some tiny changes

git-svn-id: file:///svn/phpbb/trunk@7452 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 22:28:51 +00:00 · 2007-05-02 21:08:50 +00:00 · 2007-05-02 21:08:50 +00:00 · 6b28ae8b22
commit 6b28ae8b22
parent 15aee89200
7 changed files with 76 additions and 37 deletions
--- a/phpBB/develop/adjust_avatars.php
+++ b/phpBB/develop/adjust_avatars.php
@ -32,8 +32,8 @@ if (!isset($config['avatar_salt']))
 // let's start with the users using a group_avatar.
 $sql = 'SELECT group_id, group_avatar
-	FROM ' . GROUPS_TABLE . 
+	FROM ' . GROUPS_TABLE . '
-	' WHERE group_avatar_type = ' . AVATAR_UPLOAD;
+	WHERE group_avatar_type = ' . AVATAR_UPLOAD;
 // We'll skip these, so remember them
 $group_avatars = array();
@ -44,21 +44,20 @@ $result = $db->sql_query($sql);
 while ($row = $db->sql_fetchrow($result))
 {
 	$new_avatar_name = adjust_avatar($row['group_avatar'], 'g' . $row['group_id']);
 	$group_avatars[] = $new_avatar_name;
 	// failure is probably due to the avatar name already being adjusted
-	if ($new_avatar_name  !== false)
+	if ($new_avatar_name !== false)
 	{
 		$sql = 'UPDATE ' . USERS_TABLE . "
-			SET user_avatar = '$new_avatar_name'
+			SET user_avatar = '" . $db->sql_escape($new_avatar_name) . "'
-			WHERE user_avatar = '{$row['group_avatar']}' 
+			WHERE user_avatar = '" . $db->sql_escape($row['group_avatar']) . "' 
 			AND user_avatar_type = " . AVATAR_UPLOAD;
 		$db->sql_query($sql);
 		$sql = 'UPDATE ' . GROUPS_TABLE . "
-			SET group_avatar = '$new_avatar_name'
+			SET group_avatar = '" . $db->sql_escape($new_avatar_name) . "'
 			WHERE group_id = {$row['group_id']}";
 		$db->sql_query($sql);
 	}
@ -84,21 +83,19 @@ $sql = 'SELECT user_id, username, user_avatar, user_avatar_type
 	FROM ' . USERS_TABLE . ' 
 	WHERE user_avatar_type = ' . AVATAR_UPLOAD . ' 
 	AND ' . $db->sql_in_set('user_avatar', $group_avatars, true, true);
 $result = $db->sql_query($sql);
 echo '<br /> Updating users' . "\n";
 while ($row = $db->sql_fetchrow($result))
 {
 	$new_avatar_name = adjust_avatar($row['user_avatar'], $row['user_id']);
 	// failure is probably due to the avatar name already being adjusted
-	if ($new_avatar_name  !== false)
+	if ($new_avatar_name !== false)
 	{
 		$sql = 'UPDATE ' . USERS_TABLE . "
-			SET user_avatar = '$new_avatar_name'
+			SET user_avatar = '" . $db->sql_escape($new_avatar_name) . "'
 			WHERE user_id = {$row['user_id']}";
 		$db->sql_query($sql);
 	}
@ -139,4 +136,5 @@ function adjust_avatar($old_name, $midfix)
 	}
 	return false;
 }
 ?>
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@ -486,8 +486,8 @@ class auth
 	{
 		global $db;
-		$sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : '';
+		$sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : '';
-		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : '';
+		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
 		$sql_opts = '';
@ -628,8 +628,8 @@ class auth
 	{
 		global $db;
-		$sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : '';
+		$sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : '';
-		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : '';
+		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
 		$sql_opts = '';
@ -682,8 +682,8 @@ class auth
 	{
 		global $db;
-		$sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? "group_id = $group_id" : $db->sql_in_set('group_id', $group_id)) : '';
+		$sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? 'group_id = ' . (int) $group_id : $db->sql_in_set('group_id', array_map('intval', $group_id))) : '';
-		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : '';
+		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
 		$sql_opts = '';
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -2468,27 +2468,32 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
 	return true;
 }
 /**
 * A small version of validate_username to check for a group name's existence. To be called directly.
 */
-function group_validate_groupname($group_id, $groupname)
+function group_validate_groupname($group_id, $group_name)
 {
 	global $config, $db;
-	$groupname =  utf8_clean_string($groupname); 
+	$group_name =  utf8_clean_string($group_name); 
 	if (!empty($group_id))
 	{
 		$sql = 'SELECT group_name
-				FROM ' . GROUPS_TABLE . '
+			FROM ' . GROUPS_TABLE . '
-				WHERE group_id = ' . (int)$group_id;
+			WHERE group_id = ' . (int) $group_id;
 		$result = $db->sql_query($sql);
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 		if (!$row)
 		{
 			return false;
 		}
 		$allowed_groupname = utf8_clean_string($row['group_name']);
-		if ($allowed_groupname == $groupname)
+
 		if ($allowed_groupname == $group_name)
 		{
 			return false;
 		}
@ -2496,7 +2501,7 @@ function group_validate_groupname($group_id, $groupname)
 	$sql = 'SELECT group_name
 		FROM ' . GROUPS_TABLE . "
-		WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($groupname)) . "'";
+		WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($group_name)) . "'";
 	$result = $db->sql_query($sql);
 	$row = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
@ -2505,11 +2510,10 @@ function group_validate_groupname($group_id, $groupname)
 	{
 		return 'GROUP_NAME_TAKEN';
 	}
 	return false;
 }
 /**
 * Set users default group
 *
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@ -60,6 +60,20 @@ require($phpbb_root_path . 'includes/constants.' . $phpEx);
 require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);
 require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 // If we are on PHP >= 6.0.0 we do not need some code
 if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
 {
 	/**
 	* @ignore
 	*/
 	define('STRIP', false);
 }
 else
 {
 	set_magic_quotes_runtime(0);
 	define('STRIP', (get_magic_quotes_gpc()) ? true : false);
 }
 $user = new user();
 $cache = new cache();
 $db = new $sql_db();
@ -698,16 +712,19 @@ if (version_compare($current_version, '3.0.b5', '<='))
 			$db->sql_query('DELETE FROM ' . STYLES_IMAGESET_TABLE);
 			$db->sql_query('DELETE FROM ' . STYLES_TEMPLATE_TABLE);
 			$db->sql_query('DELETE FROM ' . STYLES_TABLE);
 			$db->sql_query('DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE);
 			$db->sql_query('DELETE FROM ' . STYLES_THEME_TABLE);
 //			$db->sql_query('DELETE FROM ' . STYLES_IMAGESET_DATA_TABLE);
 		break;
 		default:
 			$db->sql_query('TRUNCATE TABLE ' . STYLES_IMAGESET_TABLE);
 			$db->sql_query('TRUNCATE TABLE ' . STYLES_TEMPLATE_TABLE);
 			$db->sql_query('TRUNCATE TABLE ' . STYLES_TABLE);
 			$db->sql_query('TRUNCATE TABLE ' . STYLES_IMAGESET_DATA_TABLE);
 			$db->sql_query('TRUNCATE TABLE ' . STYLES_THEME_TABLE);
 //			This table does not exist, as well as the constant not exist...
 //			$db->sql_query('TRUNCATE TABLE ' . STYLES_IMAGESET_DATA_TABLE);
 		break;
 	}
@ -869,6 +886,8 @@ if (version_compare($current_version, '3.0.b5', '<='))
 	$data = "INSERT INTO phpbb_styles (style_name, style_copyright, style_active, template_id, theme_id, imageset_id) VALUES ('prosilver', '&copy; phpBB Group', 1, 1, 1, 1);
 	INSERT INTO phpbb_styles (style_name, style_copyright, style_active, template_id, theme_id, imageset_id) VALUES ('subsilver2', '&copy; phpBB Group', 1, 2, 2, 2);
 	INSERT INTO phpbb_styles_imageset (imageset_name, imageset_copyright, imageset_path) VALUES ('prosilver', '&copy; phpBB Group', 'prosilver');
 	INSERT INTO phpbb_styles_imageset (imageset_name, imageset_copyright, imageset_path) VALUES ('subsilver2', '&copy; phpBB Group', 'subsilver2');
 	INSERT INTO phpbb_styles_imageset_data (image_name, image_filename, image_lang, image_height, image_width, imageset_id) VALUES ('site_logo', 'site_logo.gif', '', 94, 170, 2);
 	INSERT INTO phpbb_styles_imageset_data (image_name, image_filename, image_lang, image_height, image_width, imageset_id) VALUES ('upload_bar', 'upload_bar.gif', '', 16, 280, 2);
 	INSERT INTO phpbb_styles_imageset_data (image_name, image_filename, image_lang, image_height, image_width, imageset_id) VALUES ('poll_left', 'poll_left.gif', '', 12, 4, 2);
@ -1089,10 +1108,23 @@ if (version_compare($current_version, '3.0.b5', '<='))
 	set_config('avatar_salt', md5(mt_rand()));
-	$sql = 'UPDATE ' . ACL_OPTIONS_TABLE . ' SET is_local = 0 WHERE auth_option = \'m_warn\'';
+	$sql = 'UPDATE ' . ACL_OPTIONS_TABLE . "
 		SET is_local = 0
 		WHERE auth_option = 'm_warn'";
 	$db->sql_query($sql);
-	$sql = 'UPDATE ' . MODULES_TABLE . ' SET module_auth = \'acl_m_warn && acl_f_read,$id\' WHERE module_basename = \'warn\' AND module_mode = \'warn_post\'';
+	$cache->destroy('_acl_options');
 	$sql = 'UPDATE ' . MODULES_TABLE . '
 		SET module_auth = \'acl_m_warn && acl_f_read,$id\'
 		WHERE module_basename = \'warn\'
 			AND module_mode = \'warn_post\'
 			AND module_class = \'mcp\'';
 	$db->sql_query($sql);
 	$cache->destroy('_modules_mcp');
 	$sql = 'UPDATE ' . USERS_TABLE . " SET user_permissions = ''";
 	$db->sql_query($sql);
 	$no_updates = false;
--- a/phpBB/style.php
+++ b/phpBB/style.php
@ -128,9 +128,14 @@ if ($id && $sid)
 			$db->sql_query($sql);
 			$cache->destroy('sql', STYLES_THEME_TABLE);
 			header('Expires: 0');
 		}
 		else
 		{
 			header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
 		}
 		header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
 		header('Content-type: text/css');
 		// Parse Theme Data
--- a/phpBB/styles/prosilver/theme/common.css
+++ b/phpBB/styles/prosilver/theme/common.css
@ -128,7 +128,6 @@ p.right {
 	float: left;
 	width: auto;
 	padding: 10px 13px 0 10px;
 	height: auto;
 }
 a#logo:hover {
--- a/phpBB/styles/prosilver/theme/links.css
+++ b/phpBB/styles/prosilver/theme/links.css
@ -73,6 +73,7 @@ a.topictitle:active {
 /* Post body links */
 .postlink {
 	text-decoration: none;
 	color: #d2d2d2;
 	border-bottom: 1px solid #d2d2d2;
 	padding-bottom: 0;