makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-07 20:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

- some bugfixes

Browse source 
- committed coding guidelines as they are at area51
- removed script_path (needs a close inspection later)
- removed the need for server_name and server_port
- able to define server port/name/protocol and force the user-defined server vars (very handy for proxy setups)


git-svn-id: file:///svn/phpbb/trunk@5595 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-03-01 21:48:02 +00:00
parent cbfe138cdc
commit f9a451cce2
21 changed files with 419 additions and 155 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

192
phpBB/docs/coding-guidelines.html
View file

@ -179,7 +179,7 @@ body {
<a name="top"></a><div id="main">
<p>This is the April, 2005 revision of the phpBB Coding Guidelines, all attempts should be made to follow it as closely as possible. This document is (c) 2005 phpBB Group, copying or redistribution is not allowed without permission.</p>
<p>These are the phpBB Coding Guidelines for Olympus, all attempts should be made to follow it as closely as possible. This document is (c) 2006 phpBB Group, copying or redistribution is not allowed without permission.</p>
<h1>Coding Guidelines</h1>
@ -200,6 +200,7 @@ body {
</ol>
<li><a href="#styling">Styling</a></li>
<li><a href="#templating">Templating</a></li>
<li><a href="#changes">Guidelines Changelog</a></li>
</ol>
<hr />
@ -212,6 +213,14 @@ body {
<h3>Tabs vs Spaces:</h3>
<p>In order to make this as simple as possible, we will be using tabs, not spaces. Feel free to set how many spaces your editor uses when it <b>displays</b> tabs, but make sure that when you <b>save</b> the file, it's saving tabs and not spaces. This way, we can each have the code be displayed the way we like it, without breaking the layout of the actual files.</p>
<p>Additionally please check your editor for the indent size. If tabs are set to 4 spaces for example, the indent size needs to be 4 too:</p>
<blockquote><pre>
$mode{TAB}{TAB}= request_var('mode', '');
$search_id{TAB}= request_var('search_id', '');
</blockquote></pre>
<p>If entered with tabs (replace the {TAB}) both equal signs need to be on the same column.</p>
<h3>Linefeeds:</h3>
<p>Ensure that your editor is saving files in the UNIX format. This means lines are terminated with a newline, not with a CR/LF combo as they are on Win32, or whatever the Mac uses. Any decent editor should be able to do this, but it might not always be the default. Know your editor. If you want advice on Windows text editors, just ask one of the developers. Some of them do their editing on Win32.</p>
@ -233,7 +242,7 @@ body {
*
* @package {PACKAGENAME}
* @version &#36;Id: &#36;
* @copyright (c) 2005 phpBB Group
* @copyright (c) 2006 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
@ -247,9 +256,7 @@ body {
<blockquote><pre>
/**
*
* {HEADER}
*
*/
/**
@ -303,28 +310,34 @@ class ...
<li><b>phpBB3</b><br />Core files and all files not assigned to a seperate package</li>
<li><b>acm</b><br /><code>/includes/acm</code><br />Cache System, seperated because of equal class names
<ul>
<li><b>acm_main</b><br /><code>/includes/acm/acm_main.php</code><br />Base caching class. All functions obtaining cached data should be placed into this file</li>
<li><b>acm_db</b><br /><code>/includes/acm/acm_db.php</code><br />Database based caching</li>
<li><b>acm_file</b><br /><code>/includes/acm/acm_file.php</code><br />File based caching</li>
</ul>
</li>
<li><b>dbal</b><br /><code>/includes/db</code><br />Database Abstraction Layer, seperated because of equal class names.<br />Every database class is a seperate package preceeded by dbal_
<li><b>acp</b><br /><code>/adm</code>, <code>/includes/acp</code>, <code>/includes/functions_admin.php</code><br />Administration Control Panel</li>
<li><b>dbal</b><br /><code>/includes/db</code><br />Database Abstraction Layer.<br />Base class is <code>dbal</code>
<ul>
<li><b>dbal_db2</b><br /><code>/includes/db/db2.php</code><br />DB2 Database Abstraction Layer</li>
<li><b>dbal_firebird</b><br /><code>/includes/db/firebird.php</code><br />Firebird/Interbase Database Abstraction Layer<br />Minimum Requirement is Firebird 1.5+/Interbase 7.1+</li>
<li><b>dbal_mssql</b><br /><code>/includes/db/msssql.php</code><br />MSSQL Database Abstraction Layer<br />Minimum Requirement is MSSQL 2000+</li>
<li><b>dbal_odbc_mssql</b><br /><code>/includes/db/mssql-odbc.php</code><br />MSSQL ODBC Database Abstraction Layer for MSSQL<br />Minimum Requirement is Version 2000+</li>
<li><b>dbal_mssql_odbc</b><br /><code>/includes/db/mssql_odbc.php</code><br />MSSQL ODBC Database Abstraction Layer for MSSQL<br />Minimum Requirement is Version 2000+</li>
<li><b>dbal_mysql</b><br /><code>/includes/db/mysql.php</code><br />MySQL Database Abstraction Layer<br />Minimum Requirement is 3.23+/4.0+/4.1+</li>
<li><b>dbal_mysqli</b><br /><code>/includes/db/mysqli.php</code><br />MySQL4 Database Abstraction Layer<br />Minimum Requirement is MySQL 4.1+</li>
<li><b>dbal_mysql4</b><br /><code>/includes/db/mysql4.php</code><br />MySQL4 Database Abstraction Layer<br />Minimum Requirement is 4.0+/4.1+/5.0+</li>
<li><b>dbal_mysqli</b><br /><code>/includes/db/mysqli.php</code><br />MySQLi Database Abstraction Layer<br />Minimum Requirement is MySQLi extension with MySQL 4.1+/5.0+</li>
<li><b>dbal_oracle</b><br /><code>/includes/db/oracle.php</code><br />Oracle Database Abstraction Layer</li>
<li><b>dbal_postgres</b><br /><code>/includes/db/postgres.php</code><br />PostgreSQL Database Abstraction Layer<br />Minimum Requirement is Version 7.3+</li>
<li><b>dbal_sqlite</b><br /><code>/includes/db/sqlite.php</code><br />Sqlite Database Abstraction Layer</li>
</ul>
</li>
<li><b>docs</b><br /><code>/docs</code><br />phpBB Documentation</li>
<li><b>images</b><br /><code>/images</code><br />All global images not connected to styles</li>
<li><b>install</b><br /><code>/install</code><br />Installation System</li>
<li><b>language</b><br /><code>/language</code><br />All language files</li>
<li><b>login</b><br /><code>/includes/auth</code><br />Login Authentication Plugins</li>
<li><b>mcp</b><br /><code>mcp.php</code>, <code>/includes/mcp</code><br />Moderator Control Panel</li>
<li><b>mcp</b><br /><code>mcp.php</code>, <code>/includes/mcp</code>, <code>report.php</code><br />Moderator Control Panel</li>
<li><b>ucp</b><br /><code>ucp.php</code>, <code>/includes/ucp</code><br />User Control Panel</li>
<li><b>search</b><br /><code>/includes/search</code><br />Search System</li>
<li><b>acp</b><br /><code>/adm</code><br />Administration Control Panel</li>
<li><b>search</b><br /><code>/includes/search</code>, <code>search.php</code><br />Search System</li>
<li><b>styles</b><br /><code>/styles</code>, <code>style.php</code><br />phpBB Styles/Templates/Themes/Imagesets</li>
</ul>
</div>
@ -335,6 +348,8 @@ class ...
<a name="code"></a><h1>2. Code Layout/Guidelines</h1>
<p>Please note that these Guidelines also applies to js code.</p>
<a name="namingvars"></a><b>2.i. Variable/Function Naming</b>
<br /><br />
<div class="paragraph">
@ -468,7 +483,7 @@ do_stuff( $i, "foo", $b );
do_stuff($i, "foo", $b);
for($i=0; $i&lt;$size; $i++) ...
for($i = 0; $i &lt; $size; $i++) ...
for ($i = 0; $i &lt; $size; $i++) ...
$i=($j &lt; $size)?0:1;
$i = ($j &lt; $size) ? 0 : 1;
@ -484,12 +499,12 @@ $bool = ($i &lt; 7 &amp;&amp; $j &gt; 8 || $k == 4);
<p class="bad">// now you can be certain what I'm doing here.</p>
<blockquote><pre>
$bool = (($i &lt; 7) &amp;&amp; (($j &lt; 8) || ($k == 4)))
$bool = (($i &lt; 7) &amp;&amp; (($j &lt; 8) || ($k == 4)));
</pre></blockquote>
<p class="good">// But this one is even better, because it is easier on the eye but the intention is preserved</p>
<blockquote><pre>
$bool = ($i &lt; 7 &amp;&amp; ($j &lt; 8 || $k == 4))
$bool = ($i &lt; 7 &amp;&amp; ($j &lt; 8 || $k == 4));
</pre></blockquote>
<h3>Quoting strings:</h3>
@ -590,6 +605,92 @@ if (isset($forum)) ...
if (isset($forum) &amp;&amp; $forum == 5)
</pre></blockquote>
<h3>Switch statements:</h3>
<p>Switch/case code blocks can get a bit long sometimes. To have some level of notice and being in-line with the opening/closing brace requirement (where they are on the same line for better readability), this also applies to switch/case code blocks and the breaks. An example:</p>
<p class="bad">// Wrong </p>
<blockquote><pre>
switch ($mode)
{
case 'mode1':
// I am doing something here
break;
case 'mode2':
// I am doing something completely different here
break;
}
</pre></blockquote>
<p class="good">// Good </p>
<blockquote><pre>
switch ($mode)
{
case 'mode1':
// I am doing something here
break;
case 'mode2':
// I am doing something completely different here
break;
default:
// Always assume that the case got not catched
break;
}
</pre></blockquote>
<p class="good">// Also good, if you have more code between the case and the break </p>
<blockquote><pre>
switch ($mode)
{
case 'mode1':
// I am doing something here
break;
case 'mode2':
// I am doing something completely different here
break;
default:
// Always assume that the case got not catched
break;
}
</pre></blockquote>
<p>Even if the break for the default case is not needed, it is sometimes better to include it just for readability and completeness.</p>
<p>If no break is intended, please add a comment instead. An example:</p>
<p class="good">// Example with no break </p>
<blockquote><pre>
switch ($mode)
{
case 'mode1':
// I am doing something here
// no break here
case 'mode2':
// I am doing something completely different here
break;
default:
// Always assume that the case got not catched
break;
}
</pre></blockquote>
</div>
<a href="#top">Top</a>
<br /><br />
@ -604,7 +705,7 @@ if (isset($forum) &amp;&amp; $forum == 5)
<p>All SQL commands should utilise the DataBase Abstraction Layer (DBAL)</p>
<h3>SQL code layout:</h3>
<p>SQL Statements are often unreadable without some formatting, since they tend to be big at times. Though the formatting of sql statements adds a lot to the readability of code. SQL statements should be formatted in the following way, basically writing keywords :</p>
<p>SQL Statements are often unreadable without some formatting, since they tend to be big at times. Though the formatting of sql statements adds a lot to the readability of code. SQL statements should be formatted in the following way, basically writing keywords: </p>
<blockquote><pre>
$sql = 'SELECT *
@ -648,7 +749,7 @@ $sql = 'SELECT *
<h3>Common DBAL methods: </h3>
<p>Always use <code>$db-&gt;sql_escape()</code> if you need to check for a string within an SQL statement, for example:</p>
<p>Always use <code>$db-&gt;sql_escape()</code> if you need to check for a string within an SQL statement (even if you are sure the variable can not contain single quotes - never trust your input), for example:</p>
<blockquote><pre>
$sql = 'SELECT *
@ -683,6 +784,8 @@ $sql = 'UPDATE ' . SOME_TABLE . '
$db-&gt;sql_query($sql);
</pre></blockquote>
<p>The <code>$db-&gt;sql_build_array()</code> function supports the following modes: <code>INSERT</code> (example above), <code>INSERT_SELECT</code> (building query for <code>INSERT INTO table (...) SELECT value, column ...</code> statements), <code>MULTI_INSERT</code> (for returning extended inserts), <code>UPDATE</code> (example above) and <code>SELECT</code> (for building WHERE statement [AND logic]).</p>
</div>
<a href="#top">Top</a>
<br /><br />
@ -729,7 +832,8 @@ for ($i = 0, $size = sizeof($post_data); $i &lt; $size; $i++)
<p>No attempt should be made to remove any copyright information (either contained within the source or displayed interactively when the source is run/compiled), neither should the copyright information be altered in any way (it may be added to)</p>
<h3>Variables: </h3>
<p>Make use of the <code>request_var()</code> function for anything except for submit or single checking params. Example:</p>
<p>Make use of the <code>request_var()</code> function for anything except for submit or single checking params. </p>
<p>The request_var function determines the type to set from the second parameter (which determines the default value too). If you need to get a scalar variable type, you need to tell this the request_var function explicitly. Examples:</p>
<p class="bad">// Old method, do not use it</p>
<blockquote><pre>
@ -748,10 +852,20 @@ $submit = (isset($_POST['submit'])) ? true : false;
$start = request_var('start', '0');
</pre></blockquote>
<p class="good">// Getting an array, keys are integers, value defaults to 0
<blockquote><pre>
$mark_array = request_var('mark', array(0));
</blockquote></pre>
<p class="good">// Getting an array, keys are strings, value defaults to 0
<blockquote><pre>
$action_ary = request_var('action', array('' => 0));
</blockquote></pre>
<h3>Login checks/redirection: </h3>
<p>To show a forum login box use <code>login_forum_box($forum_data)</code>, else use the <code>login_box()</code> function.</p>
<h3>Sensitive Operatiosn: </h3>
<h3>Sensitive Operations: </h3>
<p>For sensitive operations always let the user confirm the action. For the confirmation screens, make use of the <code>confirm_box()</code> function.</p>
<h3>Sessions: </h3>
@ -772,8 +886,12 @@ $user->setup();
trigger_error('NO_FORUM');
</pre></blockquote>
<h3>Url formatting</h3>
<p>All urls pointing to internal files need to be prepended by the <code>$phpbb_root_path</code> variable. Within the administration control panel all urls pointing to internal files need to be prepended by the <code>$phpbb_admin_path</code> variable. This makes sure the path is always correct and users being able to just rename the admin folder and the acp still working as intended.</p>
<h3>General Functions: </h3>
<p>Use <code>sizeof</code> instead of <code>count</code>, this is just a general preference and guideline and has no other benefit.</p>
<p>Use <code>sizeof</code> instead of <code>count</code>, this is just a general preference and guideline and has no other benefit than to be consistent.</p>
<p>Use <code>strpos</code> instead of <code>strstr</code>.</p>
@ -1031,8 +1149,44 @@ markup
</div>
<a href="#top">Top</a>
<br /><br />
<hr />
<a name="changes"></a><h1>5. Guidelines Changelog</h1>
<div class="paragraph">
<h2>Revision 1.7</h2>
<ul class="menu">
<li>Updated <a href="#locations">1.iii. File Locations</a> to reflect recent updates</li>
<li>Added paragraph about switch statements to <a href="#codelayout">2.ii. Code Layout</a></li>
<li>Updated <a href="#sql">2.iii. SQL/SQL Layout</a></li>
<li>Added paragraph about url formatting to <a href="#general">2.v. General Guidelines</a></li>
</ul>
<h2>Revision 1.6</h2>
<ul class="menu">
<li>Added more information to Tabs vs. Spaces paragraph</li>
</ul>
<h2>Revision 1.5</h2>
<ul class="menu">
<li>$user->start now $user->session_begin</li>
</ul>
<h2>Revision 1.3</h2>
<ul class="menu">
<li>Updated Section 1.iii. - dbal layout</li>
<li>Extended Section 2.v. - usage of request_var()</li>
</ul>
</div>
<a href="#top">Top</a>
</div>
<div id="footer"> $Id$

2
phpBB/download.php
View file

@ -134,7 +134,7 @@ if ($download_mode == PHYSICAL_LINK)
trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
}
redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']);
redirect($config['upload_path'] . '/' . $attachment['physical_filename']);
}
else
{

15
phpBB/includes/acp/acp_board.php
View file

@ -192,21 +192,26 @@ class acp_board
'title' => 'ACP_SERVER_SETTINGS',
'vars' => array(
'legend1' => 'ACP_SERVER_SETTINGS',
'server_name' => array('lang' => 'SERVER_NAME', 'type' => 'text:40:255', 'explain' => true),
'server_port' => array('lang' => 'SERVER_PORT', 'type' => 'text:5:5', 'explain' => true),
'script_path' => array('lang' => 'SCRIPT_PATH', 'type' => 'text::255', 'explain' => true),
'allow_autologin' => array('lang' => 'ALLOW_AUTOLOGIN', 'type' => 'radio:yes_no', 'explain' => true),
'max_autologin_time' => array('lang' => 'AUTOLOGIN_LENGTH', 'type' => 'text:5:5', 'explain' => true),
'ip_check' => array('lang' => 'IP_VALID', 'type' => 'custom', 'method' => 'select_ip_check', 'explain' => true),
'browser_check' => array('lang' => 'BROWSER_VALID', 'type' => 'radio:yes_no', 'explain' => true),
'send_encoding' => array('lang' => 'SEND_ENCODING', 'type' => 'radio:yes_no', 'explain' => true),
'send_encoding' => array('lang' => 'SEND_ENCODING', 'type' => 'radio:yes_no', 'explain' => true),
'gzip_compress' => array('lang' => 'ENABLE_GZIP', 'type' => 'radio:yes_no', 'explain' => false),
'legend2' => 'PATH_SETTINGS',
'smilies_path' => array('lang' => 'SMILIES_PATH', 'type' => 'text:20:255', 'explain' => true),
'icons_path' => array('lang' => 'ICONS_PATH', 'type' => 'text:20:255', 'explain' => true),
'upload_icons_path' => array('lang' => 'UPLOAD_ICONS_PATH', 'type' => 'text:20:255', 'explain' => true),
'ranks_path' => array('lang' => 'RANKS_PATH', 'type' => 'text:20:255', 'explain' => true)
'ranks_path' => array('lang' => 'RANKS_PATH', 'type' => 'text:20:255', 'explain' => true),
'legend3' => 'SERVER_URL_SETTINGS',
'force_server_vars' => array('lang' => 'FORCE_SERVER_VARS', 'type' => 'radio:yes_no', 'explain' => true),
'server_protocol' => array('lang' => 'SERVER_PROTOCOL', 'type' => 'text:10:10', 'explain' => true),
'server_name' => array('lang' => 'SERVER_NAME', 'type' => 'text:40:255', 'explain' => true),
'server_port' => array('lang' => 'SERVER_PORT', 'type' => 'text:5:5', 'explain' => true),
// 'script_path' => array('lang' => 'SCRIPT_PATH', 'type' => 'text::255', 'explain' => true),
)
);
break;

4
phpBB/includes/acp/acp_permissions.php
View file

@ -32,9 +32,7 @@ class acp_permissions
$this->tpl_name = 'acp_permissions';
// Set some vars
$action = request_var('action', array('' => 0));
list($action, ) = each($action);
$action = key(request_var('action', array('' => 0)));
$action = (isset($_POST['psubmit'])) ? 'apply_permissions' : $action;
$all_forums = request_var('all_forums', 0);

61
phpBB/includes/functions.php
View file

@ -629,7 +629,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0)
{
unset($tracking['t'][$topic_id36]);
}
if (isset($tracking['f'][$f_id]))
{
unset($tracking['f'][$f_id]);
@ -1041,19 +1041,41 @@ function on_page($num_items, $per_page, $start)
}
/**
* Generate board url
* Generate board url (example: http://www.foo.bar/phpBB)
*/
function generate_board_url()
{
global $config;
global $config, $user;
$path = preg_replace('#^/?(.*?)/?$#', '\1', trim($config['script_path']));
$server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
$server_port = (!empty($_SERVER['SERVER_PORT'])) ? (int) $_SERVER['SERVER_PORT'] : (int) getenv('SERVER_PORT');
return (($config['cookie_secure']) ? 'https://' : 'http://') . preg_replace('#^/?(.*?)/?$#', '\1', trim($config['server_name'])) . (($config['server_port'] <> 80) ? ':' . trim($config['server_port']) : '') . (($path) ? '/' . $path : '');
$url = (($config['cookie_secure']) ? 'https://' : 'http://') . $server_name;
// Forcing server vars is the only way to specify/override the protocol
if ($config['force_server_vars'] || !$server_name)
{
$server_protocol = ($config['server_protocol']) ? $config['server_protocol'] : (($config['cookie_secure']) ? 'https://' : 'http://');
$server_name = $config['server_name'];
$server_port = (int) $config['server_port'];
$url = $server_protocol . $server_name;
}
if ($server_port && (($config['cookie_secure'] && $server_port <> 443) || (!$config['cookie_secure'] && $server_port <> 80)))
{
$url .= ':' . $server_port;
}
$url .= $user->page['root_script_path'];
return $url;
}
/**
* Redirects the user to another page then exits the script nicely
* Do not prepend url with $phpbb_root_path
* If not prefixed by / or full url given the board url will be prefixed
*/
function redirect($url)
{
@ -1075,9 +1097,13 @@ function redirect($url)
// If relative path, prepend board url
if (strpos($url, '://') === false && $url{0} != '/')
{
$url = generate_board_url() . preg_replace('#^/?(.*?)/?$#', '/\1', trim($url));
$url = generate_board_url() . '/' . $url;
}
/**
* Make sure no HTTP Response Splitting attacks are possible
*/
// Redirect via an HTML form for PITA webservers
if (@preg_match('#Microsoft|WebSTAR|Xitami#', getenv('SERVER_SOFTWARE')))
{
@ -1187,10 +1213,10 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
return false;
}
// re-add $SID / transform & to &amp; for user->page (user->page is always using &
$use_page = ($u_action) ? $phpbb_root_path . $u_action : $phpbb_root_path . str_replace('&', '&amp;', $user->page);
$u_action = (strpos($use_page, ".{$phpEx}?") !== false) ? str_replace(".{$phpEx}?", ".$phpEx$SID&amp;", $use_page) : $use_page . '?';
$u_action .= '&amp;confirm_key=' . $confirm_key;
// re-add $SID / transform & to &amp; for user->page (user->page is always using &)
$use_page = ($u_action) ? $phpbb_root_path . $u_action : $phpbb_root_path . str_replace('&', '&amp;', $user->page['page']);
$u_action = (strpos($use_page, 'sid=') === false) ? ((strpos($use_page, '?') !== false) ? str_replace('?', $SID . '&amp;', $use_page) : $use_page . '?' . str_replace('?', '', $SID)) : $use_page;
$u_action .= ((strpos($u_action, '?') === false) ? '?' : '&amp;') . 'confirm_key=' . $confirm_key;
$template->assign_vars(array(
'MESSAGE_TITLE' => (!isset($user->lang[$title])) ? $user->lang['CONFIRM'] : $user->lang[$title],
@ -1278,17 +1304,8 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
if (!$redirect)
{
$split_page = array();
preg_match_all('#^.*?([a-z_-]+?)\.' . $phpEx . '?(.*?)$#i', $user->page, $split_page, PREG_SET_ORDER);
// No script name set? Assume index
if (empty($split_page[0][1]))
{
$split_page[0][1] = 'index';
}
// Current page correctly formatted for (login) redirects
$redirect = htmlspecialchars($split_page[0][1] . '.' . $phpEx . $SID . ((!empty($split_page[0][2])) ? '&' . $split_page[0][2] : ''));
// We just use what the session code determined...
$redirect = htmlspecialchars($user->page['page_name'] . $SID . '&' . $user->page['query_string']);
}
$s_hidden_fields = build_hidden_fields(array('redirect' => $redirect, 'sid' => $SID));
@ -2015,7 +2032,7 @@ function page_header($page_title = '')
'SITENAME' => $config['sitename'],
'SITE_DESCRIPTION' => $config['site_desc'],
'PAGE_TITLE' => $page_title,
'SCRIPT_NAME' => substr($user->page, 0, strpos($user->page, '.')),
'SCRIPT_NAME' => str_replace($phpEx, '', $user->page['page_name']),
'LAST_VISIT_DATE' => sprintf($user->lang['YOU_LAST_VISIT'], $s_last_visit),
'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time(), false, true)),
'TOTAL_USERS_ONLINE' => $l_online_users,

8
phpBB/includes/functions_transfer.php
View file

@ -238,6 +238,9 @@ class ftp extends transfer
$this->username = $username;
$this->password = $password;
$this->timeout = $timeout;
// Make sure $this->root_path is layed out the same way as the $user->page['root_script_path'] value (prefixed with / and no / at the end)
$this->root_path = str_replace('\\', '/', $this->root_path);
$this->root_path = (($root_path{0} != '/' ) ? '/' : '') . ((substr($root_path, -1, 1) == '/') ? substr($root_path, 0, -1) : $root_path);
// Init some needed values
@ -251,8 +254,9 @@ class ftp extends transfer
*/
function data()
{
global $config;
return array('host' => 'localhost' , 'username' => 'anonymous', 'password' => '', 'root_path' => $config['script_path'], 'port' => 21, 'timeout' => 10);
global $user;
return array('host' => 'localhost' , 'username' => 'anonymous', 'password' => '', 'root_path' => $user->page['root_script_path'], 'port' => 21, 'timeout' => 10);
}
/**

2
phpBB/includes/mcp/mcp_front.php
View file

@ -60,6 +60,7 @@ function mcp_front_view($id, $mode, $action)
{
$post_list[] = $row['post_id'];
}
$db->sql_freeresult($result);
$sql = 'SELECT p.post_id, p.post_subject, p.post_time, p.poster_id, p.post_username, u.username, t.topic_id, t.topic_title, t.topic_first_post_id, p.forum_id
FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . ' u
@ -86,6 +87,7 @@ function mcp_front_view($id, $mode, $action)
'POST_TIME' => $user->format_date($row['post_time']))
);
}
$db->sql_freeresult($result);
}
if ($total == 0)

6
phpBB/includes/mcp/mcp_queue.php
View file

@ -495,7 +495,7 @@ function approve_post($post_id_list, $mode)
confirm_box(false, 'APPROVE_POST' . ((sizeof($post_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
}
$redirect = request_var('redirect', "{$phpbb_root_path}index.$phpEx$SID");
$redirect = request_var('redirect', "index.$phpEx$SID");
if (strpos($redirect, '?') === false)
{
@ -509,7 +509,7 @@ function approve_post($post_id_list, $mode)
else
{
meta_refresh(3, $redirect);
trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], "<a href=\"{$phpbb_root_path}viewforum.$phpEx$SID&amp;f=" . $forum_id . '">', '</a>'));
trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $phpbb_root_path . $redirect . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_FORUM'], "<a href=\"{$phpbb_root_path}viewforum.$phpEx$SID&amp;f=" . $forum_id . '">', '</a>'));
}
}
@ -715,7 +715,7 @@ function disapprove_post($post_id_list, $mode)
confirm_box(false, 'DISAPPROVE_POST' . ((sizeof($post_id_list) == 1) ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html');
}
$redirect = request_var('redirect', "{$phpbb_root_path}index.$phpEx$SID");
$redirect = request_var('redirect', "index.$phpEx$SID");
if (strpos($redirect, '?') === false)
{

21
phpBB/includes/message_parser.php
View file

@ -667,11 +667,8 @@ class bbcode_firstpass extends bbcode
return '';
}
$server_protocol = ( $config['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $config['server_port'] <> 80 ) ? ':' . trim($config['server_port']) . '/' : '/';
// relative urls for this board
if (preg_match('#' . $server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '$1', trim($config['script_path'])) . '/([^ \t\n\r<"\']+)#i', $url) ||
if (preg_match('#' . preg_quote(generate_board_url(), '#') . '/([^ \t\n\r<"\']+)#i', $url) ||
preg_match('#([\w]+?://.*?[^ \t\n\r<"\']*)#i', $url) ||
preg_match('#(www\.[\w\-]+\.[\w\-.\~]+(?:/[^ \t\n\r<"\']*)?)#i', $url))
{
@ -803,7 +800,7 @@ class parse_message extends bbcode_firstpass
// Parse URL's
if ($allow_magic_url)
{
$this->magic_url((($config['cookie_secure']) ? 'https://' : 'http://'), $config['server_name'], $config['server_port'], $config['script_path']);
$this->magic_url(generate_board_url());
if ($config['max_' . $mode . '_urls'])
{
@ -908,20 +905,18 @@ class parse_message extends bbcode_firstpass
// Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx.
// Cuts down displayed size of link if over 50 chars, turns absolute links
// into relative versions when the server/script path matches the link
function magic_url($server_protocol, $server_name, $server_port, $script_path)
function magic_url($server_url)
{
static $match;
static $replace;
$server_port = ($server_port <> 80 ) ? ':' . trim($server_port) . '/' : '/';
if (!is_array($match))
{
$match = $replace = array();
// Be sure to not let the matches cross over. ;)
// relative urls for this board
$match[] = '#(^|[\n ]|\()(' . preg_quote($server_protocol . trim($server_name) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '$1', trim($script_path)), '#') . ')/([^ \t\n\r<"\'\)&]+|&(?!lt;))*)#i';
$match[] = '#(^|[\n ]|\()(' . preg_quote($server_url, '#') . ')/([^ \t\n\r<"\'\)&]+|&(?!lt;))*)#i';
$replace[] = '$1<!-- l --><a href="$2/$3">$3</a><!-- l -->';
// matches a xxxx://aaaaa.bbb.cccc. ...
@ -1011,7 +1006,7 @@ class parse_message extends bbcode_firstpass
// Parse Attachments
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
global $config, $auth, $user, $phpbb_root_path;
global $config, $auth, $user, $phpbb_root_path, $phpEx;
$error = array();
@ -1075,6 +1070,8 @@ class parse_message extends bbcode_firstpass
// Perform actions on temporary attachments
if ($delete_file)
{
include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
$index = (int) key($_POST['delete_file']);
// delete selected attachment
@ -1089,10 +1086,6 @@ class parse_message extends bbcode_firstpass
}
else
{
if (!function_exists('delete_attachments'))
{
include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
}
delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id'])));
}

100
phpBB/includes/session.php
View file

@ -18,11 +18,80 @@ class session
var $cookie_data = array();
var $browser = '';
var $ip = '';
var $page = '';
var $page = array();
var $current_page_filename = '';
var $load;
var $time_now = 0;
/**
* Extract current session page
*/
function extract_current_page($root_path)
{
$page_array = array();
// First of all, get the request uri...
$script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
$args = (!empty($_SERVER['QUERY_STRING'])) ? explode('&', $_SERVER['QUERY_STRING']) : explode('&', getenv('QUERY_STRING'));
// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
if (!$script_name)
{
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
$page['failover'] = 1;
}
// Replace backslashes and doubled slashes (could happen on some proxy setups)
$script_name = str_replace(array('\\', '//'), '/', $script_name);
// Now, remove the sid and let us get a clean query string...
foreach ($args as $key => $argument)
{
if (strpos($argument, 'sid=') === 0)
{
unset($args[$key]);
break;
}
}
// The current query string
$query_string = trim(implode('&', $args));
// basenamed page name (for example: index.php)
$page_name = htmlspecialchars(basename($script_name));
// current directory within the phpBB root (for example: adm)
$page_dir = substr(str_replace(str_replace('\\', '/', realpath($root_path)), '', str_replace('\\', '/', realpath('./'))), 1);
// Current page from phpBB root (for example: adm/index.php?i=10)
$page = (($page_dir) ? $page_dir . '/' : '') . $page_name . (($query_string) ? "?$query_string" : '');
// The script path from the webroot to the current directory (for example: /phpBB2/adm) : always prefixed with /
$script_path = trim(str_replace('\\', '/', dirname($script_name)));
// The script path from the webroot to the phpBB root (for example: /phpBB2)
$root_script_path = ($page_dir) ? str_replace('/' . $page_dir, '', $script_path) : $script_path;
// We are on the base level (phpBB root == webroot), lets adjust the variables a bit...
if (!$root_script_path)
{
$root_script_path = ($page_dir) ? str_replace($page_dir, '', $script_path) : $script_path;;
}
$page_array += array(
'page_name' => $page_name,
'page_dir' => $page_dir,
'query_string' => $query_string,
'script_path' => htmlspecialchars($script_path),
'root_script_path' => htmlspecialchars($root_script_path),
'page' => $page
);
return $page_array;
}
/**
* Start session management
*
@ -38,29 +107,14 @@ class session
*/
function session_begin()
{
global $phpEx, $SID, $db, $config;
global $phpEx, $SID, $db, $config, $phpbb_root_path;
$this->time_now = time();
$this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : '';
$this->page = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] . ((isset($_POST['f'])) ? 'f=' . intval($_POST['f']) : '') : '';
$sid = substr($this->page, strpos($this->page, 'sid='), 36);
/**
* @todo: getting away with script_path or being more strict in it's format
*/
$script_path = $config['script_path'];
if ($script_path{0} != '/')
{
$script_path = '/' . $script_path;
}
if ($script_path{(strlen($script_path)-1)} != '/')
{
$script_path .= '/';
}
$this->page = str_replace(array($script_path, (strlen($sid) == 36 && strpos($sid, '&') === false) ? $sid : 'sid='), '', $this->page);
$this->page = $this->extract_current_page($phpbb_root_path);
$this->page['page'] .= (isset($_POST['f'])) ? ((strpos($this->page['page'], '?') !== false) ? '&' : '?') . 'f=' . intval($_POST['f']) : '';
$this->cookie_data = array();
if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_u']))
@ -126,10 +180,10 @@ class session
if ($u_ip == $s_ip && $s_browser == $u_browser)
{
// Only update session DB a minute or so after last update or if page changes
if ($this->time_now - $this->data['session_time'] > 60 || $this->data['session_page'] != $this->page)
if ($this->time_now - $this->data['session_time'] > 60 || $this->data['session_page'] != $this->page['page'])
{
$sql = 'UPDATE ' . SESSIONS_TABLE . "
SET session_time = $this->time_now, session_page = '" . $db->sql_escape($this->page) . "'
SET session_time = $this->time_now, session_page = '" . $db->sql_escape($this->page['page']) . "'
WHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
$db->sql_query($sql);
}
@ -317,7 +371,7 @@ class session
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $this->time_now,
'session_browser' => (string) $this->browser,
'session_page' => (string) $this->page,
'session_page' => (string) $this->page['page'],
'session_ip' => (string) $this->ip,
'session_admin' => ($set_admin) ? 1 : 0,
'session_viewonline' => ($viewonline) ? 1 : 0,
@ -888,7 +942,7 @@ class user extends session
{
global $SID;
if (strpos($this->page, 'mode=reg_details') !== false && strpos($this->page, "ucp.$phpEx") !== false)
if (strpos($this->page['page_query'], 'mode=reg_details') !== false && $this->page['page_name'] == "ucp.$phpEx")
{
redirect("ucp.$phpEx$SID&i=profile&mode=reg_details");
}

3
phpBB/includes/ucp/ucp_pm_compose.php
View file

@ -59,8 +59,7 @@ function compose_pm($id, $mode, $action)
// Was cancel pressed? If so then redirect to the appropriate page
if ($cancel || ($current_time - $lastclick < 2 && $submit))
{
$redirect = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=view&amp;action=view_message" . (($msg_id) ? "&amp;p=$msg_id" : '');
redirect($redirect);
redirect("ucp.$phpEx$SID&i=pm&mode=view&action=view_message" . (($msg_id) ? "&p=$msg_id" : ''));
}
$sql = '';

2
phpBB/includes/ucp/ucp_pm_options.php
View file

@ -294,7 +294,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
if (!$delete_id)
{
redirect("{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=$mode");
redirect("ucp.$phpEx$SID&amp;i=pm&amp;mode=$mode");
}
// Do we need to confirm?

3
phpBB/install/schemas/schema_data.sql
View file

@ -85,6 +85,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_pm', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_pm_icons', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval', '15');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('force_server_vars', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('forward_pm', '1');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('full_folder_action', '2');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('gzip_compress', '0');
@ -165,7 +166,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('queue_interval', '
INSERT INTO phpbb_config (config_name, config_value) VALUES ('ranks_path', 'images/ranks');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('save_passwd', '3');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_block_size', '250');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_gc', '7200');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_interval', '0');
@ -177,6 +177,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('secure_downloads',
INSERT INTO phpbb_config (config_name, config_value) VALUES ('send_encoding', '0');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_protocol', '');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('session_gc', '3600');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('session_length', '3600');
INSERT INTO phpbb_config (config_name, config_value) VALUES ('site_desc', 'A _little_ text to describe your forum');

11
phpBB/language/en/acp/board.php
View file

@ -119,13 +119,18 @@ $lang = array_merge($lang, array(
// Server settings
$lang = array_merge($lang, array(
'ACP_SERVER_SETTINGS_EXPLAIN' => 'Here you define server and domain dependant settings. Please ensure the data you enter is accurate, errors will result in emails containing incorrect information. When entering the domain name remember it does include http:// or other protocol term. Only alter the port number if you know your server uses a different value, port 80 is correct in most cases.',
'FORCE_SERVER_VARS' => 'Force server url settings',
'FORCE_SERVER_VARS_EXPLAIN' => 'If set to yes the server settings defined here will be used in favor of the automatically determined values',
'PATH_SETTINGS' => 'Path Settings',
'SERVER_NAME' => 'Domain Name',
'SERVER_NAME_EXPLAIN' => 'The domain name this board runs from',
'SCRIPT_PATH' => 'Script path',
'SCRIPT_PATH_EXPLAIN' => 'The path where phpBB2 is located relative to the domain name',
'SERVER_NAME_EXPLAIN' => 'The domain name this board runs from (for example: www.foo.bar)',
// 'SCRIPT_PATH' => 'Script path',
// 'SCRIPT_PATH_EXPLAIN' => 'The path where phpBB2 is located relative to the domain name',
'SERVER_PORT' => 'Server Port',
'SERVER_PORT_EXPLAIN' => 'The port your server is running on, usually 80, only change if different',
'SERVER_PROTOCOL' => 'Server Protocol',
'SERVER_PROTOCOL_EXPLAIN' => 'This is used as the server protocol if these settings are forced. If empty or not forced the protocol is determined by the cookie secure settings (http:// or https://)',
'SERVER_URL_SETTINGS' => 'Server URL Settings',
'IP_VALID' => 'Session IP validation',
'IP_VALID_EXPLAIN' => 'Determines how much of the users IP is used to validate a session; All compares the complete address, A.B.C the first x.x.x, A.B the first x.x, None disables checking.',
'ALL' => 'All',

32
phpBB/language/en/common.php
View file

@ -113,6 +113,7 @@ $lang = array_merge($lang, array(
'DISPLAY_POSTS' => 'Display posts from previous',
'DISPLAY_TOPICS' => 'Display topics from previous',
'DOWNLOADED' => 'Downloaded',
'DOWNLOADING_FILE' => 'Downloading file',
'DOWNLOAD_COUNT' => '%d Time',
'DOWNLOAD_COUNTS' => '%d Times',
'DOWNLOAD_NONE' => '0 Times',
@ -346,6 +347,7 @@ $lang = array_merge($lang, array(
'REPLYING_MESSAGE' => 'Replying to message in %s',
'REPORT_BY' => 'Report by',
'REPORT_POST' => 'Report this post',
'REPORTING_POST' => 'Reporting post',
'RESEND_ACTIVATION' => 'Resend activation email',
'RESET' => 'Reset',
'RETURN_INDEX' => 'Click %sHere%s to return to the index',
@ -442,25 +444,27 @@ $lang = array_merge($lang, array(
'TOTAL_USERS_OTHER' => 'Total members <b>%d</b>',
'TOTAL_USERS_ZERO' => 'Total members <b>0</b>',
'UNKNOWN_BROWSER' => 'Unknown Browser',
'UNMARK_ALL' => 'Unmark all',
'UNREAD_MESSAGES' => 'Unread Messages',
'UNREAD_PM' => '<b>%d</b> unread message',
'UNREAD_PMS' => '<b>%d</b> unread messages',
'UNWATCHED_FORUMS' => 'You are no longer watching the selected forums.',
'UNWATCHED_TOPICS' => 'You are no longer watching the selected topics.',
'URL_REDIRECT' => 'If your browser does not support meta redirection please click %sHERE%s to be redirected.',
'USERGROUPS' => 'Groups',
'USERNAME' => 'Username',
'USERNAMES' => 'Usernames',
'USER_POST' => '%d Post',
'USER_POSTS' => '%d Posts',
'USERS' => 'Users',
'UNKNOWN_BROWSER' => 'Unknown Browser',
'UNMARK_ALL' => 'Unmark all',
'UNREAD_MESSAGES' => 'Unread Messages',
'UNREAD_PM' => '<b>%d</b> unread message',
'UNREAD_PMS' => '<b>%d</b> unread messages',
'UNWATCHED_FORUMS' => 'You are no longer watching the selected forums.',
'UNWATCHED_TOPICS' => 'You are no longer watching the selected topics.',
'UPLOAD_IN_PROGRESS' => 'The upload is currently in progress',
'URL_REDIRECT' => 'If your browser does not support meta redirection please click %sHERE%s to be redirected.',
'USERGROUPS' => 'Groups',
'USERNAME' => 'Username',
'USERNAMES' => 'Usernames',
'USER_POST' => '%d Post',
'USER_POSTS' => '%d Posts',
'USERS' => 'Users',
'VIEWED' => 'Viewed',
'VIEWING_FAQ' => 'Viewing FAQ',
'VIEWING_MEMBERS' => 'Viewing member details',
'VIEWING_ONLINE' => 'Viewing who is online',
'VIEWING_PROFILE' => 'Viewing member profile',
'VIEWING_UCP' => 'Viewing user control panel',
'VIEWS' => 'Views',
'VIEW_BOOKMARKS' => 'View bookmarks',

32
phpBB/memberlist.php
View file

@ -282,22 +282,8 @@ switch ($mode)
trigger_error('NO_USER');
}
// Do the SQL thang
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id" . ((!$auth->acl_gets('a_group')) ? ' AND group_type <> ' . GROUP_HIDDEN : '') . '
ORDER BY group_type, group_name';
$result = $db->sql_query($sql);
$group_options = '';
while ($row = $db->sql_fetchrow($result))
{
$group_options .= '<option value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
//
$sql = 'SELECT username, user_id, user_type, user_colour, user_permissions, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_allow_viewemail, user_allow_viewonline, user_posts, user_warnings, user_regdate, user_rank, user_from, user_occ, user_interests, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_avatar, user_avatar_width, user_avatar_height, user_avatar_type, user_lastvisit
// Get user...
$sql = 'SELECT username, user_id, user_type, user_colour, group_id, user_permissions, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_allow_viewemail, user_allow_viewonline, user_posts, user_warnings, user_regdate, user_rank, user_from, user_occ, user_interests, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_avatar, user_avatar_width, user_avatar_height, user_avatar_type, user_lastvisit
FROM ' . USERS_TABLE . "
WHERE user_id = $user_id
AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
@ -309,6 +295,20 @@ switch ($mode)
}
$db->sql_freeresult($result);
// Do the SQL thang
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id" . ((!$auth->acl_get('a_group')) ? ' AND group_type <> ' . GROUP_HIDDEN : '') . '
ORDER BY group_type, group_name';
$result = $db->sql_query($sql);
$group_options = '';
while ($row = $db->sql_fetchrow($result))
{
$group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
FROM ' . SESSIONS_TABLE . "
WHERE session_user_id = $user_id";

2
phpBB/styles/subSilver/template/message_body.html
View file

@ -22,6 +22,4 @@
</tr>
</table>
<div style="float: right;"><!-- INCLUDE jumpbox.html --></div>
<!-- INCLUDE overall_footer.html -->

3
phpBB/ucp.php
View file

@ -96,6 +96,7 @@ switch ($mode)
break;
case 'delete_cookies':
// Delete Cookies with dynamic names (do NOT delete poll cookies)
if (confirm_box(true))
{
@ -126,7 +127,9 @@ switch ($mode)
{
confirm_box(false, 'DELETE_COOKIES', '');
}
redirect("index.$phpEx$SID");
break;
}

2
phpBB/viewforum.php
View file

@ -101,7 +101,7 @@ if ($forum_data['forum_link'])
$db->sql_query($sql);
}
redirect(str_replace('&amp;', '&', $forum_data['forum_link']));
redirect($forum_data['forum_link']);
}
// Forum is passworded ... check whether access has been granted to this

69
phpBB/viewonline.php
View file

@ -160,7 +160,7 @@ while ($row = $db->sql_fetchrow($result))
continue;
}
preg_match('#^([a-z]+)#i', $row['session_page'], $on_page);
preg_match('#^([a-z/]+)#i', $row['session_page'], $on_page);
if (!sizeof($on_page))
{
$on_page[1] = '';
@ -171,15 +171,20 @@ while ($row = $db->sql_fetchrow($result))
case 'index':
$location = $user->lang['INDEX'];
$location_url = "index.$phpEx$SID";
break;
break;
case 'adm/index':
$location = $user->lang['ACP'];
$location_url = "index.$phpEx$SID";
break;
case 'posting':
case 'viewforum':
case 'viewtopic':
preg_match('#f=([0-9]+)#', $row['session_page'], $forum_id);
$forum_id = (sizeof($forum_id)) ? $forum_id[1] : 0;
$forum_id = (sizeof($forum_id)) ? (int) $forum_id[1] : 0;
if ($auth->acl_get('f_list', $forum_id))
if ($forum_id && $auth->acl_get('f_list', $forum_id))
{
$location = '';
switch ($on_page[1])
@ -191,20 +196,21 @@ while ($row = $db->sql_fetchrow($result))
{
case 'reply':
$location = sprintf($user->lang['REPLYING_MESSAGE'], $forum_data[$forum_id]);
break;
break;
default:
$location = sprintf($user->lang['POSTING_MESSAGE'], $forum_data[$forum_id]);
break;
break;
}
break;
break;
case 'viewtopic':
$location = sprintf($user->lang['READING_TOPIC'], $forum_data[$forum_id]);
break;
break;
case 'viewforum':
$location = sprintf($user->lang['READING_FORUM'], $forum_data[$forum_id]);
break;
break;
}
$location_url = "viewforum.$phpEx$SID&amp;f=$forum_id";
@ -214,43 +220,64 @@ while ($row = $db->sql_fetchrow($result))
$location = $user->lang['INDEX'];
$location_url = "index.$phpEx$SID";
}
break;
break;
case 'search':
$location = $user->lang['SEARCHING_FORUMS'];
$location_url = "search.$phpEx$SID";
break;
break;
case 'faq':
$location = $user->lang['VIEWING_FAQ'];
$location_url = "faq.$phpEx$SID";
break;
break;
case 'viewonline':
$location = $user->lang['VIEWING_ONLINE'];
$location_url = "viewonline.$phpEx$SID";
break;
break;
case 'memberlist':
$location = $user->lang['VIEWING_MEMBERS'];
$location = (strpos($row['session_page'], 'mode=viewprofile') !== false) ? $user->lang['VIEWING_PROFILE'] : $user->lang['VIEWING_MEMBERS'];
$location_url = "memberlist.$phpEx$SID";
break;
break;
case 'mcp':
case 'ucp':
$location = $user->lang['VIEWING_UCP'];
$location_url = '';
/**
* @todo getting module/mode for ucp and mcp
*/
/* if (strpos($row['session_page'], 'i=pm&mode=compose') !== false)
{
$location = 'Composing PM';
}*/
$location_url = "index.$phpEx$SID";
break;
case 'download':
$location = $user->lang['DOWNLOADING_FILE'];
$location_url = "index.$phpEx$SID";
break;
case 'report':
$location = $user->lang['REPORTING_POST'];
$location_url = "index.$phpEx$SID";
break;
default:
$location = $user->lang['INDEX'];
$location_url = "index.$phpEx$SID";
break;
break;
}
$template->assign_block_vars('user_row', array(
'USERNAME' => $row['username'],
'LASTUPDATE' => $user->format_date($row['session_time']),
'FORUM_LOCATION'=> $location,
'USER_IP' => ($auth->acl_get('a_')) ? (($mode == 'lookup' && $session_id == $row['session_id']) ? gethostbyaddr($row['session_ip']) : $row['session_ip']) : '',
'USERNAME' => $row['username'],
'LASTUPDATE' => $user->format_date($row['session_time']),
'FORUM_LOCATION' => $location,
'USER_IP' => ($auth->acl_get('a_')) ? (($mode == 'lookup' && $session_id == $row['session_id']) ? gethostbyaddr($row['session_ip']) : $row['session_ip']) : '',
'U_USER_PROFILE' => (($row['user_type'] == USER_NORMAL || $row['user_type'] == USER_FOUNDER) && $row['user_id'] != ANONYMOUS) ? "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['user_id'] : '',
'U_USER_IP' => "{$phpbb_root_path}viewonline.$phpEx$SID" . (($mode != 'lookup' || $row['session_id'] != $session_id) ? '&amp;s=' . $row['session_id'] : '') . "&amp;mode=lookup&amp;sg=$show_guests&amp;start=$start&amp;sk=$sort_key&amp;sd=$sort_dir",

4
phpBB/viewtopic.php
View file

@ -259,11 +259,11 @@ if (isset($_GET['e']))
{
$jump_to = request_var('e', 0);
$redirect_url = "{$phpbb_root_path}viewtopic.$phpEx$SID&f=$forum_id&t=$topic_id";
$redirect_url = "viewtopic.$phpEx$SID&f=$forum_id&t=$topic_id";
if ($user->data['user_id'] == ANONYMOUS)
{
login_box($redirect_url . "&p=$post_id&e=$jump_to", $user->lang['LOGIN_NOTIFY_TOPIC']);
login_box("{$phpbb_root_path}$redirect_url&p=$post_id&e=$jump_to", $user->lang['LOGIN_NOTIFY_TOPIC']);
}
if ($jump_to > 0)