makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

- use the $var_ary for settings in a more logical way (hopefully removes the clutter and shows where which variable is set how)

Browse source 
- hopefully utf8 passwords are working too now


git-svn-id: file:///svn/phpbb/trunk@6552 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-11-04 17:19:33 +00:00
parent 8b90d5998b
commit 63c0c798c8
7 changed files with 215 additions and 335 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/adm/style/acp_captcha.html
View file

@ -27,8 +27,8 @@
<dt><label for="captcha_gd_noise">{L_CAPTCHA_GD_NOISE}:</label><br /><span>{L_CAPTCHA_GD_NOISE_EXPLAIN}</span></dt> <dt><label for="captcha_gd_noise">{L_CAPTCHA_GD_NOISE}:</label><br /><span>{L_CAPTCHA_GD_NOISE_EXPLAIN}</span></dt>
<dd><input id="captcha_gd_noise" name="captcha_gd_noise" value="1" class="radio" type="radio"<!-- IF CAPTCHA_GD_NOISE --> checked="checked"<!-- ENDIF --> />&nbsp;{L_YES}&nbsp;&nbsp;<input name="captcha_gd_noise" value="0" class="radio" type="radio"<!-- IF not CAPTCHA_GD_NOISE --> checked="checked"<!-- ENDIF --> />&nbsp;{L_NO}</dd> <dd><input id="captcha_gd_noise" name="captcha_gd_noise" value="1" class="radio" type="radio"<!-- IF CAPTCHA_GD_NOISE --> checked="checked"<!-- ENDIF --> />&nbsp;{L_YES}&nbsp;&nbsp;<input name="captcha_gd_noise" value="0" class="radio" type="radio"<!-- IF not CAPTCHA_GD_NOISE --> checked="checked"<!-- ENDIF --> />&nbsp;{L_NO}</dd>
</dl> </dl>
</fieldset>
<!-- ENDIF --> <!-- ENDIF -->
</fieldset>
<fieldset class="submit-buttons"> <fieldset class="submit-buttons">
<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp; <input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;

296
phpBB/includes/acp/acp_users.php
View file

@ -616,32 +616,19 @@ class acp_users
break; break;
} }
$data = array();
// Handle registration info updates // Handle registration info updates
$var_ary = array( $data = array(
'user' => (string) $user_row['username'], 'username' => request_var('user', $user_row['username'], true),
'user_founder' => (int) (($user_row['user_type'] == USER_FOUNDER) ? 1 : 0), 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
'user_email' => (string) $user_row['user_email'], 'email' => request_var('user_email', $user_row['user_email']),
'email_confirm' => (string) '', 'email_confirm' => request_var('email_confirm', ''),
'user_password' => (string) '', 'user_password' => request_var('user_password', '', true),
'password_confirm' => (string) '', 'password_confirm' => request_var('password_confirm', '', true),
'warnings' => (int) $user_row['user_warnings'], 'warnings' => request_var('warnings', $user_row['user_warnings']),
); );
// Get the data from the form. Use data from the database if no info is provided
foreach ($var_ary as $var => $default)
{
$data[$var] = ($var == 'user') ? request_var($var, $default, true) : request_var($var, $default);
}
// We use user within the form to circumvent auto filling
$data['username'] = $data['user'];
$data['email'] = $data['user_email'];
unset($data['user'], $data['user_email']);
// Validation data - we do not check the password complexity setting here // Validation data - we do not check the password complexity setting here
$var_ary = array( $check_ary = array(
'user_password' => array( 'user_password' => array(
array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
array('password')), array('password')),
@ -652,7 +639,7 @@ class acp_users
// Check username if altered // Check username if altered
if ($data['username'] != $user_row['username']) if ($data['username'] != $user_row['username'])
{ {
$var_ary += array( $check_ary += array(
'username' => array( 'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', $user_row['username'])), array('username', $user_row['username'])),
@ -662,7 +649,7 @@ class acp_users
// Check email if altered // Check email if altered
if ($data['email'] != $user_row['user_email']) if ($data['email'] != $user_row['user_email'])
{ {
$var_ary += array( $check_ary += array(
'email' => array( 'email' => array(
array('string', false, 6, 60), array('string', false, 6, 60),
array('email', $user_row['user_email']) array('email', $user_row['user_email'])
@ -671,7 +658,7 @@ class acp_users
); );
} }
$error = validate_data($data, $var_ary); $error = validate_data($data, $check_ary);
if ($data['user_password'] && $data['password_confirm'] != $data['user_password']) if ($data['user_password'] && $data['password_confirm'] != $data['user_password'])
{ {
@ -979,7 +966,6 @@ class acp_users
$cp = new custom_profile(); $cp = new custom_profile();
$cp_data = $cp_error = array(); $cp_data = $cp_error = array();
$data = array();
$sql = 'SELECT lang_id $sql = 'SELECT lang_id
FROM ' . LANG_TABLE . " FROM ' . LANG_TABLE . "
@ -990,29 +976,33 @@ class acp_users
$user_row['iso_lang_id'] = $row['lang_id']; $user_row['iso_lang_id'] = $row['lang_id'];
$data = array(
'icq' => request_var('icq', $user_row['user_icq']),
'aim' => request_var('aim', $user_row['user_aim']),
'msn' => request_var('msn', $user_row['user_msnm']),
'yim' => request_var('yim', $user_row['user_yim']),
'jabber' => request_var('jabber', $user_row['user_jabber']),
'website' => request_var('website', $user_row['user_website']),
'location' => request_var('location', $user_row['user_from'], true),
'occupation' => request_var('occupation', $user_row['user_occ'], true),
'interests' => request_var('interests', $user_row['user_interests']),
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
if ($user_row['user_birthday'])
{
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
}
$data['bday_day'] = request_var('bday_day', $data['bday_day']);
$data['bday_month'] = request_var('bday_month', $data['bday_month']);
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
if ($submit) if ($submit)
{ {
$var_ary = array( $error = validate_data($data, array(
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'location' => (string) '',
'occupation' => (string) '',
'interests' => (string) '',
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
foreach ($var_ary as $var => $default)
{
$data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
}
$var_ary = array(
'icq' => array( 'icq' => array(
array('string', true, 3, 15), array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')), array('match', true, '#^[0-9]+$#i')),
@ -1031,9 +1021,7 @@ class acp_users
'bday_day' => array('num', true, 1, 31), 'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12), 'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())), 'bday_year' => array('num', true, 1901, gmdate('Y', time())),
); ));
$error = validate_data($data, $var_ary);
// validate custom profile fields // validate custom profile fields
$cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error); $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
@ -1119,18 +1107,6 @@ class acp_users
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
} }
if (!isset($data['bday_day']))
{
if ($user_row['user_birthday'])
{
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
}
else
{
$data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0;
}
}
$s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>'; $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 32; $i++) for ($i = 1; $i < 32; $i++)
{ {
@ -1156,15 +1132,15 @@ class acp_users
unset($now); unset($now);
$template->assign_vars(array( $template->assign_vars(array(
'ICQ' => (isset($data['icq'])) ? $data['icq'] : $user_row['user_icq'], 'ICQ' => $data['icq'],
'YIM' => (isset($data['yim'])) ? $data['yim'] : $user_row['user_yim'], 'YIM' => $data['yim'],
'AIM' => (isset($data['aim'])) ? $data['aim'] : $user_row['user_aim'], 'AIM' => $data['aim'],
'MSN' => (isset($data['msn'])) ? $data['msn'] : $user_row['user_msnm'], 'MSN' => $data['msn'],
'JABBER' => (isset($data['jabber'])) ? $data['jabber'] : $user_row['user_jabber'], 'JABBER' => $data['jabber'],
'WEBSITE' => (isset($data['website'])) ? $data['website']: $user_row['user_website'], 'WEBSITE' => $data['website'],
'LOCATION' => (isset($data['location'])) ? $data['location'] : $user_row['user_from'], 'LOCATION' => $data['location'],
'OCCUPATION' => (isset($data['occupation'])) ? $data['occupation'] : $user_row['user_occ'], 'OCCUPATION' => $data['occupation'],
'INTERESTS' => (isset($data['interests'])) ? $data['interests'] : $user_row['user_interests'], 'INTERESTS' => $data['interests'],
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options, 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options, 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
@ -1182,51 +1158,44 @@ class acp_users
case 'prefs': case 'prefs':
$data = array(); $data = array(
'dateformat' => request_var('dateformat', $user_row['user_dateformat']),
'lang' => request_var('lang', $user_row['user_lang']),
'tz' => request_var('tz', (float) $user_row['user_timezone']),
'style' => request_var('style', $user_row['user_style']),
'dst' => request_var('dst', $user_row['user_dst']),
'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']),
'massemail' => request_var('massemail', $user_row['user_allow_massemail']),
'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
'popuppm' => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')),
'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
'view_wordcensor' => request_var('view_wordcensore', $this->optionget($user_row, 'viewcensors')),
'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')),
'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')),
'notify' => request_var('notify', $user_row['user_notify']),
);
if ($submit) if ($submit)
{ {
$var_ary = array( $error = validate_data($data, array(
'dateformat' => (string) $config['default_dateformat'],
'lang' => (string) $config['default_lang'],
'tz' => (float) $config['board_timezone'],
'style' => (int) $config['default_style'],
'dst' => (bool) $config['board_dst'],
'viewemail' => false,
'massemail' => true,
'hideonline' => false,
'notifymethod' => 0,
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
'topic_sk' => (string) 't',
'topic_sd' => (string) 'd',
'topic_st' => 0,
'post_sk' => (string) 't',
'post_sd' => (string) 'a',
'post_st' => 0,
'view_images' => true,
'view_flash' => false,
'view_smilies' => true,
'view_sigs' => true,
'view_avatars' => true,
'view_wordcensor' => false,
'bbcode' => true,
'smilies' => true,
'sig' => true,
'notify' => false,
);
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default);
}
$var_ary = array(
'dateformat' => array('string', false, 3, 30), 'dateformat' => array('string', false, 3, 30),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
'tz' => array('num', false, -14, 14), 'tz' => array('num', false, -14, 14),
@ -1235,9 +1204,7 @@ class acp_users
'topic_sd' => array('string', false, 1, 1), 'topic_sd' => array('string', false, 1, 1),
'post_sk' => array('string', false, 1, 1), 'post_sk' => array('string', false, 1, 1),
'post_sd' => array('string', false, 1, 1), 'post_sd' => array('string', false, 1, 1),
); ));
$error = validate_data($data, $var_ary);
if (!sizeof($error)) if (!sizeof($error))
{ {
@ -1291,17 +1258,10 @@ class acp_users
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
} }
$notify_method = (isset($data['notifymethod'])) ? $data['notifymethod'] : $user_row['user_notify_type'];
$dateformat = (isset($data['dateformat'])) ? $data['dateformat'] : $user_row['user_dateformat'];
$lang = (isset($data['lang'])) ? $data['lang'] : $user_row['user_lang'];
$style = (isset($data['style'])) ? $data['style'] : $user_row['user_style'];
$tz = (isset($data['tz'])) ? $data['tz'] : $user_row['user_timezone'];
$dateformat_options = ''; $dateformat_options = '';
foreach ($user->lang['dateformats'] as $format => $null) foreach ($user->lang['dateformats'] as $format => $null)
{ {
$dateformat_options .= '<option value="' . $format . '"' . (($format == $dateformat) ? ' selected="selected"' : '') . '>'; $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
$dateformat_options .= $user->format_date(time(), $format, true) . ((strpos($format, '|') !== false) ? ' [' . $user->lang['RELATIVE_DAYS'] . ']' : ''); $dateformat_options .= $user->format_date(time(), $format, true) . ((strpos($format, '|') !== false) ? ' [' . $user->lang['RELATIVE_DAYS'] . ']' : '');
$dateformat_options .= '</option>'; $dateformat_options .= '</option>';
} }
@ -1309,22 +1269,13 @@ class acp_users
$s_custom = false; $s_custom = false;
$dateformat_options .= '<option value="custom"'; $dateformat_options .= '<option value="custom"';
if (!in_array($dateformat, array_keys($user->lang['dateformats']))) if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
{ {
$dateformat_options .= ' selected="selected"'; $dateformat_options .= ' selected="selected"';
$s_custom = true; $s_custom = true;
} }
$dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>'; $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
$topic_sk = (isset($data['topic_sk'])) ? $data['topic_sk'] : (($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't');
$post_sk = (isset($data['post_sk'])) ? $data['post_sk'] : (($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't');
$topic_sd = (isset($data['topic_sd'])) ? $data['topic_sd'] : (($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd');
$post_sd = (isset($data['post_sd'])) ? $data['post_sd'] : (($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'd');
$topic_st = (isset($data['topic_st'])) ? $data['topic_st'] : (($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0);
$post_st = (isset($data['post_st'])) ? $data['post_st'] : (($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0);
$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
// Topic ordering options // Topic ordering options
@ -1341,7 +1292,7 @@ class acp_users
${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">'; ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
foreach (${'limit_' . $sort_option . '_days'} as $day => $text) foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
{ {
$selected = (${$sort_option . '_st'} == $day) ? ' selected="selected"' : ''; $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>'; ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
} }
${'s_limit_' . $sort_option . '_days'} .= '</select>'; ${'s_limit_' . $sort_option . '_days'} .= '</select>';
@ -1349,7 +1300,7 @@ class acp_users
${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">'; ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text) foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
{ {
$selected = (${$sort_option . '_sk'} == $key) ? ' selected="selected"' : ''; $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>'; ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
} }
${'s_sort_' . $sort_option . '_key'} .= '</select>'; ${'s_sort_' . $sort_option . '_key'} .= '</select>';
@ -1357,7 +1308,7 @@ class acp_users
${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">'; ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
foreach ($sort_dir_text as $key => $value) foreach ($sort_dir_text as $key => $value)
{ {
$selected = (${$sort_option . '_sd'} == $key) ? ' selected="selected"' : ''; $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
} }
${'s_sort_' . $sort_option . '_dir'} .= '</select>'; ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
@ -1365,28 +1316,28 @@ class acp_users
$template->assign_vars(array( $template->assign_vars(array(
'S_PREFS' => true, 'S_PREFS' => true,
'S_JABBER_DISABLED' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? false : true, 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
'VIEW_EMAIL' => (isset($data['viewemail'])) ? $data['viewemail'] : $user_row['user_allow_viewemail'], 'VIEW_EMAIL' => $data['viewemail'],
'MASS_EMAIL' => (isset($data['massemail'])) ? $data['massemail'] : $user_row['user_allow_massemail'], 'MASS_EMAIL' => $data['massemail'],
'ALLOW_PM' => (isset($data['allowpm'])) ? $data['allowpm'] : $user_row['user_allow_pm'], 'ALLOW_PM' => $data['allowpm'],
'HIDE_ONLINE' => (isset($data['hideonline'])) ? $data['hideonline'] : !$user_row['user_allow_viewonline'], 'HIDE_ONLINE' => $data['hideonline'],
'NOTIFY_EMAIL' => ($notify_method == NOTIFY_EMAIL) ? true : false, 'NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
'NOTIFY_IM' => ($notify_method == NOTIFY_IM) ? true : false, 'NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
'NOTIFY_BOTH' => ($notify_method == NOTIFY_BOTH) ? true : false, 'NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
'NOTIFY_PM' => (isset($data['notifypm'])) ? $data['notifypm'] : $user_row['user_notify_pm'], 'NOTIFY_PM' => $data['notifypm'],
'POPUP_PM' => (isset($data['popuppm'])) ? $data['popuppm'] : $this->optionget($user_row, 'popuppm'), 'POPUP_PM' => $data['popuppm'],
'DST' => (isset($data['dst'])) ? $data['dst'] : $user_row['user_dst'], 'DST' => $data['dst'],
'BBCODE' => (isset($data['bbcode'])) ? $data['bbcode'] : $this->optionget($user_row, 'bbcode'), 'BBCODE' => $data['bbcode'],
'SMILIES' => (isset($data['smilies'])) ? $data['smilies'] : $this->optionget($user_row, 'smilies'), 'SMILIES' => $data['smilies'],
'ATTACH_SIG' => (isset($data['sig'])) ? $data['sig'] : $this->optionget($user_row, 'attachsig'), 'ATTACH_SIG' => $data['sig'],
'NOTIFY' => (isset($data['notify'])) ? $data['notify'] : $user_row['user_notify'], 'NOTIFY' => $data['notify'],
'VIEW_IMAGES' => (isset($data['view_images'])) ? $data['view_images'] : $this->optionget($user_row, 'viewimg'), 'VIEW_IMAGES' => $data['view_images'],
'VIEW_FLASH' => (isset($data['view_flash'])) ? $data['view_flash'] : $this->optionget($user_row, 'viewflash'), 'VIEW_FLASH' => $data['view_flash'],
'VIEW_SMILIES' => (isset($data['view_smilies'])) ? $data['view_smilies'] : $this->optionget($user_row, 'viewsmilies'), 'VIEW_SMILIES' => $data['view_smilies'],
'VIEW_SIGS' => (isset($data['view_sigs'])) ? $data['view_sigs'] : $this->optionget($user_row, 'viewsigs'), 'VIEW_SIGS' => $data['view_sigs'],
'VIEW_AVATARS' => (isset($data['view_avatars'])) ? $data['view_avatars'] : $this->optionget($user_row, 'viewavatars'), 'VIEW_AVATARS' => $data['view_avatars'],
'VIEW_WORDCENSOR' => (isset($data['view_wordcensor'])) ? $data['view_wordcensor'] : $this->optionget($user_row, 'viewcensors'), 'VIEW_WORDCENSOR' => $data['view_wordcensor'],
'S_TOPIC_SORT_DAYS' => $s_limit_topic_days, 'S_TOPIC_SORT_DAYS' => $s_limit_topic_days,
'S_TOPIC_SORT_KEY' => $s_sort_topic_key, 'S_TOPIC_SORT_KEY' => $s_sort_topic_key,
@ -1395,15 +1346,15 @@ class acp_users
'S_POST_SORT_KEY' => $s_sort_post_key, 'S_POST_SORT_KEY' => $s_sort_post_key,
'S_POST_SORT_DIR' => $s_sort_post_dir, 'S_POST_SORT_DIR' => $s_sort_post_dir,
'DATE_FORMAT' => $dateformat, 'DATE_FORMAT' => $data['dateformat'],
'S_DATEFORMAT_OPTIONS' => $dateformat_options, 'S_DATEFORMAT_OPTIONS' => $dateformat_options,
'S_CUSTOM_DATEFORMAT' => $s_custom, 'S_CUSTOM_DATEFORMAT' => $s_custom,
'DEFAULT_DATEFORMAT' => $config['default_dateformat'], 'DEFAULT_DATEFORMAT' => $config['default_dateformat'],
'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']), 'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']),
'S_LANG_OPTIONS' => language_select($lang), 'S_LANG_OPTIONS' => language_select($data['lang']),
'S_STYLE_OPTIONS' => style_select($style), 'S_STYLE_OPTIONS' => style_select($data['style']),
'S_TZ_OPTIONS' => tz_select($tz, true), 'S_TZ_OPTIONS' => tz_select($data['tz'], true),
) )
); );
@ -1421,26 +1372,19 @@ class acp_users
{ {
$delete = request_var('delete', ''); $delete = request_var('delete', '');
$var_ary = array( $data = array(
'uploadurl' => (string) '', 'uploadurl' => request_var('uploadurl', ''),
'remotelink' => (string) '', 'remotelink' => request_var('remotelink', ''),
'width' => (string) '', 'width' => request_var('width', ''),
'height' => (string) '', 'height' => request_var('height', ''),
); );
foreach ($var_ary as $var => $default) $error = validate_data($data, array(
{
$data[$var] = request_var($var, $default);
}
$var_ary = array(
'uploadurl' => array('string', true, 5, 255), 'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3), 'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3),
); ));
$error = validate_data($data, $var_ary);
if (!sizeof($error)) if (!sizeof($error))
{ {

2
phpBB/includes/functions.php
View file

@ -1979,7 +1979,7 @@ function login_forum_box($forum_data)
{ {
global $db, $config, $user, $template, $phpEx; global $db, $config, $user, $template, $phpEx;
$password = request_var('password', ''); $password = request_var('password', '', true);
$sql = 'SELECT forum_id $sql = 'SELECT forum_id
FROM ' . FORUMS_ACCESS_TABLE . ' FROM ' . FORUMS_ACCESS_TABLE . '

112
phpBB/includes/ucp/ucp_prefs.php
View file

@ -30,44 +30,30 @@ class ucp_prefs
case 'personal': case 'personal':
$data = array( $data = array(
'notifymethod' => $user->data['user_notify_type'], 'notifymethod' => request_var('notifymethod', $user->data['user_notify_type']),
'dateformat' => $user->data['user_dateformat'], 'dateformat' => request_var('dateformat', $user->data['user_dateformat']),
'lang' => $user->data['user_lang'], 'lang' => request_var('lang', $user->data['user_lang']),
'style' => $user->data['user_style'], 'style' => request_var('style', (int) $user->data['user_style']),
'tz' => $user->data['user_timezone'], 'tz' => request_var('tz', (float) $user->data['user_timezone']),
'dst' => request_var('dst', (bool) $user->data['user_dst']),
'viewemail' => request_var('viewemail', (bool) $user->data['user_allow_viewemail']),
'massemail' => request_var('massemail', (bool) $user->data['user_allow_massemail']),
'hideonline' => request_var('hideonline', (bool) !$user->data['user_allow_viewonline']),
'notifypm' => request_var('notifypm', (bool) $user->data['user_notify_pm']),
'popuppm' => request_var('popuppm', (bool) $user->optionget('popuppm')),
'allowpm' => request_var('allowpm', (bool) $user->data['user_allow_pm']),
); );
if ($submit) if ($submit)
{ {
$var_ary = array(
'dateformat' => (string) $config['default_dateformat'],
'lang' => (string) $config['default_lang'],
'tz' => (float) $config['board_timezone'],
'style' => (int) $config['default_style'],
'dst' => (bool) $config['board_dst'],
'viewemail' => false,
'massemail' => true,
'hideonline' => false,
'notifymethod' => 0,
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
);
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default);
}
$data['style'] = ($config['override_user_style']) ? $config['default_style'] : $data['style']; $data['style'] = ($config['override_user_style']) ? $config['default_style'] : $data['style'];
$var_ary = array( $error = validate_data($data, array(
'dateformat' => array('string', false, 3, 30), 'dateformat' => array('string', false, 3, 30),
'lang' => array('match', false, '#^[a-z0-9_\-]{2,}$#i'), 'lang' => array('match', false, '#^[a-z0-9_\-]{2,}$#i'),
'tz' => array('num', false, -14, 14), 'tz' => array('num', false, -14, 14),
); ));
$error = validate_data($data, $var_ary);
if (!sizeof($error)) if (!sizeof($error))
{ {
@ -128,13 +114,13 @@ class ucp_prefs
'S_NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false, 'S_NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
'S_NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false, 'S_NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
'S_NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false, 'S_NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
'S_VIEW_EMAIL' => (isset($data['viewemail'])) ? $data['viewemail'] : $user->data['user_allow_viewemail'], 'S_VIEW_EMAIL' => $data['viewemail'],
'S_MASS_EMAIL' => (isset($data['massemail'])) ? $data['massemail'] : $user->data['user_allow_massemail'], 'S_MASS_EMAIL' => $data['massemail'],
'S_ALLOW_PM' => (isset($data['allowpm'])) ? $data['allowpm'] : $user->data['user_allow_pm'], 'S_ALLOW_PM' => $data['allowpm'],
'S_HIDE_ONLINE' => (isset($data['hideonline'])) ? $data['hideonline'] : !$user->data['user_allow_viewonline'], 'S_HIDE_ONLINE' => $data['hideonline'],
'S_NOTIFY_PM' => (isset($data['notifypm'])) ? $data['notifypm'] : $user->data['user_notify_pm'], 'S_NOTIFY_PM' => $data['notifypm'],
'S_POPUP_PM' => (isset($data['popuppm'])) ? $data['popuppm'] : $user->optionget('popuppm'), 'S_POPUP_PM' => $data['popuppm'],
'S_DST' => (isset($data['dst'])) ? $data['dst'] : $user->data['user_dst'], 'S_DST' => $data['dst'],
'DATE_FORMAT' => $data['dateformat'], 'DATE_FORMAT' => $data['dateformat'],
'S_DATEFORMAT_OPTIONS' => $dateformat_options, 'S_DATEFORMAT_OPTIONS' => $dateformat_options,
@ -161,32 +147,23 @@ class ucp_prefs
'post_sk' => (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't', 'post_sk' => (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't',
'post_sd' => (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a', 'post_sd' => (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a',
'post_st' => (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0, 'post_st' => (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0,
'images' => request_var('images', (bool) $user->optionget('viewimg')),
'flash' => request_var('flash', (bool) $user->optionget('viewflash')),
'smilies' => request_var('smilies', (bool) $user->optionget('viewsmilies')),
'sigs' => request_var('sigs', (bool) $user->optionget('viewsigs')),
'avatars' => request_var('avatars', (bool) $user->optionget('viewavatars')),
'wordcensor' => request_var('wordcensor', (bool) $user->optionget('viewcensors')),
); );
if ($submit) if ($submit)
{ {
$var_ary = array_merge($data, array( $error = validate_data($data, array(
'images' => true,
'flash' => false,
'smilies' => true,
'sigs' => true,
'avatars' => true,
'wordcensor'=> false,
));
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default);
}
$var_ary = array(
'topic_sk' => array('string', false, 1, 1), 'topic_sk' => array('string', false, 1, 1),
'topic_sd' => array('string', false, 1, 1), 'topic_sd' => array('string', false, 1, 1),
'post_sk' => array('string', false, 1, 1), 'post_sk' => array('string', false, 1, 1),
'post_sd' => array('string', false, 1, 1), 'post_sd' => array('string', false, 1, 1),
); ));
$error = validate_data($data, $var_ary);
if (!sizeof($error)) if (!sizeof($error))
{ {
@ -271,12 +248,12 @@ class ucp_prefs
$template->assign_vars(array( $template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'S_IMAGES' => (isset($data['images'])) ? $data['images'] : $user->optionget('viewimg'), 'S_IMAGES' => $data['images'],
'S_FLASH' => (isset($data['flash'])) ? $data['flash'] : $user->optionget('viewflash'), 'S_FLASH' => $data['flash'],
'S_SMILIES' => (isset($data['smilies'])) ? $data['smilies'] : $user->optionget('viewsmilies'), 'S_SMILIES' => $data['smilies'],
'S_SIGS' => (isset($data['sigs'])) ? $data['sigs'] : $user->optionget('viewsigs'), 'S_SIGS' => $data['sigs'],
'S_AVATARS' => (isset($data['avatars'])) ? $data['avatars'] : $user->optionget('viewavatars'), 'S_AVATARS' => $data['avatars'],
'S_DISABLE_CENSORS' => (isset($data['wordcensor'])) ? $data['wordcensor'] : $user->optionget('viewcensors'), 'S_DISABLE_CENSORS' => $data['wordcensor'],
'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false, 'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false,
@ -293,21 +270,14 @@ class ucp_prefs
case 'post': case 'post':
$data = array( $data = array(
'bbcode' => $user->optionget('bbcode'), 'bbcode' => request_var('bbcode', $user->optionget('bbcode')),
'smilies' => $user->optionget('smilies'), 'smilies' => request_var('smilies', $user->optionget('smilies')),
'sig' => $user->optionget('attachsig'), 'sig' => request_var('sig', $user->optionget('attachsig')),
'notify' => $user->data['user_notify'], 'notify' => request_var('notify', $user->data['user_notify']),
); );
if ($submit) if ($submit)
{ {
$var_ary = $data;
foreach ($var_ary as $var => $default)
{
$data[$var] = request_var($var, $default);
}
$user->optionset('bbcode', $data['bbcode']); $user->optionset('bbcode', $data['bbcode']);
$user->optionset('smilies', $data['smilies']); $user->optionset('smilies', $data['smilies']);
$user->optionset('attachsig', $data['sig']); $user->optionset('attachsig', $data['sig']);

77
phpBB/includes/ucp/ucp_profile.php
View file

@ -34,23 +34,18 @@ class ucp_profile
case 'reg_details': case 'reg_details':
$data = array( $data = array(
'username' => $user->data['username'], 'username' => request_var('username', $user->data['username'], true),
'email' => $user->data['user_email'], 'email' => request_var('email', $user->data['user_email']),
'email_confirm' => (string) '', 'email_confirm' => request_var('email_confirm', ''),
'new_password' => (string) '', 'new_password' => request_var('new_password', '', true),
'cur_password' => (string) '', 'cur_password' => request_var('cur_password', '', true),
'password_confirm' => (string) '', 'password_confirm' => request_var('password_confirm', '', true),
); );
if ($submit) if ($submit)
{ {
foreach ($data as $var => $default)
{
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
// Do not check cur_password, it is the old one. // Do not check cur_password, it is the old one.
$var_ary = array( $check_ary = array(
'new_password' => array( 'new_password' => array(
array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
array('password')), array('password')),
@ -63,13 +58,13 @@ class ucp_profile
if ($auth->acl_get('u_chgname') && $config['allow_namechange']) if ($auth->acl_get('u_chgname') && $config['allow_namechange'])
{ {
$var_ary['username'] = array( $check_ary['username'] = array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', $data['username']), array('username', $data['username']),
); );
} }
$error = validate_data($data, $var_ary); $error = validate_data($data, $check_ary);
if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
{ {
@ -249,15 +244,15 @@ class ucp_profile
$cp_data = $cp_error = array(); $cp_data = $cp_error = array();
$data = array( $data = array(
'icq' => (string) $user->data['user_icq'], 'icq' => request_var('icq', $user->data['user_icq']),
'aim' => (string) $user->data['user_aim'], 'aim' => request_var('aim', $user->data['user_aim']),
'msn' => (string) $user->data['user_msnm'], 'msn' => request_var('msn', $user->data['user_msnm']),
'yim' => (string) $user->data['user_yim'], 'yim' => request_var('yim', $user->data['user_yim']),
'jabber' => (string) $user->data['user_jabber'], 'jabber' => request_var('jabber', $user->data['user_jabber']),
'website' => (string) $user->data['user_website'], 'website' => request_var('website', $user->data['user_website']),
'location' => (string) $user->data['user_from'], 'location' => request_var('location', $user->data['user_from'], true),
'occupation' => (string) $user->data['user_occ'], 'occupation' => request_var('occupation', $user->data['user_occ'], true),
'interests' => (string) $user->data['user_interests'], 'interests' => request_var('interests', $user->data['user_interests']),
'bday_day' => 0, 'bday_day' => 0,
'bday_month' => 0, 'bday_month' => 0,
'bday_year' => 0, 'bday_year' => 0,
@ -268,14 +263,13 @@ class ucp_profile
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']); list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']);
} }
$data['bday_day'] = request_var('bday_day', $data['bday_day']);
$data['bday_month'] = request_var('bday_month', $data['bday_month']);
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
if ($submit) if ($submit)
{ {
foreach ($data as $var => $default) $error = validate_data($data, array(
{
$data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
}
$var_ary = array(
'icq' => array( 'icq' => array(
array('string', true, 3, 15), array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')), array('match', true, '#^[0-9]+$#i')),
@ -294,9 +288,7 @@ class ucp_profile
'bday_day' => array('num', true, 1, 31), 'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12), 'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())), 'bday_year' => array('num', true, 1901, gmdate('Y', time())),
); ));
$error = validate_data($data, $var_ary);
// validate custom profile fields // validate custom profile fields
$cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error); $cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error);
@ -510,26 +502,19 @@ class ucp_profile
if ($submit) if ($submit)
{ {
$var_ary = array( $data = array(
'uploadurl' => (string) '', 'uploadurl' => request_var('uploadurl', ''),
'remotelink' => (string) '', 'remotelink' => request_var('remotelink', ''),
'width' => (string) '', 'width' => request_var('width', ''),
'height' => (string) '', 'height' => request_var('height', ''),
); );
foreach ($var_ary as $var => $default) $error = validate_data($data, array(
{
$data[$var] = request_var($var, $default);
}
$var_ary = array(
'uploadurl' => array('string', true, 5, 255), 'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3), 'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3),
); ));
$error = validate_data($data, $var_ary);
if (!sizeof($error)) if (!sizeof($error))
{ {

45
phpBB/includes/ucp/ucp_register.php
View file

@ -59,7 +59,7 @@ class ucp_register
$cp = new custom_profile(); $cp = new custom_profile();
$error = $data = $cp_data = $cp_error = array(); $error = $cp_data = $cp_error = array();
// //
if (!$agreed) if (!$agreed)
@ -110,36 +110,22 @@ class ucp_register
$timezone = $config['board_timezone']; $timezone = $config['board_timezone'];
} }
$var_ary = array( $data = array(
'username' => (string) '', 'username' => request_var('username', '', true),
'password_confirm' => (string) '', 'password_confirm' => request_var('password_confirm', '', true),
'new_password' => (string) '', 'new_password' => request_var('new_password', '', true),
'cur_password' => (string) '', 'cur_password' => request_var('cur_password', '', true),
'email' => (string) '', 'email' => request_var('email', ''),
'email_confirm' => (string) '', 'email_confirm' => request_var('email_confirm', ''),
'confirm_code' => (string) '', 'confirm_code' => request_var('confirm_code', ''),
'lang' => (string) $user->lang_name, 'lang' => request_var('lang', $user->lang_name),
'tz' => (float) $timezone, 'tz' => request_var('tz', (float) $timezone),
); );
// If we change the language inline, we do not want to display errors, but pre-fill already filled out values
if ($change_lang)
{
foreach ($var_ary as $var => $default)
{
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
}
// Check and initialize some variables if needed // Check and initialize some variables if needed
if ($submit) if ($submit)
{ {
foreach ($var_ary as $var => $default) $error = validate_data($data, array(
{
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
$var_ary = array(
'username' => array( 'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username')), array('username')),
@ -154,9 +140,7 @@ class ucp_register
'confirm_code' => array('string', !$config['enable_confirm'], 5, 8), 'confirm_code' => array('string', !$config['enable_confirm'], 5, 8),
'tz' => array('num', false, -14, 14), 'tz' => array('num', false, -14, 14),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
); ));
$error = validate_data($data, $var_ary);
// Replace "error" strings with their real, localised form // Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
@ -481,9 +465,6 @@ class ucp_register
$user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\w]+' => 'USERNAME_ALPHA_ONLY', '[\w_\+\. \-\[\]]+' => 'USERNAME_ALPHA_SPACERS'); $user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\w]+' => 'USERNAME_ALPHA_ONLY', '[\w_\+\. \-\[\]]+' => 'USERNAME_ALPHA_SPACERS');
$pass_char_ary = array('.*' => 'PASS_TYPE_ANY', '[a-zA-Z]' => 'PASS_TYPE_CASE', '[a-zA-Z0-9]' => 'PASS_TYPE_ALPHA', '[a-zA-Z\W]' => 'PASS_TYPE_SYMBOL'); $pass_char_ary = array('.*' => 'PASS_TYPE_ANY', '[a-zA-Z]' => 'PASS_TYPE_CASE', '[a-zA-Z0-9]' => 'PASS_TYPE_ALPHA', '[a-zA-Z\W]' => 'PASS_TYPE_SYMBOL');
$data['lang'] = (isset($data['lang'])) ? $data['lang'] : $config['default_lang'];
$data['tz'] = (isset($data['tz'])) ? $data['tz'] : $timezone;
// //
$template->assign_vars(array( $template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',

16
phpBB/install/install_install.php
View file

@ -404,7 +404,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
$connect_test = false; $connect_test = false;
@ -546,7 +546,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
if ($dbms == '') if ($dbms == '')
@ -718,7 +718,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
if ($dbms == '') if ($dbms == '')
@ -873,7 +873,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
if ($dbms == '') if ($dbms == '')
@ -957,7 +957,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
if ($dbms == '') if ($dbms == '')
@ -1231,7 +1231,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
$dbpasswd = htmlspecialchars_decode($dbpasswd); $dbpasswd = htmlspecialchars_decode($dbpasswd);
@ -1500,7 +1500,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
// Fill the config array - it is needed by those functions we call // Fill the config array - it is needed by those functions we call
@ -1582,7 +1582,7 @@ class install_install extends module
// Obtain any submitted data // Obtain any submitted data
foreach ($this->request_vars as $var) foreach ($this->request_vars as $var)
{ {
$$var = ($var == 'admin_name') ? request_var($var, '', true) : request_var($var, ''); $$var = (in_array($var, array('admin_name', 'dbpasswd', 'admin_pass1', 'admin_pass2'))) ? request_var($var, '', true) : request_var($var, '');
} }
// Load the basic configuration data // Load the basic configuration data