Update of /cvsroot/phpbb-php5mod/phpbb-php5/includes
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14972/includes
Modified Files:
functions.php page_tail.php template.php usercp_avatar.php
usercp_register.php
Log Message:
Updating to phpBB 2.0.12. Release within 24 hours hopefully :)
Index: template.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/template.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** template.php 29 Jul 2004 22:36:20 -0000 1.1
--- template.php 22 Feb 2005 01:21:02 -0000 1.2
***************
*** 231,235 ****
if (substr($filename, 0, 1) != '/')
{
! $filename = phpbb_realpath($this->root . '/' . $filename);
}
--- 231,235 ----
if (substr($filename, 0, 1) != '/')
{
! $filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
}
Index: usercp_register.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_register.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** usercp_register.php 20 Nov 2004 01:01:11 -0000 1.3
--- usercp_register.php 22 Feb 2005 01:21:02 -0000 1.4
***************
*** 457,461 ****
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
--- 457,461 ----
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
Index: functions.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/functions.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** functions.php 20 Nov 2004 01:01:11 -0000 1.2
--- functions.php 22 Feb 2005 01:21:02 -0000 1.3
***************
*** 78,84 ****
function phpbb_clean_username($username)
{
! $username = htmlspecialchars(rtrim(trim($username), "\\"));
! $username = substr(str_replace("\\'", "'", $username), 0, 25);
! $username = str_replace("'", "\\'", $username);
return $username;
--- 78,84 ----
function phpbb_clean_username($username)
{
! $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
! $username = rtrim($username, "\\");
! $username = str_replace("'", "\'", $username);
return $username;
***************
*** 580,584 ****
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;
}
}
--- 580,584 ----
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
}
}
Index: page_tail.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/page_tail.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** page_tail.php 30 Jul 2004 21:15:33 -0000 1.2
--- page_tail.php 22 Feb 2005 01:21:02 -0000 1.3
***************
*** 36,41 ****
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
! 'PHPBB5_VERSION' => '2' . $board_config['version5'],
'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
--- 36,41 ----
$template->assign_vars(array(
! //'PHPBB_VERSION' => '2' . $board_config['version'],
! //'PHPBB5_VERSION' => '2' . $board_config['version5'],
'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
Index: usercp_avatar.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_avatar.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** usercp_avatar.php 29 Jul 2004 22:36:20 -0000 1.1
--- usercp_avatar.php 22 Feb 2005 01:21:02 -0000 1.2
***************
*** 52,55 ****
--- 52,57 ----
global $board_config, $userdata;
+ $avatar_file = basename($avatar_file);
+
if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
{
***************
*** 66,69 ****
--- 68,77 ----
{
global $board_config;
+
+ $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
+ if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
+ {
+ return '';
+ }
if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
{
***************
*** 228,231 ****
--- 236,244 ----
}
+ if (!is_uploaded_file($avatar_filename))
+ {
+ message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
+ }
+
@chmod('./' . $board_config['avatar_path'] . "/$new_filename", 0777);
|
