makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

merge? merge.

Browse source 
git-svn-id: file:///svn/phpbb/trunk@8672 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2008-06-23 18:22:44 +00:00
parent 3892e7330a
commit ad739a358c
14 changed files with 153 additions and 116 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
phpBB/develop/create_schema_files.php
View file

@ -699,7 +699,7 @@ foreach ($supported_dbms as $dbms)
} }
$line .= ($key_data[0] == 'INDEX') ? 'CREATE INDEX' : ''; $line .= ($key_data[0] == 'INDEX') ? 'CREATE INDEX' : '';
$line .= " {$table_name}_{$key_name} ON {$table_name} (" . implode(', ', $key_data[1]) . ")\n"; $line .= " {$table_name}_{$key_name} ON {$table_name} (" . implode(', ', $key_data[1]) . ")\n";
$line .= "/\n"; $line .= "/\n";
break; break;
@ -1032,7 +1032,7 @@ function get_schema_struct()
'topic_id' => array('UINT', 0), 'topic_id' => array('UINT', 0),
'forum_id' => array('UINT', 0), 'forum_id' => array('UINT', 0),
'save_time' => array('TIMESTAMP', 0), 'save_time' => array('TIMESTAMP', 0),
'draft_subject' => array('XSTEXT_UNI', ''), 'draft_subject' => array('STEXT_UNI', ''),
'draft_message' => array('MTEXT_UNI', ''), 'draft_message' => array('MTEXT_UNI', ''),
), ),
'PRIMARY_KEY' => 'draft_id', 'PRIMARY_KEY' => 'draft_id',
@ -1094,7 +1094,7 @@ function get_schema_struct()
'forum_topics_real' => array('UINT', 0), 'forum_topics_real' => array('UINT', 0),
'forum_last_post_id' => array('UINT', 0), 'forum_last_post_id' => array('UINT', 0),
'forum_last_poster_id' => array('UINT', 0), 'forum_last_poster_id' => array('UINT', 0),
'forum_last_post_subject' => array('XSTEXT_UNI', ''), 'forum_last_post_subject' => array('STEXT_UNI', ''),
'forum_last_post_time' => array('TIMESTAMP', 0), 'forum_last_post_time' => array('TIMESTAMP', 0),
'forum_last_poster_name'=> array('VCHAR_UNI', ''), 'forum_last_poster_name'=> array('VCHAR_UNI', ''),
'forum_last_poster_colour'=> array('VCHAR:6', ''), 'forum_last_poster_colour'=> array('VCHAR:6', ''),
@ -1308,7 +1308,7 @@ function get_schema_struct()
'enable_magic_url' => array('BOOL', 1), 'enable_magic_url' => array('BOOL', 1),
'enable_sig' => array('BOOL', 1), 'enable_sig' => array('BOOL', 1),
'post_username' => array('VCHAR_UNI:255', ''), 'post_username' => array('VCHAR_UNI:255', ''),
'post_subject' => array('XSTEXT_UNI', '', 'true_sort'), 'post_subject' => array('STEXT_UNI', '', 'true_sort'),
'post_text' => array('MTEXT_UNI', ''), 'post_text' => array('MTEXT_UNI', ''),
'post_checksum' => array('VCHAR:32', ''), 'post_checksum' => array('VCHAR:32', ''),
'post_attachment' => array('BOOL', 0), 'post_attachment' => array('BOOL', 0),
@ -1344,7 +1344,7 @@ function get_schema_struct()
'enable_smilies' => array('BOOL', 1), 'enable_smilies' => array('BOOL', 1),
'enable_magic_url' => array('BOOL', 1), 'enable_magic_url' => array('BOOL', 1),
'enable_sig' => array('BOOL', 1), 'enable_sig' => array('BOOL', 1),
'message_subject' => array('XSTEXT_UNI', ''), 'message_subject' => array('STEXT_UNI', ''),
'message_text' => array('MTEXT_UNI', ''), 'message_text' => array('MTEXT_UNI', ''),
'message_edit_reason' => array('STEXT_UNI', ''), 'message_edit_reason' => array('STEXT_UNI', ''),
'message_edit_user' => array('UINT', 0), 'message_edit_user' => array('UINT', 0),
@ -1562,6 +1562,7 @@ function get_schema_struct()
'KEYS' => array( 'KEYS' => array(
'session_time' => array('INDEX', 'session_time'), 'session_time' => array('INDEX', 'session_time'),
'session_user_id' => array('INDEX', 'session_user_id'), 'session_user_id' => array('INDEX', 'session_user_id'),
'session_fid' => array('INDEX', 'session_forum_id'),
), ),
); );
@ -1707,7 +1708,7 @@ function get_schema_struct()
'topic_attachment' => array('BOOL', 0), 'topic_attachment' => array('BOOL', 0),
'topic_approved' => array('BOOL', 1), 'topic_approved' => array('BOOL', 1),
'topic_reported' => array('BOOL', 0), 'topic_reported' => array('BOOL', 0),
'topic_title' => array('XSTEXT_UNI', '', 'true_sort'), 'topic_title' => array('STEXT_UNI', '', 'true_sort'),
'topic_poster' => array('UINT', 0), 'topic_poster' => array('UINT', 0),
'topic_time' => array('TIMESTAMP', 0), 'topic_time' => array('TIMESTAMP', 0),
'topic_time_limit' => array('TIMESTAMP', 0), 'topic_time_limit' => array('TIMESTAMP', 0),
@ -1723,7 +1724,7 @@ function get_schema_struct()
'topic_last_poster_id' => array('UINT', 0), 'topic_last_poster_id' => array('UINT', 0),
'topic_last_poster_name' => array('VCHAR_UNI', ''), 'topic_last_poster_name' => array('VCHAR_UNI', ''),
'topic_last_poster_colour' => array('VCHAR:6', ''), 'topic_last_poster_colour' => array('VCHAR:6', ''),
'topic_last_post_subject' => array('XSTEXT_UNI', ''), 'topic_last_post_subject' => array('STEXT_UNI', ''),
'topic_last_post_time' => array('TIMESTAMP', 0), 'topic_last_post_time' => array('TIMESTAMP', 0),
'topic_last_view_time' => array('TIMESTAMP', 0), 'topic_last_view_time' => array('TIMESTAMP', 0),
'topic_moved_id' => array('UINT', 0), 'topic_moved_id' => array('UINT', 0),

6
phpBB/docs/AUTHORS
View file

@ -22,13 +22,15 @@ involved in phpBB.
phpBB Lead Developer : Acyd Burn (Meik Sievertsen) phpBB Lead Developer : Acyd Burn (Meik Sievertsen)
phpBB Developers : DavidMJ (David M.) phpBB Developers : APTX (Marek A. R.)
DavidMJ (David M.)
dhn (Dominik Dröscher) dhn (Dominik Dröscher)
kellanved (Henry Sudhof) kellanved (Henry Sudhof)
naderman (Nils Adermann) naderman (Nils Adermann)
subBlue (Tom Beddard) ToonArmy (Chris Smith)
Vic D'Elfant (Vic D'Elfant) Vic D'Elfant (Vic D'Elfant)
-- Previous Contributors -- -- Previous Contributors --
phpBB Project Manager : theFinn (James Atkinson) [Founder - 04/2007] phpBB Project Manager : theFinn (James Atkinson) [Founder - 04/2007]

2
phpBB/includes/functions.php
View file

@ -745,7 +745,7 @@ function tz_select($default = '', $truncate = false)
{ {
if ($truncate) if ($truncate)
{ {
$zone_trunc = truncate_string($zone, 50, false, '...'); $zone_trunc = truncate_string($zone, 50, 255, false, '...');
} }
else else
{ {

29
phpBB/includes/functions_content.php
View file

@ -435,6 +435,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bbcode = false, $allow_urls = false, $allow_smilies = false) function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bbcode = false, $allow_urls = false, $allow_smilies = false)
{ {
$uid = $bitfield = ''; $uid = $bitfield = '';
$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
if (!$text) if (!$text)
{ {
@ -458,7 +459,6 @@ function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bb
$uid = ''; $uid = '';
} }
$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
$bitfield = $message_parser->bbcode_bitfield; $bitfield = $message_parser->bbcode_bitfield;
return; return;
@ -563,7 +563,7 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
$relative_url = preg_replace('/[&?]sid=[0-9a-f]{32}$/', '', preg_replace('/([&?])sid=[0-9a-f]{32}&/', '$1', $relative_url)); $relative_url = preg_replace('/[&?]sid=[0-9a-f]{32}$/', '', preg_replace('/([&?])sid=[0-9a-f]{32}&/', '$1', $relative_url));
$url = $url . '/' . $relative_url; $url = $url . '/' . $relative_url;
$text = $relative_url; $text = $relative_url;
// this url goes to http://domain.tld/path/to/board/ which // this url goes to http://domain.tld/path/to/board/ which
// would result in an empty link if treated as local so // would result in an empty link if treated as local so
// don't touch it and let MAGIC_URL_FULL take care of it. // don't touch it and let MAGIC_URL_FULL take care of it.
@ -1062,8 +1062,16 @@ function extension_allowed($forum_id, $extension, &$extensions)
/** /**
* Truncates string while retaining special characters if going over the max length * Truncates string while retaining special characters if going over the max length
* The default max length is 60 at the moment * The default max length is 60 at the moment
* The maximum storage length is there to fit the string within the given length. The string may be further truncated due to html entities.
* For example: string given is 'a "quote"' (length: 9), would be a stored as 'a "quote"' (length: 19)
*
* @param string $string The text to truncate to the given length. String is specialchared.
* @param int $max_length Maximum length of string (multibyte character count as 1 char / Html entity count as 1 char)
* @param int $max_store_length Maximum character length of string (multibyte character count as 1 char / Html entity count as entity chars).
* @param bool $allow_reply Allow Re: in front of string
* @param string $append String to be appended
*/ */
function truncate_string($string, $max_length = 60, $allow_reply = true, $append = '') function truncate_string($string, $max_length = 60, $max_store_length = 255, $allow_reply = true, $append = '')
{ {
$chars = array(); $chars = array();
@ -1086,6 +1094,21 @@ function truncate_string($string, $max_length = 60, $allow_reply = true, $append
$stripped = true; $stripped = true;
} }
// Due to specialchars, we may not be able to store the string...
if (utf8_strlen($string) > $max_store_length)
{
// let's split again, we do not want half-baked strings where entities are split
$_chars = utf8_str_split(htmlspecialchars_decode($string));
$chars = array_map('utf8_htmlspecialchars', $_chars);
do
{
array_pop($chars);
$string = implode('', $chars);
}
while (utf8_strlen($string) > $max_store_length || !sizeof($chars));
}
if ($strip_reply) if ($strip_reply)
{ {
$string = 'Re: ' . $string; $string = 'Re: ' . $string;

30
phpBB/includes/functions_convert.php
View file

@ -148,7 +148,7 @@ function auto_id($pad = 0)
{ {
return $convert_row['max_id'] + $pad; return $convert_row['max_id'] + $pad;
} }
return $auto_id + $pad; return $auto_id + $pad;
} }
@ -280,7 +280,7 @@ function get_config_value($config_name)
{ {
$convert_config = get_config(); $convert_config = get_config();
} }
if (!isset($convert_config[$config_name])) if (!isset($convert_config[$config_name]))
{ {
return false; return false;
@ -669,12 +669,12 @@ function import_avatar($source, $use_target = false, $user_id = false)
{ {
$convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_AVATAR_PATH'], 'import_avatar()'), __LINE__, __FILE__); $convert->p_master->error(sprintf($user->lang['CONV_ERROR_NO_AVATAR_PATH'], 'import_avatar()'), __LINE__, __FILE__);
} }
if ($use_target === false && $user_id !== false) if ($use_target === false && $user_id !== false)
{ {
$use_target = $config['avatar_salt'] . '_' . $user_id . '.' . substr(strrchr($source, '.'), 1); $use_target = $config['avatar_salt'] . '_' . $user_id . '.' . substr(strrchr($source, '.'), 1);
} }
$result = _import_check('avatar_path', $source, $use_target); $result = _import_check('avatar_path', $source, $use_target);
return ((!empty($user_id)) ? $user_id : $use_target) . '.' . substr(strrchr($source, '.'), 1); return ((!empty($user_id)) ? $user_id : $use_target) . '.' . substr(strrchr($source, '.'), 1);
@ -946,7 +946,7 @@ function get_remote_avatar_dim($src, $axis)
unset($remote_avatar_cache); unset($remote_avatar_cache);
return $retval; return $retval;
} }
$url_info = @parse_url($src); $url_info = @parse_url($src);
if (empty($url_info['host'])) if (empty($url_info['host']))
{ {
@ -962,19 +962,19 @@ function get_remote_avatar_dim($src, $axis)
case 'ftp': case 'ftp':
$port = 21; $port = 21;
break; break;
case 'https': case 'https':
$port = 443; $port = 443;
break; break;
default: default:
$port = 80; $port = 80;
} }
} }
$timeout = @ini_get('default_socket_timeout'); $timeout = @ini_get('default_socket_timeout');
@ini_set('default_socket_timeout', 2); @ini_set('default_socket_timeout', 2);
// We're just trying to reach the server to avoid timeouts // We're just trying to reach the server to avoid timeouts
$fp = @fsockopen($host, $port, $errno, $errstr, 1); $fp = @fsockopen($host, $port, $errno, $errstr, 1);
if ($fp) if ($fp)
@ -982,11 +982,11 @@ function get_remote_avatar_dim($src, $axis)
$remote_avatar_cache[$src] = @getimagesize($src); $remote_avatar_cache[$src] = @getimagesize($src);
fclose($fp); fclose($fp);
} }
$default_x = (defined('DEFAULT_AVATAR_X_CUSTOM')) ? DEFAULT_AVATAR_X_CUSTOM : DEFAULT_AVATAR_X; $default_x = (defined('DEFAULT_AVATAR_X_CUSTOM')) ? DEFAULT_AVATAR_X_CUSTOM : DEFAULT_AVATAR_X;
$default_y = (defined('DEFAULT_AVATAR_Y_CUSTOM')) ? DEFAULT_AVATAR_Y_CUSTOM : DEFAULT_AVATAR_Y; $default_y = (defined('DEFAULT_AVATAR_Y_CUSTOM')) ? DEFAULT_AVATAR_Y_CUSTOM : DEFAULT_AVATAR_Y;
$default = array($default_x, $default_y); $default = array($default_x, $default_y);
if (empty($remote_avatar_cache[$src]) || empty($remote_avatar_cache[$src][0]) || empty($remote_avatar_cache[$src][1])) if (empty($remote_avatar_cache[$src]) || empty($remote_avatar_cache[$src][0]) || empty($remote_avatar_cache[$src][1]))
{ {
$remote_avatar_cache[$src] = $default; $remote_avatar_cache[$src] = $default;
@ -1002,7 +1002,7 @@ function get_remote_avatar_dim($src, $axis)
$remote_avatar_cache[$src][1] = (int)($remote_avatar_cache[$src][1] * $ratio); $remote_avatar_cache[$src][1] = (int)($remote_avatar_cache[$src][1] * $ratio);
} }
} }
@ini_set('default_socket_timeout', $timeout); @ini_set('default_socket_timeout', $timeout);
return $remote_avatar_cache[$src][$axis]; return $remote_avatar_cache[$src][$axis];
} }
@ -1112,7 +1112,7 @@ function words_unique(&$words)
function add_user_group($group_id, $user_id, $group_leader=false) function add_user_group($group_id, $user_id, $group_leader=false)
{ {
global $convert, $config, $user, $db; global $convert, $config, $user, $db;
$sql = 'INSERT INTO ' . USER_GROUP_TABLE . ' ' . $db->sql_build_array('INSERT', array( $sql = 'INSERT INTO ' . USER_GROUP_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'group_id' => $group_id, 'group_id' => $group_id,
'user_id' => $user_id, 'user_id' => $user_id,
@ -1282,7 +1282,7 @@ function restore_config($schema)
// Most are... // Most are...
if (is_string($config_value)) if (is_string($config_value))
{ {
$config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, false); $config_value = truncate_string(utf8_htmlspecialchars($config_value), 255, 255, false);
} }
set_config($config_name, $config_value); set_config($config_name, $config_value);
@ -2440,7 +2440,7 @@ function get_smiley_display()
function fill_dateformat($user_dateformat) function fill_dateformat($user_dateformat)
{ {
global $config; global $config;
return ((empty($user_dateformat)) ? $config['default_dateformat'] : $user_dateformat); return ((empty($user_dateformat)) ? $config['default_dateformat'] : $user_dateformat);
} }

6
phpBB/includes/functions_posting.php
View file

@ -360,7 +360,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
{ {
$upload->set_disallowed_content(explode('|', $config['mime_triggers'])); $upload->set_disallowed_content(explode('|', $config['mime_triggers']));
} }
if (!$local) if (!$local)
{ {
$filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false; $filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false;
@ -1340,7 +1340,7 @@ function delete_post($forum_id, $topic_id, $post_id, &$data)
else if ($data['topic_first_post_id'] == $post_id) else if ($data['topic_first_post_id'] == $post_id)
{ {
$post_mode = 'delete_first_post'; $post_mode = 'delete_first_post';
} }
else if ($data['topic_last_post_id'] == $post_id) else if ($data['topic_last_post_id'] == $post_id)
{ {
$post_mode = 'delete_last_post'; $post_mode = 'delete_last_post';
@ -1646,7 +1646,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
// Display edit info if edit reason given or user is editing his post, which is not the last within the topic. // Display edit info if edit reason given or user is editing his post, which is not the last within the topic.
if ($data['post_edit_reason'] || (!$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post'))) if ($data['post_edit_reason'] || (!$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post')))
{ {
$data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, false); $data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, 255, false);
$sql_data[POSTS_TABLE]['sql'] = array( $sql_data[POSTS_TABLE]['sql'] = array(
'post_edit_time' => $current_time, 'post_edit_time' => $current_time,

119
phpBB/includes/functions_user.php
View file

@ -733,70 +733,65 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
case 'user': case 'user':
$type = 'ban_userid'; $type = 'ban_userid';
if (in_array('*', $ban_list)) // At the moment we do not support wildcard username banning
// Select the relevant user_ids.
$sql_usernames = array();
foreach ($ban_list as $username)
{ {
// Ban all users (it's a good thing that you can exclude people) $username = trim($username);
$banlist_ary[] = '*'; if ($username != '')
{
$clean_name = utf8_clean_string($username);
if ($clean_name == $user->data['username_clean'])
{
trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING);
}
if (in_array($clean_name, $founder_names))
{
trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING);
}
$sql_usernames[] = $clean_name;
}
}
// Make sure we have been given someone to ban
if (!sizeof($sql_usernames))
{
trigger_error('NO_USER_SPECIFIED');
}
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $sql_usernames);
// Do not allow banning yourself
if (sizeof($founder))
{
$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true);
} }
else else
{ {
// Select the relevant user_ids. $sql .= ' AND user_id <> ' . $user->data['user_id'];
$sql_usernames = array();
foreach ($ban_list as $username)
{
$username = trim($username);
if ($username != '')
{
$clean_name = utf8_clean_string($username);
if ($clean_name == $user->data['username_clean'])
{
trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING);
}
if (in_array($clean_name, $founder_names))
{
trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING);
}
$sql_usernames[] = $clean_name;
}
}
// Make sure we have been given someone to ban
if (!sizeof($sql_usernames))
{
trigger_error('NO_USER_SPECIFIED');
}
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $sql_usernames);
// Do not allow banning yourself
if (sizeof($founder))
{
$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true);
}
else
{
$sql .= ' AND user_id <> ' . $user->data['user_id'];
}
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
do
{
$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
}
else
{
trigger_error('NO_USERS');
}
$db->sql_freeresult($result);
} }
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
do
{
$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
}
else
{
$db->sql_freeresult($result);
trigger_error('NO_USERS');
}
$db->sql_freeresult($result);
break; break;
case 'ip': case 'ip':
@ -996,7 +991,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
switch ($mode) switch ($mode)
{ {
case 'user': case 'user':
$sql_where = (in_array('*', $banlist_ary)) ? '' : 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary); $sql_where = 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary);
break; break;
case 'ip': case 'ip':
@ -2850,7 +2845,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
{ {
case 'demote': case 'demote':
case 'promote': case 'promote':
$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . " $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id WHERE group_id = $group_id
AND user_pending = 1 AND user_pending = 1
@ -2862,7 +2857,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
{ {
return 'NO_VALID_USERS'; return 'NO_VALID_USERS';
} }
$sql = 'UPDATE ' . USER_GROUP_TABLE . ' $sql = 'UPDATE ' . USER_GROUP_TABLE . '
SET group_leader = ' . (($action == 'promote') ? 1 : 0) . " SET group_leader = ' . (($action == 'promote') ? 1 : 0) . "
WHERE group_id = $group_id WHERE group_id = $group_id

5
phpBB/includes/message_parser.php
View file

@ -400,7 +400,10 @@ class bbcode_firstpass extends bbcode
case 'php': case 'php':
$remove_tags = false; $remove_tags = false;
$code = str_replace(array('&lt;', '&gt;'), array('<', '>'), $code);
$str_from = array('&lt;', '&gt;', '&#91;', '&#93;', '&#46;', '&#58;', '&#058;');
$str_to = array('<', '>', '[', ']', '.', ':', ':');
$code = str_replace($str_from, $str_to, $code);
if (!preg_match('/\<\?.*?\?\>/is', $code)) if (!preg_match('/\<\?.*?\?\>/is', $code))
{ {

9
phpBB/includes/session.php
View file

@ -1113,6 +1113,14 @@ class session
// To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again // To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again
$this->session_kill(false); $this->session_kill(false);
// A very special case... we are within the cron script which is not supposed to print out the ban message... show blank page
if (defined('IN_CRON'))
{
garbage_collection();
exit_handler();
exit;
}
trigger_error($message); trigger_error($message);
} }
@ -1582,6 +1590,7 @@ class user extends session
$localised_images = true; $localised_images = true;
} }
$row['image_filename'] = rawurlencode($row['image_filename']);
$this->img_array[$row['image_name']] = $row; $this->img_array[$row['image_name']] = $row;
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);

4
phpBB/install/database_update.php
View file

@ -8,7 +8,7 @@
* *
*/ */
$updates_to_version = '3.1.0'; $updates_to_version = '3.0.2-RC2';
// Return if we "just include it" to find out for which version the database update is responsuble for // Return if we "just include it" to find out for which version the database update is responsuble for
if (defined('IN_PHPBB') && defined('IN_INSTALL')) if (defined('IN_PHPBB') && defined('IN_INSTALL'))
@ -699,7 +699,7 @@ $cache->purge();
</div> </div>
</div> </div>
</div> </div>
<div id="page-footer"> <div id="page-footer">
Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a> Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
</div> </div>

15
phpBB/install/schemas/schema_data.php
View file

@ -205,7 +205,7 @@ $schema_data['phpbb_drafts'] = array(
'topic_id' => array('UINT', 0), 'topic_id' => array('UINT', 0),
'forum_id' => array('UINT', 0), 'forum_id' => array('UINT', 0),
'save_time' => array('TIMESTAMP', 0), 'save_time' => array('TIMESTAMP', 0),
'draft_subject' => array('XSTEXT_UNI', ''), 'draft_subject' => array('STEXT_UNI', ''),
'draft_message' => array('MTEXT_UNI', ''), 'draft_message' => array('MTEXT_UNI', ''),
), ),
'PRIMARY_KEY' => 'draft_id', 'PRIMARY_KEY' => 'draft_id',
@ -267,7 +267,7 @@ $schema_data['phpbb_forums'] = array(
'forum_topics_real' => array('UINT', 0), 'forum_topics_real' => array('UINT', 0),
'forum_last_post_id' => array('UINT', 0), 'forum_last_post_id' => array('UINT', 0),
'forum_last_poster_id' => array('UINT', 0), 'forum_last_poster_id' => array('UINT', 0),
'forum_last_post_subject' => array('XSTEXT_UNI', ''), 'forum_last_post_subject' => array('STEXT_UNI', ''),
'forum_last_post_time' => array('TIMESTAMP', 0), 'forum_last_post_time' => array('TIMESTAMP', 0),
'forum_last_poster_name'=> array('VCHAR_UNI', ''), 'forum_last_poster_name'=> array('VCHAR_UNI', ''),
'forum_last_poster_colour'=> array('VCHAR:6', ''), 'forum_last_poster_colour'=> array('VCHAR:6', ''),
@ -482,7 +482,7 @@ $schema_data['phpbb_posts'] = array(
'enable_magic_url' => array('BOOL', 1), 'enable_magic_url' => array('BOOL', 1),
'enable_sig' => array('BOOL', 1), 'enable_sig' => array('BOOL', 1),
'post_username' => array('VCHAR_UNI:255', ''), 'post_username' => array('VCHAR_UNI:255', ''),
'post_subject' => array('XSTEXT_UNI', '', 'true_sort'), 'post_subject' => array('STEXT_UNI', '', 'true_sort'),
'post_text' => array('MTEXT_UNI', ''), 'post_text' => array('MTEXT_UNI', ''),
'post_checksum' => array('VCHAR:32', ''), 'post_checksum' => array('VCHAR:32', ''),
'post_attachment' => array('BOOL', 0), 'post_attachment' => array('BOOL', 0),
@ -518,7 +518,7 @@ $schema_data['phpbb_privmsgs'] = array(
'enable_smilies' => array('BOOL', 1), 'enable_smilies' => array('BOOL', 1),
'enable_magic_url' => array('BOOL', 1), 'enable_magic_url' => array('BOOL', 1),
'enable_sig' => array('BOOL', 1), 'enable_sig' => array('BOOL', 1),
'message_subject' => array('XSTEXT_UNI', ''), 'message_subject' => array('STEXT_UNI', ''),
'message_text' => array('MTEXT_UNI', ''), 'message_text' => array('MTEXT_UNI', ''),
'message_edit_reason' => array('STEXT_UNI', ''), 'message_edit_reason' => array('STEXT_UNI', ''),
'message_edit_user' => array('UINT', 0), 'message_edit_user' => array('UINT', 0),
@ -736,7 +736,8 @@ $schema_data['phpbb_sessions'] = array(
'PRIMARY_KEY' => 'session_id', 'PRIMARY_KEY' => 'session_id',
'KEYS' => array( 'KEYS' => array(
'session_time' => array('INDEX', 'session_time'), 'session_time' => array('INDEX', 'session_time'),
'session_user_id' => array('INDEX', 'session_user_id'), 'session_uid' => array('INDEX', 'session_user_id'),
'session_fid' => array('INDEX', 'session_forum_id'),
), ),
); );
@ -882,7 +883,7 @@ $schema_data['phpbb_topics'] = array(
'topic_attachment' => array('BOOL', 0), 'topic_attachment' => array('BOOL', 0),
'topic_approved' => array('BOOL', 1), 'topic_approved' => array('BOOL', 1),
'topic_reported' => array('BOOL', 0), 'topic_reported' => array('BOOL', 0),
'topic_title' => array('XSTEXT_UNI', '', 'true_sort'), 'topic_title' => array('STEXT_UNI', '', 'true_sort'),
'topic_poster' => array('UINT', 0), 'topic_poster' => array('UINT', 0),
'topic_time' => array('TIMESTAMP', 0), 'topic_time' => array('TIMESTAMP', 0),
'topic_time_limit' => array('TIMESTAMP', 0), 'topic_time_limit' => array('TIMESTAMP', 0),
@ -898,7 +899,7 @@ $schema_data['phpbb_topics'] = array(
'topic_last_poster_id' => array('UINT', 0), 'topic_last_poster_id' => array('UINT', 0),
'topic_last_poster_name' => array('VCHAR_UNI', ''), 'topic_last_poster_name' => array('VCHAR_UNI', ''),
'topic_last_poster_colour' => array('VCHAR:6', ''), 'topic_last_poster_colour' => array('VCHAR:6', ''),
'topic_last_post_subject' => array('XSTEXT_UNI', ''), 'topic_last_post_subject' => array('STEXT_UNI', ''),
'topic_last_post_time' => array('TIMESTAMP', 0), 'topic_last_post_time' => array('TIMESTAMP', 0),
'topic_last_view_time' => array('TIMESTAMP', 0), 'topic_last_view_time' => array('TIMESTAMP', 0),
'topic_moved_id' => array('UINT', 0), 'topic_moved_id' => array('UINT', 0),

23
phpBB/search.php
View file

@ -88,7 +88,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
if ($search_id == 'egosearch') if ($search_id == 'egosearch')
{ {
$author_id = $user->data['user_id']; $author_id = $user->data['user_id'];
if ($user->data['user_id'] == ANONYMOUS) if ($user->data['user_id'] == ANONYMOUS)
{ {
login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']); login_box('', $user->lang['LOGIN_EXPLAIN_EGOSEARCH']);
@ -466,6 +466,9 @@ if ($keywords || $author || $author_id || $search_id || $submit)
// define some vars for urls // define some vars for urls
$hilit = implode('|', explode(' ', preg_replace('#\s+#u', ' ', str_replace(array('+', '-', '|', '(', ')', '&quot;'), ' ', $keywords)))); $hilit = implode('|', explode(' ', preg_replace('#\s+#u', ' ', str_replace(array('+', '-', '|', '(', ')', '&quot;'), ' ', $keywords))));
// Do not allow *only* wildcard being used for hilight
$hilit = (strspn($hilit, '*') === strlen($hilit)) ? '' : $hilit;
$u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit))); $u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit)));
$u_show_results = ($show_results != 'posts') ? '&amp;sr=' . $show_results : ''; $u_show_results = ($show_results != 'posts') ? '&amp;sr=' . $show_results : '';
$u_search_forum = implode('&amp;fid%5B%5D=', $search_forum); $u_search_forum = implode('&amp;fid%5B%5D=', $search_forum);
@ -600,18 +603,18 @@ if ($keywords || $author || $author_id || $search_id || $submit)
FROM ' . TOPICS_TABLE . ' FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set('topic_id', array_keys($shadow_topic_list)); WHERE ' . $db->sql_in_set('topic_id', array_keys($shadow_topic_list));
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) while ($row = $db->sql_fetchrow($result))
{ {
$orig_topic_id = $shadow_topic_list[$row['topic_id']]; $orig_topic_id = $shadow_topic_list[$row['topic_id']];
// We want to retain some values // We want to retain some values
$row = array_merge($row, array( $row = array_merge($row, array(
'topic_moved_id' => $rowset[$orig_topic_id]['topic_moved_id'], 'topic_moved_id' => $rowset[$orig_topic_id]['topic_moved_id'],
'topic_status' => $rowset[$orig_topic_id]['topic_status'], 'topic_status' => $rowset[$orig_topic_id]['topic_status'],
'forum_name' => $rowset[$orig_topic_id]['forum_name']) 'forum_name' => $rowset[$orig_topic_id]['forum_name'])
); );
$rowset[$orig_topic_id] = $row; $rowset[$orig_topic_id] = $row;
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
@ -627,7 +630,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
else if ($config['load_anon_lastread'] || $user->data['is_registered']) else if ($config['load_anon_lastread'] || $user->data['is_registered'])
{ {
$topic_tracking_info[$forum_id] = get_complete_topic_tracking($forum_id, $forum['topic_list'], ($forum_id) ? false : $forum['topic_list']); $topic_tracking_info[$forum_id] = get_complete_topic_tracking($forum_id, $forum['topic_list'], ($forum_id) ? false : $forum['topic_list']);
if (!$user->data['is_registered']) if (!$user->data['is_registered'])
{ {
$user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0; $user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0;
@ -708,7 +711,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
AND in_message = 0 AND in_message = 0
ORDER BY filetime DESC, post_msg_id ASC'; ORDER BY filetime DESC, post_msg_id ASC';
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) while ($row = $db->sql_fetchrow($result))
{ {
$attachments[$row['post_msg_id']][] = $row; $attachments[$row['post_msg_id']][] = $row;
@ -742,12 +745,12 @@ if ($keywords || $author || $author_id || $search_id || $submit)
{ {
// Get a list of forums the user cannot read // Get a list of forums the user cannot read
$forum_ary = array_unique(array_keys($auth->acl_getf('!f_read', true))); $forum_ary = array_unique(array_keys($auth->acl_getf('!f_read', true)));
// Determine first forum the user is able to read (must not be a category) // Determine first forum the user is able to read (must not be a category)
$sql = 'SELECT forum_id $sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . ' FROM ' . FORUMS_TABLE . '
WHERE forum_type = ' . FORUM_POST; WHERE forum_type = ' . FORUM_POST;
if (sizeof($forum_ary)) if (sizeof($forum_ary))
{ {
$sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true); $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true);
@ -856,7 +859,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
if (!empty($attachments[$row['post_id']])) if (!empty($attachments[$row['post_id']]))
{ {
parse_attachments($forum_id, $row['post_text'], $attachments[$row['post_id']], $update_count); parse_attachments($forum_id, $row['post_text'], $attachments[$row['post_id']], $update_count);
// we only display inline attachments // we only display inline attachments
unset($attachments[$row['post_id']]); unset($attachments[$row['post_id']]);
} }
@ -874,7 +877,7 @@ if ($keywords || $author || $author_id || $search_id || $submit)
'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR_COLOUR' => get_username_string('colour', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'POST_AUTHOR' => get_username_string('username', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']), 'U_POST_AUTHOR' => get_username_string('profile', $row['poster_id'], $row['username'], $row['user_colour'], $row['post_username']),
'POST_SUBJECT' => $row['post_subject'], 'POST_SUBJECT' => $row['post_subject'],
'POST_DATE' => (!empty($row['post_time'])) ? $user->format_date($row['post_time']) : '', 'POST_DATE' => (!empty($row['post_time'])) ? $user->format_date($row['post_time']) : '',
'MESSAGE' => $row['post_text'] 'MESSAGE' => $row['post_text']

2
phpBB/styles/prosilver/template/message_body.html
View file

@ -4,7 +4,7 @@
<div class="inner"><span class="corners-top"><span></span></span> <div class="inner"><span class="corners-top"><span></span></span>
<h2>{MESSAGE_TITLE}</h2> <h2>{MESSAGE_TITLE}</h2>
<p>{MESSAGE_TEXT}</p> <p>{MESSAGE_TEXT}</p>
<!-- IF SCRIPT_NAME == "search" and not S_BOARD_DISABLED and not S_NO_SEARCH --><p><a href="{U_SEARCH}" class="{S_CONTENT_FLOW_BEGIN}">{L_RETURN_TO_SEARCH_ADV}</a></p><!-- ENDIF --> <!-- IF SCRIPT_NAME == "search" and not S_BOARD_DISABLED and not S_NO_SEARCH and L_RETURN_TO_SEARCH_ADV --><p><a href="{U_SEARCH}" class="{S_CONTENT_FLOW_BEGIN}">{L_RETURN_TO_SEARCH_ADV}</a></p><!-- ENDIF -->
<span class="corners-bottom"><span></span></span></div> <span class="corners-bottom"><span></span></span></div>
</div> </div>

4
phpBB/styles/subsilver2/template/search_results.html
View file

@ -35,7 +35,7 @@
</td> </td>
<td class="row1"> <td class="row1">
<!-- IF searchresults.S_UNREAD_TOPIC --><a href="{searchresults.U_NEWEST_POST}">{NEWEST_POST_IMG}</a><!-- ENDIF --> <!-- IF searchresults.S_UNREAD_TOPIC --><a href="{searchresults.U_NEWEST_POST}">{NEWEST_POST_IMG}</a><!-- ENDIF -->
{topicrow.ATTACH_ICON_IMG} <a href="{searchresults.U_VIEW_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a> {searchresults.ATTACH_ICON_IMG} <a href="{searchresults.U_VIEW_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a>
<!-- IF searchresults.S_TOPIC_UNAPPROVED or searchresults.S_POSTS_UNAPPROVED --> <!-- IF searchresults.S_TOPIC_UNAPPROVED or searchresults.S_POSTS_UNAPPROVED -->
<a href="{searchresults.U_MCP_QUEUE}">{searchresults.UNAPPROVED_IMG}</a>&nbsp; <a href="{searchresults.U_MCP_QUEUE}">{searchresults.UNAPPROVED_IMG}</a>&nbsp;
<!-- ENDIF --> <!-- ENDIF -->
@ -94,7 +94,7 @@
<td class="gensmall"> <td class="gensmall">
<div style="float: {S_CONTENT_FLOW_BEGIN};"> <div style="float: {S_CONTENT_FLOW_BEGIN};">
<!-- IF searchresults.POST_SUBJECT neq "" --> <!-- IF searchresults.POST_SUBJECT neq "" -->
&nbsp;<b>{L_POST_SUBJECT}:</b> <a href="{searchresults.U_VIEW_POST}">{searchresults.POST_SUBJECT}</a> &nbsp;<b>{L_POST_SUBJECT}:</b> <a href="{searchresults.U_VIEW_POST}">{searchresults.POST_SUBJECT}</a>
<!-- ELSE --> <!-- ELSE -->
[ <a href="{searchresults.U_VIEW_POST}">{L_JUMP_TO_POST}</a> ] [ <a href="{searchresults.U_VIEW_POST}">{L_JUMP_TO_POST}</a> ]
<!-- ENDIF --> <!-- ENDIF -->