makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

ok, bugfixing phase #1 finished. There will be more bugfixes coming and those knowing CVS/php/mysql are encouraged to implement the fixes. ;)

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5204 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2005-09-14 18:14:30 +00:00
parent 08b719e8d5
commit b4d5539758
24 changed files with 150 additions and 78 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
phpBB/admin/admin_board.php
View file

@ -254,7 +254,6 @@ $template->assign_vars(array(
"ACTIVATION_ADMIN_CHECKED" => $activation_admin,
"CONFIRM_ENABLE" => $confirm_yes,
"CONFIRM_DISABLE" => $confirm_no,
"ACTIVATION_NONE_CHECKED" => $activation_none,
"BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes,
"BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no,
"MAX_POLL_OPTIONS" => $new['max_poll_options'],

2
phpBB/admin/admin_disallow.php
View file

@ -45,7 +45,7 @@ if( isset($HTTP_POST_VARS['add_name']) )
if ($disallowed_user == '')
{
message_die(MESSAGE, $lang['Fields_empty']);
message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
}
if( !validate_username($disallowed_user) )
{

4
phpBB/admin/admin_smilies.php
View file

@ -410,7 +410,7 @@ else if ( $mode != "" )
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
{
message_die(MESSAGE, $lang['Fields_empty']);
message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
}
//
@ -454,7 +454,7 @@ else if ( $mode != "" )
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
{
message_die(MESSAGE, $lang['Fields_empty']);
message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
}
//

16
phpBB/admin/admin_ug_auth.php
View file

@ -251,9 +251,10 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
}
}
$sql = "SELECT *
FROM " . FORUMS_TABLE . " f
ORDER BY forum_order";
$sql = 'SELECT f.*
FROM ' . FORUMS_TABLE . ' f, ' . CATEGORIES_TABLE . ' c
WHERE f.cat_id = c.cat_id
ORDER BY c.cat_order, f.forum_order';
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
@ -831,9 +832,9 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
}
}
$t_usergroup_list = $t_pending_list = '';
if( count($name) )
{
$t_usergroup_list = $t_pending_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
@ -848,10 +849,9 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
}
}
}
else
{
$t_usergroup_list = $lang['None'];
}
$t_usergroup_list = ($t_usergroup_list == '') ? $lang['None'] : $t_usergroup_list;
$t_pending_list = ($t_pending_list == '') ? $lang['None'] : $t_pending_list;
$s_column_span = 2; // Two columns always present
if( !$adv )

2
phpBB/admin/page_footer_admin.php
View file

@ -25,6 +25,8 @@ if ( !defined('IN_PHPBB') )
die("Hacking attempt");
}
global $do_gzip_compress;
//
// Show the overall footer.
//

69
phpBB/docs/CHANGELOG.html
View file

@ -62,7 +62,32 @@ p,ul,td {font-size:10pt;}
<p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
<a name="2016"></a><h3 class="h3">l.i. Changes since 2.0.16</h3>
<a name="2017"></a><h3 class="h3">l.i. Changes since 2.0.17</h3>
<ul>
<li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
<li>[Fix] retrieving category rows in index.php (Bug #90)</li>
<li>[Fix] wrong topic redirection after login redirect (Bug #94)</li>
<li>[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)</li>
<li>[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)</li>
<li>[Fix] incorrect alt tag on generated search images in viewtopic.php and usercp_viewprofile.php (Bug #102)</li>
<li>[Fix] consistent forum ordering in all dropdown boxes (Bug #106)</li>
<li>[Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)</li>
<li>[Fix] handling of both forms of translation information used in language packs (Bug #159)</li>
<li>[Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)</li>
<li>[Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)</li>
<li>[Fix] incorrect handling of move stubs (Bug #179)</li>
<li>[Fix] wrong mode_type in memberlist (Bug #187)</li>
<li>[Fix] removed unused variable from topic_notify email template (Bug #210)</li>
<li>[Fix] invalid HTML in overall_header.tpl when user is logged in (Bug #211)</li>
<li>[Fix] removed unset variable from smilies popup window title (Bug #224)</li>
<li>[Fix] removed duplicate template assignment from admin_board.php (Bug #226)</li>
<li>[Fix] incorrect search link for guest posts in modcp.php (Bug #254)</li>
<li>[Fix] correctly check returned value from strpos in append_sid function (Bug #275)</li>
<li>[Fix] correctly display username in private message notification (Bug #278)</li>
<li>[Fix] fixed "var-by-ref" errors (Bug #322)</li>
<a name="2016"></a><h3 class="h3">l.ii. Changes since 2.0.16</h3>
<ul>
<li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
@ -78,7 +103,7 @@ p,ul,td {font-size:10pt;}
<li>Correctly set username on posts when deleting a user from the admin panel</li>
</ul>
<a name="2015"></a><h3 class="h3">l.ii. Changes since 2.0.15</h3>
<a name="2015"></a><h3 class="h3">l.iii. Changes since 2.0.15</h3>
<ul>
<li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@ -90,7 +115,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
</ul>
<a name="2014"></a><h3 class="h3">l.iii. Changes since 2.0.14</h3>
<a name="2014"></a><h3 class="h3">l.iv. Changes since 2.0.14</h3>
<ul>
<li>Fixed moderator status removal in groupcp.php</li>
@ -112,7 +137,7 @@ p,ul,td {font-size:10pt;}
<li>Empty url/img bbcodes no longer get parsed</li>
</ul>
<a name="2013"></a><h3 class="h3">l.iv. Changes since 2.0.13</h3>
<a name="2013"></a><h3 class="h3">l.v. Changes since 2.0.13</h3>
<ul>
<li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@ -129,7 +154,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
</ul>
<a name="2012"></a><h3 class="h3">l.v. Changes since 2.0.12</h3>
<a name="2012"></a><h3 class="h3">l.vi. Changes since 2.0.12</h3>
<ul>
<li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@ -137,7 +162,7 @@ p,ul,td {font-size:10pt;}
<li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
</ul>
<a name="2011"></a><h3 class="h3">l.vi. Changes since 2.0.11</h3>
<a name="2011"></a><h3 class="h3">l.vii. Changes since 2.0.11</h3>
<ul>
<li>Added confirm table to admin_db_utilities.php</li>
@ -152,7 +177,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
</ul>
<a name="2010"></a><h3 class="h3">l.vii. Changes since 2.0.10</h3>
<a name="2010"></a><h3 class="h3">l.viii. Changes since 2.0.10</h3>
<ul>
<li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@ -163,7 +188,7 @@ p,ul,td {font-size:10pt;}
<li>Added visual confirmation mod to code base</li>
</ul>
<a name="209"></a><h3 class="h3">l.viii. Changes since 2.0.9</h3>
<a name="209"></a><h3 class="h3">l.ix. Changes since 2.0.9</h3>
<ul>
<li>Fixed deleting of styles in admin_styles.php</li>
@ -176,7 +201,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
</ul>
<a name="208"></a><h3 class="h3">l.ix. Changes since 2.0.8</h3>
<a name="208"></a><h3 class="h3">l.x. Changes since 2.0.8</h3>
<ul>
<li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@ -195,7 +220,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed problem with SID not delivered to next page in groupcp.php</li>
</ul>
<a name="207"></a><h3 class="h3">l.x. Changes since 2.0.7</h3>
<a name="207"></a><h3 class="h3">l.xi. Changes since 2.0.7</h3>
<ul>
<li>Fixed several vulnerabilities in admin pages</li>
@ -207,7 +232,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
</ul>
<a name="206"></a><h3 class="h3">1.xi. Changes since 2.0.6</h3>
<a name="206"></a><h3 class="h3">1.xii. Changes since 2.0.6</h3>
<ul>
<li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@ -221,7 +246,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed potential vulnerability in avatar gallery</li>
</ul>
<a name="205"></a><h3 class="h3">1.xii. Changes since 2.0.5</h3>
<a name="205"></a><h3 class="h3">1.xiii. Changes since 2.0.5</h3>
<ul>
<li>Fixed various email issues</li>
@ -237,7 +262,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
</ul>
<a name="204"></a><h3 class="h3">1.xiii. Changes since 2.0.4</h3>
<a name="204"></a><h3 class="h3">1.xiv. Changes since 2.0.4</h3>
<ul>
<li>Removed user facing session_id checks</li>
@ -309,7 +334,7 @@ p,ul,td {font-size:10pt;}
<li>Default English support for visual confirmation - translators are encouraged to support this</li>
</ul>
<a name="203"></a><h3 class="h3">1.xiv. Changes since 2.0.3</h3>
<a name="203"></a><h3 class="h3">1.xv. Changes since 2.0.3</h3>
<ul>
<li>Fixed cross-browser scripting issue with highlight param</li>
@ -436,7 +461,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
</ul>
<a name="202"></a><h3 class="h3">1.xv. Changes since 2.0.2</h3>
<a name="202"></a><h3 class="h3">1.xvi. Changes since 2.0.2</h3>
<ul>
<li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@ -445,7 +470,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed (hopefully) issue with MS Access and multiple pages</li>
</ul>
<a name="201"></a><h3 class="h3">1.xvi. Changes since 2.0.1</h3>
<a name="201"></a><h3 class="h3">1.xvii. Changes since 2.0.1</h3>
<ul>
<li>Fixed missing "username" lang variable in user admin template</li>
@ -480,7 +505,7 @@ p,ul,td {font-size:10pt;}
<li>Fix emailer to allow sending emails with language-specific character sets</li>
</ul>
<a name="200"></a><h3 class="h3">1.xvii. Changes since 2.0.0</h3>
<a name="200"></a><h3 class="h3">1.xviii. Changes since 2.0.0</h3>
<ul>
<li>Fixed delete image bug for normal users</li>
@ -537,7 +562,7 @@ p,ul,td {font-size:10pt;}
<li>Added database closure to admin frameset page</li>
</ul>
<a name="final"></a><h3 class="h3">1.xviii. Changes since RC-4</h3>
<a name="final"></a><h3 class="h3">1.xix. Changes since RC-4</h3>
<ul>
<li>Fixed improper report of general error when posting messages containing errors</li>
@ -567,7 +592,7 @@ p,ul,td {font-size:10pt;}
<li>Fixed various remaining usergroup display issues</li>
</ul>
<a name="rc4"></a><h3 class="h3">1.xix. Changes since RC-3</h3>
<a name="rc4"></a><h3 class="h3">1.xx. Changes since RC-3</h3>
<ul>
<li>Addressed serious security issue with included files</li>
@ -598,7 +623,7 @@ p,ul,td {font-size:10pt;}
<li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
</ul>
<a name="rc3"></a><h3 class="h3">1.xx. Changes since RC-2</h3>
<a name="rc3"></a><h3 class="h3">1.xxi. Changes since RC-2</h3>
<ul>
<li>Fixed infamous install parse error</li>
@ -631,7 +656,7 @@ p,ul,td {font-size:10pt;}
<li>Hidden usergroups are now completely hidden from view</li>
</ul>
<a name="rc2"></a><h3 class="h3">1.xxi. Changes since RC-1</h3>
<a name="rc2"></a><h3 class="h3">1.xxii. Changes since RC-1</h3>
<ul>
<li>Fixed numerous PostgreSQL related issues</li>
@ -651,7 +676,7 @@ p,ul,td {font-size:10pt;}
<li>Various other fixes and updates</li>
</ul>
<a name="rc1"></a><h3 class="h3">1.xxii. Changes since RC-1 (pre)</h3>
<a name="rc1"></a><h3 class="h3">1.xxiii. Changes since RC-1 (pre)</h3>
<ul>
<li>Upgrade script completed for initial fully functional release</li>

41
phpBB/includes/functions_admin.php
View file

@ -32,7 +32,7 @@ function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
$sql = "SELECT forum_id, forum_name
FROM " . FORUMS_TABLE . "
ORDER BY cat_id, forum_order";
ORDER BY cat_order, forum_order";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Couldn not obtain forums information', '', __LINE__, __FILE__, $sql);
@ -140,12 +140,47 @@ function sync($type, $id = false)
if ( $row = $db->sql_fetchrow($result) )
{
$sql = ( $row['total_posts'] ) ? "UPDATE " . TOPICS_TABLE . " SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = $id" : "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $id";
if ( !$db->sql_query($sql) )
if ($row['total_posts'])
{
// Correct the details of this topic
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_replies = ' . ($row['total_posts'] - 1) . ', topic_first_post_id = ' . $row['first_post'] . ', topic_last_post_id = ' . $row['last_post'] . "
WHERE topic_id = $id";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
}
}
else
{
// There are no replies to this topic
// Check if it is a move stub
$sql = 'SELECT topic_moved_id
FROM ' . TOPICS_TABLE . "
WHERE topic_id = $id";
if (!($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql);
}
if ($row = $db->sql_fetchrow($result))
{
if (!$row['topic_moved_id'])
{
$sql = 'DELETE FROM ' . TOPICS_TABLE . " WHERE topic_id = $id";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not remove topic', '', __LINE__, __FILE__, $sql);
}
}
}
$db->sql_freeresult($result);
}
}
break;
}

4
phpBB/includes/functions_post.php
View file

@ -213,7 +213,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on,
//
// Post a new topic/reply/poll or edit existing post/poll
//
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length)
{
global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
global $userdata, $user_ip;
@ -769,7 +769,7 @@ function generate_smilies($mode, $page_id)
$gen_simple_header = TRUE;
$page_title = $lang['Emoticons'] . " - $topic_title";
$page_title = $lang['Emoticons'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(

2
phpBB/includes/functions_search.php
View file

@ -89,7 +89,7 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
return $entry;
}
function split_words(&$entry, $mode = 'post')
function split_words($entry, $mode = 'post')
{
// If you experience problems with the new method, uncomment this block.
/*

4
phpBB/includes/page_tail.php
View file

@ -25,6 +25,8 @@ if ( !defined('IN_PHPBB') )
die('Hacking attempt');
}
global $do_gzip_compress;
//
// Show the overall footer.
//
@ -35,7 +37,7 @@ $template->set_filenames(array(
);
$template->assign_vars(array(
'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''),
'ADMIN_LINK' => $admin_link)
);

2
phpBB/includes/sessions.php
View file

@ -415,7 +415,7 @@ function append_sid($url, $non_html_amp = false)
if ( !empty($SID) && !preg_match('#sid=#', $url) )
{
$url .= ( ( strpos($url, '?') != false ) ? ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
$url .= ( ( strpos($url, '?') !== false ) ? ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
}
return $url;

9
phpBB/includes/usercp_activate.php
View file

@ -47,10 +47,17 @@ if ( $row = $db->sql_fetchrow($result) )
}
else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
{
if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $userdata['user_level'] != ADMIN)
if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $row['user_newpasswd'] == '')
{
if (!$userdata['session_logged_in'])
{
redirect(append_sid('login.' . $phpEx . '?redirect=profile.' . $phpEx . '&mode=activate&' . POST_USERS_URL . '=' . $row['user_id'] . '&act_key=' . trim($HTTP_GET_VARS['act_key'])));
}
else if ($userdata['user_level'] != ADMIN)
{
message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
}
}
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';

2
phpBB/includes/usercp_register.php
View file

@ -818,7 +818,7 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
$allowviewonline = !$allowviewonline;
display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $new_password, $cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
}
else
{

2
phpBB/includes/usercp_sendpasswd.php
View file

@ -50,7 +50,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$user_actkey = gen_rand_string(true);
$key_len = 54 - strlen($server_url);
$key_len = ( $str_len > 6 ) ? $key_len : 6;
$key_len = ($key_len > 6) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_password = gen_rand_string(false);

2
phpBB/includes/usercp_viewprofile.php
View file

@ -165,7 +165,7 @@ $yim_img = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config
$yim = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&amp;showresults=posts");
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';
$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '</a>';
//

5
phpBB/index.php
View file

@ -119,7 +119,10 @@ if( !($result = $db->sql_query($sql)) )
}
$category_rows = array();
while( $category_rows[] = $db->sql_fetchrow($result) );
while ($row = $db->sql_fetchrow($result))
{
$category_rows[] = $row;
}
$db->sql_freeresult($result);
if( ( $total_categories = count($category_rows) ) )

2
phpBB/language/lang_english/email/topic_notify.tpl
View file

@ -1,7 +1,7 @@
Subject: Topic Reply Notification - {TOPIC_TITLE}
Charset: iso-8859-1
Hello {USERNAME},
Hello,
You are receiving this email because you are watching the topic, "{TOPIC_TITLE}" at {SITENAME}. This topic has received a reply since your last visit. You can use the following link to view the replies made, no more notifications will be sent until you visit the topic.

1
phpBB/language/lang_english/lang_main.php
View file

@ -530,7 +530,6 @@ $lang['Email_address'] = 'E-mail address';
$lang['Email'] = 'E-mail';
$lang['Send_private_message'] = 'Send private message';
$lang['Hidden_email'] = '[ Hidden ]';
$lang['Search_user_posts'] = 'Search for posts by this user';
$lang['Interests'] = 'Interests';
$lang['Occupation'] = 'Occupation';
$lang['Poster_rank'] = 'Poster rank';

2
phpBB/memberlist.php
View file

@ -61,7 +61,7 @@ else
// Memberlist sorting
//
$mode_types_text = array($lang['Sort_Joined'], $lang['Sort_Username'], $lang['Sort_Location'], $lang['Sort_Posts'], $lang['Sort_Email'], $lang['Sort_Website'], $lang['Sort_Top_Ten']);
$mode_types = array('joindate', 'username', 'location', 'posts', 'email', 'website', 'topten');
$mode_types = array('joined', 'username', 'location', 'posts', 'email', 'website', 'topten');
$select_sort_mode = '<select name="mode">';
for($i = 0; $i < count($mode_types_text); $i++)

4
phpBB/modcp.php
View file

@ -222,7 +222,7 @@ switch( $mode )
case 'delete':
if (!$is_auth['auth_delete'])
{
message_die(MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));
message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));
}
$page_title = $lang['Mod_CP'];
@ -1085,7 +1085,7 @@ switch( $mode )
'L_SEARCH_POSTS' => sprintf($lang['Search_user_posts'], $username),
'U_PROFILE' => ($id == ANONYMOUS) ? "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $post_id . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;sid=" . $userdata['session_id'] : append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$id"),
'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=topics"))
'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&amp;showresults=topics"))
);
$i++;

2
phpBB/privmsg.php
View file

@ -1319,7 +1319,7 @@ else if ( $submit || $refresh || $mode != '' )
$emailer->set_subject($lang['Notification_subject']);
$emailer->assign_vars(array(
'USERNAME' => $to_username,
'USERNAME' => stripslashes($to_username),
'SITENAME' => $board_config['sitename'],
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',

6
phpBB/search.php
View file

@ -257,7 +257,9 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt');
$split_search = array();
$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ? split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);
$stripped_keywords = stripslashes($search_keywords);
$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ? split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);
unset($stripped_keywords);
$search_msg_only = ( !$search_fields ) ? "AND m.title_match = 0" : ( ( strstr($multibyte_charset, $lang['ENCODING']) ) ? '' : '' );
@ -1301,7 +1303,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
$sql = "SELECT c.cat_title, c.cat_id, f.forum_name, f.forum_id
FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
WHERE f.cat_id = c.cat_id
ORDER BY c.cat_id, f.forum_order";
ORDER BY c.cat_order, f.forum_order";
$result = $db->sql_query($sql);
if ( !$result )
{

6
phpBB/templates/subSilver/overall_header.tpl
View file

@ -232,11 +232,11 @@ input.liteoption {
<td align="center" width="100%" valign="middle"><span class="maintitle">{SITENAME}</span><br /><span class="gen">{SITE_DESCRIPTION}<br />&nbsp; </span>
<table cellspacing="0" cellpadding="2" border="0">
<tr>
<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a></span><span class="mainmenu">&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp;
<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a>&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp;
<!-- BEGIN switch_user_logged_out -->
&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a></span>&nbsp;
&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a>&nbsp;
<!-- END switch_user_logged_out -->
</td>
</span></td>
</tr>
<tr>
<td height="25" align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_PROFILE}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_profile.gif" width="12" height="13" border="0" alt="{L_PROFILE}" hspace="3" />{L_PROFILE}</a>&nbsp; &nbsp;<a href="{U_PRIVATEMSGS}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_message.gif" width="12" height="13" border="0" alt="{PRIVATE_MESSAGE_INFO}" hspace="3" />{PRIVATE_MESSAGE_INFO}</a>&nbsp; &nbsp;<a href="{U_LOGIN_LOGOUT}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_LOGIN_LOGOUT}" hspace="3" />{L_LOGIN_LOGOUT}</a>&nbsp;</span></td>

30
phpBB/viewtopic.php
View file

@ -47,7 +47,7 @@ if ( isset($HTTP_GET_VARS[POST_POST_URL]))
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
if ( !isset($topic_id) && !isset($post_id) )
if (!$topic_id && !$post_id)
{
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
@ -114,6 +114,7 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
WHERE
t2.topic_id = $topic_id
AND t.forum_id = t2.forum_id
AND t.topic_moved_id = 0
AND t.topic_last_post_id $sql_condition t2.topic_last_post_id
ORDER BY t.topic_last_post_id $sql_ordering
LIMIT 1";
@ -139,11 +140,11 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
// also allows for direct linking to a post (and the calculation of which
// page the post is on and the correct display of viewtopic)
//
$join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
$join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";
$join_sql_table = (!$post_id) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
$join_sql = (!$post_id) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = (!$post_id) ? '' : ", COUNT(p2.post_id) AS prev_posts";
$order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
$order_sql = (!$post_id) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments" . $count_sql . "
FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . "
@ -181,8 +182,8 @@ if( !$is_auth['auth_view'] || !$is_auth['auth_read'] )
{
if ( !$userdata['session_logged_in'] )
{
$redirect = ( isset($post_id) ) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
$redirect .= ( isset($start) ) ? "&start=$start" : '';
$redirect = ($post_id) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
$redirect .= ($start) ? "&start=$start" : '';
redirect(append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true));
}
@ -199,7 +200,7 @@ $topic_title = $forum_topic_data['topic_title'];
$topic_id = intval($forum_topic_data['topic_id']);
$topic_time = $forum_topic_data['topic_time'];
if ( !empty($post_id) )
if ($post_id)
{
$start = floor(($forum_topic_data['prev_posts'] - 1) / intval($board_config['posts_per_page'])) * intval($board_config['posts_per_page']);
}
@ -989,7 +990,7 @@ for($i = 0; $i < $total_posts; $i++)
$quote = '<a href="' . $temp_url . '">' . $lang['Reply_with_quote'] . '</a>';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&amp;showresults=posts");
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';
$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '</a>';
if ( ( $userdata['user_id'] == $poster_id && $is_auth['auth_edit'] ) || $is_auth['auth_mod'] )
@ -1065,17 +1066,14 @@ for($i = 0; $i < $total_posts; $i++)
//
// Parse message and/or sig for BBCode if reqd
//
if ( $board_config['allow_bbcode'] )
if ($user_sig != '' && $user_sig_bbcode_uid != '')
{
if ( $user_sig != '' && $user_sig_bbcode_uid != '' )
{
$user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig);
$user_sig = ($board_config['allow_bbcode']) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace("/\:$user_sig_bbcode_uid/si", '', $user_sig);
}
if ( $bbcode_uid != '' )
if ($bbcode_uid != '')
{
$message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
}
$message = ($board_config['allow_bbcode']) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace("/\:$bbcode_uid/si", '', $message);
}
if ( $user_sig != '' )