makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-11 05:48:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

- and my second attempt

Browse source 
git-svn-id: file:///svn/phpbb/trunk@5109 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2005-03-21 23:10:11 +00:00
parent a4e51c9699
commit e4fe2d853d
24 changed files with 253 additions and 428 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
phpBB/includes/db/firebird.php
View file

@ -32,11 +32,10 @@ class sql_db
{
$this->persistency = $persistency;
$this->user = $sqluser;
$this->password = $sqlpassword;
$this->server = $sqlserver . (($port) ? ':' . $port : '');
$this->dbname = $database;
$this->db_connect_id = ($this->persistency) ? @ibase_pconnect($this->server . ':' . $this->dbname, $this->user, $this->password, false, false, 3) : @ibase_connect($this->server . ':' . $this->dbname, $this->user, $this->password, false, false, 3);
$this->db_connect_id = ($this->persistency) ? @ibase_pconnect($this->server . ':' . $this->dbname, $this->user, $sqlpassword, false, false, 3) : @ibase_connect($this->server . ':' . $this->dbname, $this->user, $sqlpassword, false, false, 3);
return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
}

3
phpBB/includes/db/mssql-odbc.php
View file

@ -36,11 +36,10 @@ class sql_db
{
$this->persistency = $persistency;
$this->user = $sqluser;
$this->password = $sqlpassword;
$this->server = $sqlserver . (($port) ? ':' . $port : '');
$this->dbname = $database;
$this->db_connect_id = ($this->persistency) ? @odbc_pconnect($this->server, $this->user, $this->password) : @odbc_connect($this->server, $this->user, $this->password);
$this->db_connect_id = ($this->persistency) ? @odbc_pconnect($this->server, $this->user, $sqlpassword) : @odbc_connect($this->server, $this->user, $sqlpassword);
return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
}

89
phpBB/includes/db/mssql.php
View file

@ -19,7 +19,7 @@
*
***************************************************************************/
if(!defined("SQL_LAYER"))
if (!defined("SQL_LAYER"))
{
define("SQL_LAYER","mssql");
@ -44,15 +44,14 @@ class sql_db
{
$this->persistency = $persistency;
$this->user = $sqluser;
$this->password = $sqlpassword;
$this->server = $sqlserver;
$this->dbname = $database;
$this->db_connect_id = ($this->persistency) ? @mssql_pconnect($this->server, $this->user, $this->password) : @mssql_connect($this->server, $this->user, $this->password);
$this->db_connect_id = ($this->persistency) ? @mssql_pconnect($this->server, $this->user, $sqlpassword) : @mssql_connect($this->server, $this->user, $sqlpassword);
if($this->db_connect_id && $this->dbname != '')
if ($this->db_connect_id && $this->dbname != '')
{
if(!@mssql_select_db($this->dbname, $this->db_connect_id))
if (!@mssql_select_db($this->dbname, $this->db_connect_id))
{
@mssql_close($this->db_connect_id);
return false;
@ -77,12 +76,12 @@ class sql_db
//
function sql_close()
{
if($this->db_connect_id)
if ($this->db_connect_id)
{
//
// Commit any remaining transactions
//
if($this->in_transaction)
if ($this->in_transaction)
{
@mssql_query("COMMIT", $this->db_connect_id);
}
@ -132,11 +131,11 @@ class sql_db
// returns something then there's a problem. This may well be a false assumption though
// ... needs checking under Windows itself.
//
if(preg_match("/^SELECT(.*?)(LIMIT ([0-9]+)[, ]*([0-9]+)*)?$/s", $query, $limits))
if (preg_match("/^SELECT(.*?)(LIMIT ([0-9]+)[, ]*([0-9]+)*)?$/s", $query, $limits))
{
$query = $limits[1];
if(!empty($limits[2]))
if (!empty($limits[2]))
{
$row_offset = ($limits[4]) ? $limits[3] : "";
$num_rows = ($limits[4]) ? $limits[4] : $limits[3];
@ -146,26 +145,26 @@ class sql_db
$this->result = mssql_query("SELECT $query", $this->db_connect_id);
if($this->result)
if ($this->result)
{
$this->limit_offset[$this->result] = (!empty($row_offset)) ? $row_offset : 0;
if($row_offset > 0)
if ($row_offset > 0)
{
mssql_data_seek($this->result, $row_offset);
}
}
}
else if(eregi("^INSERT ", $query))
else if (eregi("^INSERT ", $query))
{
if(mssql_query($query, $this->db_connect_id))
if (mssql_query($query, $this->db_connect_id))
{
$this->result = time() + microtime();
$result_id = mssql_query("SELECT @@IDENTITY AS id, @@ROWCOUNT as affected", $this->db_connect_id);
if($result_id)
if ($result_id)
{
if($row = mssql_fetch_array($result_id))
if ($row = mssql_fetch_array($result_id))
{
$this->next_id[$this->db_connect_id] = $row['id'];
$this->affected_rows[$this->db_connect_id] = $row['affected'];
@ -175,14 +174,14 @@ class sql_db
}
else
{
if(mssql_query($query, $this->db_connect_id))
if (mssql_query($query, $this->db_connect_id))
{
$this->result = time() + microtime();
$result_id = mssql_query("SELECT @@ROWCOUNT as affected", $this->db_connect_id);
if($result_id)
if ($result_id)
{
if($row = mssql_fetch_array($result_id))
if ($row = mssql_fetch_array($result_id))
{
$this->affected_rows[$this->db_connect_id] = $row['affected'];
}
@ -190,9 +189,9 @@ class sql_db
}
}
if(!$this->result)
if (!$this->result)
{
if($this->in_transaction)
if ($this->in_transaction)
{
mssql_query("ROLLBACK", $this->db_connect_id);
$this->in_transaction = FALSE;
@ -201,11 +200,11 @@ class sql_db
return false;
}
if($transaction == END_TRANSACTION && $this->in_transaction)
if ($transaction == END_TRANSACTION && $this->in_transaction)
{
$this->in_transaction = FALSE;
if(!@mssql_query("COMMIT", $this->db_connect_id))
if (!@mssql_query("COMMIT", $this->db_connect_id))
{
@mssql_query("ROLLBACK", $this->db_connect_id);
return false;
@ -216,11 +215,11 @@ class sql_db
}
else
{
if($transaction == END_TRANSACTION && $this->in_transaction )
if ($transaction == END_TRANSACTION && $this->in_transaction)
{
$this->in_transaction = FALSE;
if(!@mssql_query("COMMIT", $this->db_connect_id))
if (!@mssql_query("COMMIT", $this->db_connect_id))
{
@mssql_query("ROLLBACK", $this->db_connect_id);
return false;
@ -236,12 +235,12 @@ class sql_db
//
function sql_numrows($query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
if($query_id)
if ($query_id)
{
return (!empty($this->limit_offset[$query_id])) ? mssql_num_rows($query_id) - $this->limit_offset[$query_id] : @mssql_num_rows($query_id);
}
@ -253,7 +252,7 @@ class sql_db
function sql_numfields($query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
@ -263,7 +262,7 @@ class sql_db
function sql_fieldname($offset, $query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
@ -273,7 +272,7 @@ class sql_db
function sql_fieldtype($offset, $query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
@ -283,18 +282,18 @@ class sql_db
function sql_fetchrow($query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
if($query_id)
if ($query_id)
{
empty($row);
$row = mssql_fetch_array($query_id);
while(list($key, $value) = @each($row))
foreach ($row as $key => $value)
{
$row[$key] = stripslashes($value);
}
@ -309,19 +308,19 @@ class sql_db
function sql_fetchrowset($query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
if($query_id)
if ($query_id)
{
$i = 0;
empty($rowset);
$rowset = array();
while($row = mssql_fetch_array($query_id))
while ($row = mssql_fetch_array($query_id))
{
while(list($key, $value) = @each($row))
foreach ($row as $key => $value)
{
$rowset[$i][$key] = stripslashes($value);
}
@ -338,16 +337,16 @@ class sql_db
function sql_fetchfield($field, $row = -1, $query_id)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
if($query_id)
if ($query_id)
{
if($row != -1)
if ($row != -1)
{
if($this->limit_offset[$query_id] > 0)
if ($this->limit_offset[$query_id] > 0)
{
$result = (!empty($this->limit_offset[$query_id])) ? mssql_result($this->result, ($this->limit_offset[$query_id] + $row), $field) : false;
}
@ -358,7 +357,7 @@ class sql_db
}
else
{
if(empty($this->row[$query_id]))
if (empty($this->row[$query_id]))
{
$this->row[$query_id] = mssql_fetch_array($query_id);
$result = stripslashes($this->row[$query_id][$field]);
@ -375,12 +374,12 @@ class sql_db
function sql_rowseek($rownum, $query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}
if($query_id)
if ($query_id)
{
return (!empty($this->limit_offset[$query_id])) ? mssql_data_seek($query_id, ($this->limit_offset[$query_id] + $rownum)) : mssql_data_seek($query_id, $rownum);
}
@ -402,7 +401,7 @@ class sql_db
function sql_freeresult($query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->result;
}

3
phpBB/includes/db/mysql.php
View file

@ -30,11 +30,10 @@ class sql_db
{
$this->persistency = $persistency;
$this->user = $sqluser;
$this->password = $sqlpassword;
$this->server = $sqlserver . (($port) ? ':' . $port : '');
$this->dbname = $database;
$this->db_connect_id = ($this->persistency) ? @mysql_pconnect($this->server, $this->user, $this->password) : @mysql_connect($this->server, $this->user, $this->password);
$this->db_connect_id = ($this->persistency) ? @mysql_pconnect($this->server, $this->user, $sqlpassword) : @mysql_connect($this->server, $this->user, $sqlpassword);
if ($this->db_connect_id && $this->dbname != '')
{

3
phpBB/includes/db/mysql4.php
View file

@ -32,11 +32,10 @@ class sql_db
{
$this->persistency = $persistency;
$this->user = $sqluser;
$this->password = $sqlpassword;
$this->server = $sqlserver . (($port) ? ':' . $port : '');
$this->dbname = $database;
$this->db_connect_id = ($this->persistency) ? @mysqli_pconnect($this->server, $this->user, $this->password) : @mysqli_connect($this->server, $this->user, $this->password);
$this->db_connect_id = ($this->persistency) ? @mysqli_pconnect($this->server, $this->user, $sqlpassword) : @mysqli_connect($this->server, $this->user, $sqlpassword);
if ($this->db_connect_id && $this->dbname != '')
{

2
phpBB/includes/db/postgres.php
View file

@ -268,7 +268,7 @@ class sql_db
unset($this->row[$query_id]);
$this->rownum[$query_id] = 0;
while($this->rowset = @pg_fetch_array($query_id, $this->rownum[$query_id], PGSQL_ASSOC))
while ($this->rowset = @pg_fetch_array($query_id, $this->rownum[$query_id], PGSQL_ASSOC))
{
$result[] = $this->rowset;
$this->rownum[$query_id]++;

12
phpBB/includes/db/sqlite.php
View file

@ -39,7 +39,6 @@ class sql_db
{
$this->persistency = $persistency;
$this->user = $sqluser;
$this->password = $sqlpassword;
$this->server = $sqlserver . (($port) ? ':' . $port : '');
$this->dbname = $database;
@ -301,15 +300,16 @@ class sql_db
function sql_fetchrowset($query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->query_result;
}
if($query_id)
if ($query_id)
{
unset($this->rowset[$query_id]);
unset($this->row[$query_id]);
while($this->rowset[$query_id] = @sqlite_fetch_array($query_id, @sqlite_ASSOC))
while ($this->rowset[$query_id] = @sqlite_fetch_array($query_id, @sqlite_ASSOC))
{
$result[] = $this->rowset[$query_id];
}
@ -323,12 +323,12 @@ class sql_db
function sql_fetchfield($field, $rownum = -1, $query_id = 0)
{
if(!$query_id)
if (!$query_id)
{
$query_id = $this->query_result;
}
if($query_id)
if ($query_id)
{
return ($rownum > -1) ? ((@sqlite_seek($query_id, $rownum)) ? @sqlite_column($query_id, $field) : false) : @sqlite_column($query_id, $field);
}

60
phpBB/includes/functions.php
View file

@ -12,7 +12,7 @@
// -------------------------------------------------------------
function set_var(&$result, $var, $type)
function set_var(&$result, $var, $type, $multibyte = false)
{
settype($var, $type);
$result = $var;
@ -20,12 +20,16 @@ function set_var(&$result, $var, $type)
if ($type == 'string')
{
$result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", '\xFF'), array("\n", "\n", ' '), $result)));
$result = preg_replace("#\n{3,}#", "\n\n", $result);
// $result = preg_replace("#\n{3,}#", "\n\n", $result);
$result = (STRIP) ? stripslashes($result) : $result;
if ($multibyte)
{
$result = preg_replace('#&(\#[0-9]+;)#', '&\1', $result);
}
}
}
function request_var($var_name, $default)
function request_var($var_name, $default, $multibyte = false)
{
if (!isset($_REQUEST[$var_name]))
{
@ -44,18 +48,18 @@ function request_var($var_name, $default)
{
foreach ($v as $_k => $_v)
{
set_var($var[$k][$_k], $_v, $type);
set_var($var[$k][$_k], $_v, $type, $multibyte);
}
}
else
{
set_var($var[$k], $v, $type);
set_var($var[$k], $v, $type, $multibyte);
}
}
}
else
{
set_var($var, $var, $type);
set_var($var, $var, $type, $multibyte);
}
return $var;
@ -136,7 +140,7 @@ function generate_forum_rules(&$forum_data)
$bbcode->bbcode_second_pass($forum_data['forum_rules'], $forum_data['forum_rules_bbcode_uid']);
$forum_data['forum_rules'] = smilie_text($forum_data['forum_rules'], !($forum_data['forum_rules_flags'] & 2));
$forum_data['forum_rules'] = smiley_text($forum_data['forum_rules'], !($forum_data['forum_rules_flags'] & 2));
$forum_data['forum_rules'] = str_replace("\n", '<br />', censor_text($forum_data['forum_rules']));
unset($bbcode);
}
@ -942,7 +946,7 @@ function obtain_ranks(&$ranks)
}
// Obtain allowed extensions
function obtain_attach_extensions(&$extensions)
function obtain_attach_extensions(&$extensions, $forum_id = false)
{
global $db, $cache;
@ -984,6 +988,40 @@ function obtain_attach_extensions(&$extensions)
$cache->put('extensions', $extensions);
}
if ($forum_id !== false)
{
$return = array();
foreach ($extensions['_allowed_'] as $extension => $check)
{
$allowed = false;
if (is_array($check))
{
// Check for private messaging
if (sizeof($check) == 1 && $check[0] == 0)
{
$allowed = true;
continue;
}
$allowed = (!in_array($forum_id, $check)) ? false : true;
}
else
{
$allowed = ($forum_id == 0) ? false : true;
}
if ($allowed)
{
$return['_allowed_'][$extension] = 0;
$return[$extension] = $extensions[$extension];
}
}
$extensions = $return;
}
return;
}
@ -1313,12 +1351,12 @@ function censor_text($text)
return $text;
}
// Smilie processing
function smilie_text($text, $force_option = false)
// Smiley processing
function smiley_text($text, $force_option = false)
{
global $config, $user, $phpbb_root_path;
return ($force_option || !$config['allow_smilies'] || !$user->optionget('viewsmilies')) ? preg_replace('#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#', '\1', $text) : str_replace('<img src="{SMILE_PATH}', '<img src="' . $phpbb_root_path . $config['smilies_path'], $text);
return ($force_option || !$config['allow_smilies'] || !$user->optionget('viewsmilies')) ? preg_replace('#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#', '\1', $text) : str_replace('<img src="{SMILIES_PATH}', '<img src="' . $phpbb_root_path . $config['smilies_path'], $text);
}
// Inline Attachment processing

12
phpBB/includes/functions_admin.php
View file

@ -677,16 +677,8 @@ function phpbb_unlink($filename, $mode = 'file')
{
global $config, $user, $phpbb_root_path;
$filename = ($mode == 'thumbnail') ? $phpbb_root_path . $config['upload_dir'] . '/thumb_' . basename($filename) : $phpbb_root_path . $config['upload_dir'] . '/' . basename($filename);
$deleted = @unlink($filename);
if (file_exists($filename))
{
$filesys = str_replace('/','\\', $filename);
$deleted = @system("del $filesys");
}
return $deleted;
$filename = ($mode == 'thumbnail') ? $phpbb_root_path . $config['upload_path'] . '/thumb_' . basename($filename) : $phpbb_root_path . $config['upload_path'] . '/' . basename($filename);
return @unlink($filename);
}
// All-encompasing sync function

13
phpBB/includes/functions_display.php
View file

@ -98,7 +98,9 @@ function display_forums($root_data = '', $display_moderators = TRUE)
$right_id = $row['right_id'];
continue;
}
// Display active topics from this forum?
if ($show_active && $row['forum_type'] == FORUM_POST && $auth->acl_get('f_read', $forum_id) && ($row['forum_flags'] & 16))
{
@ -213,6 +215,8 @@ function display_forums($root_data = '', $display_moderators = TRUE)
$visible_forums++;
$forum_id = $row['forum_id'];
$subforums_list = $l_subforums = '';
// Generate list of subforums if we need to
if (isset($subforums[$forum_id]))
{
@ -254,9 +258,6 @@ function display_forums($root_data = '', $display_moderators = TRUE)
$folder_image = 'forum_link';
break;
}
$subforums_list = '';
$l_subforums = '';
}
// Which folder should we display?
@ -535,8 +536,8 @@ function display_attachments($forum_id, $blockname, &$attachment_data, &$update_
{
// Some basics...
$attachment['extension'] = strtolower(trim($attachment['extension']));
$filename = $phpbb_root_path . $config['upload_dir'] . '/' . basename($attachment['physical_filename']);
$thumbnail_filename = $phpbb_root_path . $config['upload_dir'] . '/thumb_' . basename($attachment['physical_filename']);
$filename = $phpbb_root_path . $config['upload_path'] . '/' . basename($attachment['physical_filename']);
$thumbnail_filename = $phpbb_root_path . $config['upload_path'] . '/thumb_' . basename($attachment['physical_filename']);
$upload_image = '';

1
phpBB/includes/functions_messenger.php
View file

@ -830,6 +830,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $encoding, $headers
// SMTP Class
// Auth Mechanisms originally taken from the AUTH Modules found within the PHP Extension and Application Repository (PEAR)
// See docs/AUTHORS for more details
class smtp_class
{
var $server_response = '';

255
phpBB/includes/functions_posting.php
View file

@ -35,7 +35,7 @@ function generate_smilies($mode, $forum_id)
$user->setup('posting');
}
page_header($user->lang['EMOTICONS']);
page_header($user->lang['SMILIES']);
$template->set_filenames(array(
'body' => 'posting_smilies.html')
@ -45,7 +45,7 @@ function generate_smilies($mode, $forum_id)
$display_link = false;
if ($mode == 'inline')
{
$sql = 'SELECT smile_id
$sql = 'SELECT smiley_id
FROM ' . SMILIES_TABLE . '
WHERE display_on_posting = 0';
$result = $db->sql_query_limit($sql, 1, 0, 3600);
@ -60,18 +60,18 @@ function generate_smilies($mode, $forum_id)
$sql = 'SELECT *
FROM ' . SMILIES_TABLE .
(($mode == 'inline') ? ' WHERE display_on_posting = 1 ' : '') . '
GROUP BY smile_url
ORDER BY smile_order';
GROUP BY smiley_url
ORDER BY smiley_order';
$result = $db->sql_query($sql, 3600);
while ($row = $db->sql_fetchrow($result))
{
$template->assign_block_vars('emoticon', array(
$template->assign_block_vars('smiley', array(
'SMILEY_CODE' => $row['code'],
'SMILEY_IMG' => $phpbb_root_path . $config['smilies_path'] . '/' . $row['smile_url'],
'SMILEY_WIDTH' => $row['smile_width'],
'SMILEY_HEIGHT' => $row['smile_height'],
'SMILEY_DESC' => $row['emoticon'])
'SMILEY_IMG' => $phpbb_root_path . $config['smilies_path'] . '/' . $row['smiley_url'],
'SMILEY_WIDTH' => $row['smiley_width'],
'SMILEY_HEIGHT' => $row['smiley_height'],
'SMILEY_DESC' => $row['smiley'])
);
}
$db->sql_freeresult($result);
@ -79,7 +79,7 @@ function generate_smilies($mode, $forum_id)
if ($mode == 'inline' && $display_link)
{
$template->assign_vars(array(
'S_SHOW_EMOTICON_LINK' => true,
'S_SHOW_SMILEY_LINK' => true,
'U_MORE_SMILIES' => $phpbb_root_path . "posting.$phpEx$SID&amp;mode=smilies&amp;f=$forum_id")
);
}
@ -134,226 +134,120 @@ function update_last_post_information($type, $id)
}
// Upload Attachment - filedata is generated here
function upload_attachment($forum_id, $filename, $local = false, $local_storage = '', $is_message = false)
function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false)
{
global $auth, $user, $config, $db, $phpbb_root_path;
$filedata = array();
$filedata['error'] = array();
$filedata['post_attach'] = ($filename) ? true : false;
include_once($phpbb_root_path . 'includes/functions_upload.php');
$upload = new fileupload();
$filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false;
if (!$filedata['post_attach'])
{
return $filedata;
}
$r_file = trim(basename($filename));
$file = (!$local) ? $_FILES['fileupload']['tmp_name'] : $local_storage;
$filedata['mimetype'] = (!$local) ? $_FILES['fileupload']['type'] : 'application/octet-stream';
// Opera adds the name to the mime type
$filedata['mimetype'] = (strpos($filedata['mimetype'], '; name') !== false) ? str_replace(strstr($filedata['mimetype'], '; name'), '', $filedata['mimetype']) : $filedata['mimetype'];
$filedata['extension'] = array_pop(explode('.', strtolower($filename)));
$filedata['filesize'] = (!@filesize($file)) ? (int) $_FILES['size'] : @filesize($file);
$extensions = array();
obtain_attach_extensions($extensions);
obtain_attach_extensions($extensions, $forum_id);
// Check Extension
if (!extension_allowed($forum_id, $filedata['extension'], $extensions))
$upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
if ($local)
{
$filedata['error'][] = sprintf($user->lang['DISALLOWED_EXTENSION'], $filedata['extension']);
$filedata['post_attach'] = false;
return $filedata;
$file = $upload->local_upload($local_storage);
}
$cfg = array();
$cfg['max_filesize'] = ($is_message) ? $config['max_filesize_pm'] : $config['max_filesize'];
$allowed_filesize = ($extensions[$filedata['extension']]['max_filesize'] != 0) ? $extensions[$filedata['extension']]['max_filesize'] : $cfg['max_filesize'];
$cat_id = $extensions[$filedata['extension']]['display_cat'];
// check Filename
if (preg_match("#[\\/:*?\"<>|]#i", $filename))
{
$filedata['error'][] = sprintf($user->lang['INVALID_FILENAME'], $filename);
$filedata['post_attach'] = false;
return $filedata;
}
// check php upload-size
if ($file == 'none')
else
{
$file = $upload->form_upload($form_name);
}
if ($file->init_error)
{
$filedata['error'][] = (@ini_get('upload_max_filesize') == '') ? $user->lang['ATTACHMENT_PHP_SIZE_NA'] : sprintf($user->lang['ATTACHMENT_PHP_SIZE_OVERRUN'], @ini_get('upload_max_filesize'));
$filedata['post_attach'] = false;
return $filedata;
}
$filedata['thumbnail'] = 0;
// Prepare Values
$filedata['filetime'] = time();
$filedata['filename'] = stripslashes($r_file);
$filedata['destination_filename'] = strtolower($filedata['filename']);
$filedata['destination_filename'] = $user->data['user_id'] . '_' . $filedata['filetime'] . '.' . $filedata['extension'];
$filedata['filename'] = str_replace("'", "\'", $filedata['filename']);
$cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
// Do we have to create a thumbnail?
if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail'])
{
$filedata['thumbnail'] = 1;
}
// Descide the Upload method
$upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode')) ? 'move' : 'copy';
$upload_mode = ($local) ? 'local' : $upload_mode;
// Ok, upload the File
$result = move_uploaded_attachment($upload_mode, $file, $filedata);
if ($result)
{
$filedata['error'][] = $result;
$filedata['post_attach'] = false;
return $filedata;
}
$file = (!$local) ? $phpbb_root_path . $config['upload_dir'] . '/' . $filedata['destination_filename'] : $local_storage;
if (!$filedata['filesize'])
{
$filedata['filesize'] = @filesize($file);
}
$filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
// Check Image Size, if it is an image
if (!$auth->acl_gets('m_', 'a_') && $cat_id == ATTACHMENT_CATEGORY_IMAGE)
{
list($width, $height) = getimagesize($file);
if ($width != 0 && $height != 0 && $config['img_max_width'] && $config['img_max_height'])
{
if ($width > $config['img_max_width'] || $height > $config['img_max_height'])
{
$filedata['error'][] = sprintf($user->lang['ERROR_IMAGESIZE'], $config['img_max_width'], $config['img_max_height']);
$filedata['post_attach'] = false;
phpbb_unlink($filedata['destination_filename']);
phpbb_unlink($filedata['destination_filename'], 'thumbnail');
return $filedata;
}
}
$file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
}
// check Filesize
if ($allowed_filesize && $filedata['filesize'] > $allowed_filesize && !$auth->acl_gets('m_', 'a_'))
if (!$auth->acl_gets('a_', 'm_'))
{
$size_lang = ($allowed_filesize >= 1048576) ? $user->lang['MB'] : ( ($allowed_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
$allowed_filesize = ($allowed_filesize >= 1048576) ? round($allowed_filesize / 1048576 * 100) / 100 : (($allowed_filesize >= 1024) ? round($allowed_filesize / 1024 * 100) / 100 : $allowed_filesize);
$filedata['error'][] = sprintf($user->lang['ATTACHMENT_TOO_BIG'], $allowed_filesize, $size_lang);
$allowed_filesize = ($extensions[$file->get('extension')]['max_filesize'] != 0) ? $extensions[$file->get('extension')]['max_filesize'] : (($is_message) ? $config['max_filesize_pm'] : $config['max_filesize']);
$file->upload->set_max_filesize($allowed_filesize);
}
$file->clean_filename('unique', $user->data['user_id'] . '_');
$file->move_file($config['upload_path']);
if (sizeof($file->error))
{
$file->remove();
$filedata['error'] = array_merge($filedata['error'], $file->error);
$filedata['post_attach'] = false;
phpbb_unlink($filedata['destination_filename']);
phpbb_unlink($filedata['destination_filename'], 'thumbnail');
return $filedata;
}
$filedata['filesize'] = $file->get('filesize');
$filedata['mimetype'] = $file->get('mimetype');
$filedata['extension'] = $file->get('extension');
$filedata['physical_filename'] = $file->get('realname');
$filedata['real_filename'] = $file->get('uploadname');
$filedata['filetime'] = time();
// Check our complete quota
if ($config['attachment_quota'])
{
if ($config['upload_dir_size'] + $filedata['filesize'] > $config['attachment_quota'])
if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota'])
{
$filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
phpbb_unlink($filedata['destination_filename']);
phpbb_unlink($filedata['destination_filename'], 'thumbnail');
$file->remove();
return $filedata;
}
}
// TODO - Check Free Disk Space - need testing under windows
if ($free_space = disk_free_space($phpbb_root_path . $config['upload_dir']))
if ($free_space = disk_free_space($phpbb_root_path . $config['upload_path']))
{
if ($free_space <= $filedata['filesize'])
if ($free_space <= $file->get('filesize'))
{
$filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
phpbb_unlink($filedata['destination_filename']);
phpbb_unlink($filedata['destination_filename'], 'thumbnail');
$file->remove();
return $filedata;
}
}
return $filedata;
}
// Move/Upload File - could be used for Avatars too?
function move_uploaded_attachment($upload_mode, $source_filename, &$filedata)
{
global $user, $config, $phpbb_root_path;
$destination_filename = $filedata['destination_filename'];
$thumbnail = (isset($filedata['thumbnail'])) ? $filedata['thumbnail'] : false;
switch ($upload_mode)
{
case 'copy':
if (!@copy($source_filename, $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename))
{
if (!@move_uploaded_file($source_filename, $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename))
{
return sprintf($user->lang['GENERAL_UPLOAD_ERROR'], $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename);
}
}
@chmod($phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename, 0666);
break;
case 'move':
if (!@move_uploaded_file($source_filename, $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename))
{
if (!@copy($source_filename, $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename))
{
return sprintf($user->lang['GENERAL_UPLOAD_ERROR'], $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename);
}
}
@chmod($phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename, 0666);
break;
case 'local':
if (!@copy($source_filename, $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename))
{
return sprintf($user->lang['GENERAL_UPLOAD_ERROR'], $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename);
}
@chmod($phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename, 0666);
@unlink($source_filename);
break;
}
// Create Thumbnail
if ($filedata['thumbnail'])
{
$source = $phpbb_root_path . $config['upload_dir'] . '/' . $destination_filename;
$destination = $phpbb_root_path . $config['upload_dir'] . '/thumb_' . $destination_filename;
$source = $file->get('destination_file');
$destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
if (!create_thumbnail($source, $destination, $filedata['mimetype']))
if (!create_thumbnail($source, $destination, $file->get('mimetype')))
{
if (!create_thumbnail($source_filename, 'thumb_' . $destination_filename, $filedata['mimetype']))
{
$filedata['thumbnail'] = 0;
}
$filedata['thumbnail'] = 0;
}
}
return;
return $filedata;
}
// Calculate the needed size for Thumbnail
@ -434,13 +328,11 @@ function get_supported_image_types($type = false)
}
// Create Thumbnail
function create_thumbnail($source, $new_file, $mimetype)
function create_thumbnail($source, $destination, $mimetype)
{
global $config;
$source = realpath($source);
$min_filesize = (int) $config['img_min_thumb_filesize'];
$img_filesize = (file_exists($source)) ? @filesize($source) : false;
if (!$img_filesize || $img_filesize <= $min_filesize)
@ -461,8 +353,8 @@ function create_thumbnail($source, $new_file, $mimetype)
if ($config['img_imagick'])
{
passthru($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"');
if (file_exists($new_file))
passthru($config['img_imagick'] . 'convert' . ((defined('PHP_OS') && preg_match('#win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $destination) . '"');
if (file_exists($destination))
{
$used_imagick = true;
}
@ -504,16 +396,16 @@ function create_thumbnail($source, $new_file, $mimetype)
switch ($type['format'])
{
case IMG_GIF:
imagegif($new_image, $new_file);
imagegif($new_image, $destination);
break;
case IMG_JPG:
imagejpeg($new_image, $new_file, 90);
imagejpeg($new_image, $destination, 90);
break;
case IMG_PNG:
imagepng($new_image, $new_file);
imagepng($new_image, $destination);
break;
case IMG_WBMP:
imagewbmp($new_image, $new_file);
imagewbmp($new_image, $destination);
break;
}
@ -521,12 +413,12 @@ function create_thumbnail($source, $new_file, $mimetype)
}
}
if (!file_exists($new_file))
if (!file_exists($destination))
{
return false;
}
@chmod($new_file, 0666);
@chmod($destination, 0666);
return true;
}
@ -546,7 +438,7 @@ function decode_message(&$message, $bbcode_uid = '')
'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
'#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
'#<!\-\- h \-\-><(.*?)><!\-\- h \-\->#',
'#<.*?>#s'
);
@ -699,7 +591,7 @@ function posting_gen_attachment_entry(&$attachment_data, &$filename_data)
$hidden .= '<input type="hidden" name="attachment_data[' . $count . '][' . $key . ']" value="' . $value . '" />';
}
$download_link = (!$attach_row['attach_id']) ? $phpbb_root_path . $config['upload_dir'] . '/' . basename($attach_row['physical_filename']) : $phpbb_root_path . "download.$phpEx$SID&id=" . intval($attach_row['attach_id']);
$download_link = (!$attach_row['attach_id']) ? $phpbb_root_path . $config['upload_path'] . '/' . basename($attach_row['physical_filename']) : $phpbb_root_path . "download.$phpEx$SID&id=" . intval($attach_row['attach_id']);
$template->assign_block_vars('attach_row', array(
'FILENAME' => basename($attach_row['real_filename']),
@ -718,8 +610,7 @@ function posting_gen_attachment_entry(&$attachment_data, &$filename_data)
$template->assign_vars(array(
'FILE_COMMENT' => $filename_data['filecomment'],
'FILESIZE' => $config['max_filesize'],
'FILENAME' => $filename_data['filename'])
'FILESIZE' => $config['max_filesize'])
);
return sizeof($attachment_data);
@ -883,7 +774,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
}
$message = smilie_text($message, !$row['enable_smilies']);
$message = smiley_text($message, !$row['enable_smilies']);
$post_subject = censor_text($post_subject);
$message = censor_text($message);

7
phpBB/includes/functions_privmsgs.php
View file

@ -940,7 +940,8 @@ function write_pm_addresses($check_ary, $author_id, $plaintext = false)
{
$sql = 'SELECT user_id, username, user_colour
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $u) . ')';
WHERE user_id IN (' . implode(', ', $u) . ')
AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@ -1159,7 +1160,7 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
'message_text' => $data['message'],
'message_checksum' => $data['message_md5'],
'message_encoding' => $user->lang['ENCODING'],
'message_attachment'=> (isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data']['physical_filename'])) ? 1 : 0,
'message_attachment'=> (isset($data['filename_data']) && sizeof($data['filename_data'])) ? 1 : 0,
'bbcode_bitfield' => $data['bbcode_bitfield'],
'bbcode_uid' => $data['bbcode_uid'],
'to_address' => implode(':', $to),
@ -1180,7 +1181,7 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
'message_text' => $data['message'],
'message_checksum' => $data['message_md5'],
'message_encoding' => $user->lang['ENCODING'],
'message_attachment'=> (sizeof($data['filename_data']['physical_filename'])) ? 1 : 0,
'message_attachment'=> (isset($data['filename_data']) && sizeof($data['filename_data'])) ? 1 : 0,
'bbcode_bitfield' => $data['bbcode_bitfield'],
'bbcode_uid' => $data['bbcode_uid']
);

2
phpBB/includes/functions_profile_fields.php
View file

@ -376,7 +376,7 @@ class custom_profile
{
$bbcode = new bbcode($ident_ary['data']['bbcode_bitfield']);
$bbcode->bbcode_second_pass($value, $ident_ary['data']['bbcode_uid'], $ident_ary['data']['bbcode_bitfield']);
$value = smilie_text($value);
$value = smiley_text($value);
$value = censor_text($value);
}
return str_replace("\n", '<br />', $value);

127
phpBB/includes/functions_user.php
View file

@ -187,6 +187,7 @@ function user_delete($mode, $user_id)
{
$sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . '
WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
ORDER BY user_id DESC
LIMIT 1';
$result = $db->sql_query($sql);
@ -262,6 +263,7 @@ function user_active_flip($user_id, $user_type, $user_actkey = false, $username
{
$sql_ary['user_actkey'] = $user_actkey;
}
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE user_id = $user_id";
$db->sql_query($sql);
@ -932,126 +934,29 @@ function avatar_upload($data, &$error)
{
global $phpbb_root_path, $config, $db, $user;
// Init upload class
include_once($phpbb_root_path . 'includes/functions_upload.php');
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
if (!empty($_FILES['uploadfile']['name']))
{
$filename = $_FILES['uploadfile']['tmp_name'];
$filesize = $_FILES['uploadfile']['size'];
$realname = $_FILES['uploadfile']['name'];
// Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
if ($filesize > $config['avatar_filesize'] || $filesize == 0)
{
$error[] = sprintf($user->lang['AVATAR_WRONG_FILESIZE'], $config['avatar_filesize']);
return false;
}
if (file_exists($filename) && preg_match('#^(.*?)\.(jpg|jpeg|gif|png)$#i', $realname, $match))
{
$realname = $match[1];
$filetype = $match[2];
$php_move = 'move_uploaded_file';
}
else
{
$error[] = $user->lang['AVATAR_NOT_UPLOADED'];
return false;
}
$file = $upload->form_upload('uploadfile');
}
else if (preg_match('#^(http://).*?\.(jpg|jpeg|gif|png)$#i', $data['uploadurl'], $match))
else
{
if (empty($match[2]))
{
$error[] = $user->lang['AVATAR_URL_INVALID'];
return false;
}
$url = parse_url($data['uploadurl']);
$host = $url['host'];
$path = dirname($url['path']);
$port = (!empty($url['port'])) ? $url['port'] : 80;
$filetype = array_pop(explode('.', $url['path']));
$realname = basename($url['path'], '.' . $filetype);
$filename = $url['path'];
$filesize = 0;
if (!($fsock = @fsockopen($host, $port, $errno, $errstr)))
{
$error[] = $user->lang['AVATAR_NOT_UPLOADED'];
return false;
}
fputs($fsock, 'GET /' . $filename . " HTTP/1.1\r\n");
fputs($fsock, "HOST: " . $host . "\r\n");
fputs($fsock, "Connection: close\r\n\r\n");
$avatar_data = '';
while (!feof($fsock))
{
$avatar_data .= fread($fsock, $config['avatar_filesize']);
}
@fclose($fsock);
$avatar_data = array_pop(explode("\r\n\r\n", $avatar_data));
if (empty($avatar_data))
{
// TODO: The above code to fetch images doesn't work with quite a few servers. This part needs some changes..
$error[] = $user->lang['AVATAR_NOT_UPLOADED'] . '<br />Please try uploading the file manually.';
return false;
}
unset($url_ary);
$tmp_path = (!@ini_get('safe_mode')) ? false : $phpbb_root_path . 'cache';
$filename = tempnam($tmp_path, uniqid(rand()) . '-');
if (!($fp = @fopen($filename, 'wb')))
{
$error[] = $user->lang['AVATAR_NOT_UPLOADED'];
return false;
}
$filesize = fwrite($fp, $avatar_data);
fclose($fp);
unset($avatar_data);
if (!$filesize)
{
unlink($filename);
$error[] = $user->lang['AVATAR_NOT_UPLOADED'];
return false;
}
$php_move = 'copy';
$file = $upload->remote_upload($data['uploadurl']);
}
list($width, $height) = getimagesize($filename);
$file->clean_filename('real', $user->data['user_id'] . '_');
$file->move_file($config['avatar_path']);
if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height'] || $width < $config['avatar_min_width'] || $height < $config['avatar_min_height'] || !$width || !$height)
if (sizeof($file->error))
{
return sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
$file->remove();
$error = array_merge($error, $file->error);
}
// Replace any chars which may cause us problems with _
$bad_chars = array(' ', '/', ':', '*', '?', '"', '<', '>', '|');
$realfilename = $data['user_id'] . '_' . str_replace($bad_chars, '_', $realname) . '.' . $filetype;
if (!$php_move($filename, $phpbb_root_path . $config['avatar_path'] . '/' . $realfilename))
{
@unlink($filename);
$error[] = $user->lang['AVATAR_NOT_UPLOADED'];
return false;
}
@unlink($filename);
$filesize = @filesize($phpbb_root_path . $config['avatar_path'] . "/$realfilename");
if (!$filesize || $filesize > $config['avatar_filesize'])
{
@unlink($phpbb_root_path . $config['avatar_path'] . "/$realfilename");
$error[] = sprintf($user->lang['AVATAR_WRONG_FILESIZE'], $config['avatar_filesize']);
return false;
}
return array(AVATAR_UPLOAD, $realfilename, $width, $height);
return array(AVATAR_UPLOAD, $file->get('realname'), $file->get('width'), $file->get('height'));
}
function avatar_gallery($category, &$error)

2
phpBB/includes/mcp/mcp_post.php
View file

@ -169,7 +169,7 @@ function mcp_post_details($id, $mode, $action, $url)
$bbcode = new bbcode($post_info['bbcode_bitfield']);
$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
}
$message = smilie_text($message);
$message = smiley_text($message);
$template->assign_vars(array(
'U_MCP_ACTION' => "$url&amp;i=main&amp;quickmod=1", // Use this for mode paramaters

2
phpBB/includes/mcp/mcp_queue.php
View file

@ -89,7 +89,7 @@ class mcp_queue extends module
$bbcode = new bbcode($post_info['bbcode_bitfield']);
$bbcode->bbcode_second_pass($message, $post_info['bbcode_uid'], $post_info['bbcode_bitfield']);
}
$message = smilie_text($message);
$message = smiley_text($message);
$template->assign_vars(array(
'S_MCP_QUEUE' => true,

2
phpBB/includes/mcp/mcp_topic.php
View file

@ -119,7 +119,7 @@ function mcp_topic_view($id, $mode, $action, $url)
$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
}
$message = smilie_text($message);
$message = smiley_text($message);
$message = str_replace("\n", '<br />', $message);
$checked = ($post_id_list && in_array(intval($row['post_id']), $post_id_list)) ? 'checked="checked" ' : '';

52
phpBB/includes/message_parser.php
View file

@ -180,7 +180,7 @@ class bbcode_firstpass extends bbcode
'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
'#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
'#<!\-\- h \-\-><(.*?)><!\-\- h \-\->#',
);
$htm_replace = array('\1', '\1', '\1', '\1', '\1', '&lt;\1&gt;');
@ -677,10 +677,10 @@ class parse_message extends bbcode_firstpass
$this->html($config['allow_html_tags']);
}
// Parse Emoticons
// Parse smilies
if ($allow_smilies)
{
$this->emoticons($config['max_' . $mode . '_smilies']);
$this->smilies($config['max_' . $mode . '_smilies']);
}
$num_urls = 0;
@ -756,7 +756,7 @@ class parse_message extends bbcode_firstpass
$this->bbcode_second_pass($this->message, $this->bbcode_uid);
}
$this->message = smilie_text($this->message, !$allow_smilies);
$this->message = smiley_text($this->message, !$allow_smilies);
// Replace naughty words such as farty pants
$this->message = str_replace("\n", '<br />', censor_text($this->message));
@ -851,8 +851,8 @@ class parse_message extends bbcode_firstpass
$this->message = str_replace('<&amp;lt;', '&lt;', $this->message);
}
// Parse Emoticons
function emoticons($max_smilies = 0)
// Parse Smilies
function smilies($max_smilies = 0)
{
global $db, $user, $phpbb_root_path;
static $match;
@ -891,7 +891,7 @@ class parse_message extends bbcode_firstpass
{
// (assertion)
$match[] = '#(?<=^|[\n ]|\.)' . preg_quote($row['code'], '#') . '#';
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILE_PATH}/' . $row['smile_url'] . '" border="0" alt="' . $row['emoticon'] . '" title="' . $row['emoticon'] . '" /><!-- s' . $row['code'] . ' -->';
$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" border="0" alt="' . $row['smiley'] . '" title="' . $row['smiley'] . '" /><!-- s' . $row['code'] . ' -->';
}
while ($row = $db->sql_fetchrow($result));
}
@ -921,17 +921,16 @@ class parse_message extends bbcode_firstpass
}
// Parse Attachments
function parse_attachments($mode, $post_id, $submit, $preview, $refresh, $is_message = false)
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
global $config, $auth, $user, $forum_id;
global $_FILES, $_POST;
global $config, $auth, $user, $phpbb_root_path;
$error = array();
$num_attachments = sizeof($this->attachment_data);
$this->filename_data['filecomment'] = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', request_var('filecomment', ''));
$this->filename_data['filename'] = (isset($_FILES['fileupload']) && $_FILES['fileupload']['name'] != 'none') ? trim($_FILES['fileupload']['name']) : '';
$this->filename_data['filecomment'] = request_var('filecomment', '', true);
$upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
$add_file = (isset($_POST['add_file']));
$delete_file = (isset($_POST['delete_file']));
$edit_comment = (isset($_POST['edit_comment']));
@ -940,20 +939,22 @@ class parse_message extends bbcode_firstpass
$cfg['max_attachments'] = ($is_message) ? $config['max_attachments_pm'] : $config['max_attachments'];
$forum_id = ($is_message) ? 0 : $forum_id;
if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $this->filename_data['filename'])
include_once($phpbb_root_path . 'includes/functions_upload.php');
$upload = new fileupload('ATTACHMENT_');
if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file)
{
if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_'))
{
$filedata = upload_attachment($forum_id, $this->filename_data['filename'], false, '', $is_message);
$filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
$error = $filedata['error'];
if ($filedata['post_attach'] && !sizeof($error))
{
$new_entry = array(
'physical_filename' => $filedata['destination_filename'],
'physical_filename' => $filedata['physical_filename'],
'comment' => $this->filename_data['filecomment'],
'real_filename' => $filedata['filename'],
'real_filename' => $filedata['real_filename'],
'extension' => $filedata['extension'],
'mimetype' => $filedata['mimetype'],
'filesize' => $filedata['filesize'],
@ -1024,20 +1025,19 @@ class parse_message extends bbcode_firstpass
}
}
if (($add_file || $preview) && $this->filename_data['filename'])
if (($add_file || $preview) && $upload_file)
{
if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_'))
{
$filedata = upload_attachment($forum_id, $this->filename_data['filename'], false, '', $is_message);
$filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
$error = array_merge($error, $filedata['error']);
if (!sizeof($error))
{
$new_entry = array(
'physical_filename' => $filedata['destination_filename'],
'physical_filename' => $filedata['physical_filename'],
'comment' => $this->filename_data['filecomment'],
'real_filename' => $filedata['filename'],
'real_filename' => $filedata['real_filename'],
'extension' => $filedata['extension'],
'mimetype' => $filedata['mimetype'],
'filesize' => $filedata['filesize'],
@ -1068,11 +1068,7 @@ class parse_message extends bbcode_firstpass
// Get Attachment Data
function get_submitted_attachment_data()
{
global $_FILES, $_POST;
$this->filename_data['filecomment'] = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', request_var('filecomment', ''));
$this->filename_data['filename'] = (isset($_FILES['fileupload']) && $_FILES['fileupload']['name'] != 'none') ? trim($_FILES['fileupload']['name']) : '';
$this->filename_data['filecomment'] = request_var('filecomment', '', true);
$this->attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
//

2
phpBB/includes/session.php
View file

@ -490,7 +490,7 @@ class user extends session
var $lang_path;
var $img_lang;
var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'html' => 7, 'bbcode' => 8, 'smile' => 9, 'popuppm' => 10, 'report_pm_notify' => 11);
var $keyoptions = array('viewimg' => 0, 'viewflash' => 1, 'viewsmilies' => 2, 'viewsigs' => 3, 'viewavatars' => 4, 'viewcensors' => 5, 'attachsig' => 6, 'html' => 7, 'bbcode' => 8, 'smilies' => 9, 'popuppm' => 10, 'report_pm_notify' => 11);
var $keyvalues = array();
function setup($lang_set = false, $style = false)

8
phpBB/includes/ucp/ucp_pm_compose.php
View file

@ -296,7 +296,7 @@ function compose_pm($id, $mode, $action)
if (!in_array($action, array('quote', 'edit', 'delete', 'forward')))
{
$enable_sig = ($config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('attachsig'));
$enable_smilies = ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smile'));
$enable_smilies = ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smilies'));
$enable_bbcode = ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode'));
$enable_urls = true;
}
@ -424,7 +424,7 @@ function compose_pm($id, $mode, $action)
}
// Parse Attachments - before checksum is calculated
$message_parser->parse_attachments($action, $msg_id, $submit, $preview, $refresh, true);
$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
// Grab md5 'checksum' of new message
$message_md5 = md5($message_parser->message);
@ -597,7 +597,7 @@ function compose_pm($id, $mode, $action)
// MAIN PM PAGE BEGINS HERE
// Generate smilie listing
// Generate smiley listing
generate_smilies('inline', 0);
// Generate PM Icons
@ -684,7 +684,7 @@ function compose_pm($id, $mode, $action)
$html_checked = (isset($enable_html)) ? !$enable_html : (($config['allow_html'] && $auth->acl_get('u_pm_html')) ? !$user->optionget('html') : 1);
$bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smile') : 1);
$smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1);
$urls_checked = (isset($enable_urls)) ? !$enable_urls : 0;
$sig_checked = $enable_sig;

8
phpBB/includes/ucp/ucp_pm_viewmessage.php
View file

@ -62,7 +62,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
}
// Always process smilies after parsing bbcodes
$message = smilie_text($message);
$message = smiley_text($message);
// Replace naughty words such as farty pants
$message_row['message_subject'] = censor_text($message_row['message_subject']);
@ -147,7 +147,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
$bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']);
}
$signature = smilie_text($signature);
$signature = smiley_text($signature);
$signature = str_replace("\n", '<br />', censor_text($signature));
}
@ -314,7 +314,7 @@ function message_history($msg_id, $user_id, $message_row, $folder)
$bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);
}
$message = smilie_text($message, !$row['enable_smilies']);
$message = smiley_text($message, !$row['enable_smilies']);
$subject = censor_text($subject);
$message = censor_text($message);
@ -421,7 +421,7 @@ function get_user_informations($user_id, $user_row)
}
else
{
if(isset($ranks['normal']))
if (isset($ranks['normal']))
{
foreach ($ranks['normal'] as $rank)
{

4
phpBB/includes/ucp/ucp_prefs.php
View file

@ -347,7 +347,7 @@ class ucp_prefs extends module
$user->optionset('bbcode', $bbcode);
$user->optionset('html', $html);
$user->optionset('smile', $smilies);
$user->optionset('smilies', $smilies);
$user->optionset('attachsig', $sig);
if (!sizeof($error))
@ -377,7 +377,7 @@ class ucp_prefs extends module
$html = (isset($html)) ? $html : $user->optionget('html');
$html_yes = ($html) ? ' checked="checked"' : '';
$html_no = (!$html) ? ' checked="checked"' : '';
$smilies = (isset($smilies)) ? $smilies : $user->optionget('smile');
$smilies = (isset($smilies)) ? $smilies : $user->optionget('smilies');
$smilies_yes = ($smilies) ? ' checked="checked"' : '';
$smilies_no = (!$smilies) ? ' checked="checked"' : '';
$sig = (isset($sig)) ? $sig : $user->optionget('attachsig');

9
phpBB/includes/ucp/ucp_profile.php
View file

@ -380,7 +380,7 @@ class ucp_profile extends module
$enable_html = ($config['allow_sig_html']) ? request_var('enable_html', false) : false;
$enable_bbcode = ($config['allow_sig_bbcode']) ? request_var('enable_bbcode', $user->optionget('bbcode')) : false;
$enable_smilies = ($config['allow_sig_smilies']) ? request_var('enable_smilies', $user->optionget('smile')) : false;
$enable_smilies = ($config['allow_sig_smilies']) ? request_var('enable_smilies', $user->optionget('smilies')) : false;
$enable_urls = request_var('enable_urls', true);
$signature = request_var('signature', $user->data['user_sig']);
@ -462,6 +462,11 @@ class ucp_profile extends module
$category = request_var('category', '');
$delete = (isset($_POST['delete'])) ? true : false;
$avatarselect = request_var('avatarselect', '');
$avatarselect = str_replace(array('../', '..\\', './', '.\\'), '', $avatarselect);
if ($avatarselect && ($avatarselect{0} == '/' || $avatarselect{0} == "\\"))
{
$avatarselect = '';
}
// Can we upload?
$can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;
@ -492,7 +497,7 @@ class ucp_profile extends module
if (!sizeof($error))
{
$data['user_id'] = $user->data['user_id'];
if ( (!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload)
if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload)
{
list($type, $filename, $width, $height) = avatar_upload($data, $error);
}