bah, group handling needs some further discussion ... I'm done with it for M-2

git-svn-id: file:///svn/phpbb/trunk@4440 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 14:18:52 +00:00 · 2003-08-27 16:31:54 +00:00 · 2003-08-27 16:31:54 +00:00 · 6225256418
commit 6225256418
parent 2c9b17ba48
15 changed files with 344 additions and 454 deletions
--- a/phpBB/adm/admin_database.php
+++ b/phpBB/adm/admin_database.php
@ -1,23 +1,15 @@
 <?php
-/***************************************************************************
+// -------------------------------------------------------------
-*                              admin_database.php
+//
-*                              -------------------
+// $Id$
-*     begin                : Thu May 31, 2001
+//
-*     copyright            : (C) 2001 The phpBB Group
+// FILENAME  : admin_database.php
-*     email                : support@phpbb.com
+// STARTED   : Thu May 31, 2001
-*
+// COPYRIGHT : © 2003 phpBB Group
-*     $Id$
+// WWW       : http://www.phpbb.com/
-*
+// LICENCE   : GPL vs2.0 [ see /docs/COPYING ] 
-****************************************************************************/
+// 
-
+// -------------------------------------------------------------
 /***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 if (!empty($setmodules))
 {
@ -27,7 +19,7 @@ if (!empty($setmodules))
 	$file_uploads = @ini_get('file_uploads');
 	if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && $auth->acl_get('a_restore'))
 	{
-		$module['DB']['DB_RESTORE'] = $filename . "$SID&amp;mode=restore";
+		$module['DB']['DB_RESTORE'] = "$filenamex$SID&amp;mode=restore";
 	}
 	return;
@ -38,14 +30,19 @@ define('IN_PHPBB', 1);
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 include($phpbb_root_path . 'functions_compress.'.$phpEx);
 $mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';
 // Increase maximum execution time, but don't complain about it if it isn't
 // allowed.
@set_time_limit(1200);
 // Get some vars
 $mode = (isset($_GET['mode'])) ? htmlspecialchars($_GET['mode']) : '';
 $action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : '';
 // --------------------
 // Begin program proper
 // --------------------
 switch($mode)
 {
 	case 'backup':
@ -54,30 +51,30 @@ switch($mode)
 			trigger_error($user->lang['NO_ADMIN']);
 		}
-		if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql')
+		$db_type = '';
 		switch (SQL_LAYER)
 		{
-			switch (SQL_LAYER)
+			case 'oracle':
-			{
+				$db_type = 'Oracle';
-				case 'oracle':
+				break;
-					$db_type = 'Oracle';
+			case 'odbc':
-					break;
+				$db_type = 'ODBC';
-				case 'odbc':
+				break;
-					$db_type = 'ODBC';
+			case 'mssql':
-					break;
+				$db_type = 'MSSQL';
-				case 'mssql':
+				break;
 					$db_type = 'MSSQL';
 					break;
 			}
 			trigger_error($user->lang['Backups_not_supported']);
 			break;
 		}
-		$additional_tables = (isset($_POST['tables'])) ? $_POST['tables'] : ((isset($_GET['tables'])) ? $_GET['tables'] : '');
+		if ($db_type)
-		$backup_type = (isset($_POST['type'])) ? $_POST['type'] : ((isset($_GET['type'])) ? $_GET['type'] : '');
+		{
-		$search = (!empty($_POST['search'])) ? intval($_POST['search']) : ((!empty($_GET['search'])) ? intval($_GET['search']) : 0);
+			trigger_error($user->lang['Backups_not_supported']);
-		$store_path = (isset($_POST['store'])) ? $_POST['store'] : ((isset($_GET['store'])) ? $_GET['store'] : '');
+		}
-		$compress = (!empty($_POST['compress'])) ? $_POST['compress'] : ((!empty($_GET['compress'])) ? $_GET['compress'] : 'none');
+
 		$additional_tables	= (isset($_REQUEST['tables'])) ? htmlspecialchars($_REQUEST['tables']) : '';
 		$backup_type		= (isset($_REQUEST['type'])) ? intval($_REQUEST['type']) : false;
 		$search				= (!empty($_REQUEST['search'])) ? true : false;
 		$store				= (!empty($_REQUEST['store'])) ? true : false;
 		$compress			= (isset($_REQUEST['compress'])) ? htmlspecialchars($_REQUEST['compress']) : '';
 		if (!isset($_POST['backupstart']) && !isset($_GET['backupstart']))
 		{
@ -89,34 +86,34 @@ switch($mode)
 <p><?php echo $user->lang['Backup_explain']; ?></p>
-<form method="post" action="<?php echo "admin_database.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
+<form method="post" action="<?php echo "admin_database.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="95%" cellspacing="1" cellpadding="4" border="0" align="center">
 	<tr>
 		<th colspan="2"><?php echo $user->lang['Backup_options']; ?></th>
 	</tr>
 	<tr>
-		<td class="row1"><?php echo $user->lang['Backup_type']; ?>: </td>
+		<td class="row1" width="40%"><b><?php echo $user->lang['Backup_type']; ?>: </b></td>
 		<td class="row2"><input type="radio" name="type" value="full"  checked="checked" /> <?php echo $user->lang['Full_backup']; ?>&nbsp;&nbsp;<input type="radio" name="type" value="structure" /> <?php echo $user->lang['Structure_only']; ?>&nbsp;&nbsp;<input type="radio" name="type" value="data" /> <?php echo $user->lang['Data_only']; ?></td>
 	</tr>
 	<tr>
-		<td class="row1"><?php echo $user->lang['Include_search_index']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Include_search_index_explain']; ?></span></td>
+		<td class="row1"><b><?php echo $user->lang['Additional_tables']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['Additional_tables_explain']; ?></span></td>
-		<td class="row2"><input type="radio" name="search" value="0" /> <?php echo $user->lang['NO']; ?>&nbsp;&nbsp;<input type="radio" name="search" value="1" checked="checked" /> <?php echo $user->lang['YES']; ?></td>
+		<td class="row2"><input class="post" type="text" name="tables" maxlength="255" size="40" /></td>
 	</tr>
 	<tr>
-		<td class="row1"><?php echo $user->lang['Additional_tables']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Additional_tables_explain']; ?></span></td>
+		<td class="row1"><b><?php echo $user->lang['INC_SEARCH_INDEX']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['INC_SEARCH_INDEX_EXPLAIN']; ?></span></td>
-		<td class="row2"><input type="text" name="tables" size="40" /></td>
+		<td class="row2"><input type="radio" name="search" value="1" checked="checked" /> <?php echo $user->lang['YES']; ?>&nbsp;&nbsp;<input type="radio" name="search" value="0" /> <?php echo $user->lang['NO']; ?></td>
 	</tr>
 	<tr>
-		<td class="row1"><?php echo $user->lang['Store_local']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Store_local_explain']; ?></span></td>
+		<td class="row1"><b><?php echo $user->lang['DOWNLOAD_STORE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['DOWNLOAD_STORE_EXPLAIN']; ?></span></td>
-		<td class="row2"><input type="text" name="store" size="40" /></td>
+		<td class="row2"><input type="radio" name="store" value="0" checked="checked" /> <?php echo $user->lang['EXPORT_DOWNLOAD']; ?>&nbsp;&nbsp;<input type="radio" name="store" value="1" /> <?php echo $user->lang['EXPORT_STORE']; ?></td>
 	</tr>
 <?php
-			if (extension_loaded('zlib') || extension_loaded('bz2'))
+			if (@extension_loaded('zlib') || extension_loaded('bz2'))
 			{
 ?>
 	<tr>
-		<td class="row1"><?php echo $user->lang['Compress_file']; ?>: </td>
+		<td class="row1"><b><?php echo $user->lang['Compress_file']; ?>: </b></td>
 		<td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $user->lang['NONE']; ?><?php
 				if (extension_loaded('zlib'))
@ -175,15 +172,11 @@ switch($mode)
 			unset($additional_tables);
 		}
 		//
 		// Enable output buffering
 		//
 		@ob_start();
 		@ob_implicit_flush(0);
 		//
 		// Build the sql script file...
 		//
 		echo "#\n";
 		echo "# phpBB Backup Script\n";
 		echo "# Dump of tables for $dbname\n";
@ -228,11 +221,9 @@ switch($mode)
 			}
 		}
 		//
 		// Flush the buffer, send the file
 		//
 		switch ($compress)
-		{
+		{/*
 			case 'gzip':
 				$extension = 'sql.gz';
 				$contents = gzencode(ob_get_contents());
@ -251,7 +242,7 @@ switch($mode)
 				$extension = 'bz2';
 				$contents = bzcompress(ob_get_contents());
 				ob_end_clean();
-				break;
+				break;*/
 			default:
 				$extension = 'sql';
@ -294,15 +285,13 @@ switch($mode)
 	case 'restore':
 		if (!$auth->acl_get('a_restore'))
 		{
-			trigger_error($user->lang['No_admin']);
+			trigger_error($user->lang['NO_ADMIN']);
 		}
 		if (isset($_POST['restorestart']))
 		{
 			//
 			// Handle the file upload ....
 			// If no file was uploaded report an error...
 			//
 			if (!empty($_POST['local']))
 			{
 				$file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']);
@ -310,7 +299,7 @@ switch($mode)
 			}
 			else
 			{
-				$filename = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : '';
+				$filename = (!empty($_POST['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : '';
 				$file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != 'none') ? $HTTP_POST_FILES['backup_file']['tmp_name'] : '';
 			}
@ -999,123 +988,6 @@ function output_table_content($content)
 	echo $content ."\n";
 	return;
 }
 //
 // Zip creation class from phpMyAdmin 2.3.0 (c) Tobias Ratschiller, Olivier Müller, Loïc Chapeaux, Marc Delisle
 // http://www.phpmyadmin.net/
 //
 // Based on work by Eric Mueller and Denis125
 // Official ZIP file format: http://www.pkware.com/appnote.txt
 //
 class zipfile
 {
 	var $datasec      = array();
 	var $ctrl_dir     = array();
 	var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
 	var $old_offset   = 0;
 	function unix_to_dos_time($unixtime = 0)
 	{
 		$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
 		if ($timearray['year'] < 1980)
 		{
 			$timearray['year']    = 1980;
 			$timearray['mon']     = 1;
 			$timearray['mday']    = 1;
 			$timearray['hours']   = 0;
 			$timearray['minutes'] = 0;
 			$timearray['seconds'] = 0;
 		}
 		return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
 				($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
 	}
 	function add_file($data, $name, $time = 0)
 	{
 		$name     = str_replace('\\', '/', $name);
 		$dtime    = dechex($this->unix_to_dos_time($time));
 		$hexdtime = '\x' . $dtime[6] . $dtime[7]
 				  . '\x' . $dtime[4] . $dtime[5]
 				  . '\x' . $dtime[2] . $dtime[3]
 				  . '\x' . $dtime[0] . $dtime[1];
 		eval('$hexdtime = "' . $hexdtime . '";');
 		$fr   = "\x50\x4b\x03\x04";
 		$fr   .= "\x14\x00";            // ver needed to extract
 		$fr   .= "\x00\x00";            // gen purpose bit flag
 		$fr   .= "\x08\x00";            // compression method
 		$fr   .= $hexdtime;             // last mod time and date
 		$unc_len = strlen($data);
 		$crc     = crc32($data);
 		$zdata   = gzcompress($data);
 		$zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2); // fix crc bug
 		$c_len   = strlen($zdata);
 		$fr      .= pack('V', $crc);             // crc32
 		$fr      .= pack('V', $c_len);           // compressed filesize
 		$fr      .= pack('V', $unc_len);         // uncompressed filesize
 		$fr      .= pack('v', strlen($name));    // length of filename
 		$fr      .= pack('v', 0);                // extra field length
 		$fr      .= $name;
 		// "file data" segment
 		$fr .= $zdata;
 		// "data descriptor" segment (optional but necessary if archive is not
 		// served as file)
 		$fr .= pack('V', $crc);                 // crc32
 		$fr .= pack('V', $c_len);               // compressed filesize
 		$fr .= pack('V', $unc_len);             // uncompressed filesize
 		// add this entry to array
 		$this -> datasec[] = $fr;
 		$new_offset        = strlen(implode('', $this->datasec));
 		// now add to central directory record
 		$cdrec = "\x50\x4b\x01\x02";
 		$cdrec .= "\x00\x00";                // version made by
 		$cdrec .= "\x14\x00";                // version needed to extract
 		$cdrec .= "\x00\x00";                // gen purpose bit flag
 		$cdrec .= "\x08\x00";                // compression method
 		$cdrec .= $hexdtime;                 // last mod time & date
 		$cdrec .= pack('V', $crc);           // crc32
 		$cdrec .= pack('V', $c_len);         // compressed filesize
 		$cdrec .= pack('V', $unc_len);       // uncompressed filesize
 		$cdrec .= pack('v', strlen($name)); // length of filename
 		$cdrec .= pack('v', 0);             // extra field length
 		$cdrec .= pack('v', 0);             // file comment length
 		$cdrec .= pack('v', 0);             // disk number start
 		$cdrec .= pack('v', 0);             // internal file attributes
 		$cdrec .= pack('V', 32);            // external file attributes - 'archive' bit set
 		$cdrec .= pack('V', $this -> old_offset); // relative offset of local header
 		$this -> old_offset = $new_offset;
 		$cdrec .= $name;
 		// optional extra field, file comment goes here
 		// save to central directory
 		$this -> ctrl_dir[] = $cdrec;
 	}
 	function file()
 	{
 		$data    = implode('', $this -> datasec);
 		$ctrldir = implode('', $this -> ctrl_dir);
 		return $data . $ctrldir . $this -> eof_ctrl_dir .
 			pack('v', sizeof($this -> ctrl_dir)) .  // total # of entries "on this disk"
 			pack('v', sizeof($this -> ctrl_dir)) .  // total # of entries overall
 			pack('V', strlen($ctrldir)) .           // size of central dir
 			pack('V', strlen($data)) .              // offset to start of central dir
 			"\x00\x00";                             // .zip file comment length
 	}
 }
 //
 // End Functions
 // -----------------------------------------------
--- a/phpBB/adm/admin_groups.php
+++ b/phpBB/adm/admin_groups.php
@ -60,7 +60,6 @@ else
 	$action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : '';
 }
 // Grab basic data for group, if group_id is set and exists
 if ($group_id)
 {
@ -85,24 +84,6 @@ switch ($mode)
 		// Which page?
 		switch ($action)
 		{
 			case 'delete':
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP']);
 				}
 				break;
 			case 'deleteusers':
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP']);
 				}
 				break;
 			case 'approve':
 				if (!$group_id)
 				{
@ -122,6 +103,45 @@ switch ($mode)
 				set_default_group($group_id, $mark_ary, false, $group_name, $group_colour, $group_rank, false, false);
 				trigger_error($user->lang['GROUP_DEFS_UPDATED']);
 				break;
 			case 'delete':
 			case 'deleteusers':
 			case 'demote':
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP']);
 				}
 				if ($error = remove_from_group($action, $group_id, $mark_ary, false, $group_name))
 				{
 					trigger_error($user->lang[$error]);
 				}
 				$message = ($action == 'demote') ? 'GROUP_MODS_DEMOTED' : (($action == 'deleteusers') ? 'GROUP_USERS_REMOVE' : 'GROUP_DELETED');
 				trigger_error($user->lang[$message]);
 				break;
 			case 'addleaders':
 			case 'addusers':
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP']);
 				}
 				if (!$name_ary)
 				{
 					trigger_error($user->lang['NO_USERS']);
 				}
 				// Add user/s to group
 				if ($error = add_to_group($action, $group_id, false, $name_ary, $group_colour, $group_rank, $group_avatar, $group_avatar_type))
 				{
 					trigger_error($user->lang[$error]);
 				}
 				$message = ($action == 'addleaders') ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
 				trigger_error($user->lang[$message]);
 				break;
 			case 'edit':
 			case 'add':
@ -259,6 +279,9 @@ function swatch()
 		<td class="row1"><select name="group_rank"><?php echo $rank_options; ?></select></td>
 	</tr>
 	<!-- tr>
 		<th colspan="2"><?php echo $user->lang['GROUP_AVATAR']; ?></th>
 	</tr>
 	<tr>
 		<td class="row2"><b><?php echo $user->lang['GROUP_AVATAR']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_AVATAR_EXPLAIN']; ?></span></td>
 		<td class="row1">&nbsp;</td>
 	</tr -->
@ -270,30 +293,6 @@ function swatch()
 				break;
 			case 'addleaders':
 			case 'addusers':
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP']);
 				}
 				if (!$name_ary)
 				{
 					trigger_error($user->lang['NO_USERS']);
 				}
 				// Add user/s to group
 				if ($error = add_to_group($action, $group_id, false, $name_ary, $group_colour, $group_rank, $group_avatar, $group_avatar_type))
 				{
 					trigger_error($user->lang[$error]);
 				}
 				$message = ($action == 'addleaders') ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
 				trigger_error($user->lang[$message]);
 				break;
 			// Show list of leaders, existing and pending members
 			case 'list':
 				if (!$group_id)
@ -410,7 +409,7 @@ function swatch()
 ?>
 	<tr>
-		<td class="cat" colspan="5" align="right">Select option: <select name="action"><option value="default">Default</option><option value="delete">Delete</option></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;</td>
+		<td class="cat" colspan="5" align="right">Select option: <select name="action"><option value="default">Default</option><option value="demote">Demote</option><option value="delete">Delete</option></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;</td>
 	</tr>
 </table>
@ -706,100 +705,19 @@ function hidebox(id)
 		adm_page_footer();
 		break;
-
+	// Setting groupwide preferences
 	case 'prefs':
 		adm_page_header($user->lang['GROUP_PREFS']);
-
+		if ($update)
-		adm_page_footer();
+		{
-		break;
+		}
-
+		else
-
+		{
-
+			$user_lang = (!empty($_POST['user_lang'])) ? htmlspecialchars($_POST['user_lang']) : '';
-	default:
+			$user_tz = (isset($_POST['user_tz'])) ? doubleval($_POST['user_tz']) : '';
-		trigger_error($user->lang['NO_MODE']);
+			$user_dst = (isset($_POST['user_dst'])) ? intval($_POST['user_dst']) : '';
-}
+		}
 exit;
 /*
 	case 'add':
 		break;
 	case 'delete':
 		// TODO:
 		// Need to offer ability to demote moderators or remove from group
 		break;
 	case 'approve':
 		break;
 adm_page_footer();
 	case 'prefs':
 			}
 			else
 			{
 				$user_lang = (!empty($_POST['user_lang'])) ? htmlspecialchars($_POST['user_lang']) : '';
 				$user_tz = (isset($_POST['user_tz'])) ? doubleval($_POST['user_tz']) : '';
 				$user_dst = (isset($_POST['user_dst'])) ? intval($_POST['user_dst']) : '';
 			}
 ?>
 <h1><?php echo $user->lang['GROUP_SETTINGS']; ?></h1>
@ -829,18 +747,13 @@ adm_page_footer();
 <?php
-*/
+		adm_page_footer();
-
+		break;
 function delete_group()
 {
 }
 function remove_from_group($type, $id, $user_id)
 {
 	default:
 		trigger_error($user->lang['NO_MODE']);
 }
 exit;
 ?>
--- a/phpBB/adm/admin_icons.php
+++ b/phpBB/adm/admin_icons.php
@ -169,7 +169,7 @@ switch ($action)
 		{
 			foreach ($img_ary as $img)
 			{
-				$img = substr($path, 1) . (($path != '') ? '/' : '') . $img; 
+				$img = "$path$img";
 				if (!in_array($img, $existing_imgs) || $action == 'edit')
 				{
--- a/phpBB/adm/admin_users.php
+++ b/phpBB/adm/admin_users.php
@ -34,17 +34,20 @@ if (!empty($setmodules))
 define('IN_PHPBB', 1);
 // Include files
 $phpbb_root_path = '../';
-require($phpbb_root_path . 'extension.inc');
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
 require('pagestart.' . $phpEx);
 // Set mode
-$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main';
+$mode = (isset($_REQUEST['mode'])) ? htmlspecialchars($_REQUEST['mode']) : '';
 $action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : 'main';
 // Begin program
 if (isset($_POST['username']) || isset($_REQUEST['u']))
 {
 	// Grab relevant userdata
-	if(isset($_REQUEST['u']))
+	if (isset($_REQUEST['u']))
 	{
 		$user_id = intval($_REQUEST['u']);
@ -71,35 +74,24 @@ if (isset($_POST['username']) || isset($_REQUEST['u']))
 		$db->sql_transaction();
-		$sql = "UPDATE " . POSTS_TABLE . "
+		$sql = 'UPDATE ' . POSTS_TABLE . '
-			SET poster_id = " . ANONYMOUS . ", post_username = '$username'
+			SET poster_id = ' . ANONYMOUS . " 
 			WHERE poster_id = $user_id";
 		$db->sql_query($sql);
-		$sql = "UPDATE " . TOPICS_TABLE . "
+		$sql = 'UPDATE ' . TOPICS_TABLE . '
-			SET topic_poster = " . ANONYMOUS . "
+			SET topic_poster = ' . ANONYMOUS . "
 			WHERE topic_poster = $user_id";
 		$db->sql_query($sql);
-		$sql = "DELETE FROM " . USERS_TABLE . "
+		$table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE);
 			WHERE user_id = $user_id";
 		$db->sql_query($sql);
-		$sql = "DELETE FROM " . USER_GROUP_TABLE . "
+		foreach ($table_ary as $table)
-			WHERE user_id = $user_id";
+		{
-		$db->sql_query($sql);
+			$sql = "DELETE FROM $table 
-
+				WHERE user_id = $user_id";
-		$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
+			$db->sql_query($sql);
-			WHERE user_id = $user_id";
+		}
 		$db->sql_query($sql);
 		$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
 			WHERE user_id = $user_id";
 		$db->sql_query($sql);
 		$sql = "DELETE FROM " . ACL_USERS_TABLE . "
 			WHERE user_id = $user_id";
 		$db->sql_query($sql);
 		$db->sql_transaction('commit');
@ -114,11 +106,11 @@ if (isset($_POST['username']) || isset($_REQUEST['u']))
 <form method="post" action="admin_users.<?php echo $phpEx . $SID; ?>&amp;mode=<?php echo $mode; ?>&amp;u=<?php echo $userdata['user_id']; ?>"><table width="90%" cellspacing="3" cellpadding="0" border="0" align="center">
 	<tr>
-		<td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=permissions">Permissions</a></td>
+		<td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=permissions">Permissions</a></td>
 	</tr>
 <?php
-	switch ($mode)
+	switch ($action)
 	{
 		case 'main':
--- a/phpBB/adm/subSilver.css
+++ b/phpBB/adm/subSilver.css
@ -194,6 +194,11 @@ input.text {
 	font-family:	'Courier New', courier;
 }
 input.checkbox {
 	height:		16px;
 	width:		16px;
 }
 option.sep {
 	color:				white;
 	background-color:	#006699;
--- a/phpBB/includes/db/firebird.php
+++ b/phpBB/includes/db/firebird.php
@ -43,7 +43,7 @@ class sql_db
 		$this->password = $sqlpassword;
 		$this->server = $sqlserver;
-		$this->db_connect_id =($this->persistency) ? @ibase_pconnect($this->server, $this->user, $this->password) : @ibase_connect($this->server, $this->user, $this->password);
+		$this->db_connect_id =($this->persistency) ? @ibase_pconnect($this->server, $this->user, $this->password, false, false, 3) : @ibase_connect($this->server, $this->user, $this->password, false, false, 3);
 		return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
 	}
@ -132,6 +132,12 @@ class sql_db
 					$this->sql_error($query);
 				}
 				if (!$this->transaction && (strpos($query, 'INSERT') === 0 || strpos($query, 'UPDATE') === 0))
 				{
 					echo $query;
 					ibase_commit();
 				}
 				if (!empty($_GET['explain']))
 				{
 					$endtime = explode(' ', microtime());
@ -415,7 +421,7 @@ class sql_db
 	function sql_escape($msg)
 	{
-		return (@ini_get('magic_quotes_sybase') || strtoupper(@ini_get('magic_quotes_sybase')) == 'ON') ? str_replace('\\\'', '\'', addslashes($msg)) : str_replace('\\\'', '\'\'', $msg);
+		return (@ini_get('magic_quotes_sybase') || strtolower(@ini_get('magic_quotes_sybase')) == 'on') ? str_replace('\\\'', '\'', addslashes($msg)) : str_replace('\'', '\'\'', stripslashes($msg));
 	}
 	function sql_error($sql = '')
--- a/phpBB/includes/db/mysql.php
+++ b/phpBB/includes/db/mysql.php
@ -134,7 +134,7 @@ class sql_db
 					$curtime = $curtime[0] + $curtime[1] - $starttime;
 				}
-				if (!($this->query_result = @mysql_query($query, $this->db_connect_id)))
+				if (($this->query_result = @mysql_query($query, $this->db_connect_id)) === false)
 				{
 					$this->sql_error($query);
 				}
--- a/phpBB/includes/db/postgres.php
+++ b/phpBB/includes/db/postgres.php
@ -35,12 +35,9 @@ class sql_db
 	var $rownum = array();
 	var $num_queries = 0;
 	//
 	// Constructor
 	//
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $persistency = true)
 	{
-		$this->connect_string = "";
+		$this->connect_string = '';
 		if ($sqluser)
 		{
@ -363,7 +360,6 @@ class sql_db
 	function sql_error($sql = '')
 	{
 		if (!$this->return_on_error)
 		{
 			if ($this->transaction)
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -1,23 +1,15 @@
 <?php
-/***************************************************************************
+// -------------------------------------------------------------
- *                               functions.php
+//
- *                            -------------------
+// $Id$
- *   begin                : Saturday, Feb 13, 2001
+//
- *   copyright            : (C) 2001 The phpBB Group
+// FILENAME  : functions.php
- *   email                : support@phpbb.com
+// STARTED   : Sat Feb 13, 2001
- *
+// COPYRIGHT : © 2001,2003 phpBB Group
- *   $Id$
+// WWW       : http://www.phpbb.com/
- *
+// LICENCE   : GPL vs2.0 [ see /docs/COPYING ] 
- ***************************************************************************/
+// 
-
+// -------------------------------------------------------------
 /***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 function set_config($config_name, $config_value, $is_dynamic = FALSE)
 {
@ -697,10 +689,11 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
 	$page_string .= ($on_page == $total_pages) ? '<b>' . $total_pages . '</b>' : '<a href="' . $base_url . '&amp;start=' . (($total_pages - 1) * $per_page) . '">' . $total_pages . '</a>&nbsp;&nbsp;<a href="' . $base_url . "&amp;start=" . ($on_page * $per_page) . '">' . $user->lang['NEXT'] . '</a>';
 //	$page_string = '<a href="javascript:goto();">' . $user->lang['GOTO_PAGE'] . '</a> ' . $page_string;
 	$page_string = $user->lang['GOTO_PAGE'] . ' ' . $page_string;
 //	$page_string = '<a href="javascript:goto();">' . $user->lang['GOTO_PAGE'] . '</a> ' . $page_string;
 //	$template->assign_var('BASE_URL', $base_url);
 //	$template->assign_var('PER_PAGE', $per_page);
 	return $page_string;
 }
@ -944,10 +937,6 @@ function login_box($s_action, $s_hidden_fields = '', $login_explain = '')
 		$err = ($result === 0) ? $user->lang['ACTIVE_ERROR'] :  $user->lang['LOGIN_ERROR'];
 	}
 	$sql = 'DELETE FROM ' . CONFIRM_TABLE . ' 
 		WHERE confirm_time < ' . (time() - $config['session_length']);
 //	$db->sql_query($sql);
 	$template->assign_vars(array(
 		'LOGIN_ERROR'		=> $err, 
 		'LOGIN_EXPLAIN'		=> $login_explain, 
@ -994,6 +983,9 @@ function login_forum_box(&$forum_data)
 	if (!empty($_POST['password']))
 	{
 		// TODO
 		// Remove old valid sessions
 		if ($_POST['password'] == $forum_data['forum_password'])
 		{
 			$sql = 'INSERT INTO phpbb_forum_access (forum_id, user_id, session_id)
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@ -1,23 +1,15 @@
 <?php
-/***************************************************************************
+// -------------------------------------------------------------
- *                            functions_admin.php
+//
- *                            -------------------
+// $Id$
- *   begin                : Saturday, Feb 13, 2001
+//
- *   copyright            : © 2001 The phpBB Group
+// FILENAME  : functions_admin.php
- *   email                : support@phpbb.com
+// STARTED   : Sat Feb 13, 2001
- *
+// COPYRIGHT : © 2001,2003 phpBB Group
- *   $Id$
+// WWW       : http://www.phpbb.com/
- *
+// LICENCE   : GPL vs2.0 [ see /docs/COPYING ] 
- ***************************************************************************/
+// 
-
+// -------------------------------------------------------------
 /***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 // Simple version of jumpbox, just lists authed forums
 function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true)
@ -1362,7 +1354,7 @@ function split_sql_file($sql, $delimiter)
 // and group names must be carried through for the moderators table
 function cache_moderators()
 {
-	global $db;
+	global $db, $cache;
 	// Clear table
 	$sql = (SQL_LAYER != 'sqlite') ? 'TRUNCATE ' . MODERATOR_TABLE : 'DELETE FROM ' . MODERATOR_TABLE;
@ -1448,6 +1440,8 @@ function cache_moderators()
 				}
 		}
 	}
 	$cache->destroy(MODERATOR_TABLE);
 }
 // Logging functions
--- a/phpBB/includes/functions_jabber.php
+++ b/phpBB/includes/functions_jabber.php
@ -296,6 +296,22 @@ class Jabber
 		}
 	}
 	function SendPresence($type = NULL, $to = NULL, $status = NULL, $show = NULL, $priority = NULL)
 	{
 		$xml = '<presence';
 		$xml .= ($to) ? " to='$to'" : '';
 		$xml .= ($type) ? " type='$type'" : '';
 		$xml .= ($status || $show || $priority) ? ">\n" : " />\n";
 		$xml .= ($status) ? " <status>$status</status>\n" : '';
 		$xml .= ($show) ? "	<show>$show</show>\n" : '';
 		$xml .= ($priority) ? "	<priority>$priority</priority>\n" : '';
 		$xml .= ($status || $show || $priority) ? "</presence>\n" : '';
 		return ($this->SendPacket($xml)) ? TRUE : FALSE;
 	}
 	function SendError($to, $id = NULL, $error_number, $error_message = NULL)
 	{
 		$xml = "<iq type='error' to='$to'";
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@ -29,6 +29,8 @@ function generate_smilies($mode)
 	if ($mode == 'window')
 	{
 		$user->setup(false);
 		page_header($user->lang['SMILIES'] . ' - ' . $topic_title);
 		$template->set_filenames(array(
@ -555,7 +557,8 @@ function move_uploaded_attachment($upload_mode, $source_filename, &$filedata)
 			}
 		}
 	}
-	return '';
+
 	return;
 }
 // Delete File
@ -568,14 +571,13 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false)
 	if (file_exists($filename))
 	{
-		$filesys = eregi_replace('/','\\', $filename);
+		$filesys = str_replace('/','\\', $filename);
 		$deleted = @system("del $filesys");
 		if (file_exists($filename)) 
 		{
 			@chmod($filename, 0777);
-			$deleted = @unlink($filename);
+			if (!($deleted = @unlink($filename)))
 			if (!$deleted)
 			{
 				$deleted = @system("del $filename");
 			}
@ -590,8 +592,8 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false)
 function get_img_size_format($width, $height)
 {
 	// Change these two values to define the Thumbnail Size
-	$max_width = 300;
+	$max_width = 400;
-	$max_height = 85;
+	$max_height = 200;
 	if ($height > $max_height) 
 	{
@ -673,8 +675,7 @@ function create_thumbnail($source, $new_file, $mimetype)
 	$new_size = get_img_size_format($size[0], $size[1]);
-	$tmp_path = '';
+	$tmp_path = $old_file = '';
 	$old_file = '';
 	$used_imagick = FALSE;
@ -682,7 +683,7 @@ function create_thumbnail($source, $new_file, $mimetype)
 	{
 		if (is_array($size) && count($size) > 0) 
 		{
-			@exec($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 75 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' ' . $source . ' +profile "*" ' . $new_file);
+			passthru($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"');
 			if (file_exists($new_file))
 			{
 				$used_imagick = TRUE;
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -569,16 +569,12 @@ function create_group($action, $group_id, &$type, &$name, &$desc, &$colour, &$ra
 	return (sizeof($error)) ? $error : false;
 }
-
+// Call with: user_id_ary or username_ary set ... if both false entire group
 // will be set default
 function set_default_group($id, $user_id_ary, $username_ary, &$name, &$colour, &$rank, $avatar, $avatar_type)
 {
 	global $db;
 	if (!is_array($$which_ary))
 	{
 		$$which_ary = array($$which_ary);
 	}
 	if (is_array($user_id_ary) || is_array($username_ary))
 	{
 		$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
@ -656,31 +652,41 @@ function set_default_group($id, $user_id_ary, $username_ary, &$name, &$colour, &
 	return false;
 }
-// TODO
+// Call with: user_id_ary or username_ary set ... if both false entire group
-// approve group
+// will be approved
 function approve_user($group_id, $user_id_ary, $username_ary, &$group_name) 
 {
 	global $db;
-	$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
+	if (is_array($user_id_ary) || is_array($username_ary))
 	{
 		$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
-	$sql = 'SELECT user_id, username 
+		$sql = 'SELECT user_id, username 
-		FROM ' . USERS_TABLE . " 
+			FROM ' . USERS_TABLE . " 
-		WHERE $sql_where";
+			WHERE $sql_where";
 	}
 	else
 	{
 		$sql = 'SELECT u.user_id, u.username 
 			FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . "  
 			WHERE ug.group_id = $group_id
 				AND u.user_id = ug.user_id";
 	}
 	$result = $db->sql_query($sql);
 	$usernames = array();
 	while ($row = $db->sql_fetchrow($result))
 	{
 		$username_ary[] = $row['username'];
-		$user_id_ary[] = $row['user_id'];
+		$user_id_ary[]	= $row['user_id'];
 	}
 	$db->sql_freeresult($result);
-	$sql = 'UPDATE ' . USER_GROUP_TABLE . ' 
+	$sql = 'UPDATE ' . USER_GROUP_TABLE . " 
 		SET user_pending = 0 
-		WHERE user_id IN (' . implode(', ', $user_id_ary) . ")
+		WHERE group_id = $group_id 
-			AND group_id = $group_id";
+			AND user_id IN (" . implode(', ', $user_id_ary) . ')';
 	$db->sql_query($sql);
 	add_log('admin', 'LOG_GROUP_APPROVE', $group_name, implode(', ', $username_ary));
@ -691,4 +697,65 @@ function approve_user($group_id, $user_id_ary, $username_ary, &$group_name)
 	return false;
 }
 // If user_id or username_ary are set users are deleted, else group is
 // removed. Setting action to demote true will demote leaders to users 
 // (if appropriate), deleting leaders removes them from group as with
 // normal users
 function remove_from_group($type, $id, $user_id_ary, $username_ary, &$group_name)
 {
 	global $db;
 	// Delete or demote individuals if data exists, else delete group
 	if (is_array($user_id_ary) || is_array($username_ary))
 	{
 		$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
 		$sql = 'SELECT user_id, username 
 			FROM ' . USERS_TABLE . " 
 			WHERE $sql_where";
 		$result = $db->sql_query($sql);
 		$usernames = array();
 		while ($row = $db->sql_fetchrow($result))
 		{
 			$username_ary[] = $row['username'];
 			$user_id_ary[]	= $row['user_id'];
 		}
 		$db->sql_freeresult($result);
 		switch ($type)
 		{
 			case 'demote':
 				$sql = 'UPDATE ' . USER_GROUP_TABLE . "
 					SET group_leader = 0 
 					WHERE $sql_where";
 				$db->sql_query($sql);
 				break;
 			default:
 				$sql = 'SELECT g.group_id, g.group_name, u.user_id 
 					FROM ' . USER_GROUP_TABLE . ' ug, ' . GROUPS_TABLE . ' g 
 					WHERE u.user_id IN ' . implode(', ', $user_id_ary) . " 
 						AND ug.group_id <> $group_id 
 						AND g.group_type = " . GROUP_SPECIAL . '  
 					GROUP BY u.user_id';
 				break;
 		}
 	}
 	else
 	{
 	}
 	if (!function_exists('add_log'))
 	{
 		global $phpbb_root_path, $phpEx;
 		include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 	}
 	$log = ($action == 'demote') ? 'LOG_GROUP_DEMOTED' : (($action == 'deleteusers') ? 'LOG_GROUP_REMOVE' : 'LOG_GROUP_DELETED');
 	add_log('admin', $log, $name, implode(', ', $username_ary));
 	return false;
 }
 ?>
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@ -71,9 +71,9 @@ class session
 		}
 		// Load limit check (if applicable)
-		if (doubleval($config['limit_load']) && @file_exists('/proc/loadavg'))
+		if (@file_exists('/proc/loadavg'))
 		{
-			if ($load = @file('/proc/loadavg'))
+			if ($config['limit_load'] && $load = @file('/proc/loadavg'))
 			{
 				list($this->load) = explode(' ', $load[0]);
@ -398,6 +398,8 @@ class user extends session
 	var $lang_path;
 	var $img_lang;
 	var $keyoptions = array('viewimg', 'notify', 'notify_pm', 'popup_pm', 'viewflash', 'viewsmilies', 'viewsigs', 'viewavatars', 'viewcensors', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmile', 'allowavatar', 'allow_pm', 'allow_email', 'allow_viewonline', 'allow_viewemail', 'allow_massemail');
 	function setup($lang_set = false, $style = false)
 	{
 		global $db, $template, $config, $auth, $phpEx, $phpbb_root_path;
@ -539,6 +541,45 @@ class user extends session
 		}
 		return $imgs[$img];
 	}
 	// Start code for checking/setting option bit field for user table (if we go that way)
 	// TODO
 	// array_search begone
 	// set values, blah, everything else
 	function option_set($key, $value = false)
 	{
 		if (is_array($key))
 		{
 			if (is_array($value))
 			{
 				$return = array();
 				foreach ($key as $k)
 				{
 					$return[$key] = ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false;
 				}
 				return $return;
 			}
 			else
 			{
 				$return = array();
 				foreach ($key as $k)
 				{
 					$return[$key] = ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false;
 				}
 				return $return;
 			}
 		}
 		else
 		{
 			if ($value !== false)
 			{
 			}
 			else
 			{
 				return ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false;
 			}
 		}
 	}
 }
 // Will be keeping my eye of 'other products' to ensure these things don't
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@ -1,23 +1,18 @@
 <?php
-/***************************************************************************
+// -------------------------------------------------------------
- *                              ucp_profile.php
+//
- *                            -------------------
+// $Id$
- *   begin                : Saturday, Feb 21, 2003
+//
- *   copyright            : (C) 2001 The phpBB Group
+// FILENAME  : admin_styles.php
- *   email                : support@phpbb.com
+// STARTED   : Thu Aug 7 2003
- *
+// COPYRIGHT : © 2003 phpBB Group
- *   $Id$
+// WWW       : http://www.phpbb.com/
- *
+// LICENCE   : GPL vs2.0 [ see /docs/COPYING ] 
- ***************************************************************************/
+// 
 // -------------------------------------------------------------
-/***************************************************************************
+// TODO
- *
+// Check birthday for date in past
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 class ucp_profile extends ucp
 {