Menu
▾
▴
[mxbb-commits] core common.php,1.42,1.43 login.php,1.13,1.14
|
From: Jon O. <jon...@us...> - 2005-12-08 14:41:59
|
Update of /cvsroot/mxbb/core In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv31135 Modified Files: common.php login.php Log Message: - Security patch for 2.0.18 - added custom cache (eg for portal_configs etc) - minor fixes Index: login.php =================================================================== RCS file: /cvsroot/mxbb/core/login.php,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** login.php 25 Nov 2005 02:52:16 -0000 1.13 --- login.php 8 Dec 2005 14:41:48 -0000 1.14 *************** *** 212,215 **** --- 212,216 ---- make_jumpbox($phpbb_root_path . 'viewforum.'.$phpEx); + $layouttemplate->assign_vars(array( 'USERNAME' => $username, Index: common.php =================================================================== RCS file: /cvsroot/mxbb/core/common.php,v retrieving revision 1.42 retrieving revision 1.43 diff -C2 -d -r1.42 -r1.43 *** common.php 25 Nov 2005 02:52:16 -0000 1.42 --- common.php 8 Dec 2005 14:41:48 -0000 1.43 *************** *** 27,31 **** // ================================================================================ ! // The following code is based on common.php from phpBB 2.0.18 // ================================================================================ --- 27,31 ---- // ================================================================================ ! // The following code is based on common.php from phpBB // ================================================================================ *************** *** 37,41 **** // PHP5 with register_long_arrays off? ! if (@phpversion() >= '5.0.0' && (!ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off')) { $HTTP_POST_VARS = $_POST; --- 37,41 ---- // PHP5 with register_long_arrays off? ! if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off')) { $HTTP_POST_VARS = $_POST; *************** *** 69,75 **** // PHP4+ path $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path'); ! //+MOD: Added by mxBB $not_unset[] = 'mx_root_path'; ! //-MOD: Added by mxBB // Not only will array_merge give a warning if a parameter --- 69,75 ---- // PHP4+ path $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path'); ! //+MOD: Added by mxBB $not_unset[] = 'mx_root_path'; ! //-MOD: Added by mxBB // Not only will array_merge give a warning if a parameter *************** *** 99,102 **** --- 99,103 ---- } + // // addslashes to vars if magic_quotes_gpc is off *************** *** 185,189 **** if( !defined('MX_INSTALLED') ) { ! header("Location: " . $mx_root_path . "install/mx_install.$phpEx"); exit; } --- 186,190 ---- if( !defined('MX_INSTALLED') ) { ! header("Location: ' . $mx_root_path . 'install/mx_install.$phpEx"); exit; } *************** *** 207,212 **** include_once($mx_root_path . 'includes/mx_functions_core.' . $phpEx); - $portal_config = get_info(PORTAL_TABLE, 'portal_id', 1); define('PHPBB_URL', $portal_config['portal_phpbb_url']); define('PORTAL_URL', $portal_config['portal_url']); --- 208,230 ---- include_once($mx_root_path . 'includes/mx_functions_core.' . $phpEx); + // We do not need this any longer, unset for safety purposes + unset($dbpasswd); + + // + // Read mx_config data + // - instatiate the mx_config_cache class + // + $mx_config_cache = new mx_config_cache(); + + if ( $mx_config_cache->exists( 'config' ) ) + { + $portal_config = $mx_config_cache->get( 'config' ); + } + else + { + $portal_config = $mx_config_cache->db_get(); + $mx_config_cache->put( 'config', $portal_config ); + } define('PHPBB_URL', $portal_config['portal_phpbb_url']); define('PORTAL_URL', $portal_config['portal_url']); *************** *** 263,266 **** --- 281,285 ---- $sql = "SELECT * FROM " . CONFIG_TABLE; + if( !($result = $db->sql_query($sql)) ) { |
