some tiny fixes.

git-svn-id: file:///svn/phpbb/trunk@6614 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 22:28:51 +00:00 · 2006-11-19 21:00:48 +00:00 · 2006-11-19 21:00:48 +00:00 · 6a08242684
commit 6a08242684
parent f782890332
9 changed files with 44 additions and 25 deletions
--- a/phpBB/includes/acp/acp_modules.php
+++ b/phpBB/includes/acp/acp_modules.php
@ -580,14 +580,9 @@ class acp_modules
 			$right = $row['right_id'];
 			/**
 			* @todo think about using module class here
 			*/
 			if (!$ignore_acl && $row['module_auth'])
 			{
-				$is_auth = false;
+				if (!p_master::module_auth($row['module_auth']))
 				eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get("\\1"\\2)', 'true', '(int) $auth->acl_getf_global("\\1")', '(int) $config["\\1"]'), $row['module_auth']) . ');');
 				if (!$is_auth)
 				{
 					continue;
 				}
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -502,7 +502,7 @@ if (!function_exists('realpath'))
 				else if (isset($_SERVER['SCRIPT_FILENAME']) && !empty($_SERVER['SCRIPT_FILENAME']))
 				{
 					// Warning: If chdir() has been used this will lie!
-					// @todo This has some problems sometime (CLI can create them easily)
+					// Warning: This has some problems sometime (CLI can create them easily)
 					$path = str_replace(DIRECTORY_SEPARATOR, '/', dirname($_SERVER['SCRIPT_FILENAME'])) . '/' . $path;
 					$absolute = true;
 					$path_prefix = '';
@ -2907,9 +2907,6 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
 				return;
 			}
 			/**
 			* @todo Think about removing the if-condition within the final product, since we no longer enable DEBUG by default and we will maybe adjust the error reporting level
 			*/			
 			if (defined('DEBUG'))
 			{
 				if (strpos($errfile, 'cache') === false && strpos($errfile, 'template.') === false)
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@ -1946,8 +1946,6 @@ function split_sql_file($sql, $delimiter)
 /**
 * Cache moderators, called whenever permissions are changed via admin_permissions. Changes of username
 * and group names must be carried through for the moderators table
 *
 * @todo let the admin define if he wants to display moderators (forum-based) - display_on_index already present and checked for...
 */
 function cache_moderators()
 {
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@ -583,6 +583,10 @@ function get_moderators(&$forum_moderators, $forum_id = false)
 /**
 * User authorisation levels output
 *
 * @param	string	$mode			Can be forum or topic. Not in use at the moment.
 * @param	int		$forum_id		The current forum the user is in.
 * @param	int		$forum_status	The forums status bit.
 */
 function gen_forum_auth_level($mode, $forum_id, $forum_status)
 {
@ -955,12 +959,10 @@ function display_custom_bbcodes()
 	// Start counting from 22 for the bbcode ids (every bbcode takes two ids - opening/closing)
 	$num_predefined_bbcodes = 22;
 	/*
 	* @todo while adjusting custom bbcodes, think about caching this query as well as correct ordering
 	*/
 	$sql = 'SELECT bbcode_id, bbcode_tag, bbcode_helpline
 		FROM ' . BBCODES_TABLE . '
-		WHERE display_on_posting = 1';
+		WHERE display_on_posting = 1
 		ORDER BY bbcode_tag';
 	$result = $db->sql_query($sql);
 	$i = 0;
--- a/phpBB/includes/functions_module.php
+++ b/phpBB/includes/functions_module.php
@ -213,7 +213,6 @@ class p_master
 	/**
 	* Check module authorisation
 	* @todo Have a look at the eval statement and replace with other code...
 	*/
 	function module_auth($module_auth)
 	{
@ -227,8 +226,38 @@ class p_master
 			return true;
 		}
 		// With the code below we make sure only those elements get eval'd we really want to be checked
 		preg_match_all('/(?:
 			"[^"\\\\]*(?:\\\\.[^"\\\\]*)*"         |
 			\'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\'     |
 			[(),]                                  |
 			[^\s(),]+)/x', $module_auth, $match);
 		$tokens = $match[0];
 		for ($i = 0, $size = sizeof($tokens); $i < $size; $i++)
 		{
 			$token = &$tokens[$i];
 			switch ($token)
 			{
 				case ')':
 				case '(':
 				case '&&':
 				case '||':
 				break;
 				default:
 					if (!preg_match('#(?:acl_([a-z_]+)(,\$id)?)|(?:\$id)|(?:aclf_([a-z_]+))|(?:cfg_([a-z_]+))#', $token))
 					{
 						$token = '';
 					}
 				break;
 			}
 		}
 		$module_auth = implode(' ', $tokens);
 		$is_auth = false;
-		eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get("\\1"\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global("\\1")', '(int) $config["\\1"]'), $module_auth) . ');');
+		eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z_]+)#', '#cfg_([a-z_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $this->acl_forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']'), $module_auth) . ');');
 		return $is_auth;
 	}
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@ -1242,7 +1242,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
 				$sql_data[FORUMS_TABLE] = 'forum_posts = forum_posts - 1';
 			}
-			$sql_data[TOPICS_TABLE] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . ", topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
+			$sql_data[TOPICS_TABLE] = 'topic_first_post_id = ' . intval($row['post_id']) . ", topic_first_poster_colour = '" . $db->sql_escape($row['user_colour']) . "', topic_first_poster_name = '" . (($row['poster_id'] == ANONYMOUS) ? $db->sql_escape($row['post_username']) : $db->sql_escape($row['username'])) . "'";
 			$sql_data[TOPICS_TABLE] .= ', topic_replies_real = topic_replies_real - 1' . (($data['post_approved']) ? ', topic_replies = topic_replies - 1' : '');
 			$next_post_id = (int) $row['post_id'];
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -1115,8 +1115,7 @@ function validate_match($string, $optional = false, $match)
 * Also checks if it includes the " character, which we don't allow in usernames.
 * Used for registering, changing names, and posting anonymously with a username
 *
-* @todo do we really check and disallow the " character in usernames as written above. Has it only be forgotten to include the check?
+* @return	mixed	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
 * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
 */
 function validate_username($username)
 {
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@ -1039,7 +1039,8 @@ class user extends session
 			/**
 			* If a guest user is surfing, we try to guess his/her language first by obtaining the browser language
-			* @todo if re-enabled we need to make sure only those languages installed are checked
+			* If re-enabled we need to make sure only those languages installed are checked
 			* Commented out so we do not loose the code.
 			if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
 			{
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@ -302,9 +302,7 @@ function compose_pm($id, $mode, $action)
 		{
 			delete_pm($user->data['user_id'], $msg_id, $folder_id);
-			/**
+			// jump to next message in "history"? nope, not for the moment. But able to be included later.
 			* @todo jump to next message in "history"?
 			*/
 			$meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&amp;folder=$folder_id");
 			$message = $user->lang['MESSAGE_DELETED'];