More attempts at breaking source

git-svn-id: file:///svn/phpbb/trunk@4072 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-27 21:58:52 +00:00 · 2003-06-02 17:27:38 +00:00 · 2003-06-02 17:27:38 +00:00 · 9eaf76dc83
commit 9eaf76dc83
parent 3d6d86d995
5 changed files with 40 additions and 52 deletions
--- a/phpBB/includes/ucp/ucp_prefs.php
+++ b/phpBB/includes/ucp/ucp_prefs.php
@ -156,7 +156,7 @@ class ucp_prefs extends ucp
 							'user_viewsmilies'	=> $data['smilies'],
 							'user_viewsigs'		=> $data['sigs'],
 							'user_viewavatars'	=> $data['avatars'],
-							'user_viewcensors'	=> $data['wordcensor'],
+							'user_viewcensors'	=> ($auth->acl_get('u_chgcensors')) ? $data['wordcensor'] : $user->data['user_viewcensors'],
 							'user_sortby_type'	=> $data['sk'],
 							'user_sortby_dir'	=> $data['sd'],
 							'user_show_days'	=> $data['st'],
@ -222,9 +222,10 @@ class ucp_prefs extends ucp
 					'VIEW_SIGS_NO'			=> $sigs_no, 
 					'VIEW_AVATARS_YES'		=> $avatars_yes, 
 					'VIEW_AVATARS_NO'		=> $avatars_no,
-					'DISABLE_CENSORS_YES'=> $wordcensor_yes, 
-					'DISABLE_CENSORS_NO'=> $wordcensor_no,
+					'DISABLE_CENSORS_YES'	=> $wordcensor_yes, 
+					'DISABLE_CENSORS_NO'	=> $wordcensor_no,

+					'S_CHANGE_CENSORS'		=> ($auth->acl_get('u_chgcensors')) ? true : false, 
 					'S_SELECT_SORT_DAYS'	=> $s_limit_days,
 					'S_SELECT_SORT_KEY'		=> $s_sort_key, 
 					'S_SELECT_SORT_DIR'		=> $s_sort_dir)
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@ -78,9 +78,9 @@ class ucp_profile extends ucp
 					if (!sizeof($this->error))
 					{
 						$sql_ary = array(
-							'username'		=> ($auth->acl_get('u_chgname') & $config['allow_namechange']) ? $data['username'] : $user->data['username'], 
+							'username'		=> ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'], 
 							'user_email'	=> ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'], 
-							'user_password'	=> (!empty($data['user_password'])) ? md5($data['username']) : $user->data['user_password']
+							'user_password'	=> ($auth->acl_get('u_chgpasswd') && !empty($data['user_password'])) ? md5($data['username']) : $user->data['user_password']
 						);

 						$sql = 'UPDATE ' . USERS_TABLE . ' 
@ -118,9 +118,9 @@ class ucp_profile extends ucp
 					'L_USERNAME_EXPLAIN'		=> sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 
 					'L_CHANGE_PASSWORD_EXPLAIN'	=> sprintf($user->lang['CHANGE_PASSWORD_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 
 				
-					'S_CHANGE_USERNAME' => $config['allow_namechange'] & $auth->acl_get('u_chgname'), 
-					'S_CHANGE_EMAIL'	=> $auth->acl_get('u_chgemail'),
-					'S_CHANGE_PASSWORD'	=> $auth->acl_get('u_chgpass'), )
+					'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false, 
+					'S_CHANGE_EMAIL'	=> ($auth->acl_get('u_chgemail')) ? true : false,
+					'S_CHANGE_PASSWORD'	=> ($auth->acl_get('u_chgpasswd')) ? true : false)
 				);

 				break;
@ -346,14 +346,18 @@ class ucp_profile extends ucp

 			case 'avatar':

+				// Can we upload? 
+				$can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || @ini_get('file_uploads') == 'On')) ? true : false;
+
+
 				if (isset($_POST['submit']))
 				{
 					$data = array();
-					if (!empty($_FILES['uploadfile']['tmp_name']))
+					if (!empty($_FILES['uploadfile']['tmp_name']) && $can_upload)
 					{
 						$this->avatar_upload($data);
 					}
-					else if (!empty($_POST['uploadurl']))
+					else if (!empty($_POST['uploadurl']) && $can_upload)
 					{
 						$normalise = array(
 							'string' => array(
@ -364,7 +368,7 @@ class ucp_profile extends ucp

 						$this->avatar_upload($data);
 					}
-					else if (!empty($_POST['remotelink']))
+					else if (!empty($_POST['remotelink']) && $auth->acl_get('u_chgavatar') && $config['allow_avatar_remote'])
 					{
 						$normalise = array(
 							'string' => array(
@ -377,7 +381,7 @@ class ucp_profile extends ucp

 						$this->avatar_remote($data);
 					}
-					else if (!empty($_POST['delete']))
+					else if (!empty($_POST['delete']) && $auth->acl_get('u_chgavatar'))
 					{
 						$data['filename'] = $data['width'] = $data['height'] = '';
 					}
@ -416,25 +420,8 @@ class ucp_profile extends ucp
 					unset($data);
 				}

-/*
-				for ($i = 0; $i < count($avatar_images[$category]); $i++)
-				{
-					$template->assign_block_vars('avatar_row', array());
-
-					for ($j = 0; $j < count($avatar_images[$category][$i]); $j++)
-					{
-						$template->assign_block_vars('avatar_row.avatar_column', array(
-							'AVATAR_IMAGE'		=> $config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j],
-							'AVATAR_NAME'		=> $avatar_name[$category][$i][$j])
-						);
-
-						$template->assign_block_vars('avatar_row.avatar_option_column', array(
-							'S_OPTIONS_AVATAR'	=> $avatar_images[$category][$i][$j])
-						);
-					}
-				}
-*/

+				// Generate users avatar
 				$avatar_img = '';
 				if ($user->data['user_avatar'])
 				{
@ -452,6 +439,7 @@ class ucp_profile extends ucp
 					$avatar_img = '<img src="' . $avatar_img . '" width="' . $user->data['user_avatar_width'] . '" height="' . $user->data['user_avatar_height'] . '" border="0" alt="" />';
 				}

+
 				$template->assign_vars(array(
 					'ERROR'			=> (sizeof($this->error)) ? implode('<br />', $this->error) : '', 

@ -464,19 +452,16 @@ class ucp_profile extends ucp

 					'L_AVATAR_EXPLAIN'	=> sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)), 

-					'S_FORM_ENCTYPE'		=> ' enctype="multipart/form-data"', 
-					'S_UPLOAD_AVATAR_FILE'	=> true,
-					'S_UPLOAD_AVATAR_URL'	=> true, 
-					'S_LINK_AVATAR'			=> true, 
-					'S_GALLERY_AVATAR'		=> false,
+					'S_FORM_ENCTYPE'		=> $can_upload ? ' enctype="multipart/form-data"' : '', 
+					'S_UPLOAD_AVATAR_FILE'	=> $can_upload,
+					'S_UPLOAD_AVATAR_URL'	=> $can_upload, 
+					'S_LINK_AVATAR'			=> ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false, 
+					'S_GALLERY_AVATAR'		=> ($auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) ? true : false,
 					'S_AVATAR_CAT_OPTIONS'	=> $s_categories, 
 					'S_AVATAR_PAGE_OPTIONS'	=> $s_pages,)
 				);

 				break;
-
-			default: 
-				break;
 		}

 		$template->assign_vars(array(
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@ -81,7 +81,7 @@ class ucp_register extends ucp
 					'email'				=> '7,60', 
 					'email_confirm'		=> '7,60',
 				),
-				'int'	=> array('tz')
+				'float'	=> array('tz')
 			);
 			$data = $this->normalise_data($_POST, $normalise);

--- a/phpBB/templates/subSilver/ucp_prefs.html
+++ b/phpBB/templates/subSilver/ucp_prefs.html
@ -99,10 +99,12 @@
 				<td class="row1"><b class="genmed">{L_VIEW_AVATARS}:</b></td>
 				<td class="row2"><input type="radio" name="avatars" value="1"{VIEW_AVATARS_YES} /><span class="gen">{L_YES}</span>&nbsp; &nbsp;<input type="radio" name="avatars" value="0"{VIEW_AVATARS_NO} /><span class="gen">{L_NO}</span></td>
 			</tr>
+			<!-- IF S_CHANGE_CENSORS -->
 			<tr> 
 				<td class="row1"><b class="genmed">{L_DISABLE_CENSORS}:</b></td>
 				<td class="row2"><input type="radio" name="wordcensor" value="1"{DISABLE_CENSORS_YES} /><span class="gen">{L_YES}</span>&nbsp; &nbsp;<input type="radio" name="wordcensor" value="0"{DISABLE_CENSORS_NO} /><span class="gen">{L_NO}</span></td>
 			</tr>
+			<!-- ENDIF -->
 			<tr> 
 				<td class="row1"><b class="genmed">{L_VIEW_TOPICS_DAYS}:</b></td>
 				<td class="row2">{S_SELECT_SORT_DAYS}</td>
--- a/phpBB/templates/subSilver/ucp_profile.html
+++ b/phpBB/templates/subSilver/ucp_profile.html
@ -4,7 +4,7 @@
 	<tr> 
 		<td width="20%" height="100%"><table width="100%" height="100%" cellspacing="1" cellpadding="4" border="0">
 			<tr>
-				<th>{L_OPTIONS}</th>
+				<th>{L_UCP_OPTIONS}</th>
 			</tr>
 			<!-- BEGIN ucp_subsection -->
 			<tr>
@ -59,12 +59,12 @@
 				<td class="row1"><b class="genmed">{L_CONFIRM_PASSWORD}: </b><br /><span class="gensmall">{L_CONFIRM_PASSWORD_EXPLAIN}</span></td>
 				<td class="row2"><input type="password" class="post" name="password_confirm" size="30" maxlength="255" value="{PASSWORD_CONFIRM}" /></td>
 			</tr>
+			<!-- ENDIF -->
 			<tr> 
 				<td class="row1"><b class="genmed">{L_CURRENT_PASSWORD}: </b><br /><span class="gensmall">{L_CURRENT_PASSWORD_EXPLAIN}</span></td>
 				<td class="row2"><input type="password" class="post" name="cur_password" size="30" maxlength="255" value="{CUR_PASSWORD}" /></td>
 			</tr>
 			<!-- ENDIF -->
-			<!-- ENDIF -->

 			<!-- IF S_DISPLAY_PROFILE_INFO -->
 			<tr> 
@ -211,7 +211,7 @@
 			<!-- IF S_DISPLAY_AVATAR -->
 			<tr> 
 				<td class="row1" width="50%"><b class="genmed">{L_CURRENT_IMAGE}: </b><br /><span class="gensmall">{L_AVATAR_EXPLAIN}</span></td>
-				<td class="row2" align="center">{AVATAR}<br /><input type="checkbox" name="delete" />&nbsp;<span class="gensmall">{L_DELETE_AVATAR}</span></td>
+				<td class="row2" align="center"><br /><!-- IF AVATAR -->{AVATAR}<!-- ELSE --><img src="templates/subSilver/images/no_avatar.gif" alt="" /><!-- ENDIF --><br /><br /><input type="checkbox" name="delete" />&nbsp;<span class="gensmall">{L_DELETE_AVATAR}</span></td>
 			</tr>
 			<!-- IF S_UPLOAD_AVATAR_FILE -->
 			<tr>