[mxbb-commits] phpbb2mxp/install install.php, 1.3, 1.4 upgrade.php, 1.3, 1.4

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/mxbb/phpbb2mxp/install
In directory vz-cvs-4.sog:/tmp/cvs-serv18354/install

Modified Files:
	install.php upgrade.php 
Log Message:
safe mod restrictions init_set session path

Index: install.php
===================================================================
RCS file: /cvsroot/mxbb/phpbb2mxp/install/install.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** install.php	8 Oct 2009 23:41:55 -0000	1.3
--- install.php	20 Mar 2011 17:02:08 -0000	1.4
***************
*** 225,229 ****
  //error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
  error_reporting(E_ALL);
! set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
  
  // PHP5 with register_long_arrays off?
--- 225,236 ----
  //error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
  error_reporting(E_ALL);
! // If we are on PHP >= 5.3.0 we do not need some code
! if (phpversion() < '5.3.0')
! {
! 	/**
! 	* @Disable magic_quotes_runtime
! 	*/
! 	@set_magic_quotes_runtime(0);
! }
  
  // PHP5 with register_long_arrays off?
***************
*** 244,311 ****
  }
  
! // Slash data if it isn't slashed
! if (!get_magic_quotes_gpc())
  {
! 	if (is_array($HTTP_GET_VARS))
  	{
! 		while (list($k, $v) = each($HTTP_GET_VARS))
  		{
! 			if (is_array($HTTP_GET_VARS[$k]))
  			{
! 				while (list($k2, $v2) = each($HTTP_GET_VARS[$k]))
  				{
! 					$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
  				}
- 				@reset($HTTP_GET_VARS[$k]);
- 			}
- 			else
- 			{
- 				$HTTP_GET_VARS[$k] = addslashes($v);
  			}
  		}
- 		@reset($HTTP_GET_VARS);
- 	}
  
! 	if (is_array($HTTP_POST_VARS))
! 	{
! 		while (list($k, $v) = each($HTTP_POST_VARS))
  		{
! 			if (is_array($HTTP_POST_VARS[$k]))
  			{
! 				while (list($k2, $v2) = each($HTTP_POST_VARS[$k]))
  				{
! 					$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
  				}
- 				@reset($HTTP_POST_VARS[$k]);
- 			}
- 			else
- 			{
- 				$HTTP_POST_VARS[$k] = addslashes($v);
  			}
  		}
- 		@reset($HTTP_POST_VARS);
- 	}
  
! 	if (is_array($HTTP_COOKIE_VARS))
! 	{
! 		while (list($k, $v) = each($HTTP_COOKIE_VARS))
  		{
! 			if (is_array($HTTP_COOKIE_VARS[$k]))
  			{
! 				while (list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]))
  				{
! 					$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
  				}
- 				@reset($HTTP_COOKIE_VARS[$k]);
- 			}
- 			else
- 			{
- 				$HTTP_COOKIE_VARS[$k] = addslashes($v);
  			}
  		}
- 		@reset($HTTP_COOKIE_VARS);
  	}
  }
- 
  // Begin main prog
  define('IN_PHPBB', true);
--- 251,323 ----
  }
  
! // If we are on PHP >= 5.3.0 we do not need some code
! if (phpversion() < '5.3.0')
  {
! 	/**
! 	* @Slash data if it isn't slashed
! 	*/
! 	if (!get_magic_quotes_gpc())
  	{
! 		if (is_array($HTTP_GET_VARS))
  		{
! 			while (list($k, $v) = each($HTTP_GET_VARS))
  			{
! 				if (is_array($HTTP_GET_VARS[$k]))
  				{
! 					while (list($k2, $v2) = each($HTTP_GET_VARS[$k]))
! 					{
! 						$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
! 					}
! 					@reset($HTTP_GET_VARS[$k]);
! 				}
! 				else
! 				{
! 					$HTTP_GET_VARS[$k] = addslashes($v);
  				}
  			}
+ 			@reset($HTTP_GET_VARS);
  		}
  
! 		if (is_array($HTTP_POST_VARS))
  		{
! 			while (list($k, $v) = each($HTTP_POST_VARS))
  			{
! 				if (is_array($HTTP_POST_VARS[$k]))
  				{
! 					while (list($k2, $v2) = each($HTTP_POST_VARS[$k]))
! 					{
! 						$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
! 					}
! 					@reset($HTTP_POST_VARS[$k]);
! 				}
! 				else
! 				{
! 					$HTTP_POST_VARS[$k] = addslashes($v);
  				}
  			}
+ 			@reset($HTTP_POST_VARS);
  		}
  
! 		if (is_array($HTTP_COOKIE_VARS))
  		{
! 			while (list($k, $v) = each($HTTP_COOKIE_VARS))
  			{
! 				if (is_array($HTTP_COOKIE_VARS[$k]))
  				{
! 					while (list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]))
! 					{
! 						$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
! 					}
! 					@reset($HTTP_COOKIE_VARS[$k]);
! 				}
! 				else
! 				{
! 					$HTTP_COOKIE_VARS[$k] = addslashes($v);
  				}
  			}
+ 			@reset($HTTP_COOKIE_VARS);
  		}
  	}
  }
  // Begin main prog
  define('IN_PHPBB', true);
***************
*** 858,866 ****
  				for ($i = 0; $i < sizeof($sql_query); $i++)
  				{
! 					if (trim($sql_query[$i]) != '')
  					{
! 						if (!($result = $db->sql_query($sql_query[$i])))
  						{
! 							$error = $db->sql_error();
  			
  							page_header($lang['Install'], '');
--- 870,878 ----
  				for ($i = 0; $i < sizeof($sql_query); $i++)
  				{
! 					if (trim(@$sql_query[$i]) != '')
  					{
! 						if (!($result = @$db->sql_query(@$sql_query[$i])))
  						{
! 							$error = @$db->sql_error();
  			
  							page_header($lang['Install'], '');
***************
*** 881,889 ****
  				for($i = 0; $i < sizeof($sql_query); $i++)
  				{
! 					if (trim($sql_query[$i]) != '')
  					{
! 						if (!($result = $db->sql_query($sql_query[$i])))
  						{
! 							$error = $db->sql_error();
  
  							page_header($lang['Install'], '');
--- 893,901 ----
  				for($i = 0; $i < sizeof($sql_query); $i++)
  				{
! 					if (trim(@$sql_query[$i]) != '')
  					{
! 						if (!($result = @$db->sql_query($sql_query[$i])))
  						{
! 							$error = @$db->sql_error();
  
  							page_header($lang['Install'], '');
***************
*** 906,910 ****
  			$sql = "INSERT INTO " . $table_prefix . "config (config_name, config_value) 
  				VALUES ('board_startdate', " . time() . ")";
! 			if (!$db->sql_query($sql))
  			{
  				$error .= "Could not insert board_startdate :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
--- 918,922 ----
  			$sql = "INSERT INTO " . $table_prefix . "config (config_name, config_value) 
  				VALUES ('board_startdate', " . time() . ")";
! 			if (!@$db->sql_query($sql))
  			{
  				$error .= "Could not insert board_startdate :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
***************
*** 913,917 ****
  			$sql = "INSERT INTO " . $table_prefix . "config (config_name, config_value) 
  				VALUES ('default_lang', '" . str_replace("\'", "''", $language) . "')";
! 			if (!$db->sql_query($sql))
  			{
  				$error .= "Could not insert default_lang :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
--- 925,929 ----
  			$sql = "INSERT INTO " . $table_prefix . "config (config_name, config_value) 
  				VALUES ('default_lang', '" . str_replace("\'", "''", $language) . "')";
! 			if (!@$db->sql_query($sql))
  			{
  				$error .= "Could not insert default_lang :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
***************
*** 930,934 ****
  					SET config_value = '$config_value' 
  					WHERE config_name = '$config_name'";
! 				if (!$db->sql_query($sql))
  				{
  					$error .= "Could not insert default_lang :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
--- 942,946 ----
  					SET config_value = '$config_value' 
  					WHERE config_name = '$config_name'";
! 				if (!@$db->sql_query($sql))
  				{
  					$error .= "Could not insert default_lang :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
***************
*** 941,945 ****
  				SET username = '" . str_replace("\'", "''", $admin_name) . "', user_password='" . str_replace("\'", "''", $admin_pass_md5) . "', user_lang = '" . str_replace("\'", "''", $language) . "', user_email='" . str_replace("\'", "''", $board_email) . "'
  				WHERE username = 'Admin'";
! 			if (!$db->sql_query($sql))
  			{
  				$error .= "Could not update admin info :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
--- 953,957 ----
  				SET username = '" . str_replace("\'", "''", $admin_name) . "', user_password='" . str_replace("\'", "''", $admin_pass_md5) . "', user_lang = '" . str_replace("\'", "''", $language) . "', user_email='" . str_replace("\'", "''", $board_email) . "'
  				WHERE username = 'Admin'";
! 			if (!@$db->sql_query($sql))
  			{
  				$error .= "Could not update admin info :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
***************
*** 948,952 ****
  			$sql = "UPDATE " . $table_prefix . "users 
  				SET user_regdate = " . time();
! 			if (!$db->sql_query($sql))
  			{
  				$error .= "Could not update user_regdate :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";
--- 960,964 ----
  			$sql = "UPDATE " . $table_prefix . "users 
  				SET user_regdate = " . time();
! 			if (!@$db->sql_query($sql))
  			{
  				$error .= "Could not update user_regdate :: " . $sql . " :: " . __LINE__ . " :: " . __FILE__ . "<br /><br />";

Index: upgrade.php
===================================================================
RCS file: /cvsroot/mxbb/phpbb2mxp/install/upgrade.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** upgrade.php	8 Oct 2009 23:41:55 -0000	1.3
--- upgrade.php	20 Mar 2011 17:02:08 -0000	1.4
***************
*** 27,31 ****
  {
  	error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
! 	set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
  
  	//
--- 27,38 ----
  {
  	error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
! 	// If we are on PHP >= 5.3.0 we do not need some code
! 	if (phpversion() < '5.3.0')
! 	{
! 		/**
! 		* @Disable magic_quotes_runtime
! 		*/
! 		@set_magic_quotes_runtime(0);
! 	}
  
  	//