makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch '3.1.x'

Browse source 
* 3.1.x:
  [ticket/10572] Unguarded includes in acp files
This commit is contained in:
Tristan Darricau 2015-10-14 10:14:15 +02:00
commit e0fb680dbb
15 changed files with 124 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
phpBB/includes/acp/acp_attachments.php
View file

@ -114,7 +114,10 @@ class acp_attachments
{ {
case 'attach': case 'attach':
include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); if (!function_exists('get_supported_image_types'))
{
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
}
$sql = 'SELECT group_name, cat_id $sql = 'SELECT group_name, cat_id
FROM ' . EXTENSION_GROUPS_TABLE . ' FROM ' . EXTENSION_GROUPS_TABLE . '

3
phpBB/includes/acp/acp_ban.php
View file

@ -28,7 +28,10 @@ class acp_ban
global $user, $template, $request, $phpbb_dispatcher; global $user, $template, $request, $phpbb_dispatcher;
global $phpbb_root_path, $phpEx; global $phpbb_root_path, $phpEx;
if (!function_exists('user_ban'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$bansubmit = $request->is_set_post('bansubmit'); $bansubmit = $request->is_set_post('bansubmit');
$unbansubmit = $request->is_set_post('unbansubmit'); $unbansubmit = $request->is_set_post('unbansubmit');

6
phpBB/includes/acp/acp_bots.php
View file

@ -141,7 +141,11 @@ class acp_bots
case 'edit': case 'edit':
case 'add': case 'add':
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_update_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$bot_row = array( $bot_row = array(
'bot_name' => $request->variable('bot_name', '', true), 'bot_name' => $request->variable('bot_name', '', true),

4
phpBB/includes/acp/acp_disallow.php
View file

@ -26,9 +26,7 @@ class acp_disallow
function main($id, $mode) function main($id, $mode)
{ {
global $db, $user, $auth, $template, $cache, $phpbb_log, $request; global $db, $user, $auth, $template, $cache, $phpbb_log, $request;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; global $config, $phpbb_admin_path;
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
$user->add_lang('acp/posting'); $user->add_lang('acp/posting');

11
phpBB/includes/acp/acp_email.php
View file

@ -189,8 +189,15 @@ class acp_email
$db->sql_freeresult($result); $db->sql_freeresult($result);
// Send the messages // Send the messages
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); if (!class_exists('messenger'))
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); {
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
if (!function_exists('get_group_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$messenger = new messenger($use_queue); $messenger = new messenger($use_queue);
$errored = false; $errored = false;

6
phpBB/includes/acp/acp_groups.php
View file

@ -42,7 +42,10 @@ class acp_groups
return; return;
} }
if (!function_exists('group_user_attributes'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
// Check and set some common vars // Check and set some common vars
$action = (isset($_POST['add'])) ? 'add' : ((isset($_POST['addusers'])) ? 'addusers' : $request->variable('action', '')); $action = (isset($_POST['add'])) ? 'add' : ((isset($_POST['addusers'])) ? 'addusers' : $request->variable('action', ''));
@ -298,7 +301,10 @@ class acp_groups
case 'edit': case 'edit':
case 'add': case 'add':
if (!function_exists('display_forums'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx); include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
$data = $submit_ary = array(); $data = $submit_ary = array();

13
phpBB/includes/acp/acp_inactive.php
View file

@ -34,7 +34,10 @@ class acp_inactive
global $config, $db, $user, $auth, $template, $phpbb_container, $phpbb_log, $request; global $config, $db, $user, $auth, $template, $phpbb_container, $phpbb_log, $request;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
if (!function_exists('user_active_flip'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang('memberlist'); $user->add_lang('memberlist');
@ -111,7 +114,10 @@ class acp_inactive
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !empty($inactive_users)) if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !empty($inactive_users))
{ {
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$messenger = new messenger(false); $messenger = new messenger(false);
@ -200,7 +206,10 @@ class acp_inactive
if ($row = $db->sql_fetchrow($result)) if ($row = $db->sql_fetchrow($result))
{ {
// Send the messages // Send the messages
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$messenger = new messenger(); $messenger = new messenger();
$usernames = $user_ids = array(); $usernames = $user_ids = array();

5
phpBB/includes/acp/acp_jabber.php
View file

@ -34,7 +34,10 @@ class acp_jabber
$user->add_lang('acp/board'); $user->add_lang('acp/board');
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx); if (!class_exists('jabber'))
{
include($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
}
$action = $request->variable('action', ''); $action = $request->variable('action', '');
$submit = (isset($_POST['submit'])) ? true : false; $submit = (isset($_POST['submit'])) ? true : false;

5
phpBB/includes/acp/acp_language.php
View file

@ -34,7 +34,10 @@ class acp_language
global $config, $db, $user, $template, $phpbb_log, $phpbb_container; global $config, $db, $user, $template, $phpbb_log, $phpbb_container;
global $phpbb_root_path, $phpEx, $request; global $phpbb_root_path, $phpEx, $request;
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); if (!function_exists('validate_language_iso_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
// Check and set some common vars // Check and set some common vars
$action = (isset($_POST['update_details'])) ? 'update_details' : ''; $action = (isset($_POST['update_details'])) ? 'update_details' : '';

11
phpBB/includes/acp/acp_permission_roles.php
View file

@ -30,8 +30,15 @@ class acp_permission_roles
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request, $phpbb_log; global $request, $phpbb_log;
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); if (!function_exists('user_get_id_name'))
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); {
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
if (!class_exists('auth_admin'))
{
include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
}
$this->auth_admin = new auth_admin(); $this->auth_admin = new auth_admin();

11
phpBB/includes/acp/acp_permissions.php
View file

@ -34,8 +34,15 @@ class acp_permissions
global $db, $user, $auth, $template, $cache, $phpbb_container, $request; global $db, $user, $auth, $template, $cache, $phpbb_container, $request;
global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); if (!function_exists('user_get_id_name'))
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); {
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
if (!class_exists('auth_admin'))
{
include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
}
$this->permissions = $phpbb_container->get('acl.permissions'); $this->permissions = $phpbb_container->get('acl.permissions');

7
phpBB/includes/acp/acp_profile.php
View file

@ -37,8 +37,15 @@ class acp_profile
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
global $request, $phpbb_container, $phpbb_log, $phpbb_dispatcher; global $request, $phpbb_container, $phpbb_log, $phpbb_dispatcher;
if (!function_exists('generate_smilies'))
{
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
}
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang(array('ucp', 'acp/profile')); $user->add_lang(array('ucp', 'acp/profile'));
$this->tpl_name = 'acp_profile'; $this->tpl_name = 'acp_profile';

6
phpBB/includes/acp/acp_prune.php
View file

@ -28,7 +28,11 @@ class acp_prune
global $user, $phpEx, $phpbb_admin_path, $phpbb_root_path; global $user, $phpEx, $phpbb_admin_path, $phpbb_root_path;
$user->add_lang('acp/prune'); $user->add_lang('acp/prune');
include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
if (!function_exists('user_active_flip'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
switch ($mode) switch ($mode)
{ {

3
phpBB/includes/acp/acp_send_statistics.php
View file

@ -27,7 +27,10 @@ class acp_send_statistics
{ {
global $config, $template, $phpbb_admin_path, $phpbb_root_path, $phpEx; global $config, $template, $phpbb_admin_path, $phpbb_root_path, $phpEx;
if (!class_exists('phpbb_questionnaire_data_collector'))
{
include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx); include($phpbb_root_path . 'includes/questionnaire/questionnaire.' . $phpEx);
}
$collect_url = "https://www.phpbb.com/stats/receive_stats.php"; $collect_url = "https://www.phpbb.com/stats/receive_stats.php";

38
phpBB/includes/acp/acp_users.php
View file

@ -56,8 +56,11 @@ class acp_users
// Whois (special case) // Whois (special case)
if ($action == 'whois') if ($action == 'whois')
{
if (!function_exists('user_get_id_name'))
{ {
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$this->page_title = 'WHOIS'; $this->page_title = 'WHOIS';
$this->tpl_name = 'simple_body'; $this->tpl_name = 'simple_body';
@ -170,7 +173,10 @@ class acp_users
{ {
case 'overview': case 'overview':
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang('acp/ban'); $user->add_lang('acp/ban');
@ -354,7 +360,10 @@ class acp_users
if ($config['email_enable']) if ($config['email_enable'])
{ {
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$server_url = generate_board_url(); $server_url = generate_board_url();
@ -440,7 +449,10 @@ class acp_users
$phpbb_notifications = $phpbb_container->get('notification_manager'); $phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']); $phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); if (!class_exists('messenger'))
{
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
}
$messenger = new messenger(false); $messenger = new messenger(false);
@ -1400,7 +1412,10 @@ class acp_users
case 'profile': case 'profile':
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
/* @var $cp \phpbb\profilefields\manager */ /* @var $cp \phpbb\profilefields\manager */
$cp = $phpbb_container->get('profilefields.manager'); $cp = $phpbb_container->get('profilefields.manager');
@ -1560,7 +1575,10 @@ class acp_users
case 'prefs': case 'prefs':
if (!function_exists('user_get_id_name'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$data = array( $data = array(
'dateformat' => $request->variable('dateformat', $user_row['user_dateformat'], true), 'dateformat' => $request->variable('dateformat', $user_row['user_dateformat'], true),
@ -1830,8 +1848,6 @@ class acp_users
case 'avatar': case 'avatar':
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
$avatars_enabled = false; $avatars_enabled = false;
if ($config['allow_avatar']) if ($config['allow_avatar'])
@ -1987,12 +2003,16 @@ class acp_users
case 'sig': case 'sig':
include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx); if (!function_exists('display_custom_bbcodes'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
$enable_bbcode = ($config['allow_sig_bbcode']) ? $this->optionget($user_row, 'sig_bbcode') : false; $enable_bbcode = ($config['allow_sig_bbcode']) ? $this->optionget($user_row, 'sig_bbcode') : false;
$enable_smilies = ($config['allow_sig_smilies']) ? $this->optionget($user_row, 'sig_smilies') : false; $enable_smilies = ($config['allow_sig_smilies']) ? $this->optionget($user_row, 'sig_smilies') : false;
$enable_urls = ($config['allow_sig_links']) ? $this->optionget($user_row, 'sig_links') : false; $enable_urls = ($config['allow_sig_links']) ? $this->optionget($user_row, 'sig_links') : false;
$decoded_message = generate_text_for_edit($user_row['user_sig'], $user_row['user_sig_bbcode_uid'], $user_row['user_sig_bbcode_bitfield']); $decoded_message = generate_text_for_edit($user_row['user_sig'], $user_row['user_sig_bbcode_uid'], $user_row['user_sig_bbcode_bitfield']);
$signature = $request->variable('signature', $decoded_message['text'], true); $signature = $request->variable('signature', $decoded_message['text'], true);
$signature_preview = ''; $signature_preview = '';
@ -2255,7 +2275,10 @@ class acp_users
case 'groups': case 'groups':
if (!function_exists('group_user_attributes'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx); include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
$user->add_lang(array('groups', 'acp/groups')); $user->add_lang(array('groups', 'acp/groups'));
$group_id = $request->variable('g', 0); $group_id = $request->variable('g', 0);
@ -2474,7 +2497,10 @@ class acp_users
case 'perm': case 'perm':
include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); if (!class_exists('auth_admin'))
{
include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
}
$auth_admin = new auth_admin(); $auth_admin = new auth_admin();