makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

request_var update

Browse source 
git-svn-id: file:///svn/phpbb/trunk@4566 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2003-10-12 08:57:04 +00:00
parent 3b9111cb5e
commit fe9b0e106d
1 changed files with 24 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
phpBB/adm/admin_email.php
View file

@ -1,23 +1,15 @@
<?php <?php
/*************************************************************************** // -------------------------------------------------------------
* admin_email.php //
* ------------------- // $Id$
* begin : Thu May 31, 2001 //
* copyright : (C) 2001 The phpBB Group // FILENAME : admin_email.php
* email : support@phpbb.com // STARTED : Thu May 31, 2001
* // COPYRIGHT : © 2001, 2003 phpBB Group
* $Id$ // WWW : http://www.phpbb.com/
* // LICENCE : GPL vs2.0 [ see /docs/COPYING ]
****************************************************************************/ //
// -------------------------------------------------------------
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if (!empty($setmodules)) if (!empty($setmodules))
{ {
@ -50,9 +42,10 @@ if (isset($_POST['submit']))
// Error checking needs to go here ... if no subject and/or no message then skip // Error checking needs to go here ... if no subject and/or no message then skip
// over the send and return to the form // over the send and return to the form
$group_id = (isset($_POST['g'])) ? intval($_POST['g']) : 0; $group_id = request_var('g', 0);
$subject = (!empty($_POST['subject'])) ? stripslashes(trim($_POST['subject'])) : ''; $subject = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', request_var('subject', ''));
$message = (!empty($_POST['message'])) ? stripslashes(trim($_POST['message'])) : ''; $message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : '';
$message = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $message);
$error = array(); $error = array();
if ($subject == '') if ($subject == '')
@ -67,7 +60,15 @@ if (isset($_POST['submit']))
if (!sizeof($error)) if (!sizeof($error))
{ {
$sql = ($group_id) ? 'SELECT u.user_email, u.username, u.user_lang FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> 1 AND u.user_id = ug.user_id AND u.user_allow_massemail = 1" : 'SELECT user_email FROM ' . USERS_TABLE . ' WHERE user_allow_massemail = 1'; $sql = ($group_id) ? 'SELECT u.user_email, u.username, u.user_lang
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug
WHERE ug.group_id = $group_id
AND ug.user_pending <> 1
AND u.user_id = ug.user_id
AND u.user_allow_massemail = 1" :
'SELECT user_email
FROM ' . USERS_TABLE . '
WHERE user_allow_massemail = 1';
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
if (!($row = $db->sql_fetchrow($result))) if (!($row = $db->sql_fetchrow($result)))