makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Yet more fixes ... note there is a bug in user admin at present

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3083 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-11-24 16:22:52 +00:00
parent 95c6156b4a
commit 73650b59c7
10 changed files with 414 additions and 401 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

361
phpBB/admin/admin_users.php
View file

@ -68,6 +68,184 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
} }
if( $HTTP_POST_VARS['deleteuser'] )
{
$sql = "SELECT g.group_id
FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
AND g.group_single_user = 1";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . DELETED . ", post_username = '$username'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_poster = " . DELETED . "
WHERE topic_poster = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . VOTE_USERS_TABLE . "
SET vote_user_id = " . DELETED . "
WHERE vote_user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT group_id
FROM " . GROUPS_TABLE . "
WHERE group_moderator = $user_id";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
}
while ( $row_group = $db->sql_fetchrow($result) )
{
$group_moderator[] = $row_group['group_id'];
}
if ( count($group_moderator) )
{
$update_moderator_id = implode(', ', $group_moderator);
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_moderator = " . $userdata['user_id'] . "
WHERE group_moderator IN ($update_moderator_id)";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
}
}
$sql = "DELETE FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $row['group_id'];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = " . $row['group_id'];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE user_id = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT privmsgs_id
FROM " . PRIVMSGS_TABLE . "
WHERE ( ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )
OR ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SENT_MAIL . " )
OR ( privmsgs_to_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_READ_MAIL . " )
OR ( privmsgs_to_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) )";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select all user\'s private messages', '', __LINE__, __FILE__, $sql);
}
//
// This little bit of code directly from the private messaging section.
// Thanks Paul!
//
while ( $row_privmsgs = $db->sql_fetchrow($result) )
{
$mark_list[] = $row_privmsgs['privmsgs_id'];
}
if ( count($mark_list) )
{
$delete_sql_id = implode(', ', $mark_list);
//
// We shouldn't need to worry about updating conters here...
// They are already gone!
//
$delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
WHERE privmsgs_text_id IN ($delete_sql_id)";
$delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_id IN ($delete_sql_id)";
//
// Shouldn't need the switch statement here, either, as we just want
// to take out all of the private messages. This will not affect
// the other messages we want to keep; the ids are unique.
//
if ( !$db->sql_query($delete_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
}
if ( !$db->sql_query($delete_text_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
}
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_to_userid = " . DELETED . "
WHERE privmsgs_to_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private messages saved to the user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_from_userid = " . DELETED . "
WHERE privmsgs_from_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private messages saved from the user', '', __LINE__, __FILE__, $sql);
}
$message = $lang['User_deleted'] . '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : ''; $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : ''; $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
@ -495,187 +673,10 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
// //
if( !$error ) if( !$error )
{ {
if( $HTTP_POST_VARS['deleteuser'] ) $sql = "UPDATE " . USERS_TABLE . "
{ SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . "
$sql = "SELECT g.group_id WHERE user_id = $user_id";
FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
AND g.group_single_user = 1";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
SET poster_id = " . DELETED . ", post_username = '$username'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_poster = " . DELETED . "
WHERE topic_poster = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . VOTE_USERS_TABLE . "
SET vote_user_id = " . DELETED . "
WHERE vote_user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT group_id
FROM " . GROUPS_TABLE . "
WHERE group_moderator = $user_id";
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
}
while ( $row_group = $db->sql_fetchrow($result) )
{
$group_moderator[] = $row_group['group_id'];
}
if ( count($group_moderator) )
{
$update_moderator_id = implode(', ', $group_moderator);
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_moderator = " . $userdata['user_id'] . "
WHERE group_moderator IN ($update_moderator_id)";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
}
}
$sql = "DELETE FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = $user_id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $row['group_id'];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = " . $row['group_id'];
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
WHERE user_id = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql);
}
$sql = "SELECT privmsgs_id
FROM " . PRIVMSGS_TABLE . "
WHERE ( ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )
OR ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SENT_MAIL . " )
OR ( privmsgs_to_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_READ_MAIL . " )
OR ( privmsgs_to_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( privmsgs_from_userid = $user_id
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) )";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select all user\'s private messages', '', __LINE__, __FILE__, $sql);
}
//
// This little bit of code directly from the private messaging section.
// Thanks Paul!
//
while ( $row_privmsgs = $db->sql_fetchrow($result) )
{
$mark_list[] = $row_privmsgs['privmsgs_id'];
}
if ( count($mark_list) )
{
$delete_sql_id = implode(', ', $mark_list);
//
// We shouldn't need to worry about updating conters here...
// They are already gone!
//
$delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
WHERE privmsgs_text_id IN ($delete_sql_id)";
$delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_id IN ($delete_sql_id)";
//
// Shouldn't need the switch statement here, either, as we just want
// to take out all of the private messages. This will not affect
// the other messages we want to keep; the ids are unique.
//
if ( !$db->sql_query($delete_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
}
if ( !$db->sql_query($delete_text_sql) )
{
message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
}
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_to_userid = " . DELETED . "
WHERE privmsgs_to_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private messages saved to the user', '', __LINE__, __FILE__, $sql);
}
$sql = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_from_userid = " . DELETED . "
WHERE privmsgs_from_userid = $user_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private messages saved from the user', '', __LINE__, __FILE__, $sql);
}
$message = $lang['User_deleted'];
}
else
{
$sql = "UPDATE " . USERS_TABLE . "
SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . "
WHERE user_id = $user_id";
if( $result = $db->sql_query($sql) ) if( $result = $db->sql_query($sql) )
{ {
if( isset($rename_user) ) if( isset($rename_user) )

2
phpBB/db/schemas/mssql_basic.sql
View file

@ -242,4 +242,4 @@ INSERT INTO phpbb_search_wordmatch (word_id, post_id, title_match) VALUES ( 11,
INSERT INTO phpbb_search_wordmatch (word_id, post_id, title_match) VALUES ( 12, 1, 1 ); INSERT INTO phpbb_search_wordmatch (word_id, post_id, title_match) VALUES ( 12, 1, 1 );
INSERT INTO phpbb_search_wordmatch (word_id, post_id, title_match) VALUES ( 3, 1, 1 ); INSERT INTO phpbb_search_wordmatch (word_id, post_id, title_match) VALUES ( 3, 1, 1 );
COMMIT; COMMIT;

184
phpBB/db/schemas/mssql_schema.sql
View file

@ -1,6 +1,6 @@
/* /*
mssql_schema.sql for phpBB2 (c) 2001, phpBB Group mssql_schema.sql for phpBB2 (c) 2001, phpBB Group
$Id$ $Id$
@ -23,7 +23,7 @@ CREATE TABLE [phpbb_auth_access] (
[auth_vote] [smallint] NOT NULL , [auth_vote] [smallint] NOT NULL ,
[auth_pollcreate] [smallint] NOT NULL , [auth_pollcreate] [smallint] NOT NULL ,
[auth_attachments] [smallint] NOT NULL , [auth_attachments] [smallint] NOT NULL ,
[auth_mod] [smallint] NOT NULL [auth_mod] [smallint] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -31,26 +31,26 @@ CREATE TABLE [phpbb_banlist] (
[ban_id] [int] IDENTITY (1, 1) NOT NULL , [ban_id] [int] IDENTITY (1, 1) NOT NULL ,
[ban_userid] [int] NULL , [ban_userid] [int] NULL ,
[ban_ip] [char] (8) NULL , [ban_ip] [char] (8) NULL ,
[ban_email] [varchar] (50) NULL [ban_email] [varchar] (50) NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_categories] ( CREATE TABLE [phpbb_categories] (
[cat_id] [int] IDENTITY (1, 1) NOT NULL , [cat_id] [int] IDENTITY (1, 1) NOT NULL ,
[cat_title] [varchar] (50) NOT NULL , [cat_title] [varchar] (50) NOT NULL ,
[cat_order] [int] NOT NULL [cat_order] [int] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_config] ( CREATE TABLE [phpbb_config] (
[config_name] [varchar] (255) NULL , [config_name] [varchar] (255) NULL ,
[config_value] [varchar] (255) NULL [config_value] [varchar] (255) NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_disallow] ( CREATE TABLE [phpbb_disallow] (
[disallow_id] [int] IDENTITY (1, 1) NOT NULL , [disallow_id] [int] IDENTITY (1, 1) NOT NULL ,
[disallow_username] [varchar] (100) NULL [disallow_username] [varchar] (100) NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -58,7 +58,7 @@ CREATE TABLE [phpbb_forum_prune] (
[prune_id] [int] IDENTITY (1, 1) NOT NULL , [prune_id] [int] IDENTITY (1, 1) NOT NULL ,
[forum_id] [int] NOT NULL , [forum_id] [int] NOT NULL ,
[prune_days] [int] NOT NULL , [prune_days] [int] NOT NULL ,
[prune_freq] [int] NOT NULL [prune_freq] [int] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -84,7 +84,7 @@ CREATE TABLE [phpbb_forums] (
[auth_announce] [smallint] NOT NULL , [auth_announce] [smallint] NOT NULL ,
[auth_vote] [smallint] NOT NULL , [auth_vote] [smallint] NOT NULL ,
[auth_pollcreate] [smallint] NOT NULL , [auth_pollcreate] [smallint] NOT NULL ,
[auth_attachments] [smallint] NOT NULL [auth_attachments] [smallint] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -94,7 +94,7 @@ CREATE TABLE [phpbb_groups] (
[group_name] [varchar] (50) NOT NULL , [group_name] [varchar] (50) NOT NULL ,
[group_description] [varchar] (255) NOT NULL , [group_description] [varchar] (255) NOT NULL ,
[group_moderator] [int] NULL , [group_moderator] [int] NULL ,
[group_single_user] [smallint] NOT NULL [group_single_user] [smallint] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -111,7 +111,7 @@ CREATE TABLE [phpbb_posts] (
[enable_smilies] [smallint] NULL , [enable_smilies] [smallint] NULL ,
[enable_sig] [smallint] NULL , [enable_sig] [smallint] NULL ,
[post_edit_time] [int] NULL , [post_edit_time] [int] NULL ,
[post_edit_count] [smallint] NULL [post_edit_count] [smallint] NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -119,7 +119,7 @@ CREATE TABLE [phpbb_posts_text] (
[post_id] [int] NOT NULL , [post_id] [int] NOT NULL ,
[bbcode_uid] [char] (10) NULL , [bbcode_uid] [char] (10) NULL ,
[post_subject] [char] (60) NULL , [post_subject] [char] (60) NULL ,
[post_text] [text] NULL [post_text] [text] NULL
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO GO
@ -134,14 +134,14 @@ CREATE TABLE [phpbb_privmsgs] (
[privmsgs_enable_bbcode] [smallint] NULL , [privmsgs_enable_bbcode] [smallint] NULL ,
[privmsgs_enable_html] [smallint] NULL , [privmsgs_enable_html] [smallint] NULL ,
[privmsgs_enable_smilies] [smallint] NULL , [privmsgs_enable_smilies] [smallint] NULL ,
[privmsgs_attach_sig] [smallint] NULL [privmsgs_attach_sig] [smallint] NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_privmsgs_text] ( CREATE TABLE [phpbb_privmsgs_text] (
[privmsgs_text_id] [int] NOT NULL , [privmsgs_text_id] [int] NOT NULL ,
[privmsgs_bbcode_uid] [char] (10) NULL , [privmsgs_bbcode_uid] [char] (10) NULL ,
[privmsgs_text] [text] NULL [privmsgs_text] [text] NULL
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO GO
@ -150,28 +150,28 @@ CREATE TABLE [phpbb_ranks] (
[rank_title] [varchar] (50) NOT NULL , [rank_title] [varchar] (50) NOT NULL ,
[rank_min] [int] NULL , [rank_min] [int] NULL ,
[rank_special] [smallint] NULL , [rank_special] [smallint] NULL ,
[rank_image] [varchar] (50) NULL [rank_image] [varchar] (50) NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_search_results] ( CREATE TABLE [phpbb_search_results] (
[search_id] [int] NOT NULL , [search_id] [int] NOT NULL ,
[session_id] [char] (32) NOT NULL , [session_id] [char] (32) NOT NULL ,
[search_array] [text] NOT NULL [search_array] [text] NOT NULL
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_search_wordlist] ( CREATE TABLE [phpbb_search_wordlist] (
[word_id] [int] IDENTITY (1, 1) NOT NULL , [word_id] [int] IDENTITY (1, 1) NOT NULL ,
[word_text] [varchar] (50) NOT NULL , [word_text] [varchar] (50) NOT NULL ,
[word_common] [tinyint] NOT NULL [word_common] [tinyint] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_search_wordmatch] ( CREATE TABLE [phpbb_search_wordmatch] (
[post_id] [int] NOT NULL , [post_id] [int] NOT NULL ,
[word_id] [int] NOT NULL , [word_id] [int] NOT NULL ,
[title_match] [smallint] NOT NULL [title_match] [smallint] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -182,7 +182,7 @@ CREATE TABLE [phpbb_sessions] (
[session_time] [int] NULL , [session_time] [int] NULL ,
[session_ip] [char] (8) NOT NULL , [session_ip] [char] (8) NOT NULL ,
[session_page] [int] NULL , [session_page] [int] NULL ,
[session_logged_in] [smallint] NULL [session_logged_in] [smallint] NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -190,7 +190,7 @@ CREATE TABLE [phpbb_smilies] (
[smilies_id] [int] IDENTITY (1, 1) NOT NULL , [smilies_id] [int] IDENTITY (1, 1) NOT NULL ,
[code] [varchar] (10) NOT NULL , [code] [varchar] (10) NOT NULL ,
[smile_url] [varchar] (50) NOT NULL , [smile_url] [varchar] (50) NOT NULL ,
[emoticon] [varchar] (50) NULL [emoticon] [varchar] (50) NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -237,7 +237,7 @@ CREATE TABLE [phpbb_themes] (
[span_class2] [varchar] (25) NULL , [span_class2] [varchar] (25) NULL ,
[span_class3] [varchar] (25) NULL , [span_class3] [varchar] (25) NULL ,
[img_size_poll] [smallint] NULL , [img_size_poll] [smallint] NULL ,
[img_size_privmsg] [smallint] NULL [img_size_privmsg] [smallint] NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -289,21 +289,21 @@ CREATE TABLE [phpbb_topics] (
[topic_vote] [smallint] NOT NULL , [topic_vote] [smallint] NOT NULL ,
[topic_first_post_id] [int] NULL , [topic_first_post_id] [int] NULL ,
[topic_last_post_id] [int] NULL , [topic_last_post_id] [int] NULL ,
[topic_moved_id] [int] NULL [topic_moved_id] [int] NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_topics_watch] ( CREATE TABLE [phpbb_topics_watch] (
[topic_id] [int] NOT NULL , [topic_id] [int] NOT NULL ,
[user_id] [int] NOT NULL , [user_id] [int] NOT NULL ,
[notify_status] [smallint] NOT NULL [notify_status] [smallint] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_user_group] ( CREATE TABLE [phpbb_user_group] (
[group_id] [int] NOT NULL , [group_id] [int] NOT NULL ,
[user_id] [int] NOT NULL , [user_id] [int] NOT NULL ,
[user_pending] [smallint] NULL [user_pending] [smallint] NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -352,7 +352,7 @@ CREATE TABLE [phpbb_users] (
[user_interests] [varchar] (255) NULL , [user_interests] [varchar] (255) NULL ,
[user_actkey] [varchar] (32) NULL , [user_actkey] [varchar] (32) NULL ,
[user_newpasswd] [varchar] (32) NULL , [user_newpasswd] [varchar] (32) NULL ,
[user_notify] [smallint] NOT NULL [user_notify] [smallint] NOT NULL
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO GO
@ -361,7 +361,7 @@ CREATE TABLE [phpbb_vote_desc] (
[topic_id] [int] NOT NULL , [topic_id] [int] NOT NULL ,
[vote_text] [varchar] (255) NOT NULL , [vote_text] [varchar] (255) NOT NULL ,
[vote_start] [int] NOT NULL , [vote_start] [int] NOT NULL ,
[vote_length] [int] NOT NULL [vote_length] [int] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
@ -369,158 +369,158 @@ CREATE TABLE [phpbb_vote_results] (
[vote_id] [int] NOT NULL , [vote_id] [int] NOT NULL ,
[vote_option_id] [int] NOT NULL , [vote_option_id] [int] NOT NULL ,
[vote_option_text] [varchar] (255) NOT NULL , [vote_option_text] [varchar] (255) NOT NULL ,
[vote_result] [int] NOT NULL [vote_result] [int] NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_vote_voters] ( CREATE TABLE [phpbb_vote_voters] (
[vote_id] [int] NOT NULL , [vote_id] [int] NOT NULL ,
[vote_user_id] [int] NOT NULL , [vote_user_id] [int] NOT NULL ,
[vote_user_ip] [char] (8) NOT NULL [vote_user_ip] [char] (8) NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
CREATE TABLE [phpbb_words] ( CREATE TABLE [phpbb_words] (
[word_id] [int] IDENTITY (1, 1) NOT NULL , [word_id] [int] IDENTITY (1, 1) NOT NULL ,
[word] [varchar] (255) NOT NULL , [word] [varchar] (255) NOT NULL ,
[replacement] [varchar] (255) NOT NULL [replacement] [varchar] (255) NOT NULL
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_banlist] WITH NOCHECK ADD ALTER TABLE [phpbb_banlist] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_banlist] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_banlist] PRIMARY KEY CLUSTERED
( (
[ban_id] [ban_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_categories] WITH NOCHECK ADD ALTER TABLE [phpbb_categories] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_categories] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_categories] PRIMARY KEY CLUSTERED
( (
[cat_id] [cat_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_disallow] WITH NOCHECK ADD ALTER TABLE [phpbb_disallow] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_disallow] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_disallow] PRIMARY KEY CLUSTERED
( (
[disallow_id] [disallow_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_forum_prune] WITH NOCHECK ADD ALTER TABLE [phpbb_forum_prune] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_forum_prune] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_forum_prune] PRIMARY KEY CLUSTERED
( (
[prune_id] [prune_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_forums] WITH NOCHECK ADD ALTER TABLE [phpbb_forums] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_forums] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_forums] PRIMARY KEY CLUSTERED
( (
[forum_id] [forum_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_groups] WITH NOCHECK ADD ALTER TABLE [phpbb_groups] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_groups] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_groups] PRIMARY KEY CLUSTERED
( (
[group_id] [group_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_posts] WITH NOCHECK ADD ALTER TABLE [phpbb_posts] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_posts] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_posts] PRIMARY KEY CLUSTERED
( (
[post_id] [post_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_privmsgs] WITH NOCHECK ADD ALTER TABLE [phpbb_privmsgs] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_privmsgs] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_privmsgs] PRIMARY KEY CLUSTERED
( (
[privmsgs_id] [privmsgs_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_privmsgs_text] WITH NOCHECK ADD ALTER TABLE [phpbb_privmsgs_text] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_privmsgs_text] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_privmsgs_text] PRIMARY KEY CLUSTERED
( (
[privmsgs_text_id] [privmsgs_text_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_ranks] WITH NOCHECK ADD ALTER TABLE [phpbb_ranks] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_ranks] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_ranks] PRIMARY KEY CLUSTERED
( (
[rank_id] [rank_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_search_results] WITH NOCHECK ADD ALTER TABLE [phpbb_search_results] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_search_results] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_search_results] PRIMARY KEY CLUSTERED
( (
[search_id] [search_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_search_wordlist] WITH NOCHECK ADD ALTER TABLE [phpbb_search_wordlist] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_search_wordlist] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_search_wordlist] PRIMARY KEY CLUSTERED
( (
[word_id] [word_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_smilies] WITH NOCHECK ADD ALTER TABLE [phpbb_smilies] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_smilies] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_smilies] PRIMARY KEY CLUSTERED
( (
[smilies_id] [smilies_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_themes] WITH NOCHECK ADD ALTER TABLE [phpbb_themes] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_themes] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_themes] PRIMARY KEY CLUSTERED
( (
[themes_id] [themes_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_themes_name] WITH NOCHECK ADD ALTER TABLE [phpbb_themes_name] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_themes_name] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_themes_name] PRIMARY KEY CLUSTERED
( (
[themes_id] [themes_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_topics] WITH NOCHECK ADD ALTER TABLE [phpbb_topics] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_topics] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_topics] PRIMARY KEY CLUSTERED
( (
[topic_id] [topic_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_users] WITH NOCHECK ADD ALTER TABLE [phpbb_users] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_users] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_users] PRIMARY KEY CLUSTERED
( (
[user_id] [user_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_vote_desc] WITH NOCHECK ADD ALTER TABLE [phpbb_vote_desc] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_vote_desc] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_vote_desc] PRIMARY KEY CLUSTERED
( (
[vote_id] [vote_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_words] WITH NOCHECK ADD ALTER TABLE [phpbb_words] WITH NOCHECK ADD
CONSTRAINT [PK_phpbb_words] PRIMARY KEY CLUSTERED CONSTRAINT [PK_phpbb_words] PRIMARY KEY CLUSTERED
( (
[word_id] [word_id]
) ON [PRIMARY] ) ON [PRIMARY]
GO GO
ALTER TABLE [phpbb_auth_access] WITH NOCHECK ADD ALTER TABLE [phpbb_auth_access] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_auth_access_auth_view] DEFAULT (0) FOR [auth_view], CONSTRAINT [DF_phpbb_auth_access_auth_view] DEFAULT (0) FOR [auth_view],
CONSTRAINT [DF_phpbb_auth_access_auth_read] DEFAULT (0) FOR [auth_read], CONSTRAINT [DF_phpbb_auth_access_auth_read] DEFAULT (0) FOR [auth_read],
CONSTRAINT [DF_phpbb_auth_access_auth_post] DEFAULT (0) FOR [auth_post], CONSTRAINT [DF_phpbb_auth_access_auth_post] DEFAULT (0) FOR [auth_post],
@ -535,7 +535,7 @@ ALTER TABLE [phpbb_auth_access] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_auth_access_auth_mod] DEFAULT (0) FOR [auth_mod] CONSTRAINT [DF_phpbb_auth_access_auth_mod] DEFAULT (0) FOR [auth_mod]
GO GO
ALTER TABLE [phpbb_forums] WITH NOCHECK ADD ALTER TABLE [phpbb_forums] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_forums_forum_posts] DEFAULT (0) FOR [forum_posts], CONSTRAINT [DF_phpbb_forums_forum_posts] DEFAULT (0) FOR [forum_posts],
CONSTRAINT [DF_phpbb_forums_forum_topics] DEFAULT (0) FOR [forum_topics], CONSTRAINT [DF_phpbb_forums_forum_topics] DEFAULT (0) FOR [forum_topics],
CONSTRAINT [DF_phpbb_forums_forum_last_post_id] DEFAULT (0) FOR [forum_last_post_id], CONSTRAINT [DF_phpbb_forums_forum_last_post_id] DEFAULT (0) FOR [forum_last_post_id],
@ -553,20 +553,20 @@ ALTER TABLE [phpbb_forums] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_forums_auth_attachments] DEFAULT (0) FOR [auth_attachments] CONSTRAINT [DF_phpbb_forums_auth_attachments] DEFAULT (0) FOR [auth_attachments]
GO GO
ALTER TABLE [phpbb_search_wordlist] WITH NOCHECK ADD ALTER TABLE [phpbb_search_wordlist] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_search_wordlist_word_common] DEFAULT (0) FOR [word_common] CONSTRAINT [DF_phpbb_search_wordlist_word_common] DEFAULT (0) FOR [word_common]
GO GO
ALTER TABLE [phpbb_topics] WITH NOCHECK ADD ALTER TABLE [phpbb_topics] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_topics_topic_views] DEFAULT (0) FOR [topic_views], CONSTRAINT [DF_phpbb_topics_topic_views] DEFAULT (0) FOR [topic_views],
CONSTRAINT [DF_phpbb_topics_topic_replies] DEFAULT (0) FOR [topic_replies], CONSTRAINT [DF_phpbb_topics_topic_replies] DEFAULT (0) FOR [topic_replies],
CONSTRAINT [DF_phpbb_topics_topic_status] DEFAULT (0) FOR [topic_status], CONSTRAINT [DF_phpbb_topics_topic_status] DEFAULT (0) FOR [topic_status],
CONSTRAINT [DF_phpbb_topics_topic_type] DEFAULT (0) FOR [topic_type], CONSTRAINT [DF_phpbb_topics_topic_type] DEFAULT (0) FOR [topic_type],
CONSTRAINT [DF_phpbb_topics_topic_vote] DEFAULT (0) FOR [topic_vote], CONSTRAINT [DF_phpbb_topics_topic_vote] DEFAULT (0) FOR [topic_vote],
CONSTRAINT [DF_phpbb_topics_topic_moved_id] DEFAULT (0) FOR topic_moved_id CONSTRAINT [DF_phpbb_topics_topic_moved_id] DEFAULT (0) FOR topic_moved_id
GO GO
ALTER TABLE [phpbb_users] WITH NOCHECK ADD ALTER TABLE [phpbb_users] WITH NOCHECK ADD
CONSTRAINT [DF_phpbb_users_user_level] DEFAULT (0) FOR [user_level], CONSTRAINT [DF_phpbb_users_user_level] DEFAULT (0) FOR [user_level],
CONSTRAINT [DF_phpbb_users_user_posts] DEFAULT (0) FOR [user_posts], CONSTRAINT [DF_phpbb_users_user_posts] DEFAULT (0) FOR [user_posts],
CONSTRAINT [DF_phpbb_users_user_session_time] DEFAULT (0) FOR [user_session_time], CONSTRAINT [DF_phpbb_users_user_session_time] DEFAULT (0) FOR [user_session_time],
@ -665,4 +665,4 @@ GO
GO GO
COMMIT COMMIT
GO GO

8
phpBB/groupcp.php
View file

@ -127,7 +127,7 @@ $server_url = $server_protocol . $server_name . $server_port . $script_name;
if ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) if ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) )
{ {
$group_id = ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_GET_VARS[POST_GROUPS_URL]) : intval($HTTP_POST_VARS[POST_GROUPS_URL]); $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
} }
else else
{ {
@ -1243,7 +1243,11 @@ else
$template->assign_block_vars('switch_groups_remaining', array() ); $template->assign_block_vars('switch_groups_remaining', array() );
} }
$s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; $s_hidden_fields = '';
if ( !empty($SID) )
{
$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
}
$template->assign_vars(array( $template->assign_vars(array(
'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'], 'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'],

8
phpBB/includes/functions.php
View file

@ -92,7 +92,7 @@ function get_userdata($user)
function make_jumpbox($action, $match_forum_id = 0) function make_jumpbox($action, $match_forum_id = 0)
{ {
global $template, $lang, $db, $SID, $nav_links, $phpEx; global $template, $userdata, $lang, $db, $nav_links, $phpEx;
// $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata); // $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
@ -174,9 +174,9 @@ function make_jumpbox($action, $match_forum_id = 0)
$boxstring .= '<select name="' . POST_FORUM_URL . '" onChange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>'; $boxstring .= '<select name="' . POST_FORUM_URL . '" onChange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
} }
if ( isset($SID) ) if ( !empty($SID) )
{ {
$boxstring .= '<input type="hidden" name="sid" value="' . substr($SID, 4) . '" />'; $boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
} }
$template->set_filenames(array( $template->set_filenames(array(
@ -288,7 +288,7 @@ function setup_style($style)
message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__); message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__);
} }
$img_lang = ( file_exists(@realpath($current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english'; $img_lang = ( file_exists(@realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english';
while( list($key, $value) = @each($images) ) while( list($key, $value) = @each($images) )
{ {

6
phpBB/includes/usercp_avatar.php
View file

@ -96,7 +96,7 @@ function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype) function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype)
{ {
global $board_config, $user_ip, $db, $lang; global $board_config, $db, $lang;
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; $ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
@ -145,7 +145,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
$avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize); $avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $board_config['avatar_path'] . '/tmp'; $tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $board_config['avatar_path'] . '/tmp';
$tmp_filename = tempnam($tmp_path, uniqid($user_ip) . '-'); $tmp_filename = tempnam($tmp_path, uniqid(rand()) . '-');
$fptr = @fopen($tmp_filename, 'wb'); $fptr = @fopen($tmp_filename, 'wb');
$bytes_written = @fwrite($fptr, $avatar_data, $avatar_filesize); $bytes_written = @fwrite($fptr, $avatar_data, $avatar_filesize);
@ -193,7 +193,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{ {
$new_filename = uniqid($user_ip) . $imgtype; $new_filename = uniqid(rand()) . $imgtype;
if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' ) if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' )
{ {

89
phpBB/includes/usercp_register.php
View file

@ -101,7 +101,7 @@ if (
{ {
if ( !empty($HTTP_POST_VARS[$param]) ) if ( !empty($HTTP_POST_VARS[$param]) )
{ {
$$var = trim(strip_tags($HTTP_POST_VARS[$param])); $$var = trim(htmlspecialchars(strip_tags($HTTP_POST_VARS[$param])));
} }
} }
@ -115,8 +115,6 @@ if (
} }
} }
$username = str_replace('&nbsp;', '', $username);
$email = htmlspecialchars($email);
$signature = str_replace('<br />', "\n", $signature); $signature = str_replace('<br />', "\n", $signature);
// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to // Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
@ -152,7 +150,7 @@ if (
{ {
if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) ) if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) )
{ {
$user_lang = $HTTP_POST_VARS['language']; $user_lang = htmlspecialchars($HTTP_POST_VARS['language']);
} }
else else
{ {
@ -166,7 +164,7 @@ if (
} }
$user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone']; $user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim($HTTP_POST_VARS['dateformat']) : $board_config['default_dateformat']; $user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' ); $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
@ -188,29 +186,23 @@ if (
$password_confirm = stripslashes($password_confirm); $password_confirm = stripslashes($password_confirm);
$icq = stripslashes($icq); $icq = stripslashes($icq);
$aim = htmlspecialchars(stripslashes($aim)); $aim = stripslashes($aim);
$msn = htmlspecialchars(stripslashes($msn)); $msn = stripslashes($msn);
$yim = htmlspecialchars(stripslashes($yim)); $yim = stripslashes($yim);
$website = htmlspecialchars(stripslashes($website)); $website = stripslashes($website);
$location = htmlspecialchars(stripslashes($location)); $location = stripslashes($location);
$occupation = htmlspecialchars(stripslashes($occupation)); $occupation = stripslashes($occupation);
$interests = htmlspecialchars(stripslashes($interests)); $interests = stripslashes($interests);
$signature = htmlspecialchars(stripslashes($signature)); $signature = stripslashes($signature);
$user_lang = stripslashes($user_lang); $user_lang = stripslashes($user_lang);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat)); $user_dateformat = stripslashes($user_dateformat);
if ( !isset($HTTP_POST_VARS['cancelavatar'])) if ( !isset($HTTP_POST_VARS['cancelavatar']))
{ {
$user_avatar = $user_avatar_local; $user_avatar = $user_avatar_local;
$user_avatar_type = USER_AVATAR_GALLERY; $user_avatar_type = USER_AVATAR_GALLERY;
if ( $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && @file_exists(@realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
{
@unlink('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']);
}
} }
} }
} }
@ -344,13 +336,17 @@ if ( isset($HTTP_POST_VARS['submit']) )
} }
else if ( $username != $userdata['username'] || $mode == 'register' ) else if ( $username != $userdata['username'] || $mode == 'register' )
{ {
$result = validate_username($username); if (strtolower($username) != strtolower($userdata['username']))
if ( $result['error'] )
{ {
$error = TRUE; $result = validate_username($username);
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg']; if ( $result['error'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
}
} }
else
if (!$error)
{ {
$username_sql = "username = '" . str_replace("\'", "''", $username) . "', "; $username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
} }
@ -372,6 +368,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
} }
//??
if ( $website != '' ) if ( $website != '' )
{ {
rawurlencode($website); rawurlencode($website);
@ -398,10 +395,18 @@ if ( isset($HTTP_POST_VARS['submit']) )
} }
else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] ) else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] )
{ {
if ( @file_exists(@realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
{
@unlink('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']);
}
$avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl); $avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
} }
else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] ) else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
{ {
if ( @file_exists(@realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
{
@unlink('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']);
}
$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local); $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);
} }
else else
@ -644,38 +649,38 @@ if ( $error )
$password_confirm = ''; $password_confirm = '';
$icq = stripslashes($icq); $icq = stripslashes($icq);
$aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim))); $aim = str_replace('+', ' ', stripslashes($aim));
$msn = htmlspecialchars(stripslashes($msn)); $msn = stripslashes($msn);
$yim = htmlspecialchars(stripslashes($yim)); $yim = stripslashes($yim);
$website = htmlspecialchars(stripslashes($website)); $website = stripslashes($website);
$location = htmlspecialchars(stripslashes($location)); $location = stripslashes($location);
$occupation = htmlspecialchars(stripslashes($occupation)); $occupation = stripslashes($occupation);
$interests = htmlspecialchars(stripslashes($interests)); $interests = stripslashes($interests);
$signature = stripslashes($signature); $signature = stripslashes($signature);
$signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $signature) : $signature; $signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $signature) : $signature;
$user_lang = stripslashes($user_lang); $user_lang = stripslashes($user_lang);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat)); $user_dateformat = stripslashes($user_dateformat);
} }
else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) ) else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
{ {
$user_id = $userdata['user_id']; $user_id = $userdata['user_id'];
$username = htmlspecialchars($userdata['username']); $username = $userdata['username'];
$email = $userdata['user_email']; $email = $userdata['user_email'];
$new_password = ''; $new_password = '';
$password_confirm = ''; $password_confirm = '';
$icq = $userdata['user_icq']; $icq = $userdata['user_icq'];
$aim = htmlspecialchars(str_replace('+', ' ', $userdata['user_aim'])); $aim = str_replace('+', ' ', $userdata['user_aim']);
$msn = htmlspecialchars($userdata['user_msnm']); $msn = $userdata['user_msnm'];
$yim = htmlspecialchars($userdata['user_yim']); $yim = $userdata['user_yim'];
$website = htmlspecialchars($userdata['user_website']); $website = $userdata['user_website'];
$location = htmlspecialchars($userdata['user_from']); $location = $userdata['user_from'];
$occupation = htmlspecialchars($userdata['user_occ']); $occupation = $userdata['user_occ'];
$interests = htmlspecialchars($userdata['user_interests']); $interests = $userdata['user_interests'];
$signature_bbcode_uid = $userdata['user_sig_bbcode_uid']; $signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
$signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $userdata['user_sig']) : $userdata['user_sig']; $signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $userdata['user_sig']) : $userdata['user_sig'];
@ -695,7 +700,7 @@ else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) &&
$user_style = $userdata['user_style']; $user_style = $userdata['user_style'];
$user_lang = $userdata['user_lang']; $user_lang = $userdata['user_lang'];
$user_timezone = $userdata['user_timezone']; $user_timezone = $userdata['user_timezone'];
$user_dateformat = htmlspecialchars($userdata['user_dateformat']); $user_dateformat = $userdata['user_dateformat'];
} }
// //

79
phpBB/install.php
View file

@ -22,15 +22,6 @@
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
define('IN_PHPBB', true);
$phpbb_root_path='./';
include($phpbb_root_path.'extension.inc');
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
$userdata = array();
$lang = array();
$reinstall = false;
if( !get_magic_quotes_gpc() ) if( !get_magic_quotes_gpc() )
{ {
if( is_array($HTTP_GET_VARS) ) if( is_array($HTTP_GET_VARS) )
@ -94,6 +85,15 @@ if( !get_magic_quotes_gpc() )
} }
} }
define('IN_PHPBB', true);
$phpbb_root_path='./';
include($phpbb_root_path.'extension.inc');
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
$userdata = array();
$lang = array();
$reinstall = false;
/*************************************************************************** /***************************************************************************
* Install Customization Section * Install Customization Section
* *
@ -720,25 +720,25 @@ else
$sql_query = $remove_remarks($sql_query); $sql_query = $remove_remarks($sql_query);
$sql_query = split_sql_file($sql_query, $delimiter); $sql_query = split_sql_file($sql_query, $delimiter);
$sql_count = count($sql_query); for ($i = 0; $i < sizeof($sql_query); $i++)
for($i = 0; $i < $sql_count; $i++)
{ {
$result = $db->sql_query($sql_query[$i]); if (trim($sql_query[$i]) != '')
if( !$result )
{ {
$error = $db->sql_error(); if (!($result = $db->sql_query($sql_query[$i])))
{
$template->assign_block_vars("switch_error_install", array()); $error = $db->sql_error();
$template->assign_block_vars("switch_error_install", array());
$template->assign_vars(array( $template->assign_vars(array(
"L_ERROR_TITLE" => $lang['Installer_Error'], "L_ERROR_TITLE" => $lang['Installer_Error'],
"L_ERROR" => $lang['Install_db_error'] . '<br />' . $error['message']) "L_ERROR" => $lang['Install_db_error'] . '<br />' . $error['message'])
); );
$template->pparse('body'); $template->pparse('body');
exit; exit;
}
} }
} }
@ -751,25 +751,25 @@ else
$sql_query = $remove_remarks($sql_query); $sql_query = $remove_remarks($sql_query);
$sql_query = split_sql_file($sql_query, $delimiter_basic); $sql_query = split_sql_file($sql_query, $delimiter_basic);
$sql_count = count($sql_query); for($i = 0; $i < sizeof($sql_query); $i++)
for($i = 0; $i < $sql_count; $i++)
{ {
$result = $db->sql_query($sql_query[$i]); if (trim($sql_query[$i]) != '')
if( !$result )
{ {
$error = $db->sql_error(); if (!($result = $db->sql_query($sql_query[$i])))
{
$template->assign_block_vars("switch_error_install", array()); $error = $db->sql_error();
$template->assign_block_vars("switch_error_install", array());
$template->assign_vars(array( $template->assign_vars(array(
"L_ERROR_TITLE" => $lang['Installer_Error'], "L_ERROR_TITLE" => $lang['Installer_Error'],
"L_ERROR" => $lang['Install_db_error'] . "<br />" . $error["message"]) "L_ERROR" => $lang['Install_db_error'] . "<br />" . $error["message"])
); );
$template->pparse('body'); $template->pparse('body');
exit; exit;
}
} }
} }
} }
@ -781,7 +781,7 @@ else
// this we are going to pass them over to the admin_forum.php script // this we are going to pass them over to the admin_forum.php script
// to set up their forum defaults. // to set up their forum defaults.
// //
$error = ""; $error = '';
// //
// Update the default admin user with their information. // Update the default admin user with their information.
@ -862,6 +862,8 @@ else
$error .= "Could not update user_regdate :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />"; $error .= "Could not update user_regdate :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
} }
/*
// Disabled in 2.0.4 ... too many issues with MAX ROWS
// //
// Change session table to HEAP if MySQL version matches // Change session table to HEAP if MySQL version matches
// //
@ -881,6 +883,7 @@ else
} }
} }
} }
*/
if( $error != "" ) if( $error != "" )
{ {

68
phpBB/memberlist.php
View file

@ -35,6 +35,15 @@ init_userprefs($userdata);
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
}
else
{
$mode = 'joined';
}
if(isset($HTTP_POST_VARS['order'])) if(isset($HTTP_POST_VARS['order']))
{ {
$sort_order = ($HTTP_POST_VARS['order'] == 'ASC') ? 'ASC' : 'DESC'; $sort_order = ($HTTP_POST_VARS['order'] == 'ASC') ? 'ASC' : 'DESC';
@ -104,41 +113,32 @@ $template->assign_vars(array(
'S_MODE_ACTION' => append_sid("memberlist.$phpEx")) 'S_MODE_ACTION' => append_sid("memberlist.$phpEx"))
); );
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) switch( $mode )
{ {
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; case 'joined':
$order_by = "user_regdate ASC LIMIT $start, " . $board_config['topics_per_page'];
switch( $mode ) break;
{ case 'username':
case 'joined': $order_by = "username $sort_order LIMIT $start, " . $board_config['topics_per_page'];
$order_by = "user_regdate ASC LIMIT $start, " . $board_config['topics_per_page']; break;
break; case 'location':
case 'username': $order_by = "user_from $sort_order LIMIT $start, " . $board_config['topics_per_page'];
$order_by = "username $sort_order LIMIT $start, " . $board_config['topics_per_page']; break;
break; case 'posts':
case 'location': $order_by = "user_posts $sort_order LIMIT $start, " . $board_config['topics_per_page'];
$order_by = "user_from $sort_order LIMIT $start, " . $board_config['topics_per_page']; break;
break; case 'email':
case 'posts': $order_by = "user_email $sort_order LIMIT $start, " . $board_config['topics_per_page'];
$order_by = "user_posts $sort_order LIMIT $start, " . $board_config['topics_per_page']; break;
break; case 'website':
case 'email': $order_by = "user_website $sort_order LIMIT $start, " . $board_config['topics_per_page'];
$order_by = "user_email $sort_order LIMIT $start, " . $board_config['topics_per_page']; break;
break; case 'topten':
case 'website': $order_by = "user_posts $sort_order LIMIT 10";
$order_by = "user_website $sort_order LIMIT $start, " . $board_config['topics_per_page']; break;
break; default:
case 'topten': $order_by = "user_regdate $sort_order LIMIT $start, " . $board_config['topics_per_page'];
$order_by = "user_posts DESC LIMIT 10"; break;
break;
default:
$order_by = "user_regdate $sort_order LIMIT $start, " . $board_config['topics_per_page'];
break;
}
}
else
{
$order_by = "user_regdate $sort_order LIMIT $start, " . $board_config['topics_per_page'];
} }
$sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_avatar, user_avatar_type, user_allowavatar $sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_avatar, user_avatar_type, user_allowavatar

10
phpBB/posting.php
View file

@ -403,13 +403,13 @@ else
$smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] ); $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? $board_config['allow_smilies'] : $userdata['user_allowsmile'] );
} }
if ( $submit || $refresh ) if ( ($submit || $refresh) && $is_auth['auth_read'])
{ {
$notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0; $notify_user = ( !empty($HTTP_POST_VARS['notify']) ) ? TRUE : 0;
} }
else else
{ {
if ( $mode != 'newtopic' && $userdata['session_logged_in'] ) if ( $mode != 'newtopic' && $userdata['session_logged_in'] && $is_auth['auth_read'] )
{ {
$sql = "SELECT topic_id $sql = "SELECT topic_id
FROM " . TOPICS_WATCH_TABLE . " FROM " . TOPICS_WATCH_TABLE . "
@ -424,7 +424,7 @@ else
} }
else else
{ {
$notify_user = ( $userdata['session_logged_in'] ) ? $userdata['user_notify'] : 0; $notify_user = ( $userdata['session_logged_in'] && $is_auth['auth_read'] ) ? $userdata['user_notify'] : 0;
} }
} }
@ -879,7 +879,7 @@ if( !$userdata['session_logged_in'] || ( $mode == 'editpost' && $post_info['post
// //
// Notify checkbox - only show if user is logged in // Notify checkbox - only show if user is logged in
// //
if ( $userdata['session_logged_in'] ) if ( $userdata['session_logged_in'] && $is_auth['auth_read'] )
{ {
if ( $mode != 'editpost' || ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) ) if ( $mode != 'editpost' || ( $mode == 'editpost' && $post_info['poster_id'] != ANONYMOUS ) )
{ {
@ -1104,7 +1104,7 @@ if( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
// //
// Topic review // Topic review
// //
if( $mode == 'reply' ) if( $mode == 'reply' && $is_auth['auth_read'] )
{ {
require($phpbb_root_path . 'includes/topic_review.'.$phpEx); require($phpbb_root_path . 'includes/topic_review.'.$phpEx);
topic_review($topic_id, true); topic_review($topic_id, true);