[Phpbb-php5mod-cvs-checkins] phpbb-php5/admin admin_board.php,1.1,1.2 admin_db_utilities.php,1.1,1.2
Brought to you by:
jelly_doughnut
Menu
▾
▴
[Phpbb-php5mod-cvs-checkins] phpbb-php5/admin admin_board.php,1.1,1.2 admin_db_utilities.php,1.1,1.2 admin_disallow.php,1.1,1.2 admin_forum_prune.php,1.1,1.2 admin_forumauth.php,1.1,1.2 admin_forums.php,1.1,1.2 admin_groups.php,1.1,1.2 admin_mass_email.php,1.1,1.2 admin_ranks.php,1.1,1.2 admin_smilies.php,1.1,1.2 admin_styles.php,1.1,1.2 admin_ug_auth.php,1.1,1.2 admin_user_ban.php,1.1,1.2 admin_users.php,1.1,1.2 admin_words.php,1.1,1.2 index.php,1.1,1.2 page_header_admin.php,1.1,1.2 pagestart.php,1.1,1.2
Update of /cvsroot/phpbb-php5mod/phpbb-php5/admin In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv13115/admin Modified Files: admin_board.php admin_db_utilities.php admin_disallow.php admin_forum_prune.php admin_forumauth.php admin_forums.php admin_groups.php admin_mass_email.php admin_ranks.php admin_smilies.php admin_styles.php admin_ug_auth.php admin_user_ban.php admin_users.php admin_words.php index.php page_header_admin.php pagestart.php Log Message: Say goodbye long array names. Say hello superglobals. Removed code in common.php to try to rename the variables at runtime. No longer needed since we are renaming them. Index: admin_forums.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_forums.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_forums.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_forums.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 53,59 **** // Mode setting // ! if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) { ! $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } --- 53,59 ---- // Mode setting // ! if( isset($_POST['mode']) || isset($_GET['mode']) ) { ! $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; $mode = htmlspecialchars($mode); } *************** *** 227,241 **** // Begin program proper // ! if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory']) ) { ! $mode = ( isset($HTTP_POST_VARS['addforum']) ) ? "addforum" : "addcat"; if( $mode == "addforum" ) { ! list($cat_id) = each($HTTP_POST_VARS['addforum']); // // stripslashes needs to be run on this because slashes are added when the forum name is posted // ! $forumname = stripslashes($HTTP_POST_VARS['forumname'][$cat_id]); } } --- 227,241 ---- // Begin program proper // ! if( isset($_POST['addforum']) || isset($_POST['addcategory']) ) { ! $mode = ( isset($_POST['addforum']) ) ? "addforum" : "addcat"; if( $mode == "addforum" ) { ! list($cat_id) = each($_POST['addforum']); // // stripslashes needs to be run on this because slashes are added when the forum name is posted // ! $forumname = stripslashes($_POST['forumname'][$cat_id]); } } *************** *** 258,262 **** $buttonvalue = $lang['Update']; ! $forum_id = intval($HTTP_GET_VARS[POST_FORUM_URL]); $row = get_info('forum', $forum_id); --- 258,262 ---- $buttonvalue = $lang['Update']; ! $forum_id = intval($_GET[POST_FORUM_URL]); $row = get_info('forum', $forum_id); *************** *** 351,355 **** // Create a forum in the DB // ! if( trim($HTTP_POST_VARS['forumname']) == "" ) { message_die(GENERAL_ERROR, "Can't create a forum without a name"); --- 351,355 ---- // Create a forum in the DB // ! if( trim($_POST['forumname']) == "" ) { message_die(GENERAL_ERROR, "Can't create a forum without a name"); *************** *** 358,362 **** $sql = "SELECT MAX(forum_order) AS max_order FROM " . FORUMS_TABLE . " ! WHERE cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]); if( !$result = $db->sql_query($sql) ) { --- 358,362 ---- $sql = "SELECT MAX(forum_order) AS max_order FROM " . FORUMS_TABLE . " ! WHERE cat_id = " . intval($_POST[POST_CAT_URL]); if( !$result = $db->sql_query($sql) ) { *************** *** 393,397 **** // There is no problem having duplicate forum names so we won't check for it. $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_id, forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable" . $field_sql . ") ! VALUES ('" . $next_id . "', '" . str_replace("\'", "''", $HTTP_POST_VARS['forumname']) . "', " . intval($HTTP_POST_VARS[POST_CAT_URL]) . ", '" . str_replace("\'", "''", $HTTP_POST_VARS['forumdesc']) . "', $next_order, " . intval($HTTP_POST_VARS['forumstatus']) . ", " . intval($HTTP_POST_VARS['prune_enable']) . $value_sql . ")"; if( !$result = $db->sql_query($sql) ) { --- 393,397 ---- // There is no problem having duplicate forum names so we won't check for it. $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_id, forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable" . $field_sql . ") ! VALUES ('" . $next_id . "', '" . str_replace("\'", "''", $_POST['forumname']) . "', " . intval($_POST[POST_CAT_URL]) . ", '" . str_replace("\'", "''", $_POST['forumdesc']) . "', $next_order, " . intval($_POST['forumstatus']) . ", " . intval($_POST['prune_enable']) . $value_sql . ")"; if( !$result = $db->sql_query($sql) ) { *************** *** 399,406 **** } ! if( $HTTP_POST_VARS['prune_enable'] ) { ! if( $HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "") { message_die(GENERAL_MESSAGE, $lang['Set_prune_data']); --- 399,406 ---- } ! if( $_POST['prune_enable'] ) { ! if( $_POST['prune_days'] == "" || $_POST['prune_freq'] == "") { message_die(GENERAL_MESSAGE, $lang['Set_prune_data']); *************** *** 408,412 **** $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq) ! VALUES('" . $next_id . "', " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")"; if( !$result = $db->sql_query($sql) ) { --- 408,412 ---- $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq) ! VALUES('" . $next_id . "', " . intval($_POST['prune_days']) . ", " . intval($_POST['prune_freq']) . ")"; if( !$result = $db->sql_query($sql) ) { *************** *** 423,437 **** case 'modforum': // Modify a forum in the DB ! if( isset($HTTP_POST_VARS['prune_enable'])) { ! if( $HTTP_POST_VARS['prune_enable'] != 1 ) { ! $HTTP_POST_VARS['prune_enable'] = 0; } } $sql = "UPDATE " . FORUMS_TABLE . " ! SET forum_name = '" . str_replace("\'", "''", $HTTP_POST_VARS['forumname']) . "', cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]) . ", forum_desc = '" . str_replace("\'", "''", $HTTP_POST_VARS['forumdesc']) . "', forum_status = " . intval($HTTP_POST_VARS['forumstatus']) . ", prune_enable = " . intval($HTTP_POST_VARS['prune_enable']) . " ! WHERE forum_id = " . intval($HTTP_POST_VARS[POST_FORUM_URL]); if( !$result = $db->sql_query($sql) ) { --- 423,437 ---- case 'modforum': // Modify a forum in the DB ! if( isset($_POST['prune_enable'])) { ! if( $_POST['prune_enable'] != 1 ) { ! $_POST['prune_enable'] = 0; } } $sql = "UPDATE " . FORUMS_TABLE . " ! SET forum_name = '" . str_replace("\'", "''", $_POST['forumname']) . "', cat_id = " . intval($_POST[POST_CAT_URL]) . ", forum_desc = '" . str_replace("\'", "''", $_POST['forumdesc']) . "', forum_status = " . intval($_POST['forumstatus']) . ", prune_enable = " . intval($_POST['prune_enable']) . " ! WHERE forum_id = " . intval($_POST[POST_FORUM_URL]); if( !$result = $db->sql_query($sql) ) { *************** *** 439,445 **** } ! if( $HTTP_POST_VARS['prune_enable'] == 1 ) { ! if( $HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "" ) { message_die(GENERAL_MESSAGE, $lang['Set_prune_data']); --- 439,445 ---- } ! if( $_POST['prune_enable'] == 1 ) { ! if( $_POST['prune_days'] == "" || $_POST['prune_freq'] == "" ) { message_die(GENERAL_MESSAGE, $lang['Set_prune_data']); *************** *** 448,452 **** $sql = "SELECT * FROM " . PRUNE_TABLE . " ! WHERE forum_id = " . intval($HTTP_POST_VARS[POST_FORUM_URL]); if( !$result = $db->sql_query($sql) ) { --- 448,452 ---- $sql = "SELECT * FROM " . PRUNE_TABLE . " ! WHERE forum_id = " . intval($_POST[POST_FORUM_URL]); if( !$result = $db->sql_query($sql) ) { *************** *** 457,467 **** { $sql = "UPDATE " . PRUNE_TABLE . " ! SET prune_days = " . intval($HTTP_POST_VARS['prune_days']) . ", prune_freq = " . intval($HTTP_POST_VARS['prune_freq']) . " ! WHERE forum_id = " . intval($HTTP_POST_VARS[POST_FORUM_URL]); } else { $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq) ! VALUES(" . intval($HTTP_POST_VARS[POST_FORUM_URL]) . ", " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")"; } --- 457,467 ---- { $sql = "UPDATE " . PRUNE_TABLE . " ! SET prune_days = " . intval($_POST['prune_days']) . ", prune_freq = " . intval($_POST['prune_freq']) . " ! WHERE forum_id = " . intval($_POST[POST_FORUM_URL]); } else { $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq) ! VALUES(" . intval($_POST[POST_FORUM_URL]) . ", " . intval($_POST['prune_days']) . ", " . intval($_POST['prune_freq']) . ")"; } *************** *** 480,484 **** case 'addcat': // Create a category in the DB ! if( trim($HTTP_POST_VARS['categoryname']) == '') { message_die(GENERAL_ERROR, "Can't create a category without a name"); --- 480,484 ---- case 'addcat': // Create a category in the DB ! if( trim($_POST['categoryname']) == '') { message_die(GENERAL_ERROR, "Can't create a category without a name"); *************** *** 500,504 **** // $sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order) ! VALUES ('" . str_replace("\'", "''", $HTTP_POST_VARS['categoryname']) . "', $next_order)"; if( !$result = $db->sql_query($sql) ) { --- 500,504 ---- // $sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order) ! VALUES ('" . str_replace("\'", "''", $_POST['categoryname']) . "', $next_order)"; if( !$result = $db->sql_query($sql) ) { *************** *** 519,523 **** $buttonvalue = $lang['Update']; ! $cat_id = intval($HTTP_GET_VARS[POST_CAT_URL]); $row = get_info('category', $cat_id); --- 519,523 ---- $buttonvalue = $lang['Update']; ! $cat_id = intval($_GET[POST_CAT_URL]); $row = get_info('category', $cat_id); *************** *** 548,553 **** // Modify a category in the DB $sql = "UPDATE " . CATEGORIES_TABLE . " ! SET cat_title = '" . str_replace("\'", "''", $HTTP_POST_VARS['cat_title']) . "' ! WHERE cat_id = " . intval($HTTP_POST_VARS[POST_CAT_URL]); if( !$result = $db->sql_query($sql) ) { --- 548,553 ---- // Modify a category in the DB $sql = "UPDATE " . CATEGORIES_TABLE . " ! SET cat_title = '" . str_replace("\'", "''", $_POST['cat_title']) . "' ! WHERE cat_id = " . intval($_POST[POST_CAT_URL]); if( !$result = $db->sql_query($sql) ) { *************** *** 563,567 **** case 'deleteforum': // Show form to delete a forum ! $forum_id = intval($HTTP_GET_VARS[POST_FORUM_URL]); $select_to = '<select name="to_id">'; --- 563,567 ---- case 'deleteforum': // Show form to delete a forum ! $forum_id = intval($_GET[POST_FORUM_URL]); $select_to = '<select name="to_id">'; *************** *** 604,610 **** // Move or delete a forum in the DB // ! $from_id = intval($HTTP_POST_VARS['from_id']); ! $to_id = intval($HTTP_POST_VARS['to_id']); ! $delete_old = intval($HTTP_POST_VARS['delete_old']); // Either delete or move all posts in a forum --- 604,610 ---- // Move or delete a forum in the DB // ! $from_id = intval($_POST['from_id']); ! $to_id = intval($_POST['to_id']); ! $delete_old = intval($_POST['delete_old']); // Either delete or move all posts in a forum *************** *** 760,764 **** // Show form to delete a category // ! $cat_id = intval($HTTP_GET_VARS[POST_CAT_URL]); $buttonvalue = $lang['Move_and_Delete']; --- 760,764 ---- // Show form to delete a category // ! $cat_id = intval($_GET[POST_CAT_URL]); $buttonvalue = $lang['Move_and_Delete']; *************** *** 821,826 **** // Move or delete a category in the DB // ! $from_id = intval($HTTP_POST_VARS['from_id']); ! $to_id = intval($HTTP_POST_VARS['to_id']); if (!empty($to_id)) --- 821,826 ---- // Move or delete a category in the DB // ! $from_id = intval($_POST['from_id']); ! $to_id = intval($_POST['to_id']); if (!empty($to_id)) *************** *** 865,870 **** // Change order of forums in the DB // ! $move = intval($HTTP_GET_VARS['move']); ! $forum_id = intval($HTTP_GET_VARS[POST_FORUM_URL]); $forum_info = get_info('forum', $forum_id); --- 865,870 ---- // Change order of forums in the DB // ! $move = intval($_GET['move']); ! $forum_id = intval($_GET[POST_FORUM_URL]); $forum_info = get_info('forum', $forum_id); *************** *** 889,894 **** // Change order of categories in the DB // ! $move = intval($HTTP_GET_VARS['move']); ! $cat_id = intval($HTTP_GET_VARS[POST_CAT_URL]); $sql = "UPDATE " . CATEGORIES_TABLE . " --- 889,894 ---- // Change order of categories in the DB // ! $move = intval($_GET['move']); ! $cat_id = intval($_GET[POST_CAT_URL]); $sql = "UPDATE " . CATEGORIES_TABLE . " *************** *** 906,910 **** case 'forum_sync': ! sync('forum', intval($HTTP_GET_VARS[POST_FORUM_URL])); $show_index = TRUE; --- 906,910 ---- case 'forum_sync': ! sync('forum', intval($_GET[POST_FORUM_URL])); $show_index = TRUE; Index: admin_words.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_words.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_words.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_words.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 37,43 **** require('./pagestart.' . $phpEx); ! if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { ! $mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; $mode = htmlspecialchars($mode); } --- 37,43 ---- require('./pagestart.' . $phpEx); ! if( isset($_GET['mode']) || isset($_POST['mode']) ) { ! $mode = ($_GET['mode']) ? $_GET['mode'] : $_POST['mode']; $mode = htmlspecialchars($mode); } *************** *** 47,55 **** // These could be entered via a form button // ! if( isset($HTTP_POST_VARS['add']) ) { $mode = "add"; } ! else if( isset($HTTP_POST_VARS['save']) ) { $mode = "save"; --- 47,55 ---- // These could be entered via a form button // ! if( isset($_POST['add']) ) { $mode = "add"; } ! else if( isset($_POST['save']) ) { $mode = "save"; *************** *** 65,69 **** if( $mode == "edit" || $mode == "add" ) { ! $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0; $template->set_filenames(array( --- 65,69 ---- if( $mode == "edit" || $mode == "add" ) { ! $word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0; $template->set_filenames(array( *************** *** 115,121 **** else if( $mode == "save" ) { ! $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0; ! $word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : ""; ! $replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : ""; if($word == "" || $replacement == "") --- 115,121 ---- else if( $mode == "save" ) { ! $word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0; ! $word = ( isset($_POST['word']) ) ? trim($_POST['word']) : ""; ! $replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : ""; if($word == "" || $replacement == "") *************** *** 149,155 **** else if( $mode == "delete" ) { ! if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ) { ! $word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id']; $word_id = intval($word_id); } --- 149,155 ---- else if( $mode == "delete" ) { ! if( isset($_POST['id']) || isset($_GET['id']) ) { ! $word_id = ( isset($_POST['id']) ) ? $_POST['id'] : $_GET['id']; $word_id = intval($word_id); } Index: admin_disallow.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_disallow.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_disallow.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_disallow.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 38,46 **** require('./pagestart.' . $phpEx); ! if( isset($HTTP_POST_VARS['add_name']) ) { include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); ! $disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? trim($HTTP_POST_VARS['disallowed_user']) : trim($HTTP_GET_VARS['disallowed_user']); if ($disallowed_user == '') --- 38,46 ---- require('./pagestart.' . $phpEx); ! if( isset($_POST['add_name']) ) { include($phpbb_root_path . 'includes/functions_validate.'.$phpEx); ! $disallowed_user = ( isset($_POST['disallowed_user']) ) ? trim($_POST['disallowed_user']) : trim($_GET['disallowed_user']); if ($disallowed_user == '') *************** *** 68,74 **** message_die(GENERAL_MESSAGE, $message); } ! else if( isset($HTTP_POST_VARS['delete_name']) ) { ! $disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] ); $sql = "DELETE FROM " . DISALLOW_TABLE . " --- 68,74 ---- message_die(GENERAL_MESSAGE, $message); } ! else if( isset($_POST['delete_name']) ) { ! $disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] ); $sql = "DELETE FROM " . DISALLOW_TABLE . " Index: admin_styles.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_styles.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_styles.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_styles.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 42,54 **** require($phpbb_root_path . 'extension.inc'); ! $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE; ! $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE; ! $no_page_header = (!empty($HTTP_POST_VARS['send_file']) || $cancel) ? TRUE : FALSE; require('./pagestart.' . $phpEx); ! $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE; ! $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE; if ($cancel) --- 42,54 ---- require($phpbb_root_path . 'extension.inc'); ! $confirm = ( isset($_POST['confirm']) ) ? TRUE : FALSE; ! $cancel = ( isset($_POST['cancel']) ) ? TRUE : FALSE; ! $no_page_header = (!empty($_POST['send_file']) || $cancel) ? TRUE : FALSE; require('./pagestart.' . $phpEx); ! $confirm = ( isset($_POST['confirm']) ) ? TRUE : FALSE; ! $cancel = ( isset($_POST['cancel']) ) ? TRUE : FALSE; if ($cancel) *************** *** 57,63 **** } ! if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { ! $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; $mode = htmlspecialchars($mode); } --- 57,63 ---- } ! if( isset($_GET['mode']) || isset($_POST['mode']) ) { ! $mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode']; $mode = htmlspecialchars($mode); } *************** *** 70,75 **** { case "addnew": ! $install_to = ( isset($HTTP_GET_VARS['install_to']) ) ? urldecode($HTTP_GET_VARS['install_to']) : $HTTP_POST_VARS['install_to']; ! $style_name = ( isset($HTTP_GET_VARS['style']) ) ? urldecode($HTTP_GET_VARS['style']) : $HTTP_POST_VARS['style']; if( isset($install_to) ) --- 70,75 ---- { case "addnew": ! $install_to = ( isset($_GET['install_to']) ) ? urldecode($_GET['install_to']) : $_POST['install_to']; ! $style_name = ( isset($_GET['style']) ) ? urldecode($_GET['style']) : $_POST['style']; if( isset($install_to) ) *************** *** 201,205 **** case "create": case "edit": ! $submit = ( isset($HTTP_POST_VARS['submit']) ) ? TRUE : 0; if( $submit ) --- 201,205 ---- case "create": case "edit": ! $submit = ( isset($_POST['submit']) ) ? TRUE : 0; if( $submit ) *************** *** 208,282 **** // DAMN! Thats alot of data to validate... // ! $updated['style_name'] = $HTTP_POST_VARS['style_name']; ! $updated['template_name'] = $HTTP_POST_VARS['template_name']; ! $updated['head_stylesheet'] = $HTTP_POST_VARS['head_stylesheet']; ! $updated['body_background'] = $HTTP_POST_VARS['body_background']; ! $updated['body_bgcolor'] = $HTTP_POST_VARS['body_bgcolor']; ! $updated['body_text'] = $HTTP_POST_VARS['body_text']; ! $updated['body_link'] = $HTTP_POST_VARS['body_link']; ! $updated['body_vlink'] = $HTTP_POST_VARS['body_vlink']; ! $updated['body_alink'] = $HTTP_POST_VARS['body_alink']; ! $updated['body_hlink'] = $HTTP_POST_VARS['body_hlink']; ! $updated['tr_color1'] = $HTTP_POST_VARS['tr_color1']; ! $updated_name['tr_color1_name'] = $HTTP_POST_VARS['tr_color1_name']; ! $updated['tr_color2'] = $HTTP_POST_VARS['tr_color2']; ! $updated_name['tr_color2_name'] = $HTTP_POST_VARS['tr_color2_name']; ! $updated['tr_color3'] = $HTTP_POST_VARS['tr_color3']; ! $updated_name['tr_color3_name'] = $HTTP_POST_VARS['tr_color3_name']; ! $updated['tr_class1'] = $HTTP_POST_VARS['tr_class1']; ! $updated_name['tr_class1_name'] = $HTTP_POST_VARS['tr_class1_name']; ! $updated['tr_class2'] = $HTTP_POST_VARS['tr_class2']; ! $updated_name['tr_class2_name'] = $HTTP_POST_VARS['tr_class2_name']; ! $updated['tr_class3'] = $HTTP_POST_VARS['tr_class3']; ! $updated_name['tr_class3_name'] = $HTTP_POST_VARS['tr_class3_name']; ! $updated['th_color1'] = $HTTP_POST_VARS['th_color1']; ! $updated_name['th_color1_name'] = $HTTP_POST_VARS['th_color1_name']; ! $updated['th_color2'] = $HTTP_POST_VARS['th_color2']; ! $updated_name['th_color2_name'] = $HTTP_POST_VARS['th_color2_name']; ! $updated['th_color3'] = $HTTP_POST_VARS['th_color3']; ! $updated_name['th_color3_name'] = $HTTP_POST_VARS['th_color3_name']; ! $updated['th_class1'] = $HTTP_POST_VARS['th_class1']; ! $updated_name['th_class1_name'] = $HTTP_POST_VARS['th_class1_name']; ! $updated['th_class2'] = $HTTP_POST_VARS['th_class2']; ! $updated_name['th_class2_name'] = $HTTP_POST_VARS['th_class2_name']; ! $updated['th_class3'] = $HTTP_POST_VARS['th_class3']; ! $updated_name['th_class3_name'] = $HTTP_POST_VARS['th_class3_name']; ! $updated['td_color1'] = $HTTP_POST_VARS['td_color1']; ! $updated_name['td_color1_name'] = $HTTP_POST_VARS['td_color1_name']; ! $updated['td_color2'] = $HTTP_POST_VARS['td_color2']; ! $updated_name['td_color2_name'] = $HTTP_POST_VARS['td_color2_name']; ! $updated['td_color3'] = $HTTP_POST_VARS['td_color3']; ! $updated_name['td_color3_name'] = $HTTP_POST_VARS['td_color3_name']; ! $updated['td_class1'] = $HTTP_POST_VARS['td_class1']; ! $updated_name['td_class1_name'] = $HTTP_POST_VARS['td_class1_name']; ! $updated['td_class2'] = $HTTP_POST_VARS['td_class2']; ! $updated_name['td_class2_name'] = $HTTP_POST_VARS['td_class2_name']; ! $updated['td_class3'] = $HTTP_POST_VARS['td_class3']; ! $updated_name['td_class3_name'] = $HTTP_POST_VARS['td_class3_name']; ! $updated['fontface1'] = $HTTP_POST_VARS['fontface1']; ! $updated_name['fontface1_name'] = $HTTP_POST_VARS['fontface1_name']; ! $updated['fontface2'] = $HTTP_POST_VARS['fontface2']; ! $updated_name['fontface2_name'] = $HTTP_POST_VARS['fontface2_name']; ! $updated['fontface3'] = $HTTP_POST_VARS['fontface3']; ! $updated_name['fontface3_name'] = $HTTP_POST_VARS['fontface3_name']; ! $updated['fontsize1'] = intval($HTTP_POST_VARS['fontsize1']); ! $updated_name['fontsize1_name'] = $HTTP_POST_VARS['fontsize1_name']; ! $updated['fontsize2'] = intval($HTTP_POST_VARS['fontsize2']); ! $updated_name['fontsize2_name'] = $HTTP_POST_VARS['fontsize2_name']; ! $updated['fontsize3'] = intval($HTTP_POST_VARS['fontsize3']); ! $updated_name['fontsize3_name'] = $HTTP_POST_VARS['fontsize3_name']; ! $updated['fontcolor1'] = $HTTP_POST_VARS['fontcolor1']; ! $updated_name['fontcolor1_name'] = $HTTP_POST_VARS['fontcolor1_name']; ! $updated['fontcolor2'] = $HTTP_POST_VARS['fontcolor2']; ! $updated_name['fontcolor2_name'] = $HTTP_POST_VARS['fontcolor2_name']; ! $updated['fontcolor3'] = $HTTP_POST_VARS['fontcolor3']; ! $updated_name['fontcolor3_name'] = $HTTP_POST_VARS['fontcolor3_name']; ! $updated['span_class1'] = $HTTP_POST_VARS['span_class1']; ! $updated_name['span_class1_name'] = $HTTP_POST_VARS['span_class1_name']; ! $updated['span_class2'] = $HTTP_POST_VARS['span_class2']; ! $updated_name['span_class2_name'] = $HTTP_POST_VARS['span_class2_name']; ! $updated['span_class3'] = $HTTP_POST_VARS['span_class3']; ! $updated_name['span_class3_name'] = $HTTP_POST_VARS['span_class3_name']; ! $style_id = intval($HTTP_POST_VARS['style_id']); // // Wheeeew! Thank heavens for copy and paste and search and replace :D --- 208,282 ---- // DAMN! Thats alot of data to validate... // ! $updated['style_name'] = $_POST['style_name']; ! $updated['template_name'] = $_POST['template_name']; ! $updated['head_stylesheet'] = $_POST['head_stylesheet']; ! $updated['body_background'] = $_POST['body_background']; ! $updated['body_bgcolor'] = $_POST['body_bgcolor']; ! $updated['body_text'] = $_POST['body_text']; ! $updated['body_link'] = $_POST['body_link']; ! $updated['body_vlink'] = $_POST['body_vlink']; ! $updated['body_alink'] = $_POST['body_alink']; ! $updated['body_hlink'] = $_POST['body_hlink']; ! $updated['tr_color1'] = $_POST['tr_color1']; ! $updated_name['tr_color1_name'] = $_POST['tr_color1_name']; ! $updated['tr_color2'] = $_POST['tr_color2']; ! $updated_name['tr_color2_name'] = $_POST['tr_color2_name']; ! $updated['tr_color3'] = $_POST['tr_color3']; ! $updated_name['tr_color3_name'] = $_POST['tr_color3_name']; ! $updated['tr_class1'] = $_POST['tr_class1']; ! $updated_name['tr_class1_name'] = $_POST['tr_class1_name']; ! $updated['tr_class2'] = $_POST['tr_class2']; ! $updated_name['tr_class2_name'] = $_POST['tr_class2_name']; ! $updated['tr_class3'] = $_POST['tr_class3']; ! $updated_name['tr_class3_name'] = $_POST['tr_class3_name']; ! $updated['th_color1'] = $_POST['th_color1']; ! $updated_name['th_color1_name'] = $_POST['th_color1_name']; ! $updated['th_color2'] = $_POST['th_color2']; ! $updated_name['th_color2_name'] = $_POST['th_color2_name']; ! $updated['th_color3'] = $_POST['th_color3']; ! $updated_name['th_color3_name'] = $_POST['th_color3_name']; ! $updated['th_class1'] = $_POST['th_class1']; ! $updated_name['th_class1_name'] = $_POST['th_class1_name']; ! $updated['th_class2'] = $_POST['th_class2']; ! $updated_name['th_class2_name'] = $_POST['th_class2_name']; ! $updated['th_class3'] = $_POST['th_class3']; ! $updated_name['th_class3_name'] = $_POST['th_class3_name']; ! $updated['td_color1'] = $_POST['td_color1']; ! $updated_name['td_color1_name'] = $_POST['td_color1_name']; ! $updated['td_color2'] = $_POST['td_color2']; ! $updated_name['td_color2_name'] = $_POST['td_color2_name']; ! $updated['td_color3'] = $_POST['td_color3']; ! $updated_name['td_color3_name'] = $_POST['td_color3_name']; ! $updated['td_class1'] = $_POST['td_class1']; ! $updated_name['td_class1_name'] = $_POST['td_class1_name']; ! $updated['td_class2'] = $_POST['td_class2']; ! $updated_name['td_class2_name'] = $_POST['td_class2_name']; ! $updated['td_class3'] = $_POST['td_class3']; ! $updated_name['td_class3_name'] = $_POST['td_class3_name']; ! $updated['fontface1'] = $_POST['fontface1']; ! $updated_name['fontface1_name'] = $_POST['fontface1_name']; ! $updated['fontface2'] = $_POST['fontface2']; ! $updated_name['fontface2_name'] = $_POST['fontface2_name']; ! $updated['fontface3'] = $_POST['fontface3']; ! $updated_name['fontface3_name'] = $_POST['fontface3_name']; ! $updated['fontsize1'] = intval($_POST['fontsize1']); ! $updated_name['fontsize1_name'] = $_POST['fontsize1_name']; ! $updated['fontsize2'] = intval($_POST['fontsize2']); ! $updated_name['fontsize2_name'] = $_POST['fontsize2_name']; ! $updated['fontsize3'] = intval($_POST['fontsize3']); ! $updated_name['fontsize3_name'] = $_POST['fontsize3_name']; ! $updated['fontcolor1'] = $_POST['fontcolor1']; ! $updated_name['fontcolor1_name'] = $_POST['fontcolor1_name']; ! $updated['fontcolor2'] = $_POST['fontcolor2']; ! $updated_name['fontcolor2_name'] = $_POST['fontcolor2_name']; ! $updated['fontcolor3'] = $_POST['fontcolor3']; ! $updated_name['fontcolor3_name'] = $_POST['fontcolor3_name']; ! $updated['span_class1'] = $_POST['span_class1']; ! $updated_name['span_class1_name'] = $_POST['span_class1_name']; ! $updated['span_class2'] = $_POST['span_class2']; ! $updated_name['span_class2_name'] = $_POST['span_class2_name']; ! $updated['span_class3'] = $_POST['span_class3']; ! $updated_name['span_class3_name'] = $_POST['span_class3_name']; ! $style_id = intval($_POST['style_id']); // // Wheeeew! Thank heavens for copy and paste and search and replace :D *************** *** 493,497 **** $themes_explain = $lang['Edit_theme_explain']; ! $style_id = intval($HTTP_GET_VARS['style_id']); $selected_names = array(); --- 493,497 ---- $themes_explain = $lang['Edit_theme_explain']; ! $style_id = intval($_GET['style_id']); $selected_names = array(); *************** *** 702,708 **** case "export"; ! if($HTTP_POST_VARS['export_template']) { ! $template_name = $HTTP_POST_VARS['export_template']; $sql = "SELECT * --- 702,708 ---- case "export"; ! if($_POST['export_template']) { ! $template_name = $_POST['export_template']; $sql = "SELECT * *************** *** 774,778 **** } ! else if($HTTP_POST_VARS['send_file']) { --- 774,778 ---- } ! else if($_POST['send_file']) { *************** *** 780,784 **** header("Content-disposition: attachment; filename=theme_info.cfg"); ! echo stripslashes($HTTP_POST_VARS['theme_info']); } else --- 780,784 ---- header("Content-disposition: attachment; filename=theme_info.cfg"); ! echo stripslashes($_POST['theme_info']); } else *************** *** 821,825 **** case "delete": ! $style_id = ( isset($HTTP_GET_VARS['style_id']) ) ? intval($HTTP_GET_VARS['style_id']) : intval($HTTP_POST_VARS['style_id']); if( !$confirm ) --- 821,825 ---- case "delete": ! $style_id = ( isset($_GET['style_id']) ) ? intval($_GET['style_id']) : intval($_POST['style_id']); if( !$confirm ) *************** *** 933,937 **** } ! if (empty($HTTP_POST_VARS['send_file'])) { include('./page_footer_admin.'.$phpEx); --- 933,937 ---- } ! if (empty($_POST['send_file'])) { include('./page_footer_admin.'.$phpEx); Index: admin_users.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_users.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_users.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_users.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 45,51 **** // Set mode // ! if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) { ! $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } --- 45,51 ---- // Set mode // ! if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) { ! $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; $mode = htmlspecialchars($mode); } *************** *** 58,69 **** // Begin program // ! if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ) { // // Ok, the profile has been modified and submitted, let's update // ! if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) { ! $user_id = intval($HTTP_POST_VARS['id']); if (!($this_userdata = get_userdata($user_id))) --- 58,69 ---- // Begin program // ! if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset($_GET[POST_USERS_URL]) || isset( $_POST[POST_USERS_URL]) ) ) { // // Ok, the profile has been modified and submitted, let's update // ! if ( ( $mode == 'save' && isset( $_POST['submit'] ) ) || isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) { ! $user_id = intval($_POST['id']); if (!($this_userdata = get_userdata($user_id))) *************** *** 72,76 **** } ! if( $HTTP_POST_VARS['deleteuser'] ) { $sql = "SELECT g.group_id --- 72,76 ---- } ! if( $_POST['deleteuser'] ) { $sql = "SELECT g.group_id *************** *** 218,275 **** } ! $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : ''; ! $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : ''; ! $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : ''; ! $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : ''; ! $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : ''; ! $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : ''; ! $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : ''; ! $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : ''; ! $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : ''; ! $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : ''; ! $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : ''; ! $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : ''; ! $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : ''; validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); ! $viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0; ! $allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE; ! $notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0; ! $notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE; ! $popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE; ! $attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0; ! $allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html']; ! $allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode']; ! $allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies']; ! $user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style']; ! $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; ! $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone']; ! $user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template']; ! $user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat']; ! $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] ) ) ? $HTTP_POST_VARS['avatarlocal'] : '' ); ! $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : ''; ! $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : ''; ! $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : ''; ! $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ''; ! $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; ! $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ''; $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; ! $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; ! $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0; ! $user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0; ! $user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0; ! if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) { $username = stripslashes($username); --- 218,275 ---- } ! $username = ( !empty($_POST['username']) ) ? trim(strip_tags(htmlspecialchars($_POST['username']))) : ''; ! $email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars( $_POST['email'] ) )) : ''; ! $password = ( !empty($_POST['password']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password'] ) )) : ''; ! $password_confirm = ( !empty($_POST['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password_confirm'] ) )) : ''; ! $icq = ( !empty($_POST['icq']) ) ? trim(strip_tags( $_POST['icq'] ) ) : ''; ! $aim = ( !empty($_POST['aim']) ) ? trim(strip_tags( $_POST['aim'] ) ) : ''; ! $msn = ( !empty($_POST['msn']) ) ? trim(strip_tags( $_POST['msn'] ) ) : ''; ! $yim = ( !empty($_POST['yim']) ) ? trim(strip_tags( $_POST['yim'] ) ) : ''; ! $website = ( !empty($_POST['website']) ) ? trim(strip_tags( $_POST['website'] ) ) : ''; ! $location = ( !empty($_POST['location']) ) ? trim(strip_tags( $_POST['location'] ) ) : ''; ! $occupation = ( !empty($_POST['occupation']) ) ? trim(strip_tags( $_POST['occupation'] ) ) : ''; ! $interests = ( !empty($_POST['interests']) ) ? trim(strip_tags( $_POST['interests'] ) ) : ''; ! $signature = ( !empty($_POST['signature']) ) ? trim(str_replace('<br />', "\n", $_POST['signature'] ) ) : ''; validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); ! $viewemail = ( isset( $_POST['viewemail']) ) ? ( ( $_POST['viewemail'] ) ? TRUE : 0 ) : 0; ! $allowviewonline = ( isset( $_POST['hideonline']) ) ? ( ( $_POST['hideonline'] ) ? 0 : TRUE ) : TRUE; ! $notifyreply = ( isset( $_POST['notifyreply']) ) ? ( ( $_POST['notifyreply'] ) ? TRUE : 0 ) : 0; ! $notifypm = ( isset( $_POST['notifypm']) ) ? ( ( $_POST['notifypm'] ) ? TRUE : 0 ) : TRUE; ! $popuppm = ( isset( $_POST['popup_pm']) ) ? ( ( $_POST['popup_pm'] ) ? TRUE : 0 ) : TRUE; ! $attachsig = ( isset( $_POST['attachsig']) ) ? ( ( $_POST['attachsig'] ) ? TRUE : 0 ) : 0; ! $allowhtml = ( isset( $_POST['allowhtml']) ) ? intval( $_POST['allowhtml'] ) : $board_config['allow_html']; ! $allowbbcode = ( isset( $_POST['allowbbcode']) ) ? intval( $_POST['allowbbcode'] ) : $board_config['allow_bbcode']; ! $allowsmilies = ( isset( $_POST['allowsmilies']) ) ? intval( $_POST['allowsmilies'] ) : $board_config['allow_smilies']; ! $user_style = ( $_POST['style'] ) ? intval( $_POST['style'] ) : $board_config['default_style']; ! $user_lang = ( $_POST['language'] ) ? $_POST['language'] : $board_config['default_lang']; ! $user_timezone = ( isset( $_POST['timezone']) ) ? doubleval( $_POST['timezone'] ) : $board_config['board_timezone']; ! $user_template = ( $_POST['template'] ) ? $_POST['template'] : $board_config['board_template']; ! $user_dateformat = ( $_POST['dateformat'] ) ? trim( $_POST['dateformat'] ) : $board_config['default_dateformat']; ! $user_avatar_local = ( isset( $_POST['avatarselect'] ) && !empty($_POST['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $_POST['avatarselect'] : ( ( isset( $_POST['avatarlocal'] ) ) ? $_POST['avatarlocal'] : '' ); ! $user_avatar_remoteurl = ( !empty($_POST['avatarremoteurl']) ) ? trim( $_POST['avatarremoteurl'] ) : ''; ! $user_avatar_url = ( !empty($_POST['avatarurl']) ) ? trim( $_POST['avatarurl'] ) : ''; ! $user_avatar_loc = ( $_FILES['avatar']['tmp_name'] != "none") ? $_FILES['avatar']['tmp_name'] : ''; ! $user_avatar_name = ( !empty($_FILES['avatar']['name']) ) ? $_FILES['avatar']['name'] : ''; ! $user_avatar_size = ( !empty($_FILES['avatar']['size']) ) ? $_FILES['avatar']['size'] : 0; ! $user_avatar_filetype = ( !empty($_FILES['avatar']['type']) ) ? $_FILES['avatar']['type'] : ''; $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; ! $user_status = ( !empty($_POST['user_status']) ) ? intval( $_POST['user_status'] ) : 0; ! $user_allowpm = ( !empty($_POST['user_allowpm']) ) ? intval( $_POST['user_allowpm'] ) : 0; ! $user_rank = ( !empty($_POST['user_rank']) ) ? intval( $_POST['user_rank'] ) : 0; ! $user_allowavatar = ( !empty($_POST['user_allowavatar']) ) ? intval( $_POST['user_allowavatar'] ) : 0; ! if( isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) { $username = stripslashes($username); *************** *** 292,296 **** $user_dateformat = htmlspecialchars(stripslashes($user_dateformat)); ! if ( !isset($HTTP_POST_VARS['cancelavatar'])) { $user_avatar = $user_avatar_local; --- 292,296 ---- $user_dateformat = htmlspecialchars(stripslashes($user_dateformat)); ! if ( !isset($_POST['cancelavatar'])) { $user_avatar = $user_avatar_local; *************** *** 300,304 **** } ! if( isset( $HTTP_POST_VARS['submit'] ) ) { include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); --- 300,304 ---- } ! if( isset( $_POST['submit'] ) ) { include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); *************** *** 386,390 **** // $avatar_sql = ""; ! if( isset($HTTP_POST_VARS['avatardel']) ) { if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) --- 386,390 ---- // $avatar_sql = ""; ! if( isset($_POST['avatardel']) ) { if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) *************** *** 727,735 **** } } ! else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) ) { ! if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) { ! $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]); $this_userdata = get_userdata($user_id); if( !$this_userdata ) --- 727,735 ---- } } ! else if( !isset( $_POST['submit'] ) && $mode != 'save' && !isset( $_POST['avatargallery'] ) && !isset( $_POST['submitavatar'] ) && !isset( $_POST['cancelavatar'] ) ) { ! if( isset( $_GET[POST_USERS_URL]) || isset( $_POST[POST_USERS_URL]) ) { ! $user_id = ( isset( $_POST[POST_USERS_URL]) ) ? intval( $_POST[POST_USERS_URL]) : intval( $_GET[POST_USERS_URL]); $this_userdata = get_userdata($user_id); if( !$this_userdata ) *************** *** 740,744 **** else { ! $this_userdata = get_userdata($HTTP_POST_VARS['username'], true); if( !$this_userdata ) { --- 740,744 ---- else { ! $this_userdata = get_userdata($_POST['username'], true); if( !$this_userdata ) { *************** *** 797,805 **** } ! if( isset($HTTP_POST_VARS['avatargallery']) && !$error ) { if( !$error ) { ! $user_id = intval($HTTP_POST_VARS['id']); $template->set_filenames(array( --- 797,805 ---- } ! if( isset($_POST['avatargallery']) && !$error ) { if( !$error ) { ! $user_id = intval($_POST['id']); $template->set_filenames(array( *************** *** 838,844 **** @closedir($dir); ! if( isset($HTTP_POST_VARS['avatarcategory']) ) { ! $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']); } else --- 838,844 ---- @closedir($dir); ! if( isset($_POST['avatarcategory']) ) { ! $category = htmlspecialchars($_POST['avatarcategory']); } else *************** *** 877,881 **** } ! $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE; $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; --- 877,881 ---- } ! $coppa = ( ( !$_POST['coppa'] && !$_GET['coppa'] ) || $mode == "register") ? 0 : TRUE; $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; Index: index.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/index.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** index.php 29 Jul 2004 22:30:29 -0000 1.1 --- index.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 52,56 **** // Generate relevant output // ! if( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' ) { $dir = @opendir("."); --- 52,56 ---- // Generate relevant output // ! if( isset($_GET['pane']) && $_GET['pane'] == 'left' ) { $dir = @opendir("."); *************** *** 119,123 **** include('./page_footer_admin.'.$phpEx); } ! elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) { --- 119,123 ---- include('./page_footer_admin.'.$phpEx); } ! elseif( isset($_GET['pane']) && $_GET['pane'] == 'right' ) { Index: page_header_admin.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/page_header_admin.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** page_header_admin.php 29 Jul 2004 22:30:29 -0000 1.1 --- page_header_admin.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 47,51 **** else if ( $phpver > '4.0' ) { ! if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') ) { if ( extension_loaded('zlib') ) --- 47,51 ---- else if ( $phpver > '4.0' ) { ! if ( strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') ) { if ( extension_loaded('zlib') ) Index: admin_ug_auth.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_ug_auth.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_ug_auth.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_ug_auth.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 45,51 **** while( list($var, $param) = @each($params) ) { ! if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) ) { ! $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? $HTTP_POST_VARS[$param] : $HTTP_GET_VARS[$param]; } else --- 45,51 ---- while( list($var, $param) = @each($params) ) { ! if ( !empty($_POST[$param]) || !empty($_GET[$param]) ) { ! $$var = ( !empty($_POST[$param]) ) ? $_POST[$param] : $_GET[$param]; } else *************** *** 128,132 **** // ------------- ! if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || ( $mode == 'group' && $group_id ) ) ) { $user_level = ''; --- 128,132 ---- // ------------- ! if ( isset($_POST['submit']) && ( ( $mode == 'user' && $user_id ) || ( $mode == 'group' && $group_id ) ) ) { $user_level = ''; *************** *** 158,162 **** // Carry out requests // ! if ( $mode == 'user' && $HTTP_POST_VARS['userlevel'] == 'admin' && $user_level != ADMIN ) { // --- 158,162 ---- // Carry out requests // ! if ( $mode == 'user' && $_POST['userlevel'] == 'admin' && $user_level != ADMIN ) { // *************** *** 199,203 **** else { ! if ( $mode == 'user' && $HTTP_POST_VARS['userlevel'] == 'user' && $user_level == ADMIN ) { // --- 199,203 ---- else { ! if ( $mode == 'user' && $_POST['userlevel'] == 'user' && $user_level == ADMIN ) { // *************** *** 232,240 **** { ! $change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : false; if ( empty($adv) ) { ! $change_acl_list = ( isset($HTTP_POST_VARS['private']) ) ? $HTTP_POST_VARS['private'] : false; } else --- 232,240 ---- { ! $change_mod_list = ( isset($_POST['moderator']) ) ? $_POST['moderator'] : false; if ( empty($adv) ) { ! $change_acl_list = ( isset($_POST['private']) ) ? $_POST['private'] : false; } else *************** *** 245,249 **** $auth_field = $forum_auth_fields[$j]; ! while( list($forum_id, $value) = @each($HTTP_POST_VARS['private_' . $auth_field]) ) { $change_acl_list[$forum_id][$auth_field] = $value; --- 245,249 ---- $auth_field = $forum_auth_fields[$j]; ! while( list($forum_id, $value) = @each($_POST['private_' . $auth_field]) ) { $change_acl_list[$forum_id][$auth_field] = $value; *************** *** 512,520 **** } } ! else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id ) ) || ( $mode == 'group' && $group_id ) ) { ! if ( isset($HTTP_POST_VARS['username']) ) { ! $this_userdata = get_userdata($HTTP_POST_VARS['username'], true); if ( !is_array($this_userdata) ) { --- 512,520 ---- } } ! else if ( ( $mode == 'user' && ( isset($_POST['username']) || $user_id ) ) || ( $mode == 'group' && $group_id ) ) { ! if ( isset($_POST['username']) ) { ! $this_userdata = get_userdata($_POST['username'], true); if ( !is_array($this_userdata) ) { Index: admin_user_ban.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_user_ban.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_user_ban.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_user_ban.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 41,45 **** // Start program // ! if ( isset($HTTP_POST_VARS['submit']) ) { $user_bansql = ''; --- 41,45 ---- // Start program // ! if ( isset($_POST['submit']) ) { $user_bansql = ''; *************** *** 48,54 **** $user_list = array(); ! if ( !empty($HTTP_POST_VARS['username']) ) { ! $this_userdata = get_userdata($HTTP_POST_VARS['username'], true); if( !$this_userdata ) { --- 48,54 ---- $user_list = array(); ! if ( !empty($_POST['username']) ) { ! $this_userdata = get_userdata($_POST['username'], true); if( !$this_userdata ) { *************** *** 60,66 **** $ip_list = array(); ! if ( isset($HTTP_POST_VARS['ban_ip']) ) { ! $ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']); for($i = 0; $i < count($ip_list_temp); $i++) --- 60,66 ---- $ip_list = array(); ! if ( isset($_POST['ban_ip']) ) { ! $ip_list_temp = explode(',', $_POST['ban_ip']); for($i = 0; $i < count($ip_list_temp); $i++) *************** *** 145,151 **** $email_list = array(); ! if ( isset($HTTP_POST_VARS['ban_email']) ) { ! $email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']); for($i = 0; $i < count($email_list_temp); $i++) --- 145,151 ---- $email_list = array(); ! if ( isset($_POST['ban_email']) ) { ! $email_list_temp = explode(',', $_POST['ban_email']); for($i = 0; $i < count($email_list_temp); $i++) *************** *** 270,276 **** $where_sql = ''; ! if ( isset($HTTP_POST_VARS['unban_user']) ) { ! $user_list = $HTTP_POST_VARS['unban_user']; for($i = 0; $i < count($user_list); $i++) --- 270,276 ---- $where_sql = ''; ! if ( isset($_POST['unban_user']) ) { ! $user_list = $_POST['unban_user']; for($i = 0; $i < count($user_list); $i++) *************** *** 283,289 **** } ! if ( isset($HTTP_POST_VARS['unban_ip']) ) { ! $ip_list = $HTTP_POST_VARS['unban_ip']; for($i = 0; $i < count($ip_list); $i++) --- 283,289 ---- } ! if ( isset($_POST['unban_ip']) ) { ! $ip_list = $_POST['unban_ip']; for($i = 0; $i < count($ip_list); $i++) *************** *** 296,302 **** } ! if ( isset($HTTP_POST_VARS['unban_email']) ) { ! $email_list = $HTTP_POST_VARS['unban_email']; for($i = 0; $i < count($email_list); $i++) --- 296,302 ---- } ! if ( isset($_POST['unban_email']) ) { ! $email_list = $_POST['unban_email']; for($i = 0; $i < count($email_list); $i++) Index: admin_forumauth.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_forumauth.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_forumauth.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_forumauth.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 72,78 **** $forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN); ! if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL])) { ! $forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? intval($HTTP_POST_VARS[POST_FORUM_URL]) : intval($HTTP_GET_VARS[POST_FORUM_URL]); $forum_sql = "AND forum_id = $forum_id"; } --- 72,78 ---- $forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN); ! if(isset($_GET[POST_FORUM_URL]) || isset($_POST[POST_FORUM_URL])) { ! $forum_id = (isset($_POST[POST_FORUM_URL])) ? intval($_POST[POST_FORUM_URL]) : intval($_GET[POST_FORUM_URL]); $forum_sql = "AND forum_id = $forum_id"; } *************** *** 83,89 **** } ! if( isset($HTTP_GET_VARS['adv']) ) { ! $adv = intval($HTTP_GET_VARS['adv']); } else --- 83,89 ---- } ! if( isset($_GET['adv']) ) { ! $adv = intval($_GET['adv']); } else *************** *** 95,99 **** // Start program proper // ! if( isset($HTTP_POST_VARS['submit']) ) { $sql = ''; --- 95,99 ---- // Start program proper // ! if( isset($_POST['submit']) ) { $sql = ''; *************** *** 101,107 **** if(!empty($forum_id)) { ! if(isset($HTTP_POST_VARS['simpleauth'])) { ! $simple_ary = $simple_auth_ary[intval($HTTP_POST_VARS['simpleauth'])]; for($i = 0; $i < count($simple_ary); $i++) --- 101,107 ---- if(!empty($forum_id)) { ! if(isset($_POST['simpleauth'])) { ! $simple_ary = $simple_auth_ary[intval($_POST['simpleauth'])]; for($i = 0; $i < count($simple_ary); $i++) *************** *** 119,127 **** for($i = 0; $i < count($forum_auth_fields); $i++) { ! $value = intval($HTTP_POST_VARS[$forum_auth_fields[$i]]); if ( $forum_auth_fields[$i] == 'auth_vote' ) { ! if ( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL ) { $value = AUTH_REG; --- 119,127 ---- for($i = 0; $i < count($forum_auth_fields); $i++) { ! $value = intval($_POST[$forum_auth_fields[$i]]); if ( $forum_auth_fields[$i] == 'auth_vote' ) { ! if ( $_POST['auth_vote'] == AUTH_ALL ) { $value = AUTH_REG; Index: admin_mass_email.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_mass_email.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_mass_email.php 29 Jul 2004 22:30:29 -0000 1.1 --- admin_mass_email.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 50,57 **** // Do the job ... // ! if ( isset($HTTP_POST_VARS['submit']) ) { ! $subject = stripslashes(trim($HTTP_POST_VARS['subject'])); ! $message = stripslashes(trim($HTTP_POST_VARS['message'])); $error = FALSE; --- 50,57 ---- // Do the job ... // ! if ( isset($_POST['submit']) ) { ! $subject = stripslashes(trim($_POST['subject'])); ! $message = stripslashes(trim($_POST['message'])); $error = FALSE; *************** *** 70,74 **** } ! $group_id = intval($HTTP_POST_VARS[POST_GROUPS_URL]); $sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; --- 70,74 ---- } ! $group_id = intval($_POST[POST_GROUPS_URL]); $sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE; Index: admin_board.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/admin/admin_board.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** admin_board.php 29 Jul 2004 22:30:28 -0000 1.1 --- admin_board.php 30 Jul 2004 02:12:37 -0000 1.2 *************** *** 44,50 **** $config_name = $row['config_name']; $config_value = $row['config_value']; ! $default_config[$config_name] = isset($HTTP_POST_VARS['submit']) ? str_replace("'", "\'", $config_value) : $config_value; ! $new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name]; if ($config_name == 'cookie_name') --- 44,50 ---- $config_name = $row['config_name']; $config_value = $row['config_value']; ! $default_config[$config_name] = isset($_POST['submit']) ? str_replace("'", "\'", $config_value) : $config_value; ! $new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name]; if ($config_name == 'cookie_name') *************** *** 53,57 **** } ! if( isset($HTTP_POST_VARS['subm... [truncated message content] |
