makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

A whole bunch of fixes

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3081 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-11-23 22:56:41 +00:00
parent 795897d882
commit dcceaa48ca
26 changed files with 233 additions and 139 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
phpBB/admin/admin_smilies.php
View file

@ -399,10 +399,17 @@ else if ( $mode != "" )
// Get the submitted data, being careful to ensure that we only
// accept the data we are looking for.
//
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : trim($HTTP_GET_VARS['smile_code']);
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : trim($HTTP_GET_VARS['smile_url']);
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? trim($HTTP_POST_VARS['smile_emotion']) : trim($HTTP_GET_VARS['smile_emotion']);
$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url = '')
{
message_die(MESSAGE, $lang['Fields_empty']);
}
//
// Convert < and > to proper htmlentities for parsing.
//

60
phpBB/admin/admin_users.php
View file

@ -129,18 +129,18 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$password_confirm = '';
$icq = stripslashes($icq);
$aim = stripslashes($aim);
$msn = stripslashes($msn);
$yim = stripslashes($yim);
$aim = htmlspecialchars(stripslashes($aim));
$msn = htmlspecialchars(stripslashes($msn));
$yim = htmlspecialchars(stripslashes($yim));
$website = stripslashes($website);
$location = stripslashes($location);
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$signature = stripslashes($signature);
$website = htmlspecialchars(stripslashes($website));
$location = htmlspecialchars(stripslashes($location));
$occupation = htmlspecialchars(stripslashes($occupation));
$interests = htmlspecialchars(stripslashes($interests));
$signature = htmlspecialchars(stripslashes($signature));
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
if ( !isset($HTTP_POST_VARS['cancelavatar']))
{
@ -713,24 +713,24 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
$username = stripslashes($username);
$username = htmlspecialchars(stripslashes($username));
$email = stripslashes($email);
$password = '';
$password_confirm = '';
$icq = stripslashes($icq);
$aim = str_replace('+', ' ', stripslashes($aim));
$msn = stripslashes($msn);
$yim = stripslashes($yim);
$aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)));
$msn = htmlspecialchars(stripslashes($msn));
$yim = htmlspecialchars(stripslashes($yim));
$website = stripslashes($website);
$location = stripslashes($location);
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$signature = stripslashes($signature);
$website = htmlspecialchars(stripslashes($website));
$location = htmlspecialchars(stripslashes($location));
$occupation = htmlspecialchars(stripslashes($occupation));
$interests = htmlspecialchars(stripslashes($interests));
$signature = htmlspecialchars(stripslashes($signature));
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
}
}
else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) )
@ -757,21 +757,21 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
// Now parse and display it as a template
//
$user_id = $this_userdata['user_id'];
$username = $this_userdata['username'];
$username = htmlspecialchars($this_userdata['username']);
$email = $this_userdata['user_email'];
$password = '';
$password_confirm = '';
$icq = $this_userdata['user_icq'];
$aim = str_replace('+', ' ', $this_userdata['user_aim'] );
$msn = $this_userdata['user_msnm'];
$yim = $this_userdata['user_yim'];
$aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] ));
$msn = htmlspecialchars($this_userdata['user_msnm']);
$yim = htmlspecialchars($this_userdata['user_yim']);
$website = $this_userdata['user_website'];
$location = $this_userdata['user_from'];
$occupation = $this_userdata['user_occ'];
$interests = $this_userdata['user_interests'];
$signature = $this_userdata['user_sig'];
$website = htmlspecialchars($this_userdata['user_website']);
$location = htmlspecialchars($this_userdata['user_from']);
$occupation = htmlspecialchars($this_userdata['user_occ']);
$interests = htmlspecialchars($this_userdata['user_interests']);
$signature = ( $this_userdata['user_sig_bbcode_uid'] != '' ) ? htmlspecialchars(preg_replace("/:(([a-z0-9]+:)?)" . $this_userdata['user_sig_bbcode_uid'] . "\]/si", ']', $userdata['user_sig'])) : htmlspecialchars($userdata['user_sig']);
$viewemail = $this_userdata['user_viewemail'];
$notifypm = $this_userdata['user_notify_pm'];
@ -788,7 +788,7 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$user_style = $this_userdata['user_style'];
$user_lang = $this_userdata['user_lang'];
$user_timezone = $this_userdata['user_timezone'];
$user_dateformat = $this_userdata['user_dateformat'];
$user_dateformat = htmlspecialchars($this_userdata['user_dateformat']);
$user_status = $this_userdata['user_active'];
$user_allowavatar = $this_userdata['user_allowavatar'];
@ -980,8 +980,6 @@ if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) |
$rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>';
}
$signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature);
$template->set_filenames(array(
"body" => "admin/user_edit_body.tpl")
);

BIN
phpBB/db/schemas/ms_access_primer.zip
View file

Binary file not shown.

1
phpBB/db/schemas/mysql_schema.sql
View file

@ -270,6 +270,7 @@ CREATE TABLE phpbb_search_wordmatch (
post_id mediumint(8) UNSIGNED NOT NULL default '0',
word_id mediumint(8) UNSIGNED NOT NULL default '0',
title_match tinyint(1) NOT NULL default '0',
KEY post_id (post_id),
KEY word_id (word_id)
);

1
phpBB/db/schemas/postgres_schema.sql
View file

@ -264,6 +264,7 @@ CREATE TABLE phpbb_search_wordmatch (
title_match int2 NOT NULL default '0'
);
CREATE INDEX word_id_phpbb_search_wordmatch ON phpbb_search_wordmatch (word_id);
CREATE INDEX post_id_phpbb_search_wordmatch ON phpbb_search_wordmatch (post_id);
/* --------------------------------------------------------

2
phpBB/develop/encoding_emails.php
View file

@ -27,7 +27,7 @@
// Remove or comment the next line (die(".... ) to enable this script.
// Do NOT FORGET to either remove this script or disable it after you have used it.
//
die("Please read the first lines of this script for instructions on how to enable it");
//die("Please read the first lines of this script for instructions on how to enable it");
$dirname = "./../language";
$dir = opendir($dirname);

6
phpBB/groupcp.php
View file

@ -287,7 +287,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'GROUP_MODERATOR' => $moderator['username'],
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id&validate=true")
);
@ -569,7 +569,7 @@ else if ( $group_id )
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'GROUP_NAME' => $group_name,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
);
@ -724,7 +724,7 @@ else if ( $group_id )
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'GROUP_NAME' => $group_name,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
);

2
phpBB/includes/emailer.php
View file

@ -68,7 +68,7 @@ class emailer
//
function set_subject($subject = '')
{
$this->subject = $subject;
$this->subject = preg_replace('#[\n\r]+#s', '', $subject);
}
//

2
phpBB/includes/functions.php
View file

@ -176,7 +176,7 @@ function make_jumpbox($action, $match_forum_id = 0)
if ( isset($SID) )
{
$boxstring .= '<input type="hidden" name="sid" value="' . $SID . '" />';
$boxstring .= '<input type="hidden" name="sid" value="' . substr($SID, 4) . '" />';
}
$template->set_filenames(array(

12
phpBB/includes/functions_post.php
View file

@ -160,7 +160,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on,
$bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : '';
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
}
else if ( $mode != 'delete' && $mode != 'polldelete' )
else if ( $mode != 'delete' && $mode != 'poll_delete' )
{
$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
@ -233,7 +233,7 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_
{
if ( $row = $db->sql_fetchrow($result) )
{
if ( $row['last_post_time'] > 0 && ( $current_time - $row['last_post_time'] ) < $board_config['flood_interval'] )
if ( intval($row['last_post_time']) > 0 && ( $current_time - intval($row['last_post_time']) ) < intval($board_config['flood_interval']) )
{
message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
}
@ -278,7 +278,7 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
add_search_words($post_id, stripslashes($post_message), stripslashes($post_subject));
add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject));
//
// Add poll
@ -634,9 +634,9 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id
$update_watched_sql = '';
if ( $row = $db->sql_fetchrow($result) )
{
@set_time_limit(120);
@set_time_limit(240);
$topic_title = preg_replace($orig_word, $replacement_word, unprepare_message($row['topic_title']));
$topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($row['topic_title'])) : unprepare_message($row['topic_title']);
do
{
@ -648,7 +648,7 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'USERNAME' => $row['username'],
'SITENAME' => $board_config['sitename'],
'TOPIC_TITLE' => $topic_title,

6
phpBB/includes/functions_search.php
View file

@ -97,11 +97,11 @@ function split_words(&$entry, $mode = 'post')
return $split_entries[1];
}
function add_search_words($post_id, $post_text, $post_title = '')
function add_search_words($mode, $post_id, $post_text, $post_title = '')
{
global $db, $phpbb_root_path, $board_config, $lang;
$stopwords_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . "/search_stopwords.txt");
$stopword_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . "/search_stopwords.txt");
$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . "/search_synonyms.txt");
$search_raw_words = array();
@ -244,7 +244,7 @@ function add_search_words($post_id, $post_text, $post_title = '')
}
}
if ( $mode == 'single' )
if ($mode == 'single')
{
remove_common('single', 0.4, $word);
}

4
phpBB/includes/template.php
View file

@ -331,7 +331,7 @@ class Template {
if ($block_nesting_level < 2)
{
// Block is not nested.
$code_lines[$i] = '$_' . $a[1] . '_count = ( isset($this->_tpldata[\'' . $n[1] . '.\']) ) ? sizeof($this->_tpldata[\'' . $n[1] . '.\']) : 0;';
$code_lines[$i] = '$_' . $n[1] . '_count = ( isset($this->_tpldata[\'' . $n[1] . '.\']) ) ? sizeof($this->_tpldata[\'' . $n[1] . '.\']) : 0;';
$code_lines[$i] .= "\n" . 'for ($_' . $n[1] . '_i = 0; $_' . $n[1] . '_i < $_' . $n[1] . '_count; $_' . $n[1] . '_i++)';
$code_lines[$i] .= "\n" . '{';
}
@ -347,7 +347,7 @@ class Template {
// current indices of all parent blocks.
$varref = $this->generate_block_data_ref($namespace, false);
// Create the for loop code to iterate over this block.
$code_lines[$i] = '$_' . $a[1] . '_count = ( isset(' . $varref . ') ) ? sizeof(' . $varref . ') : 0;';
$code_lines[$i] = '$_' . $n[1] . '_count = ( isset(' . $varref . ') ) ? sizeof(' . $varref . ') : 0;';
$code_lines[$i] .= "\n" . 'for ($_' . $n[1] . '_i = 0; $_' . $n[1] . '_i < $_' . $n[1] . '_count; $_' . $n[1] . '_i++)';
$code_lines[$i] .= "\n" . '{';
}

8
phpBB/includes/usercp_activate.php
View file

@ -27,7 +27,7 @@ if ( !defined('IN_PHPBB') )
exit;
}
$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
$sql = "SELECT user_active, user_id, username, user_email, user_newpasswd, user_lang, user_actkey
FROM " . USERS_TABLE . "
WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
if ( !($result = $db->sql_query($sql)) )
@ -57,7 +57,7 @@ if ( $row = $db->sql_fetchrow($result) )
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
}
if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
if ( intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
{
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
@ -71,9 +71,9 @@ if ( $row = $db->sql_fetchrow($result) )
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'USERNAME' => $username,
'USERNAME' => $row['username'],
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']))
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '')
);
$emailer->send();
$emailer->reset();

4
phpBB/includes/usercp_avatar.php
View file

@ -242,7 +242,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
return $avatar_sql;
}
function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat)
function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat, &$session_id)
{
global $board_config, $db, $template, $lang, $images, $theme;
global $phpbb_root_path, $phpEx;
@ -320,7 +320,7 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
$params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popuppm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat');
$s_hidden_vars = '<input type="hidden" name="agreed" value="true" />';
$s_hidden_vars = '<input type="hidden" name="session_id" value="' . $session_id . '" /><input type="hidden" name="agreed" value="true" />';
for($i = 0; $i < count($params); $i++)
{

6
phpBB/includes/usercp_email.php
View file

@ -62,6 +62,11 @@ if ( $result = $db->sql_query($sql) )
if ( isset($HTTP_POST_VARS['submit']) )
{
if (!isset($HTTP_POST_VARS['session_id']) || $HTTP_POST_VARS['session_id'] != $userdata['session_id'])
{
message_die(ERROR, 'Invalid_session');
}
$error = FALSE;
if ( !empty($HTTP_POST_VARS['subject']) )
@ -170,6 +175,7 @@ if ( $result = $db->sql_query($sql) )
$template->assign_vars(array(
'USERNAME' => $username,
'S_HIDDEN_FIELDS' => '<input type="hidden" name="session_id" value="' . $userdata['session_id'] . '" />',
'S_POST_ACTION' => append_sid("profile.$phpEx?&amp;mode=email&amp;" . POST_USERS_URL . "=$user_id"),
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],

33
phpBB/includes/usercp_register.php
View file

@ -80,6 +80,11 @@ if (
isset($HTTP_POST_VARS['cancelavatar']) ||
$mode == 'register' )
{
if (!isset($HTTP_POST_VARS['session_id']) || $HTTP_POST_VARS['session_id'] != $userdata['session_id'])
{
message_die(ERROR, 'Invalid_session_id');
}
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
@ -183,18 +188,18 @@ if (
$password_confirm = stripslashes($password_confirm);
$icq = stripslashes($icq);
$aim = stripslashes($aim);
$msn = stripslashes($msn);
$yim = stripslashes($yim);
$aim = htmlspecialchars(stripslashes($aim));
$msn = htmlspecialchars(stripslashes($msn));
$yim = htmlspecialchars(stripslashes($yim));
$website = stripslashes($website);
$location = stripslashes($location);
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$signature = stripslashes($signature);
$website = htmlspecialchars(stripslashes($website));
$location = htmlspecialchars(stripslashes($location));
$occupation = htmlspecialchars(stripslashes($occupation));
$interests = htmlspecialchars(stripslashes($interests));
$signature = htmlspecialchars(stripslashes($signature));
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
if ( !isset($HTTP_POST_VARS['cancelavatar']))
{
@ -459,7 +464,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'USERNAME' => $username,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
@ -651,7 +656,7 @@ if ( $error )
$signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $signature) : $signature;
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
}
else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
@ -690,7 +695,7 @@ else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) &&
$user_style = $userdata['user_style'];
$user_lang = $userdata['user_lang'];
$user_timezone = $userdata['user_timezone'];
$user_dateformat = $userdata['user_dateformat'];
$user_dateformat = htmlspecialchars($userdata['user_dateformat']);
}
//
@ -721,7 +726,7 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
$allowviewonline = !$allowviewonline;
display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popuppm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat);
display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popuppm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
}
else
{
@ -754,7 +759,7 @@ else
}
}
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
$s_hidden_fields = '<input type="hidden" name="session_id" value="' . $userdata['session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
if( $mode == 'editprofile' )
{
$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';

2
phpBB/includes/usercp_sendpasswd.php
View file

@ -76,7 +76,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
'SITENAME' => $board_config['sitename'],
'USERNAME' => $username,
'PASSWORD' => $user_password,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);

1
phpBB/language/lang_dutch/lang_main.php
View file

@ -574,6 +574,7 @@ $lang['password_confirm_if_changed'] = 'Je hoeft alleen je wachtwoord te bevesti
$lang['Avatar'] = 'Avatar';
$lang['Avatar_explain'] = 'Laat een kleine afbeelding onder je naam zien in ieder bericht. Je kan maar één afbeelding tegelijkertijd gebruiken, de breedte mag niet meer dan %d pixels zijn, de hoogte moet onder de %d pixels blijven. De maximale bestandsgrootte is %dKB';
$lang['Upload_Avatar_file'] = 'Upload Avatar vanaf jouw machine';
$lang['Upload_Avatar_URL'] = 'Upload Avatar vanaf een Internet lokatie (URL)';
$lang['Upload_Avatar_URL_explain'] = 'Geef de URL waar je Avatar staat, de afbeelding wordt gekopieerd naar deze site.';
$lang['Pick_local_Avatar'] = 'Selecteer een Avatar uit de gallery';

2
phpBB/memberlist.php
View file

@ -110,7 +110,7 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
switch( $mode )
{
case 'joindate':
case 'joined':
$order_by = "user_regdate ASC LIMIT $start, " . $board_config['topics_per_page'];
break;
case 'username':

23
phpBB/posting.php
View file

@ -121,6 +121,26 @@ if ( isset($HTTP_POST_VARS['cancel']) )
exit;
}
//
// Compare sid ... if sids don't match
// output message ... note that AOL'ers may
// obtain this error until the session code
// is modified to change the 6 to 4 in the IP
// comparison checks ... or if a user takes
// longer than session time to submit the form
// both can be easily altered by the admin
//
if ( $submit || $refresh )
{
if (!isset($HTTP_POST_VARS['session_id']) || $HTTP_POST_VARS['session_id'] != $userdata['session_id'])
{
// I've not added this to the language set at this time ... re-releasing
// every single language to include this for the once in a blue moon
// time it will be output is just not worthwhile at present.
message_die(GENERAL_MESSAGE, 'Invalid_session');
}
}
//
// What auth type do we need to check?
//
@ -545,6 +565,7 @@ else if ( $submit || $confirm )
$topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;
submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length);
if ( $error_msg == '' )
{
user_notification($mode, $post_data, $forum_id, $topic_id, $post_id, $notify_user);
@ -908,7 +929,7 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
}
}
$hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
$hidden_form_fields = '<input type="hidden" name="session_id" value="' . $userdata['session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" />';
switch( $mode )
{

2
phpBB/privmsg.php
View file

@ -1151,7 +1151,7 @@ else if ( $submit || $refresh || $mode != '' )
$emailer->assign_vars(array(
'USERNAME' => $to_username,
'SITENAME' => $board_config['sitename'],
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox')
);

BIN
phpBB/templates/subSilver/images/lang_italian/icon_quote.gif
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 693 B

After

Width:  |  Height:  |  Size: 666 B

2
phpBB/templates/subSilver/profile_send_email.tpl
View file

@ -57,7 +57,7 @@ function checkForm(formObj) {
</table></td>
</tr>
<tr>
<td class="catBottom" colspan="2" align="center" height="28"><input type="submit" tabindex="6" name="submit" class="mainoption" value="{L_SEND_EMAIL}" /></td>
<td class="catBottom" colspan="2" align="center" height="28">{S_HIDDEN_FIELDS}<input type="submit" tabindex="6" name="submit" class="mainoption" value="{L_SEND_EMAIL}" /></td>
</tr>
</table>

23
phpBB/update_to_203.php
View file

@ -441,7 +441,30 @@ switch ( $row['config_value'] )
END OF DROP GROUP -- don't remove anything after this point!
-------------------------------------------------------------- */
break;
}
case '.0.3':
// Need to add index to post_id in search_wordmatch (mysql, postgresql, msaccess ... both indexes)
// Add auto_increment equiv to groups table (Doug overlooked it ...) for pgsql and msaccess
//mysql
//pgsql
"CREATE SEQUENCE phpbb_groups_id_seq start 3 increment 1 maxvalue 2147483647 minvalue 1 cache 1";
CREATE TABLE temp AS SELECT did, city FROM distributors;
DROP TABLE distributors;
CREATE TABLE distributors (
did DECIMAL(3) DEFAULT 1,
name VARCHAR(40) NOT NULL,
);
INSERT INTO distributors SELECT * FROM temp;
DROP TABLE temp;
CREATE INDEX post_id_phpbb_search_wordmatch ON phpbb_search_wordmatch (post_id);
//msaccess
}
echo "<h2>Updating database schema</h2>\n";

2
phpBB/upgrade.php
View file

@ -1900,7 +1900,7 @@ if ( !empty($next) )
{
do
{
add_search_words($row['post_id'], $row['post_text'], $row['post_subject']);
add_search_words('global', $row['post_id'], $row['post_text'], $row['post_subject']);
$inc++;
if ( $inc == $per_pct )

49
phpBB/viewtopic.php
View file

@ -117,7 +117,7 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
if ( $row = $db->sql_fetchrow($result) )
{
$topic_id = $row['topic_id'];
$topic_id = intval($row['topic_id']);
}
else
{
@ -153,7 +153,7 @@ if ( !($forum_topic_data = $db->sql_fetchrow($result)) )
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
$forum_id = $forum_topic_data['forum_id'];
$forum_id = intval($forum_topic_data['forum_id']);
//
// Start session management
@ -191,12 +191,12 @@ if( !$is_auth['auth_view'] || !$is_auth['auth_read'] )
$forum_name = $forum_topic_data['forum_name'];
$topic_title = $forum_topic_data['topic_title'];
$topic_id = $forum_topic_data['topic_id'];
$topic_id = intval($forum_topic_data['topic_id']);
$topic_time = $forum_topic_data['topic_time'];
if ( !empty($post_id) )
{
$start = floor(($forum_topic_data['prev_posts'] - 1) / $board_config['posts_per_page']) * $board_config['posts_per_page'];
$start = floor(($forum_topic_data['prev_posts'] - 1) / intval($board_config['posts_per_page'])) * intval($board_config['posts_per_page']);
}
//
@ -317,7 +317,7 @@ $previous_days_text = array($lang['All_Posts'], $lang['1_Day'], $lang['7_Days'],
if( !empty($HTTP_POST_VARS['postdays']) || !empty($HTTP_GET_VARS['postdays']) )
{
$post_days = ( !empty($HTTP_POST_VARS['postdays']) ) ? $HTTP_POST_VARS['postdays'] : $HTTP_GET_VARS['postdays'];
$min_post_time = time() - ($post_days * 86400);
$min_post_time = time() - (intval($post_days) * 86400);
$sql = "SELECT COUNT(p.post_id) AS num_posts
FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p
@ -329,7 +329,7 @@ if( !empty($HTTP_POST_VARS['postdays']) || !empty($HTTP_GET_VARS['postdays']) )
message_die(GENERAL_ERROR, "Could not obtain limited topics count information", '', __LINE__, __FILE__, $sql);
}
$total_replies = ( $row = $db->sql_fetchrow($result) ) ? $row['num_posts'] : 0;
$total_replies = ( $row = $db->sql_fetchrow($result) ) ? intval($row['num_posts']) : 0;
$limit_posts_time = "AND p.post_time >= $min_post_time ";
@ -340,7 +340,7 @@ if( !empty($HTTP_POST_VARS['postdays']) || !empty($HTTP_GET_VARS['postdays']) )
}
else
{
$total_replies = $forum_topic_data['topic_replies'] + 1;
$total_replies = intval($forum_topic_data['topic_replies']) + 1;
$limit_posts_time = '';
$post_days = 0;
@ -409,7 +409,38 @@ if ( $row = $db->sql_fetchrow($result) )
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_posts_topic']);
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
sync('topic', $topic_id);
message_die(GENERAL_MESSAGE, $lang['No_posts_topic']);
}
$resync = FALSE;
if ($forum_topic_data['topic_replies'] + 1 < $start + count($postrows))
{
$resync = TRUE;
}
elseif ($start + $board_config['posts_per_page'] > $forum_topic_data['topic_replies'])
{
$row_id = intval($forum_topic_data['topic_replies']) % intval($board_config['posts_per_page']);
if ($postrows[$row_id]['post_id'] != $forum_topic_data['topic_last_post_id'] || $start + count($postrows) < $forum_topic_data['topic_replies'])
{
$resync = TRUE;
}
}
elseif (count($postrows) < $board_config['posts_per_page'])
{
$resync = TRUE;
}
if ($resync)
{
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
sync('topic', $topic_id);
$result = $db->sql_query('SELECT COUNT(post_id) AS total FROM ' . POSTS_TABLE . ' WHERE topic_id = ' . $topic_id);
$row = $db->sql_fetchrow($result);
$total_replies = $row['total'];
}
$sql = "SELECT *
@ -597,7 +628,7 @@ $template->assign_vars(array(
'TOPIC_ID' => $topic_id,
'TOPIC_TITLE' => $topic_title,
'PAGINATION' => $pagination,
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['posts_per_page'] ) + 1 ), ceil( $total_replies / $board_config['posts_per_page'] )),
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / intval($board_config['posts_per_page']) ) + 1 ), ceil( $total_replies / intval($board_config['posts_per_page']) )),
'POST_IMG' => $post_img,
'REPLY_IMG' => $reply_img,