[Phpbb-php5mod-cvs-checkins] phpbb-php5/includes bbcode.php,1.5,1.6 functions.php,1.5,1.6 functions_
Brought to you by:
jelly_doughnut
Menu
▾
▴
[Phpbb-php5mod-cvs-checkins] phpbb-php5/includes bbcode.php,1.5,1.6 functions.php,1.5,1.6 functions_admin.php,1.3,1.4 functions_post.php,1.3,1.4 usercp_avatar.php,1.6,1.7 usercp_confirm.php,1.3,1.4 usercp_register.php,1.8,1.9
Update of /cvsroot/phpbb-php5mod/phpbb-php5/includes In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30842/includes Modified Files: bbcode.php functions.php functions_admin.php functions_post.php usercp_avatar.php usercp_confirm.php usercp_register.php Log Message: - 2.0.19 - Some Donut Holes Index: functions.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/functions.php,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** functions.php 31 Oct 2005 03:18:41 -0000 1.5 --- functions.php 31 Dec 2005 01:35:25 -0000 1.6 *************** *** 104,108 **** FROM " . USERS_TABLE . " WHERE "; ! $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . $user . "'" ) . " AND user_id <> " . ANONYMOUS; if ( !($result = $db->sql_query($sql)) ) { --- 104,108 ---- FROM " . USERS_TABLE . " WHERE "; ! $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS; if ( !($result = $db->sql_query($sql)) ) { Index: functions_admin.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/functions_admin.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** functions_admin.php 31 Oct 2005 21:03:26 -0000 1.3 --- functions_admin.php 31 Dec 2005 01:35:25 -0000 1.4 *************** *** 140,143 **** --- 140,146 ---- } + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + if ($row['total_posts']) { Index: usercp_register.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_register.php,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** usercp_register.php 31 Oct 2005 21:03:26 -0000 1.8 --- usercp_register.php 31 Dec 2005 01:35:25 -0000 1.9 *************** *** 106,111 **** } ! $strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests'); ! $strip_var_list['confirm_code'] = 'confirm_code'; // Strip all tags from data ... may p**s some people off, bah, strip_tags is --- 106,112 ---- } ! $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; ! ! $strip_var_list = array('email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests', 'confirm_code' => 'confirm_code'); // Strip all tags from data ... may p**s some people off, bah, strip_tags is *************** *** 293,296 **** --- 294,303 ---- if ($row = $db->sql_fetchrow($result)) { + // Only compare one char if the zlib-extension is not loaded + if (!@extension_loaded('zlib')) + { + $row['code'] = substr($row['code'], -1); + } + if ($row['code'] != $confirm_code) { Index: functions_post.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/functions_post.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** functions_post.php 31 Oct 2005 03:18:41 -0000 1.3 --- functions_post.php 31 Dec 2005 01:35:25 -0000 1.4 *************** *** 26,31 **** } ! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#'); ! $html_entities_replace = array('&', '<', '>'); $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#'); --- 26,31 ---- } ! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#'); ! $html_entities_replace = array('&', '<', '>', '"'); $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#'); *************** *** 214,218 **** // Post a new topic/reply/poll or edit existing post/poll // ! function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; --- 214,218 ---- // Post a new topic/reply/poll or edit existing post/poll // ! function submit_post($mode, $post_data, &$message, &$meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, $poll_options, $poll_length) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; Index: usercp_avatar.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_avatar.php,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** usercp_avatar.php 31 Oct 2005 03:18:41 -0000 1.6 --- usercp_avatar.php 31 Dec 2005 01:35:25 -0000 1.7 *************** *** 65,74 **** } ! function user_avatar_galleryfunction user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename, $avatar_category) { global $board_config; ! $avatar_filename = phpbb_ltrim(basename($avatar_filename), "'"); ! $avatar_category = phpbb_ltrim(basename($avatar_category), "'"); if(!preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $avatar_filename)) --- 65,74 ---- } ! function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename, $avatar_category) { global $board_config; ! $avatar_filename = ltrim(basename($avatar_filename), "'"); ! $avatar_category = ltrim(basename($avatar_category), "'"); if(!preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $avatar_filename)) Index: usercp_confirm.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_confirm.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** usercp_confirm.php 19 Jul 2005 23:31:25 -0000 1.3 --- usercp_confirm.php 31 Dec 2005 01:35:25 -0000 1.4 *************** *** 154,169 **** else { ! if (!empty($_GET['c'])) ! { ! $_png = define_raw_pngs(); ! $char = substr($code, intval($_GET['c']) - 1, 1); ! header('Content-Type: image/png'); ! header('Cache-control: no-cache, no-store'); ! echo base64_decode($_png[$char]); ! unset($_png); ! exit; ! } } --- 154,166 ---- else { ! $_png = define_raw_pngs(); ! $char = substr($code, -1); ! header('Content-Type: image/png'); ! header('Cache-control: no-cache, no-store'); ! echo base64_decode($_png[$char]); ! unset($_png); ! exit; } Index: bbcode.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/bbcode.php,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** bbcode.php 31 Oct 2005 03:18:41 -0000 1.5 --- bbcode.php 31 Dec 2005 01:35:25 -0000 1.6 *************** *** 201,209 **** // matches a [url]xxxx://www.phpbb.com[/url] code.. ! $patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url1']; // [url]www.phpbb.com[/url] code.. (no xxxx:// prefix). ! $patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url2']; --- 201,209 ---- // matches a [url]xxxx://www.phpbb.com[/url] code.. ! $patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url1']; // [url]www.phpbb.com[/url] code.. (no xxxx:// prefix). ! $patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url2']; *************** *** 253,257 **** // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. $text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, ''); ! $text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\".*?\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]"); // [list] and [list=x] for (un)ordered lists. --- 253,257 ---- // [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff. $text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, ''); ! $text = bbencode_first_pass_pda($text, $uid, '/\[quote=\\\\"(.*?)\\\\"\]/is', '[/quote]', '', false, '', "[quote:$uid=\\\"\\1\\\"]"); // [list] and [list=x] for (un)ordered lists. *************** *** 390,402 **** // We're going to try and catch usernames with "[' characters. // ! if( preg_match('#\[quote=\\\"#si', $possible_start, $match) && !preg_match('#\[quote=\\\"(.*?)\\\"\]#si', $possible_start) ) { // OK we are in a quote tag that probably contains a ] bracket. // Grab a bit more of the string to hopefully get all of it.. ! if ($close_pos = strpos($text, '"]', $curr_pos + 9)) { ! if (strpos(substr($text, $curr_pos + 9, $close_pos - ($curr_pos + 9)), '[quote') === false) { ! $possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 2); } } --- 390,402 ---- // We're going to try and catch usernames with "[' characters. // ! if( preg_match('#\[quote=\\\"#si', $possible_start, $match) && !preg_match('#\[quote=\\\"(.*?)\\\"\]#si', $possible_start) ) { // OK we are in a quote tag that probably contains a ] bracket. // Grab a bit more of the string to hopefully get all of it.. ! if ($close_pos = strpos($text, '"]', $curr_pos + 14)) { ! if (strpos(substr($text, $curr_pos + 14, $close_pos - ($curr_pos + 14)), '[quote') === false) { ! $possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 7); } } |
