From 9e270489eb1dfbb59f176dd2abdb10f94055265a Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Fri, 11 May 2007 12:25:28 +0000 Subject: [PATCH] We do not support nesting code tags - #10763 #10741 Confirm box on pruning forums - #10619 Not stripping empty lines on parsing messages - #10579 Remove reports alongside with users - #10501 git-svn-id: file:///svn/phpbb/trunk@7527 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/acp/acp_prune.php | 161 +++++++++++++++++------------- phpBB/includes/acp/acp_styles.php | 1 + phpBB/includes/functions_user.php | 59 +++++++++++ phpBB/includes/message_parser.php | 134 +++++++++---------------- phpBB/install/install_install.php | 7 +- phpBB/language/en/acp/prune.php | 1 + 6 files changed, 203 insertions(+), 160 deletions(-) diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php index 97d452a400..e4defd9d42 100644 --- a/phpBB/includes/acp/acp_prune.php +++ b/phpBB/includes/acp/acp_prune.php @@ -67,87 +67,106 @@ class acp_prune if ($submit) { - $prune_posted = request_var('prune_days', 0); - $prune_viewed = request_var('prune_vieweddays', 0); - $prune_all = (!$prune_posted && !$prune_viewed) ? true : false; - - $prune_flags = 0; - $prune_flags += (request_var('prune_old_polls', 0)) ? 2 : 0; - $prune_flags += (request_var('prune_announce', 0)) ? 4 : 0; - $prune_flags += (request_var('prune_sticky', 0)) ? 8 : 0; - - // Convert days to seconds for timestamp functions... - $prunedate_posted = time() - ($prune_posted * 86400); - $prunedate_viewed = time() - ($prune_viewed * 86400); - - $template->assign_vars(array( - 'S_PRUNED' => true) - ); - - $sql_forum = (sizeof($forum_id)) ? ' AND ' . $db->sql_in_set('forum_id', $forum_id) : ''; - - // Get a list of forum's or the data for the forum that we are pruning. - $sql = 'SELECT forum_id, forum_name - FROM ' . FORUMS_TABLE . ' - WHERE forum_type = ' . FORUM_POST . " - $sql_forum - ORDER BY left_id ASC"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) + if (confirm_box(true)) { - $prune_ids = array(); - $p_result['topics'] = 0; - $p_result['posts'] = 0; - $log_data = ''; + $prune_posted = request_var('prune_days', 0); + $prune_viewed = request_var('prune_vieweddays', 0); + $prune_all = (!$prune_posted && !$prune_viewed) ? true : false; - do + $prune_flags = 0; + $prune_flags += (request_var('prune_old_polls', 0)) ? 2 : 0; + $prune_flags += (request_var('prune_announce', 0)) ? 4 : 0; + $prune_flags += (request_var('prune_sticky', 0)) ? 8 : 0; + + // Convert days to seconds for timestamp functions... + $prunedate_posted = time() - ($prune_posted * 86400); + $prunedate_viewed = time() - ($prune_viewed * 86400); + + $template->assign_vars(array( + 'S_PRUNED' => true) + ); + + $sql_forum = (sizeof($forum_id)) ? ' AND ' . $db->sql_in_set('forum_id', $forum_id) : ''; + + // Get a list of forum's or the data for the forum that we are pruning. + $sql = 'SELECT forum_id, forum_name + FROM ' . FORUMS_TABLE . ' + WHERE forum_type = ' . FORUM_POST . " + $sql_forum + ORDER BY left_id ASC"; + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) { - if (!$auth->acl_get('f_list', $row['forum_id'])) + $prune_ids = array(); + $p_result['topics'] = 0; + $p_result['posts'] = 0; + $log_data = ''; + + do { - continue; - } - - if ($prune_all) - { - $p_result = prune($row['forum_id'], 'posted', time(), $prune_flags, false); - } - else - { - if ($prune_posted) + if (!$auth->acl_get('f_list', $row['forum_id'])) { - $return = prune($row['forum_id'], 'posted', $prunedate_posted, $prune_flags, false); - $p_result['topics'] += $return['topics']; - $p_result['posts'] += $return['posts']; + continue; } + + if ($prune_all) + { + $p_result = prune($row['forum_id'], 'posted', time(), $prune_flags, false); + } + else + { + if ($prune_posted) + { + $return = prune($row['forum_id'], 'posted', $prunedate_posted, $prune_flags, false); + $p_result['topics'] += $return['topics']; + $p_result['posts'] += $return['posts']; + } + + if ($prune_viewed) + { + $return = prune($row['forum_id'], 'viewed', $prunedate_viewed, $prune_flags, false); + $p_result['topics'] += $return['topics']; + $p_result['posts'] += $return['posts']; + } + } + + $prune_ids[] = $row['forum_id']; + + $template->assign_block_vars('pruned', array( + 'FORUM_NAME' => $row['forum_name'], + 'NUM_TOPICS' => $p_result['topics'], + 'NUM_POSTS' => $p_result['posts']) + ); - if ($prune_viewed) - { - $return = prune($row['forum_id'], 'viewed', $prunedate_viewed, $prune_flags, false); - $p_result['topics'] += $return['topics']; - $p_result['posts'] += $return['posts']; - } + $log_data .= (($log_data != '') ? ', ' : '') . $row['forum_name']; } - - $prune_ids[] = $row['forum_id']; - - $template->assign_block_vars('pruned', array( - 'FORUM_NAME' => $row['forum_name'], - 'NUM_TOPICS' => $p_result['topics'], - 'NUM_POSTS' => $p_result['posts']) - ); - - $log_data .= (($log_data != '') ? ', ' : '') . $row['forum_name']; + while ($row = $db->sql_fetchrow($result)); + + // Sync all pruned forums at once + sync('forum', 'forum_id', $prune_ids, true, true); + add_log('admin', 'LOG_PRUNE', $log_data); } - while ($row = $db->sql_fetchrow($result)); - - // Sync all pruned forums at once - sync('forum', 'forum_id', $prune_ids, true, true); - add_log('admin', 'LOG_PRUNE', $log_data); - } - $db->sql_freeresult($result); + $db->sql_freeresult($result); - return; + return; + } + else + { + confirm_box(false, $user->lang['PRUNE_FORUM_CONFIRM'], build_hidden_fields(array( + 'i' => $id, + 'mode' => $mode, + 'submit' => 1, + 'all_forums' => $all_forums, + 'f' => $forum_id, + + 'prune_days' => request_var('prune_days', 0), + 'prune_vieweddays' => request_var('prune_vieweddays', 0), + 'prune_old_polls' => request_var('prune_old_polls', 0), + 'prune_announce' => request_var('prune_announce', 0), + 'prune_sticky' => request_var('prune_sticky', 0), + ))); + } } // If they haven't selected a forum for pruning yet then diff --git a/phpBB/includes/acp/acp_styles.php b/phpBB/includes/acp/acp_styles.php index 12b1507b01..61d7d51efc 100644 --- a/phpBB/includes/acp/acp_styles.php +++ b/phpBB/includes/acp/acp_styles.php @@ -967,6 +967,7 @@ parse_css_file = {PARSE_CSS_FILE} foreach ($file_ary as $file) { + $file = str_replace('/', '.', $file); $filename = "{$cache_prefix}_$file.html.$phpEx"; $template->assign_block_vars('file', array( diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 0dab76e7c0..87e88f5ac2 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -293,6 +293,65 @@ function user_delete($mode, $user_id, $post_username = false) $db->sql_transaction('begin'); + // Before we begin, we will remove the reports the user issued. + $sql = 'SELECT r.post_id, p.topic_id + FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p + WHERE r.user_id = ' . $user_id . ' + AND p.post_id = r.post_id'; + $result = $db->sql_query($sql); + + $report_posts = $report_topics = array(); + while ($row = $db->sql_fetchrow($result)) + { + $report_posts[] = $row['post_id']; + $report_topics[] = $row['topic_id']; + } + $db->sql_freeresult($result); + + if (sizeof($report_posts)) + { + $report_posts = array_unique($report_posts); + $report_topics = array_unique($report_topics); + + // Get a list of topics that still contain reported posts + $sql = 'SELECT DISTINCT topic_id + FROM ' . POSTS_TABLE . ' + WHERE ' . $db->sql_in_set('topic_id', $report_topics) . ' + AND post_reported = 1 + AND ' . $db->sql_in_set('post_id', $report_posts, true); + $result = $db->sql_query($sql); + + $keep_report_topics = array(); + while ($row = $db->sql_fetchrow($result)) + { + $keep_report_topics[] = $row['topic_id']; + } + $db->sql_freeresult($result); + + if (sizeof($keep_report_topics)) + { + $report_topics = array_diff($report_topics, $keep_report_topics); + } + unset($keep_report_topics); + + // Now set the flags back + $sql = 'UPDATE ' . POSTS_TABLE . ' + SET post_reported = 0 + WHERE ' . $db->sql_in_set('post_id', $report_posts); + $db->sql_query($sql); + + if (sizeof($report_topics)) + { + $sql = 'UPDATE ' . TOPICS_TABLE . ' + SET topic_reported = 0 + WHERE ' . $db->sql_in_set('topic_id', $report_topics); + $db->sql_query($sql); + } + } + + // Remove reports + $db->sql_query('DELETE FROM ' . REPORTS_TABLE . ' WHERE user_id = ' . $user_id); + switch ($mode) { case 'retain': diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index fee8b88d8c..39489250d7 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -374,107 +374,73 @@ class bbcode_firstpass extends bbcode // Having it here saves us one preg_replace per message containing [code] blocks // Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too... $htm_match = get_preg_expression('bbcode_htm'); -// $htm_match[3] = '/&#([0-9]+);/'; unset($htm_match[4], $htm_match[5]); - - $htm_replace = array('\1', '\1', '\2', '\1'); //, '&#\1;'); + $htm_replace = array('\1', '\1', '\2', '\1'); $out = ''; - do + // Strip the last [/code] block from $in + $code = substr($in, 0, -7); + $code = preg_replace($htm_match, $htm_replace, $code); + + switch (strtolower($stx)) { - $pos = stripos($in, '[/code]') + 7; - $code = substr($in, 0, $pos); - $in = substr($in, $pos); - - // $code contains everything that was between code tags (including the ending tag) but we're trying to grab as much extra text as possible, as long as it does not contain open [code] tags - while ($in) - { - $pos = stripos($in, '[/code]') + 7; - $buffer = substr($in, 0, $pos); + case 'php': - if (preg_match('#\[code(?:=([a-z]+))?\]#i', $buffer)) + $remove_tags = false; + $code = str_replace(array('<', '>'), array('<', '>'), $code); + + if (!preg_match('/\<\?.*?\?\>/is', $code)) { - break; + $remove_tags = true; + $code = ""; } - else + + $conf = array('highlight.bg', 'highlight.comment', 'highlight.default', 'highlight.html', 'highlight.keyword', 'highlight.string'); + foreach ($conf as $ini_var) { - $in = substr($in, $pos); - $code .= $buffer; + @ini_set($ini_var, str_replace('highlight.', 'syntax', $ini_var)); } - } - $code = substr($code, 0, -7); -// $code = preg_replace('#^[\r\n]*(.*?)[\n\r\s\t]*$#s', '$1', $code); - $code = preg_replace($htm_match, $htm_replace, $code); + // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results + $code = htmlspecialchars_decode($code); + $code = highlight_string($code, true); - switch (strtolower($stx)) - { - case 'php': + $str_from = array('', '', '','[', ']', '.', ':'); + $str_to = array('', '', '', '[', ']', '.', ':'); - $remove_tags = false; - $code = str_replace(array('<', '>'), array('<', '>'), $code); + if ($remove_tags) + { + $str_from[] = '<?php '; + $str_to[] = ''; + $str_from[] = '<?php '; + $str_to[] = ''; + } - if (!preg_match('/\<\?.*?\?\>/is', $code)) - { - $remove_tags = true; - $code = ""; - } + $code = str_replace($str_from, $str_to, $code); + $code = preg_replace('#^()\n?(.*?)\n?()$#is', '$1$2$3', $code); - $conf = array('highlight.bg', 'highlight.comment', 'highlight.default', 'highlight.html', 'highlight.keyword', 'highlight.string'); - foreach ($conf as $ini_var) - { - @ini_set($ini_var, str_replace('highlight.', 'syntax', $ini_var)); - } + if ($remove_tags) + { + $code = preg_replace('#()?\?>#', '', $code); + } - // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results - $code = htmlspecialchars_decode($code); - $code = highlight_string($code, true); + $code = preg_replace('#^(.*)#s', '$2', $code); + $code = preg_replace('#(?:[\n\r\s\t]| )*$#u', '', $code); - $str_from = array('', '', '','[', ']', '.', ':'); - $str_to = array('', '', '', '[', ']', '.', ':'); + // remove newline at the end + if (!empty($code) && $code[strlen($code) - 1] == "\n") + { + $code = substr($code, 0, -1); + } - if ($remove_tags) - { - $str_from[] = '<?php '; - $str_to[] = ''; - $str_from[] = '<?php '; - $str_to[] = ''; - } + $out .= "[code=$stx:" . $this->bbcode_uid . ']' . $code . '[/code:' . $this->bbcode_uid . ']'; + break; - $code = str_replace($str_from, $str_to, $code); - $code = preg_replace('#^()\n?(.*?)\n?()$#is', '$1$2$3', $code); - - if ($remove_tags) - { - $code = preg_replace('#()?\?>#', '', $code); - } - - $code = preg_replace('#^(.*)#s', '$2', $code); - $code = preg_replace('#(?:[\n\r\s\t]| )*$#u', '', $code); - - // remove newline at the end - if (!empty($code) && $code[strlen($code) - 1] == "\n") - { - $code = substr($code, 0, -1); - } - - $out .= "[code=$stx:" . $this->bbcode_uid . ']' . $code . '[/code:' . $this->bbcode_uid . ']'; - break; - - default: - $out .= '[code:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($code) . '[/code:' . $this->bbcode_uid . ']'; - break; - } - - if (preg_match('#(.*?)\[code(?:=([a-z]+))?\](.+)#is', $in, $m)) - { - $out .= $m[1]; - $stx = $m[2]; - $in = $m[3]; - } + default: + $out .= '[code:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($code) . '[/code:' . $this->bbcode_uid . ']'; + break; } - while ($in); return $out; } @@ -979,10 +945,8 @@ class parse_message extends bbcode_firstpass // Do some general 'cleanup' first before processing message, // e.g. remove excessive newlines(?), smilies(?) - // Transform \r\n and \r into \n - // TODO: Second regex looks wrong... - $match = array('#\r\n?#', "#(\n\s+){3,}#u", '#(script|about|applet|activex|chrome):#i'); - $replace = array("\n", "\n\n", "\\1:"); + $match = array('#(script|about|applet|activex|chrome):#i'); + $replace = array("\\1:"); $this->message = preg_replace($match, $replace, trim($this->message)); // Message length check. -1 disables this check completely. diff --git a/phpBB/install/install_install.php b/phpBB/install/install_install.php index 3d6646df94..9f5f5d771a 100755 --- a/phpBB/install/install_install.php +++ b/phpBB/install/install_install.php @@ -1304,12 +1304,11 @@ class install_install extends module SET forum_last_post_time = $current_time", ); - if (!@extension_loaded('gd')) + if (@extension_loaded('gd') || can_load_dll('gd')) { - can_load_dll('gd'); $sql_ary[] = 'UPDATE ' . $table_prefix . "config - SET config_value = '1' - WHERE config_name = 'captcha_gd'"; + SET config_value = '1' + WHERE config_name = 'captcha_gd'"; } // We set a (semi-)unique cookie name to bypass login issues related to the cookie name. diff --git a/phpBB/language/en/acp/prune.php b/phpBB/language/en/acp/prune.php index c2398fe042..6172602f9f 100644 --- a/phpBB/language/en/acp/prune.php +++ b/phpBB/language/en/acp/prune.php @@ -72,6 +72,7 @@ $lang = array_merge($lang, array( 'PRUNE_ANNOUNCEMENTS' => 'Prune announcements', 'PRUNE_FINISHED_POLLS' => 'Prune closed polls', 'PRUNE_FINISHED_POLLS_EXPLAIN' => 'Removes topics with polls which have ended.', + 'PRUNE_FORUM_CONFIRM' => 'Are you sure you want to prune the selected forums with the settings specified? Once removed, there is no way to recover the pruned posts and topics.', 'PRUNE_NOT_POSTED' => 'Days since last posted', 'PRUNE_NOT_VIEWED' => 'Days since last viewed', 'PRUNE_OLD_POLLS' => 'Prune old polls',