[Phpbb-php5mod-cvs-checkins] phpbb-php5 common.php,1.5,1.6 groupcp.php,1.4,1.5 index.php,1.2,1.3 log
Brought to you by:
jelly_doughnut
Menu
▾
▴
[Phpbb-php5mod-cvs-checkins] phpbb-php5 common.php,1.5,1.6 groupcp.php,1.4,1.5 index.php,1.2,1.3 login.php,1.4,1.5 memberlist.php,1.2,1.3 modcp.php,1.4,1.5 posting.php,1.2,1.3 privmsg.php,1.6,1.7 search.php,1.4,1.5 viewtopic.php,1.11,1.12
Update of /cvsroot/phpbb-php5mod/phpbb-php5 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30886 Modified Files: common.php groupcp.php index.php login.php memberlist.php modcp.php posting.php privmsg.php search.php viewtopic.php Log Message: 2.0.18 Index: login.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/login.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** login.php 8 May 2005 02:12:43 -0000 1.4 --- login.php 31 Oct 2005 03:18:41 -0000 1.5 *************** *** 132,135 **** --- 132,141 ---- else if( ( isset($_GET['logout']) || isset($_POST['logout']) ) && $userdata['session_logged_in'] ) { + // session id check + if ($sid == '' || $sid != $userdata['session_id']) + { + message_die(GENERAL_ERROR, 'Invalid_session'); + } + if( $userdata['session_logged_in'] ) { *************** *** 169,172 **** --- 175,180 ---- ); + $forward_page = ''; + if( isset($_POST['redirect']) || isset($_GET['redirect']) ) { *************** *** 180,184 **** if(count($forward_match) > 1) { - $forward_page = ''; for($i = 1; $i < count($forward_match); $i++) --- 188,191 ---- *************** *** 201,208 **** } } - else - { - $forward_page = ''; - } $username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : ''; --- 208,211 ---- *************** *** 211,215 **** $s_hidden_fields .= (isset($_GET['admin'])) ? '<input type="hidden" name="admin" value="1" />' : ''; ! make_jumpbox('viewforum.'.$phpEx, $forum_id); $template->assign_vars(array( 'USERNAME' => $username, --- 214,218 ---- $s_hidden_fields .= (isset($_GET['admin'])) ? '<input type="hidden" name="admin" value="1" />' : ''; ! make_jumpbox('viewforum.'.$phpEx); $template->assign_vars(array( 'USERNAME' => $username, *************** *** 218,221 **** --- 221,225 ---- 'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"), + 'L_SEND_PASSWORD' => $lang['Forgotten_password'], 'S_HIDDEN_FIELDS' => $s_hidden_fields) Index: search.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/search.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** search.php 16 Apr 2005 21:02:23 -0000 1.4 --- search.php 31 Oct 2005 03:18:41 -0000 1.5 *************** *** 258,263 **** $split_search = array(); ! $split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ? split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords); ! $search_msg_only = ( !$search_fields ) ? "AND m.title_match = 0" : ( ( strstr($multibyte_charset, $lang['ENCODING']) ) ? '' : '' ); --- 258,264 ---- $split_search = array(); ! $stripped_keywords = stripslashes($search_keywords); ! $split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ? split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords); ! unset($stripped_keywords); $search_msg_only = ( !$search_fields ) ? "AND m.title_match = 0" : ( ( strstr($multibyte_charset, $lang['ENCODING']) ) ? '' : '' ); *************** *** 1302,1306 **** FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f WHERE f.cat_id = c.cat_id ! ORDER BY c.cat_id, f.forum_order"; $result = $db->sql_query($sql); if ( !$result ) --- 1303,1307 ---- FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f WHERE f.cat_id = c.cat_id ! ORDER BY c.cat_order, f.forum_order"; $result = $db->sql_query($sql); if ( !$result ) Index: index.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/index.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** index.php 30 Jul 2004 02:12:38 -0000 1.2 --- index.php 31 Oct 2005 03:18:41 -0000 1.3 *************** *** 184,189 **** // posts made since user last visited // ! if ( $userdata['session_logged_in'] ) { $sql = "SELECT t.forum_id, t.topic_id, p.post_time FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p --- 184,194 ---- // posts made since user last visited // ! if( $userdata['session_logged_in'] ) { + if ($userdata['user_lastvisit'] < (time() - 5184000)) + { + $userdata['user_lastvisit'] = time() - 5184000; + } + $sql = "SELECT t.forum_id, t.topic_id, p.post_time FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p Index: viewtopic.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/viewtopic.php,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** viewtopic.php 19 Jul 2005 23:31:26 -0000 1.11 --- viewtopic.php 31 Oct 2005 03:18:41 -0000 1.12 *************** *** 48,52 **** $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; ! if ( !isset($topic_id) && !isset($post_id) ) { message_die(GENERAL_MESSAGE, 'Topic_post_not_exist'); --- 48,52 ---- $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0; ! if (!$topic_id && !$post_id) { message_die(GENERAL_MESSAGE, 'Topic_post_not_exist'); *************** *** 115,118 **** --- 115,119 ---- t2.topic_id = $topic_id AND t.forum_id = t2.forum_id + AND t.topic_moved_id = 0 AND t.topic_last_post_id $sql_condition t2.topic_last_post_id ORDER BY t.topic_last_post_id $sql_ordering *************** *** 140,149 **** // page the post is on and the correct display of viewtopic) // ! $join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 "; ! $join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id"; ! $count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts"; ! ! $order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC"; $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments" . $count_sql . " FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . " --- 141,150 ---- // page the post is on and the correct display of viewtopic) // ! $join_sql_table = (!$post_id) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 "; ! $join_sql = (!$post_id) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id"; ! $count_sql = (!$post_id) ? '' : ", COUNT(p2.post_id) AS prev_posts"; + $order_sql = (!$post_id) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC"; + $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments" . $count_sql . " FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . " *************** *** 182,187 **** if ( !$userdata['session_logged_in'] ) { ! $redirect = ( isset($post_id) ) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id"; ! $redirect .= ( isset($start) ) ? "&start=$start" : ''; redirect(append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true)); } --- 183,188 ---- if ( !$userdata['session_logged_in'] ) { ! $redirect = ($post_id) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id"; ! $redirect .= ($start) ? "&start=$start" : ''; redirect(append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true)); } *************** *** 200,204 **** $topic_time = $forum_topic_data['topic_time']; ! if ( !empty($post_id) ) { $start = floor(($forum_topic_data['prev_posts'] - 1) / intval($board_config['posts_per_page'])) * intval($board_config['posts_per_page']); --- 201,205 ---- $topic_time = $forum_topic_data['topic_time']; ! if ($post_id) { $start = floor(($forum_topic_data['prev_posts'] - 1) / intval($board_config['posts_per_page'])) * intval($board_config['posts_per_page']); *************** *** 490,494 **** if (trim($words[$i]) != '') { ! $highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', phpbb_preg_quote($words[$i], '#')); } } --- 491,495 ---- if (trim($words[$i]) != '') { ! $highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', preg_quote($words[$i], '#')); } } *************** *** 990,994 **** $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&showresults=posts"); ! $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>'; $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '</a>'; --- 991,995 ---- $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&showresults=posts"); ! $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>'; $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '</a>'; *************** *** 1066,1080 **** // Parse message and/or sig for BBCode if reqd // ! if ( $board_config['allow_bbcode'] ) { ! if ( $user_sig != '' && $user_sig_bbcode_uid != '' ) ! { ! $user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig); ! } ! if ( $bbcode_uid != '' ) ! { ! $message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message); ! } } --- 1067,1078 ---- // Parse message and/or sig for BBCode if reqd // ! if ($user_sig != '' && $user_sig_bbcode_uid != '') { ! $user_sig = ($board_config['allow_bbcode']) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace("/\:$user_sig_bbcode_uid/si", '', $user_sig); ! } ! if ($bbcode_uid != '') ! { ! $message = ($board_config['allow_bbcode']) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace("/\:$bbcode_uid/si", '', $message); } Index: posting.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/posting.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** posting.php 30 Jul 2004 02:12:38 -0000 1.2 --- posting.php 31 Oct 2005 03:18:41 -0000 1.3 *************** *** 60,63 **** --- 60,64 ---- $refresh = $preview || $poll_add || $poll_edit || $poll_delete; + $orig_word = $replacement_word = array(); // *************** *** 65,68 **** --- 66,70 ---- // $topic_type = ( !empty($_POST['topictype']) ) ? intval($_POST['topictype']) : POST_NORMAL; + $topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ) ? $topic_type : POST_NORMAL; // *************** *** 190,194 **** } ! $sql = "SELECT f.*, t.topic_status, t.topic_title FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t WHERE t.topic_id = $topic_id --- 192,196 ---- } ! $sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_type FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t WHERE t.topic_id = $topic_id *************** *** 205,209 **** } ! $select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : ''; $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : ''; $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : ''; --- 207,211 ---- } ! $select_sql = ( !$submit ) ? ', t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid' : ''; $from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : ''; $where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : ''; *************** *** 314,317 **** --- 316,324 ---- } + if ( $mode == 'newtopic' ) + { + $post_data['topic_type'] = POST_NORMAL; + } + $post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0; $post_data['last_post'] = false; *************** *** 319,322 **** --- 326,334 ---- $post_data['edit_poll'] = false; } + + if ( $mode == 'poll_delete' && !isset($poll_id) ) + { + message_die(GENERAL_MESSAGE, $lang['No_such_post']); + } } else *************** *** 631,634 **** --- 643,647 ---- { $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : ''; + $userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid']; } else if ( $mode == 'editpost' ) Index: memberlist.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/memberlist.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** memberlist.php 30 Jul 2004 02:12:38 -0000 1.2 --- memberlist.php 31 Oct 2005 03:18:41 -0000 1.3 *************** *** 62,66 **** // $mode_types_text = array($lang['Sort_Joined'], $lang['Sort_Username'], $lang['Sort_Location'], $lang['Sort_Posts'], $lang['Sort_Email'], $lang['Sort_Website'], $lang['Sort_Top_Ten']); ! $mode_types = array('joindate', 'username', 'location', 'posts', 'email', 'website', 'topten'); $select_sort_mode = '<select name="mode">'; --- 62,66 ---- // $mode_types_text = array($lang['Sort_Joined'], $lang['Sort_Username'], $lang['Sort_Location'], $lang['Sort_Posts'], $lang['Sort_Email'], $lang['Sort_Website'], $lang['Sort_Top_Ten']); ! $mode_types = array('joined', 'username', 'location', 'posts', 'email', 'website', 'topten'); $select_sort_mode = '<select name="mode">'; Index: groupcp.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/groupcp.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** groupcp.php 8 May 2005 02:12:43 -0000 1.4 --- groupcp.php 31 Oct 2005 03:18:41 -0000 1.5 *************** *** 100,106 **** $yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&.src=pg">' . $lang['YIM'] . '</a>' : ''; ! $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username) . "&showresults=posts"); ! $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>'; ! $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>'; return; --- 100,106 ---- $yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&.src=pg">' . $lang['YIM'] . '</a>' : ''; ! $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&showresults=posts"); ! $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>'; ! $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>'; return; *************** *** 1219,1222 **** --- 1219,1223 ---- // Load and process templates // + $page_title = $lang['Group_Control_Panel']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); Index: modcp.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/modcp.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** modcp.php 27 Jun 2005 20:16:43 -0000 1.4 --- modcp.php 31 Oct 2005 03:18:41 -0000 1.5 *************** *** 224,228 **** if (!$is_auth['auth_delete']) { ! message_die(MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type'])); } --- 224,228 ---- if (!$is_auth['auth_delete']) { ! message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type'])); } *************** *** 1085,1089 **** 'U_PROFILE' => ($id == ANONYMOUS) ? "modcp.$phpEx?mode=ip&" . POST_POST_URL . "=" . $post_id . "&" . POST_TOPIC_URL . "=" . $topic_id . "&sid=" . $userdata['session_id'] : append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$id"), ! 'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&showresults=topics")) ); --- 1085,1089 ---- 'U_PROFILE' => ($id == ANONYMOUS) ? "modcp.$phpEx?mode=ip&" . POST_POST_URL . "=" . $post_id . "&" . POST_TOPIC_URL . "=" . $topic_id . "&sid=" . $userdata['session_id'] : append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$id"), ! append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&showresults=topics")) ); Index: privmsg.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/privmsg.php,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** privmsg.php 19 Jul 2005 23:31:26 -0000 1.6 --- privmsg.php 31 Oct 2005 03:18:41 -0000 1.7 *************** *** 296,300 **** if ( $sent_info = $db->sql_fetchrow($result) ) { ! if ( $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'] ) { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " --- 296,300 ---- if ( $sent_info = $db->sql_fetchrow($result) ) { ! if ($board_config['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs']) { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " *************** *** 538,544 **** $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username_from) . "&showresults=posts"); ! $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>'; ! $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>'; ! // // Processing of post --- 538,543 ---- $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username_from) . "&showresults=posts"); ! $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username_from) . '" title="' . sprintf($lang['Search_user_posts'], $username_from) . '" border="0" /></a>'; ! $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username_from) . '</a>'; // // Processing of post *************** *** 912,916 **** if ( $saved_info = $db->sql_fetchrow($result) ) { ! if ( $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] ) { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " --- 911,915 ---- if ( $saved_info = $db->sql_fetchrow($result) ) { ! if ($board_config['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] ) { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " *************** *** 1139,1142 **** --- 1138,1163 ---- } + if ($submit && $mode == 'edit') + { + $sql = 'SELECT privmsgs_from_userid + FROM ' . PRIVMSGS_TABLE . ' + WHERE privmsgs_id = ' . (int) $privmsg_id . ' + AND privmsgs_from_userid = ' . $userdata['user_id']; + + if (!($result = $db->sql_query($sql))) + { + message_die(GENERAL_ERROR, "Could not obtain message details", "", __LINE__, __FILE__, $sql); + } + + if (!($row = $db->sql_fetchrow($result))) + { + message_die(GENERAL_MESSAGE, $lang['No_such_post']); + } + $db->sql_freeresult($result); + + unset($row); + } + + if ( $submit ) { *************** *** 1155,1159 **** } ! $to_userdata = $db->sql_fetchrow($result); } else --- 1176,1184 ---- } ! if (!($to_userdata = $db->sql_fetchrow($result))) ! { ! $error = TRUE; ! $error_msg = $lang['No_such_user']; ! } } else *************** *** 1223,1227 **** if ( $inbox_info = $db->sql_fetchrow($result) ) { ! if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] ) { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " --- 1248,1252 ---- if ( $inbox_info = $db->sql_fetchrow($result) ) { ! if ($board_config['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs']) { $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " *************** *** 1320,1324 **** $emailer->assign_vars(array( ! 'USERNAME' => $to_username, 'SITENAME' => $board_config['sitename'], 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', --- 1345,1349 ---- $emailer->assign_vars(array( ! 'USERNAME' => stripslashes($to_username), 'SITENAME' => $board_config['sitename'], 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', *************** *** 1424,1429 **** } } ! ! if ( $mode == 'edit' ) { $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig --- 1449,1453 ---- } } ! else if ( $mode == 'edit' ) { $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig *************** *** 1506,1510 **** else { ! $privmsg_message = $privmsg_subject = ''; } } --- 1530,1534 ---- else { ! $privmsg_subject = $privmsg_message = $to_username = ''; } } *************** *** 1799,1803 **** 'S_SMILIES_CHECKED' => ( !$smilies_on ) ? ' checked="checked"' : '', 'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? ' checked="checked"' : '', - 'S_NAMES_SELECT' => $user_names_select, 'S_HIDDEN_FORM_FIELDS' => $s_hidden_fields, 'S_POST_ACTION' => append_sid("privmsg.$phpEx"), --- 1823,1826 ---- Index: common.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/common.php,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** common.php 22 Feb 2005 01:18:39 -0000 1.5 --- common.php 31 Oct 2005 03:18:41 -0000 1.6 *************** *** 29,33 **** set_magic_quotes_runtime(0); // Disable magic_quotes_runtime ! // The following code (unsetting globals) was contributed to phpBB by Matt Kavanagh // PHP5 with register_long_arrays off? --- 29,34 ---- set_magic_quotes_runtime(0); // Disable magic_quotes_runtime ! // The following code (unsetting globals) ! // Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files // PHP5 with register_long_arrays off? *************** *** 36,40 **** //// for compatibility with MODifications written for php3 & 4 //// end phpBB-php5 developer note ! if (!isset($HTTP_POST_VARS) && isset($_POST)) { $HTTP_POST_VARS = $_POST; --- 37,41 ---- //// for compatibility with MODifications written for php3 & 4 //// end phpBB-php5 developer note ! if (@phpversion() >= '5.0.0' && (!ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off')) { $HTTP_POST_VARS = $_POST; *************** *** 52,58 **** } ! //// phpBB-php5 Developer Note: ! //// This was modified from phpBB's version primarily to remove legacy code. ! //// END phpBB-php5 note if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { --- 53,68 ---- } ! // Protect against GLOBALS tricks ! if (isset($_REQUEST['GLOBALS'])) ! { ! die("Hacking attempt"); ! } ! ! // Protect against HTTP_SESSION_VARS tricks ! if (isset($_SESSION) && !is_array($_SESSION)) ! { ! die("Hacking attempt"); ! } ! if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { *************** *** 62,66 **** // is not an array, it will actually fail. So we check if // HTTP_SESSION_VARS has been initialised. ! if (!isset($_SESSION)) { $_SESSION = array(); --- 72,76 ---- // is not an array, it will actually fail. So we check if // HTTP_SESSION_VARS has been initialised. ! if (!isset($_SESSION) || !is_array($_SESSION)) { $_SESSION = array(); *************** *** 170,174 **** if( !defined("PHPBB_INSTALLED") ) { ! header("Location: install/install.$phpEx"); exit; } --- 180,184 ---- if( !defined("PHPBB_INSTALLED") ) { ! header('Location: ' . $phpbb_root_path . 'install/install.' . $phpEx); exit; } *************** *** 181,184 **** --- 191,198 ---- include($phpbb_root_path . 'includes/db.'.$phpEx); + + // We do not need this any longer, unset for safety purposes + unset($dbpasswd); + // // Obtain and encode users IP |
