makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

bah, group handling needs some further discussion ... I'm done with it for M-2

Browse source 
git-svn-id: file:///svn/phpbb/trunk@4440 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-08-27 16:31:54 +00:00
parent 2c9b17ba48
commit 6225256418
15 changed files with 344 additions and 454 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

214
phpBB/adm/admin_database.php
View file

@ -1,23 +1,15 @@
<?php
/***************************************************************************
* admin_database.php
* -------------------
* begin : Thu May 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
****************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : admin_database.php
// STARTED : Thu May 31, 2001
// COPYRIGHT : © 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
if (!empty($setmodules))
{
@ -27,7 +19,7 @@ if (!empty($setmodules))
$file_uploads = @ini_get('file_uploads');
if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && $auth->acl_get('a_restore'))
{
$module['DB']['DB_RESTORE'] = $filename . "$SID&amp;mode=restore";
$module['DB']['DB_RESTORE'] = "$filenamex$SID&amp;mode=restore";
}
return;
@ -38,14 +30,19 @@ define('IN_PHPBB', 1);
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'functions_compress.'.$phpEx);
$mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';
// Increase maximum execution time, but don't complain about it if it isn't
// allowed.
@set_time_limit(1200);
// Get some vars
$mode = (isset($_GET['mode'])) ? htmlspecialchars($_GET['mode']) : '';
$action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : '';
// --------------------
// Begin program proper
// --------------------
switch($mode)
{
case 'backup':
@ -54,8 +51,7 @@ switch($mode)
trigger_error($user->lang['NO_ADMIN']);
}
if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql')
{
$db_type = '';
switch (SQL_LAYER)
{
case 'oracle':
@ -69,15 +65,16 @@ switch($mode)
break;
}
if ($db_type)
{
trigger_error($user->lang['Backups_not_supported']);
break;
}
$additional_tables = (isset($_POST['tables'])) ? $_POST['tables'] : ((isset($_GET['tables'])) ? $_GET['tables'] : '');
$backup_type = (isset($_POST['type'])) ? $_POST['type'] : ((isset($_GET['type'])) ? $_GET['type'] : '');
$search = (!empty($_POST['search'])) ? intval($_POST['search']) : ((!empty($_GET['search'])) ? intval($_GET['search']) : 0);
$store_path = (isset($_POST['store'])) ? $_POST['store'] : ((isset($_GET['store'])) ? $_GET['store'] : '');
$compress = (!empty($_POST['compress'])) ? $_POST['compress'] : ((!empty($_GET['compress'])) ? $_GET['compress'] : 'none');
$additional_tables = (isset($_REQUEST['tables'])) ? htmlspecialchars($_REQUEST['tables']) : '';
$backup_type = (isset($_REQUEST['type'])) ? intval($_REQUEST['type']) : false;
$search = (!empty($_REQUEST['search'])) ? true : false;
$store = (!empty($_REQUEST['store'])) ? true : false;
$compress = (isset($_REQUEST['compress'])) ? htmlspecialchars($_REQUEST['compress']) : '';
if (!isset($_POST['backupstart']) && !isset($_GET['backupstart']))
{
@ -89,34 +86,34 @@ switch($mode)
<p><?php echo $user->lang['Backup_explain']; ?></p>
<form method="post" action="<?php echo "admin_database.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" action="<?php echo "admin_database.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="95%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $user->lang['Backup_options']; ?></th>
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Backup_type']; ?>: </td>
<td class="row1" width="40%"><b><?php echo $user->lang['Backup_type']; ?>: </b></td>
<td class="row2"><input type="radio" name="type" value="full" checked="checked" /> <?php echo $user->lang['Full_backup']; ?>&nbsp;&nbsp;<input type="radio" name="type" value="structure" /> <?php echo $user->lang['Structure_only']; ?>&nbsp;&nbsp;<input type="radio" name="type" value="data" /> <?php echo $user->lang['Data_only']; ?></td>
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Include_search_index']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Include_search_index_explain']; ?></span></td>
<td class="row2"><input type="radio" name="search" value="0" /> <?php echo $user->lang['NO']; ?>&nbsp;&nbsp;<input type="radio" name="search" value="1" checked="checked" /> <?php echo $user->lang['YES']; ?></td>
<td class="row1"><b><?php echo $user->lang['Additional_tables']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['Additional_tables_explain']; ?></span></td>
<td class="row2"><input class="post" type="text" name="tables" maxlength="255" size="40" /></td>
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Additional_tables']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Additional_tables_explain']; ?></span></td>
<td class="row2"><input type="text" name="tables" size="40" /></td>
<td class="row1"><b><?php echo $user->lang['INC_SEARCH_INDEX']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['INC_SEARCH_INDEX_EXPLAIN']; ?></span></td>
<td class="row2"><input type="radio" name="search" value="1" checked="checked" /> <?php echo $user->lang['YES']; ?>&nbsp;&nbsp;<input type="radio" name="search" value="0" /> <?php echo $user->lang['NO']; ?></td>
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Store_local']; ?>: <br /><span class="gensmall"><?php echo $user->lang['Store_local_explain']; ?></span></td>
<td class="row2"><input type="text" name="store" size="40" /></td>
<td class="row1"><b><?php echo $user->lang['DOWNLOAD_STORE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['DOWNLOAD_STORE_EXPLAIN']; ?></span></td>
<td class="row2"><input type="radio" name="store" value="0" checked="checked" /> <?php echo $user->lang['EXPORT_DOWNLOAD']; ?>&nbsp;&nbsp;<input type="radio" name="store" value="1" /> <?php echo $user->lang['EXPORT_STORE']; ?></td>
</tr>
<?php
if (extension_loaded('zlib') || extension_loaded('bz2'))
if (@extension_loaded('zlib') || extension_loaded('bz2'))
{
?>
<tr>
<td class="row1"><?php echo $user->lang['Compress_file']; ?>: </td>
<td class="row1"><b><?php echo $user->lang['Compress_file']; ?>: </b></td>
<td class="row2"><input type="radio" name="compress" value="none" checked="checked" /> <?php echo $user->lang['NONE']; ?><?php
if (extension_loaded('zlib'))
@ -175,15 +172,11 @@ switch($mode)
unset($additional_tables);
}
//
// Enable output buffering
//
@ob_start();
@ob_implicit_flush(0);
//
// Build the sql script file...
//
echo "#\n";
echo "# phpBB Backup Script\n";
echo "# Dump of tables for $dbname\n";
@ -228,11 +221,9 @@ switch($mode)
}
}
//
// Flush the buffer, send the file
//
switch ($compress)
{
{/*
case 'gzip':
$extension = 'sql.gz';
$contents = gzencode(ob_get_contents());
@ -251,7 +242,7 @@ switch($mode)
$extension = 'bz2';
$contents = bzcompress(ob_get_contents());
ob_end_clean();
break;
break;*/
default:
$extension = 'sql';
@ -294,15 +285,13 @@ switch($mode)
case 'restore':
if (!$auth->acl_get('a_restore'))
{
trigger_error($user->lang['No_admin']);
trigger_error($user->lang['NO_ADMIN']);
}
if (isset($_POST['restorestart']))
{
//
// Handle the file upload ....
// If no file was uploaded report an error...
//
if (!empty($_POST['local']))
{
$file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']);
@ -310,7 +299,7 @@ switch($mode)
}
else
{
$filename = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : '';
$filename = (!empty($_POST['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : '';
$file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != 'none') ? $HTTP_POST_FILES['backup_file']['tmp_name'] : '';
}
@ -999,123 +988,6 @@ function output_table_content($content)
echo $content ."\n";
return;
}
//
// Zip creation class from phpMyAdmin 2.3.0 (c) Tobias Ratschiller, Olivier Müller, Loïc Chapeaux, Marc Delisle
// http://www.phpmyadmin.net/
//
// Based on work by Eric Mueller and Denis125
// Official ZIP file format: http://www.pkware.com/appnote.txt
//
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix_to_dos_time($unixtime = 0)
{
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
if ($timearray['year'] < 1980)
{
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function add_file($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix_to_dos_time($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00"; // ver needed to extract
$fr .= "\x00\x00"; // gen purpose bit flag
$fr .= "\x08\x00"; // compression method
$fr .= $hexdtime; // last mod time and date
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); // fix crc bug
$c_len = strlen($zdata);
$fr .= pack('V', $crc); // crc32
$fr .= pack('V', $c_len); // compressed filesize
$fr .= pack('V', $unc_len); // uncompressed filesize
$fr .= pack('v', strlen($name)); // length of filename
$fr .= pack('v', 0); // extra field length
$fr .= $name;
// "file data" segment
$fr .= $zdata;
// "data descriptor" segment (optional but necessary if archive is not
// served as file)
$fr .= pack('V', $crc); // crc32
$fr .= pack('V', $c_len); // compressed filesize
$fr .= pack('V', $unc_len); // uncompressed filesize
// add this entry to array
$this -> datasec[] = $fr;
$new_offset = strlen(implode('', $this->datasec));
// now add to central directory record
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00"; // version made by
$cdrec .= "\x14\x00"; // version needed to extract
$cdrec .= "\x00\x00"; // gen purpose bit flag
$cdrec .= "\x08\x00"; // compression method
$cdrec .= $hexdtime; // last mod time & date
$cdrec .= pack('V', $crc); // crc32
$cdrec .= pack('V', $c_len); // compressed filesize
$cdrec .= pack('V', $unc_len); // uncompressed filesize
$cdrec .= pack('v', strlen($name)); // length of filename
$cdrec .= pack('v', 0); // extra field length
$cdrec .= pack('v', 0); // file comment length
$cdrec .= pack('v', 0); // disk number start
$cdrec .= pack('v', 0); // internal file attributes
$cdrec .= pack('V', 32); // external file attributes - 'archive' bit set
$cdrec .= pack('V', $this -> old_offset); // relative offset of local header
$this -> old_offset = $new_offset;
$cdrec .= $name;
// optional extra field, file comment goes here
// save to central directory
$this -> ctrl_dir[] = $cdrec;
}
function file()
{
$data = implode('', $this -> datasec);
$ctrldir = implode('', $this -> ctrl_dir);
return $data . $ctrldir . $this -> eof_ctrl_dir .
pack('v', sizeof($this -> ctrl_dir)) . // total # of entries "on this disk"
pack('v', sizeof($this -> ctrl_dir)) . // total # of entries overall
pack('V', strlen($ctrldir)) . // size of central dir
pack('V', strlen($data)) . // offset to start of central dir
"\x00\x00"; // .zip file comment length
}
}
//
// End Functions
// -----------------------------------------------

189
phpBB/adm/admin_groups.php
View file

@ -60,7 +60,6 @@ else
$action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : '';
}
// Grab basic data for group, if group_id is set and exists
if ($group_id)
{
@ -85,24 +84,6 @@ switch ($mode)
// Which page?
switch ($action)
{
case 'delete':
if (!$group_id)
{
trigger_error($user->lang['NO_GROUP']);
}
break;
case 'deleteusers':
if (!$group_id)
{
trigger_error($user->lang['NO_GROUP']);
}
break;
case 'approve':
if (!$group_id)
{
@ -123,6 +104,45 @@ switch ($mode)
trigger_error($user->lang['GROUP_DEFS_UPDATED']);
break;
case 'delete':
case 'deleteusers':
case 'demote':
if (!$group_id)
{
trigger_error($user->lang['NO_GROUP']);
}
if ($error = remove_from_group($action, $group_id, $mark_ary, false, $group_name))
{
trigger_error($user->lang[$error]);
}
$message = ($action == 'demote') ? 'GROUP_MODS_DEMOTED' : (($action == 'deleteusers') ? 'GROUP_USERS_REMOVE' : 'GROUP_DELETED');
trigger_error($user->lang[$message]);
break;
case 'addleaders':
case 'addusers':
if (!$group_id)
{
trigger_error($user->lang['NO_GROUP']);
}
if (!$name_ary)
{
trigger_error($user->lang['NO_USERS']);
}
// Add user/s to group
if ($error = add_to_group($action, $group_id, false, $name_ary, $group_colour, $group_rank, $group_avatar, $group_avatar_type))
{
trigger_error($user->lang[$error]);
}
$message = ($action == 'addleaders') ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message]);
break;
case 'edit':
case 'add':
if ($action == 'edit' && !$group_id)
@ -259,6 +279,9 @@ function swatch()
<td class="row1"><select name="group_rank"><?php echo $rank_options; ?></select></td>
</tr>
<!-- tr>
<th colspan="2"><?php echo $user->lang['GROUP_AVATAR']; ?></th>
</tr>
<tr>
<td class="row2"><b><?php echo $user->lang['GROUP_AVATAR']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_AVATAR_EXPLAIN']; ?></span></td>
<td class="row1">&nbsp;</td>
</tr -->
@ -270,30 +293,6 @@ function swatch()
break;
case 'addleaders':
case 'addusers':
if (!$group_id)
{
trigger_error($user->lang['NO_GROUP']);
}
if (!$name_ary)
{
trigger_error($user->lang['NO_USERS']);
}
// Add user/s to group
if ($error = add_to_group($action, $group_id, false, $name_ary, $group_colour, $group_rank, $group_avatar, $group_avatar_type))
{
trigger_error($user->lang[$error]);
}
$message = ($action == 'addleaders') ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message]);
break;
// Show list of leaders, existing and pending members
case 'list':
if (!$group_id)
@ -410,7 +409,7 @@ function swatch()
?>
<tr>
<td class="cat" colspan="5" align="right">Select option: <select name="action"><option value="default">Default</option><option value="delete">Delete</option></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;</td>
<td class="cat" colspan="5" align="right">Select option: <select name="action"><option value="default">Default</option><option value="demote">Demote</option><option value="delete">Delete</option></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;</td>
</tr>
</table>
@ -706,93 +705,12 @@ function hidebox(id)
adm_page_footer();
break;
// Setting groupwide preferences
case 'prefs':
adm_page_header($user->lang['GROUP_PREFS']);
adm_page_footer();
break;
default:
trigger_error($user->lang['NO_MODE']);
}
exit;
/*
case 'add':
break;
case 'delete':
// TODO:
// Need to offer ability to demote moderators or remove from group
break;
case 'approve':
break;
adm_page_footer();
case 'prefs':
if ($update)
{
}
else
{
@ -829,18 +747,13 @@ adm_page_footer();
<?php
*/
function delete_group()
{
}
function remove_from_group($type, $id, $user_id)
{
adm_page_footer();
break;
default:
trigger_error($user->lang['NO_MODE']);
}
exit;
?>

2
phpBB/adm/admin_icons.php
View file

@ -169,7 +169,7 @@ switch ($action)
{
foreach ($img_ary as $img)
{
$img = substr($path, 1) . (($path != '') ? '/' : '') . $img;
$img = "$path$img";
if (!in_array($img, $existing_imgs) || $action == 'edit')
{

42
phpBB/adm/admin_users.php
View file

@ -34,17 +34,20 @@ if (!empty($setmodules))
define('IN_PHPBB', 1);
// Include files
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
$phpEx = substr(strrchr(__FILE__, '.'), 1);
require('pagestart.' . $phpEx);
// Set mode
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main';
$mode = (isset($_REQUEST['mode'])) ? htmlspecialchars($_REQUEST['mode']) : '';
$action = (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : 'main';
// Begin program
if (isset($_POST['username']) || isset($_REQUEST['u']))
{
// Grab relevant userdata
if(isset($_REQUEST['u']))
if (isset($_REQUEST['u']))
{
$user_id = intval($_REQUEST['u']);
@ -71,35 +74,24 @@ if (isset($_POST['username']) || isset($_REQUEST['u']))
$db->sql_transaction();
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . ANONYMOUS . ", post_username = '$username'
$sql = 'UPDATE ' . POSTS_TABLE . '
SET poster_id = ' . ANONYMOUS . "
WHERE poster_id = $user_id";
$db->sql_query($sql);
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_poster = " . ANONYMOUS . "
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_poster = ' . ANONYMOUS . "
WHERE topic_poster = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
$table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE);
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . ACL_USERS_TABLE . "
foreach ($table_ary as $table)
{
$sql = "DELETE FROM $table
WHERE user_id = $user_id";
$db->sql_query($sql);
}
$db->sql_transaction('commit');
@ -114,11 +106,11 @@ if (isset($_POST['username']) || isset($_REQUEST['u']))
<form method="post" action="admin_users.<?php echo $phpEx . $SID; ?>&amp;mode=<?php echo $mode; ?>&amp;u=<?php echo $userdata['user_id']; ?>"><table width="90%" cellspacing="3" cellpadding="0" border="0" align="center">
<tr>
<td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;mode=permissions">Permissions</a></td>
<td align="right"><b>Main</b> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=profile">Profile</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=pref">Preferences</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=avatar">Avatar</a> | <a href="admin_users.<?php echo $phpEx . $SID; ?>&amp;u=<?php echo $userdata['user_id']; ?>&amp;action=permissions">Permissions</a></td>
</tr>
<?php
switch ($mode)
switch ($action)
{
case 'main':

5
phpBB/adm/subSilver.css
View file

@ -194,6 +194,11 @@ input.text {
font-family: 'Courier New', courier;
}
input.checkbox {
height: 16px;
width: 16px;
}
option.sep {
color: white;
background-color: #006699;

10
phpBB/includes/db/firebird.php
View file

@ -43,7 +43,7 @@ class sql_db
$this->password = $sqlpassword;
$this->server = $sqlserver;
$this->db_connect_id =($this->persistency) ? @ibase_pconnect($this->server, $this->user, $this->password) : @ibase_connect($this->server, $this->user, $this->password);
$this->db_connect_id =($this->persistency) ? @ibase_pconnect($this->server, $this->user, $this->password, false, false, 3) : @ibase_connect($this->server, $this->user, $this->password, false, false, 3);
return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
}
@ -132,6 +132,12 @@ class sql_db
$this->sql_error($query);
}
if (!$this->transaction && (strpos($query, 'INSERT') === 0 || strpos($query, 'UPDATE') === 0))
{
echo $query;
ibase_commit();
}
if (!empty($_GET['explain']))
{
$endtime = explode(' ', microtime());
@ -415,7 +421,7 @@ class sql_db
function sql_escape($msg)
{
return (@ini_get('magic_quotes_sybase') || strtoupper(@ini_get('magic_quotes_sybase')) == 'ON') ? str_replace('\\\'', '\'', addslashes($msg)) : str_replace('\\\'', '\'\'', $msg);
return (@ini_get('magic_quotes_sybase') || strtolower(@ini_get('magic_quotes_sybase')) == 'on') ? str_replace('\\\'', '\'', addslashes($msg)) : str_replace('\'', '\'\'', stripslashes($msg));
}
function sql_error($sql = '')

2
phpBB/includes/db/mysql.php
View file

@ -134,7 +134,7 @@ class sql_db
$curtime = $curtime[0] + $curtime[1] - $starttime;
}
if (!($this->query_result = @mysql_query($query, $this->db_connect_id)))
if (($this->query_result = @mysql_query($query, $this->db_connect_id)) === false)
{
$this->sql_error($query);
}

6
phpBB/includes/db/postgres.php
View file

@ -35,12 +35,9 @@ class sql_db
var $rownum = array();
var $num_queries = 0;
//
// Constructor
//
function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $persistency = true)
{
$this->connect_string = "";
$this->connect_string = '';
if ($sqluser)
{
@ -363,7 +360,6 @@ class sql_db
function sql_error($sql = '')
{
if (!$this->return_on_error)
{
if ($this->transaction)

40
phpBB/includes/functions.php
View file

@ -1,23 +1,15 @@
<?php
/***************************************************************************
* functions.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : functions.php
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : © 2001,2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
function set_config($config_name, $config_value, $is_dynamic = FALSE)
{
@ -697,10 +689,11 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add
$page_string .= ($on_page == $total_pages) ? '<b>' . $total_pages . '</b>' : '<a href="' . $base_url . '&amp;start=' . (($total_pages - 1) * $per_page) . '">' . $total_pages . '</a>&nbsp;&nbsp;<a href="' . $base_url . "&amp;start=" . ($on_page * $per_page) . '">' . $user->lang['NEXT'] . '</a>';
// $page_string = '<a href="javascript:goto();">' . $user->lang['GOTO_PAGE'] . '</a> ' . $page_string;
$page_string = $user->lang['GOTO_PAGE'] . ' ' . $page_string;
// $page_string = '<a href="javascript:goto();">' . $user->lang['GOTO_PAGE'] . '</a> ' . $page_string;
// $template->assign_var('BASE_URL', $base_url);
// $template->assign_var('PER_PAGE', $per_page);
return $page_string;
}
@ -944,10 +937,6 @@ function login_box($s_action, $s_hidden_fields = '', $login_explain = '')
$err = ($result === 0) ? $user->lang['ACTIVE_ERROR'] : $user->lang['LOGIN_ERROR'];
}
$sql = 'DELETE FROM ' . CONFIRM_TABLE . '
WHERE confirm_time < ' . (time() - $config['session_length']);
// $db->sql_query($sql);
$template->assign_vars(array(
'LOGIN_ERROR' => $err,
'LOGIN_EXPLAIN' => $login_explain,
@ -994,6 +983,9 @@ function login_forum_box(&$forum_data)
if (!empty($_POST['password']))
{
// TODO
// Remove old valid sessions
if ($_POST['password'] == $forum_data['forum_password'])
{
$sql = 'INSERT INTO phpbb_forum_access (forum_id, user_id, session_id)

34
phpBB/includes/functions_admin.php
View file

@ -1,23 +1,15 @@
<?php
/***************************************************************************
* functions_admin.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : © 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : functions_admin.php
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : © 2001,2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
// Simple version of jumpbox, just lists authed forums
function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true)
@ -1362,7 +1354,7 @@ function split_sql_file($sql, $delimiter)
// and group names must be carried through for the moderators table
function cache_moderators()
{
global $db;
global $db, $cache;
// Clear table
$sql = (SQL_LAYER != 'sqlite') ? 'TRUNCATE ' . MODERATOR_TABLE : 'DELETE FROM ' . MODERATOR_TABLE;
@ -1448,6 +1440,8 @@ function cache_moderators()
}
}
}
$cache->destroy(MODERATOR_TABLE);
}
// Logging functions

16
phpBB/includes/functions_jabber.php
View file

@ -296,6 +296,22 @@ class Jabber
}
}
function SendPresence($type = NULL, $to = NULL, $status = NULL, $show = NULL, $priority = NULL)
{
$xml = '<presence';
$xml .= ($to) ? " to='$to'" : '';
$xml .= ($type) ? " type='$type'" : '';
$xml .= ($status || $show || $priority) ? ">\n" : " />\n";
$xml .= ($status) ? " <status>$status</status>\n" : '';
$xml .= ($show) ? " <show>$show</show>\n" : '';
$xml .= ($priority) ? " <priority>$priority</priority>\n" : '';
$xml .= ($status || $show || $priority) ? "</presence>\n" : '';
return ($this->SendPacket($xml)) ? TRUE : FALSE;
}
function SendError($to, $id = NULL, $error_number, $error_message = NULL)
{
$xml = "<iq type='error' to='$to'";

19
phpBB/includes/functions_posting.php
View file

@ -29,6 +29,8 @@ function generate_smilies($mode)
if ($mode == 'window')
{
$user->setup(false);
page_header($user->lang['SMILIES'] . ' - ' . $topic_title);
$template->set_filenames(array(
@ -555,7 +557,8 @@ function move_uploaded_attachment($upload_mode, $source_filename, &$filedata)
}
}
}
return '';
return;
}
// Delete File
@ -568,14 +571,13 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false)
if (file_exists($filename))
{
$filesys = eregi_replace('/','\\', $filename);
$filesys = str_replace('/','\\', $filename);
$deleted = @system("del $filesys");
if (file_exists($filename))
{
@chmod($filename, 0777);
$deleted = @unlink($filename);
if (!$deleted)
if (!($deleted = @unlink($filename)))
{
$deleted = @system("del $filename");
}
@ -590,8 +592,8 @@ function phpbb_unlink($filename, $mode = 'file', $use_ftp = false)
function get_img_size_format($width, $height)
{
// Change these two values to define the Thumbnail Size
$max_width = 300;
$max_height = 85;
$max_width = 400;
$max_height = 200;
if ($height > $max_height)
{
@ -673,8 +675,7 @@ function create_thumbnail($source, $new_file, $mimetype)
$new_size = get_img_size_format($size[0], $size[1]);
$tmp_path = '';
$old_file = '';
$tmp_path = $old_file = '';
$used_imagick = FALSE;
@ -682,7 +683,7 @@ function create_thumbnail($source, $new_file, $mimetype)
{
if (is_array($size) && count($size) > 0)
{
@exec($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 75 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' ' . $source . ' +profile "*" ' . $new_file);
passthru($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"');
if (file_exists($new_file))
{
$used_imagick = TRUE;

97
phpBB/includes/functions_user.php
View file

@ -569,16 +569,12 @@ function create_group($action, $group_id, &$type, &$name, &$desc, &$colour, &$ra
return (sizeof($error)) ? $error : false;
}
// Call with: user_id_ary or username_ary set ... if both false entire group
// will be set default
function set_default_group($id, $user_id_ary, $username_ary, &$name, &$colour, &$rank, $avatar, $avatar_type)
{
global $db;
if (!is_array($$which_ary))
{
$$which_ary = array($$which_ary);
}
if (is_array($user_id_ary) || is_array($username_ary))
{
$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
@ -656,12 +652,62 @@ function set_default_group($id, $user_id_ary, $username_ary, &$name, &$colour, &
return false;
}
// TODO
// approve group
// Call with: user_id_ary or username_ary set ... if both false entire group
// will be approved
function approve_user($group_id, $user_id_ary, $username_ary, &$group_name)
{
global $db;
if (is_array($user_id_ary) || is_array($username_ary))
{
$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
$sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . "
WHERE $sql_where";
}
else
{
$sql = 'SELECT u.user_id, u.username
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . "
WHERE ug.group_id = $group_id
AND u.user_id = ug.user_id";
}
$result = $db->sql_query($sql);
$usernames = array();
while ($row = $db->sql_fetchrow($result))
{
$username_ary[] = $row['username'];
$user_id_ary[] = $row['user_id'];
}
$db->sql_freeresult($result);
$sql = 'UPDATE ' . USER_GROUP_TABLE . "
SET user_pending = 0
WHERE group_id = $group_id
AND user_id IN (" . implode(', ', $user_id_ary) . ')';
$db->sql_query($sql);
add_log('admin', 'LOG_GROUP_APPROVE', $group_name, implode(', ', $username_ary));
unset($username_ary);
unset($user_id_ary);
return false;
}
// If user_id or username_ary are set users are deleted, else group is
// removed. Setting action to demote true will demote leaders to users
// (if appropriate), deleting leaders removes them from group as with
// normal users
function remove_from_group($type, $id, $user_id_ary, $username_ary, &$group_name)
{
global $db;
// Delete or demote individuals if data exists, else delete group
if (is_array($user_id_ary) || is_array($username_ary))
{
$sql_where = ($user_id_ary) ? 'user_id IN (' . implode(', ', $user_id_ary) . ')' : 'username IN (' . implode(', ', $username_ary) . ')';
$sql = 'SELECT user_id, username
@ -677,16 +723,37 @@ function approve_user($group_id, $user_id_ary, $username_ary, &$group_name)
}
$db->sql_freeresult($result);
$sql = 'UPDATE ' . USER_GROUP_TABLE . '
SET user_pending = 0
WHERE user_id IN (' . implode(', ', $user_id_ary) . ")
AND group_id = $group_id";
switch ($type)
{
case 'demote':
$sql = 'UPDATE ' . USER_GROUP_TABLE . "
SET group_leader = 0
WHERE $sql_where";
$db->sql_query($sql);
break;
add_log('admin', 'LOG_GROUP_APPROVE', $group_name, implode(', ', $username_ary));
default:
$sql = 'SELECT g.group_id, g.group_name, u.user_id
FROM ' . USER_GROUP_TABLE . ' ug, ' . GROUPS_TABLE . ' g
WHERE u.user_id IN ' . implode(', ', $user_id_ary) . "
AND ug.group_id <> $group_id
AND g.group_type = " . GROUP_SPECIAL . '
GROUP BY u.user_id';
break;
}
}
else
{
}
unset($username_ary);
unset($user_id_ary);
if (!function_exists('add_log'))
{
global $phpbb_root_path, $phpEx;
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
}
$log = ($action == 'demote') ? 'LOG_GROUP_DEMOTED' : (($action == 'deleteusers') ? 'LOG_GROUP_REMOVE' : 'LOG_GROUP_DELETED');
add_log('admin', $log, $name, implode(', ', $username_ary));
return false;
}

45
phpBB/includes/session.php
View file

@ -71,9 +71,9 @@ class session
}
// Load limit check (if applicable)
if (doubleval($config['limit_load']) && @file_exists('/proc/loadavg'))
if (@file_exists('/proc/loadavg'))
{
if ($load = @file('/proc/loadavg'))
if ($config['limit_load'] && $load = @file('/proc/loadavg'))
{
list($this->load) = explode(' ', $load[0]);
@ -398,6 +398,8 @@ class user extends session
var $lang_path;
var $img_lang;
var $keyoptions = array('viewimg', 'notify', 'notify_pm', 'popup_pm', 'viewflash', 'viewsmilies', 'viewsigs', 'viewavatars', 'viewcensors', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmile', 'allowavatar', 'allow_pm', 'allow_email', 'allow_viewonline', 'allow_viewemail', 'allow_massemail');
function setup($lang_set = false, $style = false)
{
global $db, $template, $config, $auth, $phpEx, $phpbb_root_path;
@ -539,6 +541,45 @@ class user extends session
}
return $imgs[$img];
}
// Start code for checking/setting option bit field for user table (if we go that way)
// TODO
// array_search begone
// set values, blah, everything else
function option_set($key, $value = false)
{
if (is_array($key))
{
if (is_array($value))
{
$return = array();
foreach ($key as $k)
{
$return[$key] = ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false;
}
return $return;
}
else
{
$return = array();
foreach ($key as $k)
{
$return[$key] = ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false;
}
return $return;
}
}
else
{
if ($value !== false)
{
}
else
{
return ($user->data['user_options'] & pow(2, array_search($key, $this->keyoptions))) ? true : false;
}
}
}
}
// Will be keeping my eye of 'other products' to ensure these things don't

31
phpBB/includes/ucp/ucp_profile.php
View file

@ -1,23 +1,18 @@
<?php
/***************************************************************************
* ucp_profile.php
* -------------------
* begin : Saturday, Feb 21, 2003
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : admin_styles.php
// STARTED : Thu Aug 7 2003
// COPYRIGHT : © 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// TODO
// Check birthday for date in past
class ucp_profile extends ucp
{