apply correct check for hiding session

git-svn-id: file:///svn/phpbb/trunk@7151 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/functions.php

@@ -2013,7 +2013,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 		$username	= request_var('username', '', true);
 		$password	= request_var('password', '', true);
 		$autologin	= (!empty($_POST['autologin'])) ? true : false;
-		$viewonline = (!empty($_POST['viewonline']) && $auth->acl_get('u_hideonline')) ? 0 : 1;
+		$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
 		$admin 		= ($admin) ? 1 : 0;
 		$viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline;
 
@@ -2063,6 +2063,24 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 			// append/replace SID (may change during the session for AOL users)
 			$redirect = reapply_sid($redirect);
 
+			// Make sure the user is able to hide his session
+			if (!$viewonline)
+			{
+				$check_auth = new auth();
+				$check_auth->acl($user->data);
+
+				// Reset online status if not allowed to hide the session...
+				if (!$check_auth->acl_get('u_hideonline'))
+				{
+					$sql = 'UPDATE ' . SESSIONS_TABLE . '
+						SET session_viewonline = 1
+						WHERE session_user_id = ' . $user->data['user_id'];
+					$db->sql_query($sql);
+				}
+
+				unset($check_auth);
+			}
+
 			// Special case... the user is effectively banned, but we allow founders to login
 			if (defined('IN_CHECK_BAN') && $result['user_row']['user_type'] != USER_FOUNDER)
 			{
@@ -2169,7 +2187,6 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 
 		'S_DISPLAY_FULL_LOGIN'	=> ($s_display) ? true : false,
 		'S_AUTOLOGIN_ENABLED'	=> ($config['allow_autologin']) ? true : false,
-		'S_ALLOW_HIDE_ONLINE'	=> ($auth->acl_get('u_hideonline')) ? true : false,
 		'S_LOGIN_ACTION'		=> (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory
 		'S_HIDDEN_FIELDS' 		=> $s_hidden_fields,
 

phpBB/install/install_update.php

@@ -411,12 +411,14 @@ class install_update extends module
 
 				if ($all_up_to_date)
 				{
-					$db->sql_query('DELETE FROM ' . CONFIG_TABLE . " WHERE config_name = 'version_update_from'");
-
 					// Add database update to log
 					add_log('admin', 'LOG_UPDATE_PHPBB', $this->current_version, $this->latest_version);
 
 					$cache->purge();
+
+					$db->sql_return_on_error(true);
+					$db->sql_query('DELETE FROM ' . CONFIG_TABLE . " WHERE config_name = 'version_update_from'");
+					$db->sql_return_on_error(false);
 				}
 
 			break;

phpBB/styles/subSilver/template/login_body.html

@@ -56,12 +56,10 @@
 				<td><input type="checkbox" class="radio" name="autologin" tabindex="3" /> <span class="gensmall">{L_LOG_ME_IN}</span></td>
 			</tr>
 			<!-- ENDIF -->
-			<!-- IF S_ALLOW_HIDE_ONLINE -->
 			<tr>
 				<td>&nbsp;</td>
 				<td><input type="checkbox" class="radio" name="viewonline" tabindex="4" /> <span class="gensmall">{L_HIDE_ME}</span></td>
 			</tr>
-			<!-- ENDIF -->
 		<!-- ENDIF -->
 		</table>
 	</td>

phpBB/viewforum.php

@@ -156,7 +156,6 @@ if (!$auth->acl_get('f_read', $forum_id))
 
 		'S_NO_READ_ACCESS'		=> true,
 		'S_AUTOLOGIN_ENABLED'	=> ($config['allow_autologin']) ? true : false,
-		'S_ALLOW_HIDE_ONLINE'	=> ($auth->acl_get('u_hideonline')) ? true : false,
 		'S_LOGIN_ACTION'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') . '&redirect=' . urlencode(str_replace('&', '&', build_url(array('_f_')))),
 	));