makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-11 22:08:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Send stylesheet in style.php even without a valid session id [Bug #11531]

Browse source 
- request_var should strictly return the requested number of dimensions
- corrected a character mapping in the search indexing character list, people might want to reindex after this change if they use fulltext_native


git-svn-id: file:///svn/phpbb/trunk@7685 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann 2007-05-26 14:23:00 +00:00
parent 62be0ed93a
commit a69e12e3ab
5 changed files with 196 additions and 170 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/docs/CHANGELOG.html
View file

@ -216,6 +216,8 @@ p a {
<li>[Fix] Allow posts without subjects to be clicked in the MCP (Bug #11483)</li>
<li>[Fix] Sync the forums that shadow topics reside in when the topic that they point to is deleted</li>
<li>[Fix] Do not use the gen_random_string function to create cookie names during install (Bug #11431)</li>
<li>[Fix] Send stylesheet in style.php even without a valid session id (Bug #11531)</li>
<li>[Fix] request_var should strictly return the requested number of dimensions</li>
</ul>
</div>

25
phpBB/includes/functions.php
View file

@ -78,6 +78,14 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false)
list($key_type, $type) = each($default);
$type = gettype($type);
$key_type = gettype($key_type);
if ($type == 'array')
{
reset($default);
list($sub_key_type, $sub_type) = each(current($default));
$sub_type = gettype($sub_type);
$sub_type = ($sub_type == 'array') ? 'NULL' : $sub_type;
$sub_key_type = gettype($sub_key_type);
}
}
if (is_array($var))
@ -87,18 +95,25 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false)
foreach ($_var as $k => $v)
{
if (is_array($v))
set_var($k, $k, $key_type);
if ($type == 'array' && is_array($v))
{
foreach ($v as $_k => $_v)
{
set_var($k, $k, $key_type);
set_var($_k, $_k, $key_type);
set_var($var[$k][$_k], $_v, $type, $multibyte);
if (is_array($_v))
{
$_v = null;
}
set_var($_k, $_k, $sub_key_type);
set_var($var[$k][$_k], $_v, $sub_type, $multibyte);
}
}
else
{
set_var($k, $k, $key_type);
if ($type == 'array' || is_array($v))
{
$v = null;
}
set_var($var[$k], $v, $type, $multibyte);
}
}

2
phpBB/includes/functions_privmsgs.php
View file

@ -875,7 +875,7 @@ function update_unread_status($unread, $msg_id, $user_id, $folder_id)
*/
function handle_mark_actions($user_id, $mark_action)
{
global $db, $user, $_POST, $phpbb_root_path, $phpEx;
global $db, $user, $phpbb_root_path, $phpEx;
$msg_ids = request_var('marked_msg_id', array(0));
$cur_folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX);

2
phpBB/includes/utf/data/search_indexer_0.php
View file

File diff suppressed because one or more lines are too long

335
phpBB/style.php
View file

@ -70,175 +70,184 @@ if ($id && $sid)
unset($dbpasswd);
$config = $cache->obtain_config();
$user = false;
$sql = 'SELECT u.user_id, u.user_lang
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
WHERE s.session_id = '" . $db->sql_escape($sid) . "'
AND s.session_user_id = u.user_id";
$result = $db->sql_query($sql);
$user = $db->sql_fetchrow($result);
if ($sid)
{
$sql = 'SELECT u.user_id, u.user_lang
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
WHERE s.session_id = '" . $db->sql_escape($sid) . "'
AND s.session_user_id = u.user_id";
$result = $db->sql_query($sql);
$user = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
$recompile = $config['load_tplcompile'];
if (!$user)
{
$id = $config['default_style'];
$recompile = false;
$user = array('user_id' => ANONYMOUS);
}
$sql = 'SELECT s.style_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i
WHERE s.style_id = ' . $id . '
AND t.template_id = s.template_id
AND c.theme_id = s.theme_id
AND i.imageset_id = s.imageset_id';
$result = $db->sql_query($sql, 300);
$theme = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($user)
if ($user['user_id'] == ANONYMOUS)
{
$sql = 'SELECT s.style_id, c.theme_data, c.theme_path, c.theme_name, c.theme_mtime, i.*, t.template_path
FROM ' . STYLES_TABLE . ' s, ' . STYLES_TEMPLATE_TABLE . ' t, ' . STYLES_THEME_TABLE . ' c, ' . STYLES_IMAGESET_TABLE . ' i
WHERE s.style_id = ' . $id . '
AND t.template_id = s.template_id
AND c.theme_id = s.theme_id
AND i.imageset_id = s.imageset_id';
$result = $db->sql_query($sql, 300);
$theme = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($user['user_id'] == ANONYMOUS)
{
$user['user_lang'] = $config['default_lang'];
}
$user_image_lang = (file_exists($phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $user['user_lang'])) ? $user['user_lang'] : $config['default_lang'];
$sql = 'SELECT *
FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $theme['imageset_id'] . "
AND image_lang IN('" . $db->sql_escape($user_image_lang) . "', '')";
$result = $db->sql_query($sql, 3600);
$img_array = array();
while ($row = $db->sql_fetchrow($result))
{
$img_array[$row['image_name']] = $row;
}
if (!$theme)
{
exit;
}
// Re-cache stylesheet data if necessary
if ($config['load_tplcompile'] || empty($theme['theme_data']))
{
$recache = (empty($theme['theme_data'])) ? true : false;
$update_time = time();
// We test for stylesheet.css because it is faster and most likely the only file changed on common themes
if (!$recache && $theme['theme_mtime'] < @filemtime("{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme/stylesheet.css'))
{
$recache = true;
$update_time = @filemtime("{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme/stylesheet.css');
}
else if (!$recache)
{
$last_change = $theme['theme_mtime'];
foreach (glob("{$phpbb_root_path}styles/{$theme['theme_path']}/theme/*.css", GLOB_NOSORT) as $file)
{
if ($last_change < @filemtime($file))
{
$recache = true;
break;
}
}
}
if ($recache)
{
include_once($phpbb_root_path . 'includes/acp/acp_styles.' . $phpEx);
$theme['theme_data'] = acp_styles::db_theme_data($theme);
$theme['theme_mtime'] = $update_time;
// Save CSS contents
$sql_ary = array(
'theme_mtime' => $theme['theme_mtime'],
'theme_data' => $theme['theme_data']
);
$sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE theme_id = $id";
$db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);
header('Expires: 0');
}
}
else
{
header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
}
header('Content-type: text/css');
// Parse Theme Data
$replace = array(
'{T_THEME_PATH}' => "{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme',
'{T_TEMPLATE_PATH}' => "{$phpbb_root_path}styles/" . $theme['template_path'] . '/template',
'{T_IMAGESET_PATH}' => "{$phpbb_root_path}styles/" . $theme['imageset_path'] . '/imageset',
'{T_IMAGESET_LANG_PATH}' => "{$phpbb_root_path}styles/" . $theme['imageset_path'] . '/imageset/' . $user_image_lang,
'{T_STYLESHEET_NAME}' => $theme['theme_name'],
'{S_USER_LANG}' => $user['user_lang']
);
$theme['theme_data'] = str_replace(array_keys($replace), array_values($replace), $theme['theme_data']);
$matches = array();
preg_match_all('#\{IMG_([A-Za-z0-9_]*?)_(WIDTH|HEIGHT|SRC)\}#', $theme['theme_data'], $matches);
$imgs = $find = $replace = array();
if (isset($matches[0]) && sizeof($matches[0]))
{
foreach ($matches[1] as $i => $img)
{
$img = strtolower($img);
$find[] = $matches[0][$i];
if (!isset($img_array[$img]))
{
$replace[] = '';
continue;
}
if (!isset($imgs[$img]))
{
$img_data = &$img_array[$img];
$imgsrc = ($img_data['image_lang'] ? $img_data['image_lang'] . '/' : '') . $img_data['image_filename'];
$imgs[$img] = array(
'src' => $phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $imgsrc,
'width' => $img_data['image_width'],
'height' => $img_data['image_height'],
);
}
switch ($matches[2][$i])
{
case 'SRC':
$replace[] = $imgs[$img]['src'];
break;
case 'WIDTH':
$replace[] = $imgs[$img]['width'];
break;
case 'HEIGHT':
$replace[] = $imgs[$img]['height'];
break;
default:
continue;
}
}
if (sizeof($find))
{
$theme['theme_data'] = str_replace($find, $replace, $theme['theme_data']);
}
}
echo $theme['theme_data'];
$user['user_lang'] = $config['default_lang'];
}
$user_image_lang = (file_exists($phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $user['user_lang'])) ? $user['user_lang'] : $config['default_lang'];
$sql = 'SELECT *
FROM ' . STYLES_IMAGESET_DATA_TABLE . '
WHERE imageset_id = ' . $theme['imageset_id'] . "
AND image_lang IN('" . $db->sql_escape($user_image_lang) . "', '')";
$result = $db->sql_query($sql, 3600);
$img_array = array();
while ($row = $db->sql_fetchrow($result))
{
$img_array[$row['image_name']] = $row;
}
if (!$theme)
{
exit;
}
// Re-cache stylesheet data if necessary
if ($recompile || empty($theme['theme_data']))
{
$recache = (empty($theme['theme_data'])) ? true : false;
$update_time = time();
// We test for stylesheet.css because it is faster and most likely the only file changed on common themes
if (!$recache && $theme['theme_mtime'] < @filemtime("{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme/stylesheet.css'))
{
$recache = true;
$update_time = @filemtime("{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme/stylesheet.css');
}
else if (!$recache)
{
$last_change = $theme['theme_mtime'];
foreach (glob("{$phpbb_root_path}styles/{$theme['theme_path']}/theme/*.css", GLOB_NOSORT) as $file)
{
if ($last_change < @filemtime($file))
{
$recache = true;
break;
}
}
}
if ($recache)
{
include_once($phpbb_root_path . 'includes/acp/acp_styles.' . $phpEx);
$theme['theme_data'] = acp_styles::db_theme_data($theme);
$theme['theme_mtime'] = $update_time;
// Save CSS contents
$sql_ary = array(
'theme_mtime' => $theme['theme_mtime'],
'theme_data' => $theme['theme_data']
);
$sql = 'UPDATE ' . STYLES_THEME_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE theme_id = $id";
$db->sql_query($sql);
$cache->destroy('sql', STYLES_THEME_TABLE);
header('Expires: 0');
}
}
else
{
header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 3600));
}
header('Content-type: text/css');
// Parse Theme Data
$replace = array(
'{T_THEME_PATH}' => "{$phpbb_root_path}styles/" . $theme['theme_path'] . '/theme',
'{T_TEMPLATE_PATH}' => "{$phpbb_root_path}styles/" . $theme['template_path'] . '/template',
'{T_IMAGESET_PATH}' => "{$phpbb_root_path}styles/" . $theme['imageset_path'] . '/imageset',
'{T_IMAGESET_LANG_PATH}' => "{$phpbb_root_path}styles/" . $theme['imageset_path'] . '/imageset/' . $user_image_lang,
'{T_STYLESHEET_NAME}' => $theme['theme_name'],
'{S_USER_LANG}' => $user['user_lang']
);
$theme['theme_data'] = str_replace(array_keys($replace), array_values($replace), $theme['theme_data']);
$matches = array();
preg_match_all('#\{IMG_([A-Za-z0-9_]*?)_(WIDTH|HEIGHT|SRC)\}#', $theme['theme_data'], $matches);
$imgs = $find = $replace = array();
if (isset($matches[0]) && sizeof($matches[0]))
{
foreach ($matches[1] as $i => $img)
{
$img = strtolower($img);
$find[] = $matches[0][$i];
if (!isset($img_array[$img]))
{
$replace[] = '';
continue;
}
if (!isset($imgs[$img]))
{
$img_data = &$img_array[$img];
$imgsrc = ($img_data['image_lang'] ? $img_data['image_lang'] . '/' : '') . $img_data['image_filename'];
$imgs[$img] = array(
'src' => $phpbb_root_path . 'styles/' . $theme['imageset_path'] . '/imageset/' . $imgsrc,
'width' => $img_data['image_width'],
'height' => $img_data['image_height'],
);
}
switch ($matches[2][$i])
{
case 'SRC':
$replace[] = $imgs[$img]['src'];
break;
case 'WIDTH':
$replace[] = $imgs[$img]['width'];
break;
case 'HEIGHT':
$replace[] = $imgs[$img]['height'];
break;
default:
continue;
}
}
if (sizeof($find))
{
$theme['theme_data'] = str_replace($find, $replace, $theme['theme_data']);
}
}
echo $theme['theme_data'];
if (!empty($cache))
{
$cache->unload();