Thread: [Phpbb-php5mod-cvs-checkins] phpbb-php5/includes bbcode.php,1.1,1.2 page_header.php,1.4,1.5 sessions
Brought to you by:
jelly_doughnut
Menu
▾
▴
phpbb-php5mod-cvs-checkins
Update of /cvsroot/phpbb-php5mod/phpbb-php5/includes In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28399/includes Modified Files: bbcode.php page_header.php sessions.php smtp.php usercp_confirm.php usercp_register.php usercp_sendpasswd.php usercp_viewprofile.php Log Message: - phpBB 2.0.15 - some bug fixes courtesy of astute users - a few long arrays turned to short ones Index: usercp_sendpasswd.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_sendpasswd.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** usercp_sendpasswd.php 20 Nov 2004 01:01:11 -0000 1.3 --- usercp_sendpasswd.php 8 May 2005 02:12:44 -0000 1.4 *************** *** 30,34 **** if ( isset($_POST['submit']) ) { ! $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars($_POST['email']))) : ''; --- 30,34 ---- if ( isset($_POST['submit']) ) { ! $username = ( !empty($_POST['username']) ) ? phpbb_clean_username($_POST['username']) : ''; $email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars($_POST['email']))) : ''; Index: smtp.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/smtp.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** smtp.php 29 Jul 2004 22:36:20 -0000 1.1 --- smtp.php 8 May 2005 02:12:44 -0000 1.2 *************** *** 107,111 **** // Ok we have error checked as much as we can to this point let's get on // it already. ! if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) ) { message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__); --- 107,111 ---- // Ok we have error checked as much as we can to this point let's get on // it already. ! if( !$socket = @fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) ) { message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__); Index: sessions.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/sessions.php,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** sessions.php 16 Apr 2005 21:07:04 -0000 1.6 --- sessions.php 8 May 2005 02:12:44 -0000 1.7 *************** *** 25,29 **** // Returns the new session ID on success. // ! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0) { global $db, $board_config; --- 25,29 ---- // Returns the new session ID on success. // ! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0) { global $db, $board_config; *************** *** 155,168 **** // $sql = "UPDATE " . SESSIONS_TABLE . " ! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login ! WHERE session_id = '" . $session_id . "' AND session_ip = '$user_ip'"; if ( !$db->sql_query($sql) || !$db->sql_affectedrows() ) { ! $session_id = md5(uniqid($user_ip)); $sql = "INSERT INTO " . SESSIONS_TABLE . " ! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in) ! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)"; if ( !$db->sql_query($sql) ) { --- 155,170 ---- // $sql = "UPDATE " . SESSIONS_TABLE . " ! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin ! WHERE session_id = '" . $session_id . "' AND session_ip = '$user_ip'"; if ( !$db->sql_query($sql) || !$db->sql_affectedrows() ) { ! list($sec, $usec) = explode(' ', microtime()); ! mt_srand((float) $sec + ((float) $usec * 100000)); ! $session_id = md5(uniqid(mt_rand(), true)); $sql = "INSERT INTO " . SESSIONS_TABLE . " ! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin) ! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)"; if ( !$db->sql_query($sql) ) { *************** *** 175,190 **** $last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time; ! $sql = "UPDATE " . USERS_TABLE . " ! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit ! WHERE user_id = $user_id"; ! if ( !$db->sql_query($sql) ) { ! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql); } $userdata['user_lastvisit'] = $last_visit; - $sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : ''; - $sessiondata['userid'] = $user_id; } --- 177,194 ---- $last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time; ! if (!$admin) { ! $sql = "UPDATE " . USERS_TABLE . " ! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit ! WHERE user_id = $user_id"; ! if ( !$db->sql_query($sql) ) ! { ! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql); ! } } $userdata['user_lastvisit'] = $last_visit; + $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid']; } *************** *** 196,199 **** --- 200,204 ---- $userdata['session_start'] = $current_time; $userdata['session_time'] = $current_time; + $userdata['session_admin'] = $admin; setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); *************** *** 284,289 **** if ( $current_time - $userdata['session_time'] > 60 ) { ! $sql = "UPDATE " . SESSIONS_TABLE . " ! SET session_time = $current_time, session_page = $thispage_id WHERE session_id = '" . $userdata['session_id'] . "'"; if ( !$db->sql_query($sql) ) --- 289,297 ---- if ( $current_time - $userdata['session_time'] > 60 ) { ! // A little trick to reset session_admin on session re-usage ! $update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : ''; ! ! $sql = "UPDATE " . SESSIONS_TABLE . " ! SET session_time = $current_time, session_page = $thispage_id$update_admin WHERE session_id = '" . $userdata['session_id'] . "'"; if ( !$db->sql_query($sql) ) Index: usercp_confirm.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_confirm.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** usercp_confirm.php 20 Nov 2004 01:01:11 -0000 1.1 --- usercp_confirm.php 8 May 2005 02:12:44 -0000 1.2 *************** *** 34,43 **** // Do we have an id? No, then just exit ! if (empty($HTTP_GET_VARS['id'])) { exit; } ! $confirm_id = htmlspecialchars($HTTP_GET_VARS['id']); // Define available charset --- 34,43 ---- // Do we have an id? No, then just exit ! if (empty($_GET_['id'])) { exit; } ! $confirm_id = htmlspecialchars($_GET['id']); // Define available charset *************** *** 154,162 **** else { ! if (!empty($HTTP_GET_VARS['c'])) { $_png = define_raw_pngs(); ! $char = substr($code, intval($HTTP_GET_VARS['c']) - 1, 1); header('Content-Type: image/png'); header('Cache-control: no-cache, no-store'); --- 154,162 ---- else { ! if (!empty($_GET['c'])) { $_png = define_raw_pngs(); ! $char = substr($code, intval($_GET['c']) - 1, 1); header('Content-Type: image/png'); header('Cache-control: no-cache, no-store'); Index: usercp_register.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_register.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** usercp_register.php 22 Feb 2005 01:21:02 -0000 1.4 --- usercp_register.php 8 May 2005 02:12:44 -0000 1.5 *************** *** 267,271 **** if ($board_config['enable_confirm'] && $mode == 'register') { ! if (empty($HTTP_POST_VARS['confirm_id'])) { $error = TRUE; --- 267,271 ---- if ($board_config['enable_confirm'] && $mode == 'register') { ! if (empty($_POST['confirm_id'])) { $error = TRUE; *************** *** 274,278 **** else { ! $confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']); if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id)) { --- 274,278 ---- else { ! $confirm_id = htmlspecialchars($_POST['confirm_id']); if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id)) { *************** *** 409,413 **** else if ( $username != $userdata['username'] || $mode == 'register' ) { ! if (strtolower($username) != strtolower($userdata['username'])) { $result = validate_username($username); --- 409,413 ---- else if ( $username != $userdata['username'] || $mode == 'register' ) { ! if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register') { $result = validate_username($username); Index: page_header.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/page_header.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** page_header.php 16 Apr 2005 21:07:04 -0000 1.4 --- page_header.php 8 May 2005 02:12:44 -0000 1.5 *************** *** 36,40 **** $phpver = phpversion(); ! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT'); if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) ) --- 36,40 ---- $phpver = phpversion(); ! $useragent = (isset($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT'); if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) ) *************** *** 467,471 **** // Work around for "current" Apache 2 + PHP module which seems to not // cope with private cache control setting ! if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2')) { header ('Cache-Control: no-cache, pre-check=0, post-check=0'); --- 467,471 ---- // Work around for "current" Apache 2 + PHP module which seems to not // cope with private cache control setting ! if (!empty($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache/2')) { header ('Cache-Control: no-cache, pre-check=0, post-check=0'); Index: usercp_viewprofile.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/usercp_viewprofile.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** usercp_viewprofile.php 20 Nov 2004 01:01:11 -0000 1.3 --- usercp_viewprofile.php 8 May 2005 02:12:44 -0000 1.4 *************** *** 34,37 **** --- 34,42 ---- $profiledata = get_userdata($_GET[POST_USERS_URL]); + if (!$profiledata) + { + message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']); + } + $sql = "SELECT * FROM " . RANKS_TABLE . " Index: bbcode.php =================================================================== RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/includes/bbcode.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** bbcode.php 29 Jul 2004 22:36:19 -0000 1.1 --- bbcode.php 8 May 2005 02:12:44 -0000 1.2 *************** *** 125,128 **** --- 125,130 ---- global $lang, $bbcode_tpl; + $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text); + // pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0). // This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it. *************** *** 195,199 **** // [img]image_url_here[/img] code.. // This one gets first-passed.. ! $patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si"; $replacements[] = $bbcode_tpl['img']; --- 197,201 ---- // [img]image_url_here[/img] code.. // This one gets first-passed.. ! $patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#si"; $replacements[] = $bbcode_tpl['img']; *************** *** 207,216 **** // [url=xxxx://www.phpbb.com]phpBB[/url] code.. ! $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is"; $replacements[] = $bbcode_tpl['url3']; // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix). ! $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is"; ! $replacements[] = $bbcode_tpl['url4']; // [email]us...@do...[/email] code.. --- 209,217 ---- // [url=xxxx://www.phpbb.com]phpBB[/url] code.. ! $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\]([^?].*?)\[/url\]#i"; $replacements[] = $bbcode_tpl['url3']; // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix). ! $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\]([^?].*?)\[/url\]#i"; // [email]us...@do...[/email] code.. *************** *** 615,618 **** --- 616,620 ---- function make_clickable($text) { + $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text); // pad it with a space so we can match things at the start of the 1st line. |
Thanks for helping keep SourceForge clean.
X