($submit && $mode == 'ext_groups') 'max_filesize' => $filesize_list[$i] ); - $sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . " + $sql = "UPDATE " . EXTENSION_GROUPS_TABLE . " SET " . $db->sql_build_array('UPDATE', $group_sql) . " WHERE group_id = " . $group_change_list[$i]; $db->sql_query($sql); } // Delete Extension Groups - $group_id_list = (isset($_POST['group_id_list'])) ? $_POST['group_id_list'] : array(); + $group_id_list = (isset($_POST['group_id_list'])) ? array_map('intval', $_POST['group_id_list']) : array(); if (count($group_id_list)) { @@ -418,23 +377,18 @@ if ($submit && $mode == 'ext_groups') // check Extension Group $sql = 'SELECT group_name FROM ' . EXTENSION_GROUPS_TABLE; - $result = $db->sql_query($sql); + $result = $db->sql_query_limit($sql, 1); - while ($row = $db->sql_fetchrow($result)) + if ($row = $db->sql_fetchrow($result)) { if ($row['group_name'] == $extension_group) { - $error = TRUE; - if (isset($error_msg)) - { - $error_msg .= '
'; - } - $error_msg .= sprintf($user->lang['EXTENSION_GROUP_EXIST'], $extension_group); + $error[] = sprintf($user->lang['EXTENSION_GROUP_EXIST'], $extension_group); } } $db->sql_freeresult($result); - if (!$error) + if (!count($error)) { $filesize = ($size_select == 'kb') ? round($filesize * 1024) : (($size_select == 'mb') ? round($filesize * 1048576) : $filesize); @@ -477,10 +431,9 @@ if ($submit && $mode == 'ext_groups') $cache->destroy('extensions'); $cache->put('extensions', $extensions); - if (!$error) + if (!count($error)) { - $notify = true; - $notify_msg = $user->lang['EXTENSION_GROUPS_UPDATED']; + $notify[] = $user->lang['EXTENSION_GROUPS_UPDATED']; } } @@ -491,23 +444,24 @@ if ($submit && $mode == 'ext_groups')

lang[$l_title . '_EXPLAIN']; ?>

lang['WARNING']; ?>

-

+

', $error); ?>

lang['NOTIFY']; ?>

-

+

', $notify); ?>

lang['PM_ATTACH']; ?>:
lang['PM_ATTACH_EXPLAIN']; ?> /> lang['YES']; ?>   /> lang['NO']; ?> - - - - - - - - lang['NO_FTP_EXTENSIONS_INSTALLED']; ?> - - - - - - lang['FTP_UPLOAD']; ?>:
lang['FTP_UPLOAD_EXPLAIN']; ?> - /> lang['YES']; ?>   /> lang['NO']; ?> - - - - - - lang['FTP_SERVER']; ?>:
lang['FTP_SERVER_EXPLAIN']; ?> - - - - lang['ATTACH_FTP_PATH']; ?>:
lang['ATTACH_FTP_PATH_EXPLAIN']; ?> - - - - lang['FTP_DOWNLOAD_PATH']; ?>:
lang['FTP_DOWNLOAD_PATH_EXPLAIN']; ?> - - - - lang['FTP_PASSIVE_MODE']; ?>:
lang['FTP_PASSIVE_MODE_EXPLAIN']; ?> - /> lang['YES']; ?>   /> lang['NO']; ?> - - - lang['FTP_USER']; ?>: - - - - lang['FTP_PASS']; ?>: - - -    @@ -712,7 +613,7 @@ if ($mode == 'cats') = 1048576) ? 'mb' : (($max_add_filesize >= 1024) ? 'kb' : 'b'); } - if ($max_add_filesize >= 1048576) - { - $max_add_filesize = round($max_add_filesize / 1048576 * 100) / 100; - } - else if ( $max_add_filesize >= 1024) - { - $max_add_filesize = round($max_add_filesize / 1024 * 100) / 100; - } + $max_add_filesize = ($max_add_filesize >= 1048576) ? round($max_add_filesize / 1048576 * 100) / 100 : (($max_add_filesize >= 1024) ? round($max_add_filesize / 1024 * 100) / 100 : $max_add_filesize); $viewgroup = (!empty($_REQUEST['g'])) ? $_REQUEST['g'] : -1; ?> @@ -873,20 +767,13 @@ if ($mode == 'ext_groups') $row['max_filesize'] = intval($config['max_filesize']); } - $size_format = ($row['max_filesize'] >= 1048576) ? 'mb' : ( ($row['max_filesize'] >= 1024) ? 'kb' : 'b' ); + $size_format = ($row['max_filesize'] >= 1048576) ? 'mb' : (($row['max_filesize'] >= 1024) ? 'kb' : 'b'); - if ($row['max_filesize'] >= 1048576) - { - $row['max_filesize'] = round($row['max_filesize'] / 1048576 * 100) / 100; - } - else if($row['max_filesize'] >= 1024) - { - $row['max_filesize'] = round($row['max_filesize'] / 1024 * 100) / 100; - } + $row['max_filesize'] = ($row['max_filesize'] >= 1048576) ? round($row['max_filesize'] / 1048576 * 100) / 100 : (($row['max_filesize'] >= 1024) ? round($row['max_filesize'] / 1024 * 100) / 100 : $row['max_filesize']); $s_allowed = ($row['allow_group'] == 1) ? 'checked="checked"' : ''; $edit_img = ($row['upload_icon'] != '') ? $row['upload_icon'] : ''; - + $filename_list = ''; $no_image_select = false; foreach ($imglist as $img) @@ -1020,125 +907,40 @@ if ($mode == 'extensions') adm_page_footer(); // Test Settings -function test_upload(&$error, &$error_msg, $upload_dir, $ftp_path, $ftp_upload_allowed, $create_directory = false) +function test_upload(&$error, $upload_dir, $create_directory = false) { global $user; - $error = FALSE; - - // Does the target directory exist, is it a directory and writeable. (only test if ftp upload is disabled) - if (!$ftp_upload_allowed) + // Does the target directory exist, is it a directory and writeable. + if ($create_directory) { - if ($create_directory) + if (!file_exists($upload_dir)) { - if (!@file_exists($upload_dir)) - { - @mkdir($upload_dir, 0755); - @chmod($upload_dir, 0777); - } - } - - if (!@file_exists($upload_dir)) - { - $error = TRUE; - $error_msg = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $new['upload_dir']) . '
'; - } - - if (!$error && !is_dir($upload_dir)) - { - $error = TRUE; - $error_msg = sprintf($user->lang['DIRECTORY_IS_NOT_A_DIR'], $new['upload_dir']) . '
'; - } - - if (!$error) - { - if ( !($fp = @fopen($upload_dir . '/0_000000.000', 'w')) ) - { - $error = TRUE; - $error_msg = sprintf($user->lang['DIRECTORY_NOT_WRITEABLE'], $new['upload_dir']) . '
'; - } - else - { - @fclose($fp); - @unlink($upload_dir . '/0_000000.000'); - } + @mkdir($upload_dir, 0755); + @chmod($upload_dir, 0777); } } - else - { - // Check FTP Settings - $server = ( empty($new['ftp_server']) ) ? 'localhost' : $new['ftp_server']; - $conn_id = @ftp_connect($server); - - if (!$conn_id) - { - $error = TRUE; - $error_msg = sprintf($user->lang['FTP_ERROR_CONNECT'], $server) . '
'; - } - - $login_result = @ftp_login($conn_id, $new['ftp_user'], $new['ftp_pass']); - - if (!$login_result && !$error) - { - $error = TRUE; - $error_msg = sprintf($user->lang['FTP_ERROR_LOGIN'], $new['ftp_user']) . '
'; - } - if (!@ftp_pasv($conn_id, intval($new['ftp_pasv_mode']))) + if (!file_exists($upload_dir)) + { + $error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $upload_dir); + } + + if (!count($error) && !is_dir($upload_dir)) + { + $error[] = sprintf($user->lang['DIRECTORY_IS_NOT_A_DIR'], $upload_dir); + } + + if (!count($error)) + { + if (!($fp = @fopen($upload_dir . '/0_000000.000', 'w'))) { - $error = TRUE; - $error_msg = $user->lang['FTP_ERROR_PASV_MODE']; + $error[] = sprintf($user->lang['DIRECTORY_NOT_WRITEABLE'], $new['upload_dir']); } - - if (!$error) + else { - // Check Upload - $tmpfname = @tempnam('/tmp', 't0000'); - @unlink($tmpfname); // unlink for safety on php4.0.3+ - $fp = @fopen($tmpfname, 'w'); - @fwrite($fp, 'test'); @fclose($fp); - - if ($create_directory) - { - $result = @ftp_chdir($conn_id, $ftp_path); - - if (!$result) - { - @ftp_mkdir($conn_id, $ftp_path); - } - } - - $result = @ftp_chdir($conn_id, $ftp_path); - - if (!$result) - { - $error = TRUE; - $error_msg = sprintf($user->lang['FTP_ERROR_PATH'], $ftp_path) . '
'; - } - else - { - $res = @ftp_put($conn_id, 't0000', $tmpfname, FTP_ASCII); - - if (!$res) - { - $error = TRUE; - $error_msg = sprintf($user->lang['FTP_ERROR_UPLOAD'], $ftp_path) . '
'; - } - else - { - $res = @ftp_delete($conn_id, 't0000'); - - if (!$res) - { - $error = TRUE; - $error_msg = sprintf($user->lang['FTP_ERROR_DELETE'], $ftp_path) . '
'; - } - } - } - - @ftp_quit($conn_id); - @unlink($tmpfname); + @unlink($upload_dir . '/0_000000.000'); } } } @@ -1156,7 +958,6 @@ function size_select($select_name, $size_compare) for ($i = 0; $i < count($size_types_text); $i++) { $selected = ($size_compare == $size_types[$i]) ? ' selected="selected"' : ''; - $select_field .= ''; } diff --git a/phpBB/includes/emailer.php b/phpBB/includes/emailer.php index f0d330dfbe..594e1e386d 100755 --- a/phpBB/includes/emailer.php +++ b/phpBB/includes/emailer.php @@ -208,7 +208,7 @@ class emailer } // Build header - $this->extra_headers = (($this->replyto !='') ? "Reply-to: <$this->replyto>\r\n" : '') . (($this->from != '') ? "From: <$this->from>\r\n" : "From: <" . $config['board_email'] . ">\r\n") . "Return-Path: <" . $config['board_email'] . ">\r\nMessage-ID: <" . md5(uniqid(time())) . "@" . $config['server_name'] . ">\r\nMIME-Version: 1.0\r\nContent-type: text/plain; charset=" . $this->encoding . "\r\nContent-transfer-encoding: 8bit\r\nDate: " . gmdate('D, d M Y H:i:s Z', time()) . "\r\nX-Priority: 3\r\nX-MSMail-Priority: Normal\r\nX-Mailer: PHP\r\nX-MimeOLE: Produced By phpBB2\r\n" . trim($this->extra_headers) . (($cc != '') ? "Cc:$cc\r\n" : '') . (($bcc != '') ? "Bcc:$bcc\r\n" : ''); + $this->extra_headers = (($this->replyto !='') ? "Reply-to: <$this->replyto>\r\n" : '') . (($this->from != '') ? "From: <$this->from>\r\n" : "From: <" . $config['board_email'] . ">\r\n") . "Return-Path: <" . $config['board_email'] . ">\r\nMessage-ID: <" . md5(uniqid(time())) . "@" . $config['server_name'] . ">\r\nMIME-Version: 1.0\r\nContent-type: text/plain; charset=" . $this->encoding . "\r\nContent-transfer-encoding: 8bit\r\nDate: " . gmdate('D, d M Y H:i:s Z', time()) . "\r\nX-Priority: 3\r\nX-MSMail-Priority: Normal\r\nX-Mailer: PHP\r\nX-MimeOLE: Produced By phpBB2\r\n" . $this->extra_headers . (($cc != '') ? "Cc:$cc\r\n" : '') . (($bcc != '') ? "Bcc:$bcc\r\n" : ''); // Send message ... removed $this->encode() from subject for time being if (!$this->use_queue) diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index e9d9dbd6bd..e80d29c89f 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -386,26 +386,19 @@ function display_attachments($attachment_data, &$update_count, $force_physical = $filesize = $attachment['filesize']; $size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] ); - if ($filesize >= 1048576) - { - $filesize = (round((round($filesize / 1048576 * 100) / 100), 2)); - } - else if ($filesize >= 1024) - { - $filesize = (round((round($filesize / 1024 * 100) / 100), 2)); - } + $filesize = ($filesize >= 1048576) ? round((round($filesize / 1048576 * 100) / 100), 2) : (($filesize >= 1024) ? round((round($filesize / 1024 * 100) / 100), 2) : $filesize); $display_name = $attachment['real_filename']; $comment = stripslashes(trim(str_replace("\n", '
', $attachment['comment']))); - $denied = false; + $denied = FALSE; if (!in_array($attachment['extension'], $extensions['_allowed_'])) { - $denied = true; + $denied = TRUE; $template->assign_block_vars('postrow.attachment', array( - 'IS_DENIED' => true, + 'IS_DENIED' => TRUE, 'L_DENIED' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])) ); @@ -431,7 +424,7 @@ function display_attachments($attachment_data, &$update_count, $force_physical = { if ($config['img_link_width'] || $config['img_link_height']) { - list($width, $height) = image_getdimension($filename); + list($width, $height) = getimagesize($filename); $display_cat = (!$width && !$height) ? IMAGE_CAT : (($width <= $config['img_link_width'] && $height <= $config['img_link_height']) ? IMAGE_CAT : NONE_CAT); } @@ -440,22 +433,15 @@ function display_attachments($attachment_data, &$update_count, $force_physical = { $display_cat = NONE_CAT; } - } + } } switch ($display_cat) { // Images case IMAGE_CAT: - if (!empty($config['ftp_upload']) && trim($config['upload_dir']) == '' && !$force_physical) - { - $img_source = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id']; - } - else - { - $img_source = $filename; - $update_count[] = $attachment['attach_id']; - } + $img_source = $filename; + $update_count[] = $attachment['attach_id']; $l_downloaded_viewed = $user->lang['VIEWED']; $download_link = $img_source; @@ -463,14 +449,7 @@ function display_attachments($attachment_data, &$update_count, $force_physical = // Images, but display Thumbnail case THUMB_CAT: - if (!empty($config['use_ftp_upload']) && trim($config['upload_dir']) == '' && !$force_physical) - { - $thumb_source = $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id'] . '&thumb=1'; - } - else - { - $thumb_source = $thumbnail_filename; - } + $thumb_source = $thumbnail_filename; $l_downloaded_viewed = $user->lang['VIEWED']; $download_link = (!$force_physical) ? $phpbb_root_path . "download.$phpEx$SID&id=" . $attachment['attach_id'] : $filename; diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 8f89d2669b..b27c88c3cf 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -460,14 +460,7 @@ function upload_attachment($filename) { $size_lang = ($allowed_filesize >= 1048576) ? $user->lang['MB'] : ( ($allowed_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] ); - if ($allowed_filesize >= 1048576) - { - $allowed_filesize = round($allowed_filesize / 1048576 * 100) / 100; - } - else if($allowed_filesize >= 1024) - { - $allowed_filesize = round($allowed_filesize / 1024 * 100) / 100; - } + $allowed_filesize = ($allowed_filesize >= 1048576) ? round($allowed_filesize / 1048576 * 100) / 100 : (($allowed_filesize >= 1024) ? round($allowed_filesize / 1024 * 100) / 100 : $allowed_filesize); $filedata['error'][] = sprintf($user->lang['ATTACHMENT_TOO_BIG'], $allowed_filesize, $size_lang); $filedata['post_attach'] = false; @@ -502,27 +495,8 @@ function upload_attachment($filename) $filedata['thumbnail'] = 1; } - // Upload Attachment - if (!$config['use_ftp_upload']) - { - // Descide the Upload method - if ( @ini_get('open_basedir') ) - { - $upload_mode = 'move'; - } - else if ( @ini_get('safe_mode') ) - { - $upload_mode = 'move'; - } - else - { - $upload_mode = 'copy'; - } - } - else - { - $upload_mode = 'ftp'; - } + // Descide the Upload method + $upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode')) ? 'move' : 'copy'; // Ok, upload the File $result = move_uploaded_attachment($upload_mode, $file, $filedata); @@ -546,7 +520,6 @@ function move_uploaded_attachment($upload_mode, $source_filename, &$filedata) switch ($upload_mode) { case 'copy': - if ( !@copy($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) { if ( !@move_uploaded_file($source_filename, $config['upload_dir'] . '/' . $destination_filename) ) @@ -567,41 +540,10 @@ function move_uploaded_attachment($upload_mode, $source_filename, &$filedata) } @chmod($config['upload_dir'] . '/' . $destination_filename, 0666); break; - - case 'ftp': -/* - $conn_id = init_ftp(); - - // Binary or Ascii ? - $mode = FTP_BINARY; - if ( (preg_match("/text/i", $filedata['mimetype'])) || (preg_match("/html/i", $filedata['mimetype'])) ) - { - $mode = FTP_ASCII; - } - - $res = @ftp_put($conn_id, $destination_filename, $source_filename, $mode); - - if (!$res) - { - @ftp_quit($conn_id); - return sprintf($user->lang['Ftp_error_upload'], $config['ftp_path']); - } - - @ftp_site($conn_id, 'CHMOD 0644 ' . $destination_filename); - @ftp_quit($conn_id); - break; -*/ } if ($filedata['thumbnail']) { -/* if ($upload_mode == 'ftp') - { - $source = $source_filename; - $destination = 'thumbs/t_' . $destination_filename; - } - else - {*/ $source = $config['upload_dir'] . '/' . $destination_filename; $destination = $config['upload_dir'] . '/thumbs/t_' . $destination_filename; @@ -621,271 +563,28 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false) { global $config, $user; - if (!$use_ftp) + $filename = ($mode == 'thumbnail') ? $config['upload_dir'] . '/thumbs/t_' . $filename : $config['upload_dir'] . '/' . $filename; + $deleted = @unlink($filename); + + if (file_exists($filename)) { - $filename = ($mode == 'thumbnail') ? $config['upload_dir'] . '/thumbs/t_' . $filename : $config['upload_dir'] . '/' . $filename; - $deleted = @unlink($filename); + $filesys = eregi_replace('/','\\', $filename); + $deleted = @system("del $filesys"); - if (@file_exists($filename)) + if (file_exists($filename)) { - $filesys = eregi_replace('/','\\', $filename); - $deleted = @system("del $filesys"); - - if (@file_exists($filename)) + @chmod($filename, 0777); + $deleted = @unlink($filename); + if (!$deleted) { - @chmod($filename, 0777); - $deleted = @unlink($filename); - if (!$deleted) - { - $deleted = @system("del $filename"); - } + $deleted = @system("del $filename"); } } } - else - { -/* $conn_id = attach_init_ftp($mode); - - if ($mode == MODE_THUMBNAIL) - { - $filename = 't_' . $filename; - } - - $res = @ftp_delete($conn_id, $filename); - if (!$res) - { - if (defined('DEBUG_EXTRA')) - { - $add = ( $mode == MODE_THUMBNAIL ) ? ('/' . THUMB_DIR) : ''; - message_die(GENERAL_ERROR, sprintf($lang['Ftp_error_delete'], $config['ftp_path'] . $add)); - } - - return $deleted; - } - - @ftp_quit($conn_id); - - $deleted = TRUE;*/ - } return $deleted; } -// Read DWord (4 Bytes) from File -function read_dword($fp) -{ - $data = fread($fp, 4); - $value = ord($data[0]) + (ord($data[1])<<8)+(ord($data[2])<<16)+(ord($data[3])<<24); - if ($value >= 4294967294) - { - $value -= 4294967296; - } - return $value; -} - -// Read Word (2 Bytes) from File - Note: It's an Intel Word -function read_word($fp) -{ - $data = fread($fp, 2); - return ord($data[1]) * 256 + ord($data[0]); -} - -// Read Byte -function read_byte($fp) -{ - $data = fread($fp, 1); - return ord($data); -} - - -// Get Image Dimensions... only a test for now, used within create_thumbnail -function image_getdimension($file) -{ - $size = @getimagesize($file); - - if ($size[0] != 0 || $size[1] != 0) - { - return $size; - } - - // Try to get the Dimension manually, depending on the mimetype - if (!($fp = @fopen($file, 'rb'))) - { - return $size; - } - - $error = FALSE; - - // BMP - IMAGE - $tmp_str = fread($fp, 2); - if ($tmp_str == 'BM') - { - $length = read_dword($fp); - - if ($length <= 6) - { - $error = TRUE; - } - - if (!$error) - { - $i = read_dword($fp); - if ($i != 0) - { - $error = TRUE; - } - } - - if (!$error) - { - $i = read_dword($fp); - - if ($i != 0x3E && $i != 0x76 && $i != 0x436 && $i != 0x36) - { - $error = TRUE; - } - } - - if (!$error) - { - $tmp_str = fread($fp, 4); - $width = read_dword($fp); - $height = read_dword($fp); - - if ($width > 3000 || $height > 3000) - { - $error = TRUE; - } - } - } - else - { - $error = TRUE; - } - - if (!$error) - { - fclose($fp); - return array( - $width, - $height, - '6' - ); - } - - $error = FALSE; - fclose($fp); - - // GIF - IMAGE - $fp = @fopen($file, 'rb'); - - $tmp_str = fread($fp, 3); - - if ($tmp_str == 'GIF') - { - $tmp_str = fread($fp, 3); - $width = read_word($fp); - $height = read_word($fp); - - $info_byte = fread($fp, 1); - $info_byte = ord($info_byte); - if (($info_byte & 0x80) != 0x80 && ($info_byte & 0x80) != 0) - { - $error = TRUE; - } - - if (!$error) - { - if (($info_byte & 8) != 0) - { - $error = TRUE; - } - - } - } - else - { - $error = TRUE; - } - - if (!$error) - { - fclose($fp); - return array( - $width, - $height, - '1' - ); - } - - $error = FALSE; - fclose($fp); - - // JPG - IMAGE - $fp = @fopen($file, 'rb'); - - $tmp_str = fread($fp, 4); - $w1 = read_word($fp); - if (intval($w1) < 16) - { - $error = TRUE; - } - - if (!$error) - { - $tmp_str = fread($fp, 4); - if ($tmp_str == 'JFIF') - { - $o_byte = fread($fp, 1); - if (intval($o_byte) != 0) - { - $error = TRUE; - } - - if (!$error) - { - $str = fread($fp, 2); - $b = read_byte($fp); - - if ($b != 0 && $b != 1 && $b != 2) - { - $error = TRUE; - } - } - - if (!$error) - { - $width = read_word($fp); - $height = read_word($fp); - - if ($width <= 0 || $height <= 0) - { - $error = TRUE; - } - } - } - } - else - { - $error = TRUE; - } - - if (!$error) - { - fclose($fp); - return array( - $width, - $height, - '2' - ); - } - - $error = FALSE; - fclose($fp); - - return $size; -} - // Calculate the needed size for Thumbnail // I am sure i had this grabbed from some site... source: unknown function get_img_size_format($width, $height) @@ -956,16 +655,16 @@ function create_thumbnail($source, $new_file, $mimetype) global $config; $source = realpath($source); - $min_filesize = intval($config['img_min_thumb_filesize']); + $min_filesize = (int) $config['img_min_thumb_filesize']; $img_filesize = (file_exists($source)) ? @filesize($source) : FALSE; - if (!$img_filesize || $img_filesize <= $min_filesize) + if (!$img_filesize || $img_filesize <= $min_filesize) { return FALSE; } - $size = image_getdimension($source); + $size = getimagesize($source); if ($size[0] == 0 && $size[1] == 0) { @@ -977,31 +676,6 @@ function create_thumbnail($source, $new_file, $mimetype) $tmp_path = ''; $old_file = ''; -/* - if ($config['allow_ftp_upload']) - { - $old_file = $new_file; - - $tmp_path = explode('/', $source); - $tmp_path[count($tmp_path)-1] = ''; - $tmp_path = implode('/', $tmp_path); - - if ($tmp_path == '') - { - $tmp_path = '/tmp'; - } - - $value = trim($tmp_path); - - if ($value[strlen($value)-1] == '/') - { - $value[strlen($value)-1] = ' '; - } - - $new_file = trim($value) . '/t00000'; - } -*/ - $used_imagick = FALSE; if ($config['img_imagick']) @@ -1054,17 +728,6 @@ function create_thumbnail($source, $new_file, $mimetype) return FALSE; } -/* if (intval($config['allow_ftp_upload'])) - { - $result = ftp_file($new_file, $old_file, $this->type, TRUE); // True for disable error-mode - if (!$result) - { - return (FALSE); - } - } - else - {*/ - @chmod($new_file, 0666); return TRUE; diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 4e04cec0e8..5d58845303 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -672,7 +672,7 @@ class parse_message $error = array(); $num_attachments = count($this->attachment_data); - $this->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim( strip_tags($_POST['filecomment'])) : ''; + $this->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim(strip_tags($_POST['filecomment'])) : ''; $this->filename_data['filename'] = ($_FILES['fileupload']['name'] != 'none') ? trim($_FILES['fileupload']['name']) : ''; $add_file = (isset($_POST['add_file'])) ? TRUE : FALSE; diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index ceee25cb86..d3c287f470 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -112,7 +112,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_base_dn', '') INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_uid', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('lastread', '432000'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('display_order', '0'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_ftp_upload', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_filesize', '262144'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_filesize_pm','262144'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('attachment_quota', '52428800'); @@ -120,12 +119,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_attachments', INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_attachments_pm', '1'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_pm_attach', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_dir', 'files'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('ftp_server', ''); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('ftp_path',''); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('download_path',''); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('ftp_user',''); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('ftp_pass',''); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('ftp_pasv_mode','1'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_display_inlined','1'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_width','0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_height','0'); diff --git a/phpBB/templates/subSilver/editor.js b/phpBB/templates/subSilver/editor.js index 3bcd035346..dfe9e4c9d5 100644 --- a/phpBB/templates/subSilver/editor.js +++ b/phpBB/templates/subSilver/editor.js @@ -54,8 +54,8 @@ function emoticon(text) { caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? text + ' ' : text; document.forms[form_name].elements[text_name].focus(); } else { - document.forms[form_name].elements[text_name].value += text; - document.forms[form_name].elements[text_name].focus(); + document.forms[form_name].elements[text_name].value += text; + document.forms[form_name].elements[text_name].focus(); } } @@ -63,7 +63,7 @@ function bbfontstyle(bbopen, bbclose) { if ((clientVer >= 4) && is_ie && is_win) { theSelection = document.selection.createRange().text; if (!theSelection) { - document.forms[form_name].elements[text_name].value += bbopen + bbclose; + insert_text(bbopen + bbclose); document.forms[form_name].elements[text_name].focus(); return; } @@ -71,13 +71,21 @@ function bbfontstyle(bbopen, bbclose) { document.forms[form_name].elements[text_name].focus(); return; } else { - document.forms[form_name].elements[text_name].value += bbopen + bbclose; + insert_text(bbopen + bbclose); document.forms[form_name].elements[text_name].focus(); return; } - storeCaret(document.forms[form_name].message); + storeCaret(document.forms[form_name].elements[text_name]); } +function insert_text(text) { + if (document.forms[form_name].elements[text_name].createTextRange && document.forms[form_name].elements[text_name].caretPos) { + var caretPos = document.forms[form_name].elements[text_name].caretPos; + caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == '' ? text : text; + } else { + document.forms[form_name].elements[text_name].value += text; + } +} function bbstyle(bbnumber) { @@ -169,11 +177,11 @@ function bbstyle(bbnumber) { butnumber = arraypop(bbcode) - 1; if (bbtags[butnumber] != "[*]") { - document.forms[form_name].elements[text_name].value += bbtags[butnumber + 1]; + insert_text(bbtags[butnumber + 1]); } else { - document.forms[form_name].elements[text_name].value += bbtags[butnumber]; + insert_text(bbtags[butnumber]); } buttext = eval('document.forms[form_name].addbbcode' + butnumber + '.value'); if (bbtags[butnumber] != "[*]") @@ -187,14 +195,16 @@ function bbstyle(bbnumber) { } else { // Open tags if (imageTag && (bbnumber != 14)) { // Close image tag before adding another - document.forms[form_name].elements[text_name].value += bbtags[15]; + insert_text(bbtags[15]); + lastValue = arraypop(bbcode) - 1; // Remove the close image tag from the list document.forms[form_name].addbbcode14.value = "Img"; // Return button back to normal state imageTag = false; } // Open tag - document.forms[form_name].elements[text_name].value += bbtags[bbnumber]; + insert_text(bbtags[bbnumber]); + if ((bbnumber == 14) && (imageTag == false)) imageTag = 1; // Check to stop additional tags after an unclosed image tag if (bbtags[bbnumber] != "[*]") { @@ -205,7 +215,7 @@ function bbstyle(bbnumber) { return; } - storeCaret(document.forms[form_name].message); + storeCaret(document.forms[form_name].elements[text_name]); } // Insert at Claret position. Code from