mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 14:18:52 +00:00
some tiny fixes.
git-svn-id: file:///svn/phpbb/trunk@6614 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
parent
f782890332
commit
6a08242684
9 changed files with 44 additions and 25 deletions
|
|
@ -580,14 +580,9 @@ class acp_modules
|
|||
|
||||
$right = $row['right_id'];
|
||||
|
||||
/**
|
||||
* @todo think about using module class here
|
||||
*/
|
||||
if (!$ignore_acl && $row['module_auth'])
|
||||
{
|
||||
$is_auth = false;
|
||||
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get("\\1"\\2)', 'true', '(int) $auth->acl_getf_global("\\1")', '(int) $config["\\1"]'), $row['module_auth']) . ');');
|
||||
if (!$is_auth)
|
||||
if (!p_master::module_auth($row['module_auth']))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -502,7 +502,7 @@ if (!function_exists('realpath'))
|
|||
else if (isset($_SERVER['SCRIPT_FILENAME']) && !empty($_SERVER['SCRIPT_FILENAME']))
|
||||
{
|
||||
// Warning: If chdir() has been used this will lie!
|
||||
// @todo This has some problems sometime (CLI can create them easily)
|
||||
// Warning: This has some problems sometime (CLI can create them easily)
|
||||
$path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($_SERVER['SCRIPT_FILENAME'])) . '/' . $path;
|
||||
$absolute = true;
|
||||
$path_prefix = '';
|
||||
|
|
@ -2907,9 +2907,6 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
|
|||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* @todo Think about removing the if-condition within the final product, since we no longer enable DEBUG by default and we will maybe adjust the error reporting level
|
||||
*/
|
||||
if (defined('DEBUG'))
|
||||
{
|
||||
if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
|
||||
|
|
|
|||
|
|
@ -1946,8 +1946,6 @@ function split_sql_file($sql, $delimiter)
|
|||
/**
|
||||
* Cache moderators, called whenever permissions are changed via admin_permissions. Changes of username
|
||||
* and group names must be carried through for the moderators table
|
||||
*
|
||||
* @todo let the admin define if he wants to display moderators (forum-based) - display_on_index already present and checked for...
|
||||
*/
|
||||
function cache_moderators()
|
||||
{
|
||||
|
|
|
|||
|
|
@ -583,6 +583,10 @@ function get_moderators(&$forum_moderators, $forum_id = false)
|
|||
|
||||
/**
|
||||
* User authorisation levels output
|
||||
*
|
||||
* @param string $mode Can be forum or topic. Not in use at the moment.
|
||||
* @param int $forum_id The current forum the user is in.
|
||||
* @param int $forum_status The forums status bit.
|
||||
*/
|
||||
function gen_forum_auth_level($mode, $forum_id, $forum_status)
|
||||
{
|
||||
|
|
@ -955,12 +959,10 @@ function display_custom_bbcodes()
|
|||
// Start counting from 22 for the bbcode ids (every bbcode takes two ids - opening/closing)
|
||||
$num_predefined_bbcodes = 22;
|
||||
|
||||
/*
|
||||
* @todo while adjusting custom bbcodes, think about caching this query as well as correct ordering
|
||||
*/
|
||||
$sql = 'SELECT bbcode_id, bbcode_tag, bbcode_helpline
|
||||
FROM ' . BBCODES_TABLE . '
|
||||
WHERE display_on_posting = 1';
|
||||
WHERE display_on_posting = 1
|
||||
ORDER BY bbcode_tag';
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
$i = 0;
|
||||
|
|
|
|||
|
|
@ -213,7 +213,6 @@ class p_master
|
|||
|
||||
/**
|
||||
* Check module authorisation
|
||||
* @todo Have a look at the eval statement and replace with other code...
|
||||
*/
|
||||
function module_auth($module_auth)
|
||||
{
|
||||
|
|
@ -227,8 +226,38 @@ class p_master
|
|||
return true;
|
||||
}
|
||||
|
||||
// With the code below we make sure only those elements get eval'd we really want to be checked
|
||||
preg_match_all('/(?:
|
||||
"[^"\\\\]*(?:\\\\.[^"\\\\]*)*" |
|
||||
\'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\' |
|
||||
[(),] |
|
||||
[^\s(),]+)/x', $module_auth, $match);
|
||||
|
||||
$tokens = $match[0];
|
||||
for ($i = 0, $size = sizeof($tokens); $i < $size; $i++)
|
||||
{
|
||||
$token = &$tokens[$i];
|
||||
|
||||
switch ($token)
|
||||
{
|
||||
case ')':
|
||||
case '(':
|
||||
case '&&':
|
||||
case '||':
|
||||
break;
|
||||
|
||||
default:
|
||||
if (!preg_match('#(?:acl_([a-z_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z_]+))|(?:cfg_([a-z_]+))#', $token))
|
||||
{
|
||||
$token = '';
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
$module_auth = implode(' ', $tokens);
|
||||
|
||||
$is_auth = false;
|
||||
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get("\\1"\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global("\\1")', '(int) $config["\\1"]'), $module_auth) . ');');
|
||||
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth) . ');');
|
||||
|
||||
return $is_auth;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1242,7 +1242,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
|
|||
$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
|
||||
}
|
||||
|
||||
$sql_data[TOPICS_TABLE] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . ", topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
|
||||
$sql_data[TOPICS_TABLE] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
|
||||
$sql_data[TOPICS_TABLE] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
|
||||
|
||||
$next_post_id = (int) $row['post_id'];
|
||||
|
|
|
|||
|
|
@ -1115,8 +1115,7 @@ function validate_match($string, $optional = false, $match)
|
|||
* Also checks if it includes the " character, which we don't allow in usernames.
|
||||
* Used for registering, changing names, and posting anonymously with a username
|
||||
*
|
||||
* @todo do we really check and disallow the " character in usernames as written above. Has it only be forgotten to include the check?
|
||||
* @return boolean|string Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
|
||||
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
|
||||
*/
|
||||
function validate_username($username)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1039,7 +1039,8 @@ class user extends session
|
|||
|
||||
/**
|
||||
* If a guest user is surfing, we try to guess his/her language first by obtaining the browser language
|
||||
* @todo if re-enabled we need to make sure only those languages installed are checked
|
||||
* If re-enabled we need to make sure only those languages installed are checked
|
||||
* Commented out so we do not loose the code.
|
||||
|
||||
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -302,9 +302,7 @@ function compose_pm($id, $mode, $action)
|
|||
{
|
||||
delete_pm($user->data['user_id'], $msg_id, $folder_id);
|
||||
|
||||
/**
|
||||
* @todo jump to next message in "history"?
|
||||
*/
|
||||
// jump to next message in "history"? nope, not for the moment. But able to be included later.
|
||||
$meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id");
|
||||
$message = $user->lang['MESSAGE_DELETED'];
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue