makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

More \' updates

Browse source 
git-svn-id: file:///svn/phpbb/trunk@1663 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-12-21 16:00:41 +00:00
parent 8064fdf558
commit cd9b1562f1
1 changed files with 10 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
phpBB/includes/functions.php
View file

@ -99,7 +99,7 @@ function get_userdata($username) {
$sql = "SELECT * $sql = "SELECT *
FROM " . USERS_TABLE . " FROM " . USERS_TABLE . "
WHERE username = '$username' WHERE username = '" . str_replace("\'", "''", $username) . "'
AND user_id <> " . ANONYMOUS; AND user_id <> " . ANONYMOUS;
if(!$result = $db->sql_query($sql)) if(!$result = $db->sql_query($sql))
{ {
@ -330,7 +330,7 @@ function setup_style($style)
$template_path = 'templates/' ; $template_path = 'templates/' ;
$template_name = $row['template_name'] ; $template_name = $row['template_name'] ;
$template = new Template($phpbb_root_path . $template_path . $template_name, $db); $template = new Template($phpbb_root_path . $template_path . $template_name, $board_config, $db);
if( $template ) if( $template )
{ {
@ -389,15 +389,6 @@ function create_date($format, $gmepoch, $tz)
return (@gmdate($format, $gmepoch + (3600 * $tz))); return (@gmdate($format, $gmepoch + (3600 * $tz)));
} }
//
// Create a GMT timestamp
//
function get_gmt_ts()
{
$time = @time();
return($time);
}
// //
// Pagination routine, generates // Pagination routine, generates
// page number sequence // page number sequence
@ -515,11 +506,11 @@ function validate_username($username)
FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
WHERE ug.user_id = u.user_id WHERE ug.user_id = u.user_id
AND g.group_id = ug.group_id AND g.group_id = ug.group_id
AND ( LOWER(u.username) = '" . strtolower($username) . "' AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "'
OR LOWER(g.group_name) = '" . strtolower($username) . "' )"; OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )";
$sql_disallow = "SELECT disallow_username $sql_disallow = "SELECT disallow_username
FROM " . DISALLOW_TABLE . " FROM " . DISALLOW_TABLE . "
WHERE '$username' LIKE disallow_username"; WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username";
if($result = $db->sql_query($sql_users)) if($result = $db->sql_query($sql_users))
{ {
if($db->sql_numrows($result) > 0) if($db->sql_numrows($result) > 0)
@ -541,12 +532,12 @@ function validate_username($username)
FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
WHERE ug.user_id = u.user_id WHERE ug.user_id = u.user_id
AND g.group_id = ug.group_id AND g.group_id = ug.group_id
AND ( LOWER(u.username) = '" . strtolower($username) . "' AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "'
OR LOWER(g.group_name) = '" . strtolower($username) . "' ) OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )
UNION UNION
SELECT disallow_username, NULL SELECT disallow_username, NULL
FROM " . DISALLOW_TABLE . " FROM " . DISALLOW_TABLE . "
WHERE '$username' LIKE disallow_username"; WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username";
if($result = $db->sql_query($sql)) if($result = $db->sql_query($sql))
{ {
if($db->sql_numrows($result) > 0) if($db->sql_numrows($result) > 0)
@ -928,7 +919,7 @@ function username_search($search_match, $is_inline_review = 0, $default_list = "
$sql = "SELECT username $sql = "SELECT username
FROM " . USERS_TABLE . " FROM " . USERS_TABLE . "
WHERE username LIKE '$username_search' WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "'
ORDER BY username"; ORDER BY username";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
@ -1210,4 +1201,4 @@ function phpbb_preg_quote($str, $delimiter)
return $text; return $text;
} }
?> ?>