Thread: [Phpbb-php5mod-cvs-checkins] phpbb-php5 common.php,1.3,1.4 config.php,1.1,1.2 groupcp.php,1.2,1.3 lo
Brought to you by:
jelly_doughnut
Menu
▾
▴
phpbb-php5mod-cvs-checkins
Update of /cvsroot/phpbb-php5mod/phpbb-php5 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27345 Modified Files: common.php config.php groupcp.php login.php privmsg.php profile.php search.php viewtopic.php Log Message: Updating to phpBB 2.0.11 A few minor changes otherwise Preparing for 2.0.11.2 release Index: login.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/login.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** login.php 30 Jul 2004 02:12:38 -0000 1.2 --- login.php 20 Nov 2004 01:01:10 -0000 1.3 *************** *** 55,61 **** if( ( isset($_POST['login']) || isset($_GET['login']) ) && !$userdata['session_logged_in'] ) { ! $username = isset($_POST['username']) ? trim(htmlspecialchars($_POST['username'])) : ''; ! $username = substr(str_replace("\\'", "'", $username), 0, 25); ! $username = str_replace("'", "\\'", $username); $password = isset($_POST['password']) ? $_POST['password'] : ''; --- 55,59 ---- if( ( isset($_POST['login']) || isset($_GET['login']) ) && !$userdata['session_logged_in'] ) { ! $username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; Index: config.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/config.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** config.php 29 Jul 2004 22:30:29 -0000 1.1 --- config.php 20 Nov 2004 01:01:10 -0000 1.2 *************** *** 0 **** --- 1,18 ---- + <?php + + + // phpBB 2.x auto-generated config file + // Do not change anything in this file! + + $dbms = 'mysql'; + + $dbhost = 'localhost'; + $dbname = 'php5mod'; + $dbuser = 'tester'; + $dbpasswd = 'simple'; + + $table_prefix = 'phpbb_'; + + define('PHPBB_INSTALLED', true); + + ?> \ No newline at end of file Index: search.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/search.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** search.php 30 Jul 2004 02:12:38 -0000 1.2 --- search.php 20 Nov 2004 01:01:10 -0000 1.3 *************** *** 61,65 **** { $search_author = ( isset($_POST['search_author']) ) ? $_POST['search_author'] : $_GET['search_author']; ! $search_author = htmlspecialchars($search_author); } else --- 61,65 ---- { $search_author = ( isset($_POST['search_author']) ) ? $_POST['search_author'] : $_GET['search_author']; ! $search_author = phpbb_clean_username($search_author); } else Index: viewtopic.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/viewtopic.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** viewtopic.php 30 Jul 2004 02:12:38 -0000 1.2 --- viewtopic.php 20 Nov 2004 01:01:10 -0000 1.3 *************** *** 484,488 **** { // Split words and phrases ! $words = explode(' ', trim(htmlspecialchars(urldecode($_GET['highlight'])))); for($i = 0; $i < sizeof($words); $i++) --- 484,488 ---- { // Split words and phrases ! $words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight']))); for($i = 0; $i < sizeof($words); $i++) Index: groupcp.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/groupcp.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** groupcp.php 30 Jul 2004 02:12:38 -0000 1.2 --- groupcp.php 20 Nov 2004 01:01:10 -0000 1.3 *************** *** 473,477 **** if ( isset($_POST['add']) ) { ! $username = ( isset($_POST['username']) ) ? htmlspecialchars($_POST['username']) : ''; $sql = "SELECT user_id, user_email, user_lang, user_level --- 473,477 ---- if ( isset($_POST['add']) ) { ! $username = ( isset($_POST['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $sql = "SELECT user_id, user_email, user_lang, user_level Index: profile.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/profile.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** profile.php 30 Jul 2004 02:12:38 -0000 1.2 --- profile.php 20 Nov 2004 01:01:10 -0000 1.3 *************** *** 101,104 **** --- 101,115 ---- exit; } + else if ( $mode == 'confirm' ) + { + // Visual Confirmation + if ( $userdata['session_logged_in'] ) + { + exit; + } + + include($phpbb_root_path . 'includes/usercp_confirm.'.$phpEx); + exit; + } else if ( $mode == 'sendpassword' ) { Index: privmsg.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/privmsg.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** privmsg.php 30 Jul 2004 02:12:38 -0000 1.2 --- privmsg.php 20 Nov 2004 01:01:10 -0000 1.3 *************** *** 1133,1137 **** if ( !empty($_POST['username']) ) { ! $to_username = $_POST['username']; $sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active --- 1133,1137 ---- if ( !empty($_POST['username']) ) { ! $to_username = phpbb_clean_username($HTTP_POST_VARS['username']); $sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active *************** *** 1338,1342 **** // where neccessary, etc. // ! $to_username = ( isset($_POST['username']) ) ? trim(strip_tags(stripslashes($_POST['username']))) : ''; $privmsg_subject = ( isset($_POST['subject']) ) ? trim(strip_tags(stripslashes($_POST['subject']))) : ''; $privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : ''; --- 1338,1342 ---- // where neccessary, etc. // ! $to_username = ( isset($_POST['username']) ) ? phpbb_clean_username($_POST['username']) : ''; $privmsg_subject = ( isset($_POST['subject']) ) ? trim(strip_tags(stripslashes($_POST['subject']))) : ''; $privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : ''; *************** *** 1708,1712 **** $template->assign_vars(array( 'SUBJECT' => $privmsg_subject, ! 'USERNAME' => preg_replace($html_entities_match, $html_entities_replace, $to_username), 'MESSAGE' => $privmsg_message, 'HTML_STATUS' => $html_status, --- 1708,1712 ---- $template->assign_vars(array( 'SUBJECT' => $privmsg_subject, ! 'USERNAME' => $to_username, 'MESSAGE' => $privmsg_message, 'HTML_STATUS' => $html_status, Index: common.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/common.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** common.php 30 Jul 2004 20:11:45 -0000 1.3 --- common.php 20 Nov 2004 01:01:10 -0000 1.4 *************** *** 26,63 **** // - function unset_vars(&$var) - { - while (list($var_name, $null) = @each($var)) - { - unset($GLOBALS[$var_name]); - } - return; - } - - // error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime ! $ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var'; ! // Unset globally registered vars - PHP5 ... hhmmm ! if (@$ini_val('register_globals') == '1' || strtolower(@$ini_val('register_globals')) == 'on') { ! $test = array('_GET', '_POST', '_SERVER', '_COOKIE', '_ENV'); ! foreach ($test as $var) { ! if (is_array(${$var})) ! { ! unset_vars(${$var}); ! @reset(${$var}); ! } } ! if (is_array(${'_FILES'})) { ! unset_vars(${'_FILES'}); ! @reset(${'_FILES'}); } } --- 26,80 ---- // error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime ! // The following code (unsetting globals) was contributed to phpBB by Matt Kavanagh ! // PHP5 with register_long_arrays off? ! //// phpBB-php5 developer note: ! //// I have reinstated this...I can't see a good reason to remove it ! //// for compatibility with MODifications written for php3 & 4 ! //// end phpBB-php5 developer note ! if (!isset($HTTP_POST_VARS) && isset($_POST)) { ! $HTTP_POST_VARS = $_POST; ! $HTTP_GET_VARS = $_GET; ! $HTTP_SERVER_VARS = $_SERVER; ! $HTTP_COOKIE_VARS = $_COOKIE; ! $HTTP_ENV_VARS = $_ENV; ! $HTTP_POST_FILES = $_FILES; ! // _SESSION is the only superglobal which is conditionally set ! if (isset($_SESSION)) { ! $HTTP_SESSION_VARS = $_SESSION; } + } ! //// phpBB-php5 Developer Note: ! //// This was modified from phpBB's version primarily to remove legacy code. ! //// END phpBB-php5 note ! if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') ! { ! // Not only will array_merge give a warning if a parameter ! // is not an array, it will actually fail. So we check if ! // HTTP_SESSION_VARS has been initialised. ! if (!isset($_SESSION)) { ! $_SESSION = array(); } + + // Merge all into one extremely huge array; unset + // this later + $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_SESSION, $_ENV, $_FILES); + + unset($input['input']); + + while (list($var,) = @each($input)) + { + unset($$var); + } + + unset($input); } |
Thanks for helping keep SourceForge clean.
X