mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-27 21:58:52 +00:00
new clicky thingies.
git-svn-id: file:///svn/phpbb/trunk@8156 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Henry Sudhof
parent
e8b2c4128e
commit
ea9c1d7ea9
11 changed files with 121 additions and 16 deletions
|
|
@ -223,6 +223,8 @@ class acp_board
|
|||
'enable_confirm' => array('lang' => 'VISUAL_CONFIRM_REG', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true),
|
||||
'max_reg_attempts' => array('lang' => 'REG_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
|
||||
'min_time_reg' => array('lang' => 'MIN_TIME_REG', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
|
||||
'min_time_terms' => array('lang' => 'MIN_TIME_TERMS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
|
||||
|
||||
'legend3' => 'COPPA',
|
||||
'coppa_enable' => array('lang' => 'ENABLE_COPPA', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
|
|
@ -327,6 +329,8 @@ class acp_board
|
|||
'tpl_allow_php' => array('lang' => 'TPL_ALLOW_PHP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
'form_token_lifetime' => array('lang' => 'FORM_TIME_MAX', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
|
||||
'form_token_mintime' => array('lang' => 'FORM_TIME_MIN', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
|
||||
'form_token_sid_guests' => array('lang' => 'FORM_SID_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
|
||||
)
|
||||
);
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -2006,9 +2006,10 @@ function meta_refresh($time, $url)
|
|||
*/
|
||||
function add_form_key($form_name)
|
||||
{
|
||||
global $template, $user;
|
||||
global $config, $template, $user;
|
||||
$now = time();
|
||||
$token = sha1($now . $user->data['user_form_salt'] . $form_name);
|
||||
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
|
||||
$token = sha1($now . $user->data['user_form_salt'] . $form_name . $token_sid);
|
||||
|
||||
$s_fields = build_hidden_fields(array(
|
||||
'creation_time' => $now,
|
||||
|
|
@ -2029,7 +2030,7 @@ function add_form_key($form_name)
|
|||
*/
|
||||
function check_form_key($form_name, $timespan = false, $return_page = '', $trigger = false, $miniumum_time = false)
|
||||
{
|
||||
global $user, $config;
|
||||
global $config, $user;
|
||||
|
||||
if ($timespan === false)
|
||||
{
|
||||
|
|
@ -2039,6 +2040,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
|
|||
{
|
||||
$miniumum_time = $config['form_token_mintime'];
|
||||
}
|
||||
|
||||
if (isset($_POST['creation_time']) && isset($_POST['form_token']))
|
||||
{
|
||||
$creation_time = abs(request_var('creation_time', 0));
|
||||
|
|
@ -2046,9 +2048,11 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
|
|||
|
||||
$diff = (time() - $creation_time);
|
||||
|
||||
if (($diff > $miniumum_time) && (($diff < $timespan) || $timespan == -1))
|
||||
if (($diff >= $miniumum_time) && (($diff <= $timespan) || $timespan == -1))
|
||||
{
|
||||
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name);
|
||||
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
|
||||
|
||||
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);
|
||||
if ($key === $token)
|
||||
{
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -44,14 +44,22 @@ class ucp_register
|
|||
$change_lang = request_var('change_lang', '');
|
||||
$user_lang = request_var('lang', $user->lang_name);
|
||||
|
||||
add_form_key('ucp_register');
|
||||
|
||||
// not so fast, buddy
|
||||
if (($submit && !check_form_key('ucp_register', false, '', false, 5))
|
||||
|| (!$submit && !check_form_key('ucp_register', false, '', false, 1)))
|
||||
if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg']))
|
||||
|| (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])))
|
||||
{
|
||||
$agreed = false;
|
||||
}
|
||||
|
||||
if ($agreed)
|
||||
{
|
||||
add_form_key('ucp_register');
|
||||
}
|
||||
else
|
||||
{
|
||||
add_form_key('ucp_register_terms');
|
||||
}
|
||||
|
||||
|
||||
if ($change_lang || $user_lang != $config['default_lang'])
|
||||
|
|
@ -121,8 +129,8 @@ class ucp_register
|
|||
|
||||
'S_SHOW_COPPA' => true,
|
||||
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
|
||||
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang))
|
||||
);
|
||||
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
|
||||
));
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -132,7 +140,9 @@ class ucp_register
|
|||
'S_SHOW_COPPA' => false,
|
||||
'S_REGISTRATION' => true,
|
||||
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
|
||||
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa))
|
||||
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
|
||||
'S_TIME' => 1000 * (int)$config['min_time_terms'],
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
|
|
@ -518,7 +528,9 @@ class ucp_register
|
|||
'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
|
||||
'S_COPPA' => $coppa,
|
||||
'S_HIDDEN_FIELDS' => $s_hidden_fields,
|
||||
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'))
|
||||
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
|
||||
'S_TIME' => 1000 * (int)$config['min_time_reg'],
|
||||
)
|
||||
);
|
||||
|
||||
//
|
||||
|
|
|
|||
|
|
@ -1493,6 +1493,9 @@ if (version_compare($current_version, '3.0.RC5', '<='))
|
|||
|
||||
set_config('form_token_lifetime', '7200');
|
||||
set_config('form_token_mintime', '0');
|
||||
set_config('min_time_reg', '5');
|
||||
set_config('min_time_terms', '2');
|
||||
set_config('form_token_sid_guests', '1');
|
||||
|
||||
$db->sql_transaction('begin');
|
||||
|
||||
|
|
|
|||
|
|
@ -90,6 +90,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval', '
|
|||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('force_server_vars', '0');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('form_token_lifetime', '7200');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('form_token_mintime', '0');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('form_token_sid_guests', '1');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('forward_pm', '1');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('forwarded_for_check', '0');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('full_folder_action', '2');
|
||||
|
|
@ -171,6 +172,8 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_sig_urls', '5'
|
|||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_name_chars', '3');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_pass_chars', '6');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_search_author_chars', '3');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_time_reg', '5');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('min_time_terms', '2');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('override_user_style', '0');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pass_complex', 'PASS_TYPE_ANY');
|
||||
INSERT INTO phpbb_config (config_name, config_value) VALUES ('pm_edit_time', '0');
|
||||
|
|
|
|||
|
|
@ -206,6 +206,10 @@ $lang = array_merge($lang, array(
|
|||
'ENABLE_COPPA_EXPLAIN' => 'This requires users to declare whether they are 13 or over for compliance with the U.S. COPPA. If this is disabled the COPPA specific groups will no longer be displayed.',
|
||||
'MAX_CHARS' => 'Max',
|
||||
'MIN_CHARS' => 'Min',
|
||||
'MIN_TIME_REG' => 'Minimum time for registration',
|
||||
'MIN_TIME_REG_EXPLAIN' => 'The registration form cannot be submitted before this time has passed.',
|
||||
'MIN_TIME_TERMS' => 'Minimum time for registration',
|
||||
'MIN_TIME_TERMS_EXPLAIN' => 'The terms page cannot be skipped before this time has passed.',
|
||||
'NO_AUTH_PLUGIN' => 'No suitable auth plugin found.',
|
||||
'PASSWORD_LENGTH' => 'Password length',
|
||||
'PASSWORD_LENGTH_EXPLAIN' => 'Minimum and maximum number of characters in passwords.',
|
||||
|
|
@ -373,6 +377,8 @@ $lang = array_merge($lang, array(
|
|||
'FORM_TIME_MAX_EXPLAIN' => 'The time a user has to submit a form. Use -1 to disable. Note that a form might become invalid if the session expires, regardless of this setting.',
|
||||
'FORM_TIME_MIN' => 'Minimum time to submit forms',
|
||||
'FORM_TIME_MIN_EXPLAIN' => 'Submissions faster than this time are ignored by the board. Use 0 to disable.',
|
||||
'FORM_SID_GUESTS' => 'Tie forms to guest sessions',
|
||||
'FORM_SID_GUESTS_EXPLAIN' => 'If enabled, the form token issued to guests will be session-exclusive. This can cause problems with some ISPs.',
|
||||
'FORWARDED_FOR_VALID' => 'Validated <var>X_FORWARDED_FOR</var> header',
|
||||
'FORWARDED_FOR_VALID_EXPLAIN' => 'Sessions will only be continued if the sent <var>X_FORWARDED_FOR</var> header equals the one sent with the previous request. Bans will be checked against IPs in <var>X_FORWARDED_FOR</var> too.',
|
||||
'IP_VALID' => 'Session IP validation',
|
||||
|
|
|
|||
|
|
@ -1,5 +1,19 @@
|
|||
<!-- INCLUDE overall_header.html -->
|
||||
|
||||
<script type="text/javascript" defer="defer" >
|
||||
// <![CDATA[
|
||||
function disable(disabl)
|
||||
{
|
||||
document.getElementById("agreed").disabled = disabl;
|
||||
}
|
||||
|
||||
<!-- IF S_TIME -->
|
||||
onload_functions.push('disable(true)');
|
||||
setTimeout("disable(false)", {S_TIME});
|
||||
<!-- ENDIF -->
|
||||
// ]]>
|
||||
</script>
|
||||
|
||||
<!-- IF S_SHOW_COPPA or S_REGISTRATION -->
|
||||
|
||||
<form method="post" action="{S_UCP_ACTION}" id="agreement">
|
||||
|
|
@ -19,7 +33,7 @@
|
|||
<!-- IF S_SHOW_COPPA -->
|
||||
<strong><a href="{U_COPPA_NO}" class="button1">{L_COPPA_NO}</a></strong> <a href="{U_COPPA_YES}" class="button2">{L_COPPA_YES}</a>
|
||||
<!-- ELSE -->
|
||||
<input type="submit" name="agreed" value="{L_AGREE}" class="button1" />
|
||||
<input type="submit" name="agreed" id="agreed" value="{L_AGREE}" class="button1" />
|
||||
<input type="submit" name="not_agreed" value="{L_NOT_AGREE}" class="button2" />
|
||||
<!-- ENDIF -->
|
||||
</fieldset>
|
||||
|
|
|
|||
|
|
@ -10,6 +10,17 @@
|
|||
document.forms['register'].change_lang.value = lang_iso;
|
||||
document.forms['register'].submit.click();
|
||||
}
|
||||
|
||||
function disable(disabl)
|
||||
{
|
||||
document.getElementById("submit").disabled = disabl;
|
||||
}
|
||||
|
||||
<!-- IF S_TIME -->
|
||||
onload_functions.push('disable(true)');
|
||||
setTimeout("disable(false)", {S_TIME});
|
||||
<!-- ENDIF -->
|
||||
|
||||
// ]]>
|
||||
</script>
|
||||
|
||||
|
|
@ -112,7 +123,7 @@
|
|||
<fieldset class="submit-buttons">
|
||||
{S_HIDDEN_FIELDS}
|
||||
<input type="reset" value="{L_RESET}" name="reset" class="button2" />
|
||||
<input type="submit" name="submit" value="{L_SUBMIT}" class="button1" />
|
||||
<input type="submit" name="submit" id ="submit" value="{L_SUBMIT}" class="button1" />
|
||||
</fieldset>
|
||||
|
||||
<span class="corners-bottom"><span></span></span></div>
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@
|
|||
<meta name="copyright" content="2002-2006 phpBB Group" />
|
||||
<meta name="keywords" content="" />
|
||||
<meta name="description" content="" />
|
||||
<meta name="robots" CONTENT="noindex" />
|
||||
{META}
|
||||
<title>{SITENAME} • {PAGE_TITLE}</title>
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,31 @@
|
|||
<!-- INCLUDE overall_header.html -->
|
||||
|
||||
<script type="text/javascript" defer="defer" >
|
||||
// <![CDATA[
|
||||
|
||||
var old_func = window.onload;
|
||||
|
||||
function disable(disabl)
|
||||
{
|
||||
document.getElementById("agreed").disabled = disabl;
|
||||
}
|
||||
|
||||
function disable_and_handle()
|
||||
{
|
||||
if (old_func)
|
||||
{
|
||||
old_func();
|
||||
}
|
||||
disable(true);
|
||||
}
|
||||
|
||||
<!-- IF S_TIME -->
|
||||
window.onload = disable_and_handle;
|
||||
setTimeout("disable(false)", {S_TIME});
|
||||
<!-- ENDIF -->
|
||||
// ]]>
|
||||
</script>
|
||||
|
||||
<!-- IF S_SHOW_COPPA or S_REGISTRATION -->
|
||||
|
||||
<form method="post" action="{S_UCP_ACTION}">
|
||||
|
|
@ -18,7 +44,7 @@
|
|||
<td>
|
||||
<span class="genmed"><br />{L_TERMS_OF_USE}<br /><br /></span>
|
||||
<div align="center">
|
||||
<input class="btnlite" type="submit" name="agreed" value="{L_AGREE}" /><br /><br />
|
||||
<input class="btnlite" type="submit" id="agreed" name="agreed" value="{L_AGREE}" /><br /><br />
|
||||
<input class="btnlite" type="submit" name="not_agreed" value="{L_NOT_AGREE}" />
|
||||
</div>
|
||||
</td>
|
||||
|
|
|
|||
|
|
@ -10,6 +10,27 @@
|
|||
document.forms['register'].change_lang.value = lang_iso;
|
||||
document.forms['register'].submit.click();
|
||||
}
|
||||
|
||||
var old_func = window.onload;
|
||||
|
||||
function disable(disabl)
|
||||
{
|
||||
document.getElementById("submit").disabled = disabl;
|
||||
}
|
||||
|
||||
function disable_and_handle()
|
||||
{
|
||||
if (old_func)
|
||||
{
|
||||
old_func();
|
||||
}
|
||||
disable(true);
|
||||
}
|
||||
|
||||
<!-- IF S_TIME -->
|
||||
window.onload = disable_and_handle;
|
||||
setTimeout("disable(false)", {S_TIME});
|
||||
<!-- ENDIF -->
|
||||
// ]]>
|
||||
</script>
|
||||
|
||||
|
|
@ -102,7 +123,7 @@
|
|||
<!-- ENDIF -->
|
||||
|
||||
<tr>
|
||||
<td class="cat" colspan="2" align="center">{S_HIDDEN_FIELDS}<input class="btnmain" type="submit" name="submit" value="{L_SUBMIT}" /> <input class="btnlite" type="reset" value="{L_RESET}" name="reset" /></td>
|
||||
<td class="cat" colspan="2" align="center">{S_HIDDEN_FIELDS}<input class="btnmain" type="submit" name="submit" id="submit" value="{L_SUBMIT}" /> <input class="btnlite" type="reset" value="{L_RESET}" name="reset" /></td>
|
||||
</tr>
|
||||
</table>
|
||||
{S_FORM_TOKEN}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue