Menu
▾
▴
[mxbb-commits] core/includes/shared/phpbb3/includes functions.php, 1.9, 1.10
|
From: Culprit <cul...@us...> - 2008-02-08 15:02:34
|
Update of /cvsroot/mxbb/core/includes/shared/phpbb3/includes In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv10500/core/includes/shared/phpbb3/includes Modified Files: functions.php Log Message: new ACP changes related. function add_form_key corrected function check_form_key added function group_create added Index: functions.php =================================================================== RCS file: /cvsroot/mxbb/core/includes/shared/phpbb3/includes/functions.php,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** functions.php 6 Feb 2008 23:43:43 -0000 1.9 --- functions.php 8 Feb 2008 15:02:27 -0000 1.10 *************** *** 609,617 **** 'form_token' => $token, )); ! $template->assign_vars(array( ! 'S_FORM_TOKEN' => $s_fields, ! )); } } // Compatibility functions --- 609,823 ---- 'form_token' => $token, )); ! if ( defined( 'IN_ADMIN' ) && is_object( $mx_acp ) ) ! { ! $mx_acp->template->assign_var( 'S_FORM_TOKEN' , $s_fields ); ! } ! else ! { ! $template->assign_var( 'S_FORM_TOKEN', $s_fields ); ! } ! } ! ! /** ! * Check the form key. Required for all altering actions not secured by confirm_box ! * ! * @param string $form_name The name of the form; has to match the name used in add_form_key, otherwise no restrictions apply ! * @param int $timespan The maximum acceptable age for a submitted form in seconds. Defaults to the config setting. ! * @param string $return_page The address for the return link ! * @param bool $trigger If true, the function will triger an error when encountering an invalid form ! * @param int $minimum_time The minimum acceptable age for a submitted form in seconds ! */ ! function check_form_key( $form_name, $timespan = false, $return_page = '', $trigger = false, $minimum_time = false ) ! { ! global $board_config, $mx_user; ! if ( $timespan === false ) ! { ! // we enforce a minimum value of half a minute here. ! $timespan = ( $board_config['form_token_lifetime'] == -1 ) ? -1 : max( 30, $board_config['form_token_lifetime'] ); ! } ! if ( $minimum_time === false ) ! { ! $minimum_time = ( int ) $board_config['form_token_mintime']; ! } ! ! if ( isset( $_POST['creation_time'] ) && isset( $_POST['form_token'] ) ) ! { ! $creation_time = abs( phpBB3::request_var( 'creation_time', 0 ) ); ! $token = phpBB3::request_var( 'form_token', '' ); ! ! $diff = ( time() - $creation_time ); ! ! if ( ( $diff >= $minimum_time ) && ( ( $diff <= $timespan ) || $timespan == -1 ) ) ! { ! $token_sid = ( $mx_user->data['user_id'] == ANONYMOUS && !empty( $board_config['form_token_sid_guests'] ) ) ? $mx_user->session_id : ''; ! ! $key = sha1( $creation_time . $mx_user->data['user_form_salt'] . $form_name . $token_sid ); ! if ( $key === $token ) ! { ! return true; ! } ! } ! } ! if ( $trigger ) ! { ! trigger_error( $user->lang['FORM_INVALID'] . $return_page ); ! } ! print '<pre>'; ! print_r( $_POST ); ! die( 'here' ); ! return false; } + /** + * Add or edit a group. If we're editing a group we only update user + * parameters such as rank, etc. if they are changed + */ + function group_create( &$group_id, $type, $name, $desc, $group_attributes, $allow_desc_bbcode = false, $allow_desc_urls = false, $allow_desc_smilies = false ) + { + global $phpbb_root_path, $board_config, $db, $mx_user, $file_upload; + + $error = array(); + $attribute_ary = array( 'group_colour' => 'string', + 'group_rank' => 'int', + 'group_avatar' => 'string', + 'group_avatar_type' => 'int', + 'group_avatar_width' => 'int', + 'group_avatar_height' => 'int', + + 'group_receive_pm' => 'int', + 'group_legend' => 'int', + 'group_message_limit' => 'int', + + 'group_founder_manage' => 'int', + ); + // Those are group-only attributes + $group_only_ary = array( 'group_receive_pm', 'group_legend', 'group_message_limit', 'group_founder_manage' ); + // Check data. Limit group name length. + if ( !utf8_strlen( $name ) || utf8_strlen( $name ) > 60 ) + { + $error[] = ( !utf8_strlen( $name ) ) ? $mx_user->lang['GROUP_ERR_USERNAME'] : $mx_user->lang['GROUP_ERR_USER_LONG']; + } + + $err = group_validate_groupname( $group_id, $name ); + if ( !empty( $err ) ) + { + $error[] = $mx_user->lang[$err]; + } + + if ( !in_array( $type, array( GROUP_OPEN, GROUP_CLOSED, GROUP_HIDDEN, GROUP_SPECIAL, GROUP_FREE ) ) ) + { + $error[] = $mx_user->lang['GROUP_ERR_TYPE']; + } + + if ( !sizeof( $error ) ) + { + $user_ary = array(); + $sql_ary = array( 'group_name' => ( string ) $name, + 'group_desc' => ( string ) $desc, + 'group_desc_uid' => '', + 'group_desc_bitfield' => '', + 'group_type' => ( int ) $type, + ); + // Parse description + if ( $desc ) + { + phpBB3::generate_text_for_storage( $sql_ary['group_desc'], $sql_ary['group_desc_uid'], $sql_ary['group_desc_bitfield'], $sql_ary['group_desc_options'], $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies ); + } + + if ( sizeof( $group_attributes ) ) + { + foreach ( $attribute_ary as $attribute => $_type ) + { + if ( isset( $group_attributes[$attribute] ) ) + { + settype( $group_attributes[$attribute], $_type ); + $sql_ary[$attribute] = $group_attributes[$attribute]; + } + } + } + // Setting the log message before we set the group id (if group gets added) + $log = ( $group_id ) ? 'LOG_GROUP_UPDATED' : 'LOG_GROUP_CREATED'; + + $query = ''; + + if ( $group_id ) + { + $sql = 'SELECT user_id + FROM ' . USERS_TABLE . ' + WHERE group_id = ' . $group_id; + $result = $db->sql_query( $sql ); + + while ( $row = $db->sql_fetchrow( $result ) ) + { + $user_ary[] = $row['user_id']; + } + $db->sql_freeresult( $result ); + + if ( isset( $sql_ary['group_avatar'] ) && !$sql_ary['group_avatar'] ) + { + remove_default_avatar( $group_id, $user_ary ); + } + if ( isset( $sql_ary['group_rank'] ) && !$sql_ary['group_rank'] ) + { + remove_default_rank( $group_id, $user_ary ); + } + + $sql = 'UPDATE ' . GROUPS_TABLE . ' + SET ' . $db->sql_build_array( 'UPDATE', $sql_ary ) . " + WHERE group_id = $group_id"; + $db->sql_query( $sql ); + // Since we may update the name too, we need to do this on other tables too... + $sql = 'UPDATE ' . MODERATOR_CACHE_TABLE . " + SET group_name = '" . $db->sql_escape( $sql_ary['group_name'] ) . "' + WHERE group_id = $group_id"; + $db->sql_query( $sql ); + } + else + { + $sql = 'INSERT INTO ' . GROUPS_TABLE . ' ' . $db->sql_build_array( 'INSERT', $sql_ary ); + $db->sql_query( $sql ); + } + + if ( !$group_id ) + { + $group_id = $db->sql_nextid(); + if ( isset( $sql_ary['group_avatar_type'] ) && $sql_ary['group_avatar_type'] == AVATAR_UPLOAD ) + { + group_correct_avatar( $group_id, $sql_ary['group_avatar'] ); + } + } + // Set user attributes + $sql_ary = array(); + if ( sizeof( $group_attributes ) ) + { + foreach ( $attribute_ary as $attribute => $_type ) + { + if ( isset( $group_attributes[$attribute] ) && !in_array( $attribute, $group_only_ary ) ) + { + // If we are about to set an avatar, we will not overwrite user avatars if no group avatar is set... + if ( strpos( $attribute, 'group_avatar' ) === 0 && !$group_attributes[$attribute] ) + { + continue; + } + + $sql_ary[$attribute] = $group_attributes[$attribute]; + } + } + } + + if ( sizeof( $sql_ary ) && sizeof( $user_ary ) ) + { + group_set_user_default( $group_id, $user_ary, $sql_ary ); + } + + $name = ( $type == GROUP_SPECIAL ) ? $mx_user->lang['G_' . $name] : $name; + //add_log( 'admin', $log, $name ); + + //group_update_listings( $group_id ); + } + + return ( sizeof( $error ) ) ? $error : false; + } + } // Compatibility functions |
