Thread: [Phpbb-php5mod-cvs-checkins] phpbb-php5 groupcp.php, 1.5, 1.6 login.php, 1.7, 1.8 memberlist.php, 1

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpbb-php5mod/phpbb-php5
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21123

Modified Files:
	groupcp.php login.php memberlist.php modcp.php posting.php 
	privmsg.php search.php viewforum.php viewtopic.php 
Log Message:
2.0.22.5

Index: login.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/login.php,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** login.php	8 Jun 2006 19:24:56 -0000	1.7
--- login.php	23 Dec 2006 23:21:49 -0000	1.8
***************
*** 124,128 ****
  				$redirect = str_replace('?', '&', $redirect);
  
! 				if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
  				{
  					message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
--- 124,128 ----
  				$redirect = str_replace('?', '&', $redirect);
  
! 				if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
  				{
  					message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
***************
*** 143,147 ****
  			$redirect = str_replace("?", "&", $redirect);
  
! 			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
  			{
  				message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
--- 143,147 ----
  			$redirect = str_replace("?", "&", $redirect);
  
! 			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
  			{
  				message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');

Index: search.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/search.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** search.php	8 Jun 2006 19:24:56 -0000	1.6
--- search.php	23 Dec 2006 23:21:49 -0000	1.7
***************
*** 119,122 ****
--- 119,123 ----
  
  $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['Sort_Topic_Title'], $lang['Sort_Author'], $lang['Sort_Forum']);

Index: viewtopic.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/viewtopic.php,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** viewtopic.php	8 Jun 2006 19:24:56 -0000	1.13
--- viewtopic.php	23 Dec 2006 23:21:49 -0000	1.14
***************
*** 47,50 ****
--- 47,51 ----
  
  $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  if (!$topic_id && !$post_id)

Index: posting.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/posting.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** posting.php	8 Jun 2006 19:24:56 -0000	1.4
--- posting.php	23 Dec 2006 23:21:49 -0000	1.5
***************
*** 45,48 ****
--- 45,49 ----
  
  $confirm = isset($_POST['confirm']) ? true : false;
+ $sid = (isset($_POST['sid'])) ? $_POST['sid'] : 0;
  
  $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
***************
*** 223,227 ****
  }
  
! if ( $result = $db->sql_query($sql) )
  {
  	$post_info = $db->sql_fetchrow($result);
--- 224,228 ----
  }
  
! if ( ($result = $db->sql_query($sql)) && ($post_info = $db->sql_fetchrow($result)) )
  {
  	$post_info = $db->sql_fetchrow($result);
***************
*** 434,437 ****
--- 435,439 ----
  	$s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
  	$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
+ 	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
  
  	$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
***************
*** 545,548 ****
--- 547,556 ----
  	$return_meta = '';
  
+ 	// session id check
+ 	if ($sid == '' || $sid != $userdata['session_id'])
+ 	{
+ 		$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid'];
+ 	}
+ 
  	switch ( $mode )
  	{
***************
*** 570,573 ****
--- 578,586 ----
  		case 'delete':
  		case 'poll_delete':
+ 			if ($error_msg != '')
+ 			{
+ 				message_die(GENERAL_MESSAGE, $error_msg);
+ 			}
+ 
  			delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);
  			break;
***************
*** 932,935 ****
--- 945,949 ----
  
  $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
+ $hidden_form_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
  
  switch( $mode )

Index: memberlist.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/memberlist.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** memberlist.php	8 Jun 2006 19:24:56 -0000	1.4
--- memberlist.php	23 Dec 2006 23:21:49 -0000	1.5
***************
*** 35,38 ****
--- 35,39 ----
  
  $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  if ( isset($_GET['mode']) || isset($_POST['mode']) )

Index: groupcp.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/groupcp.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** groupcp.php	31 Oct 2005 03:18:41 -0000	1.5
--- groupcp.php	23 Dec 2006 23:21:49 -0000	1.6
***************
*** 149,152 ****
--- 149,153 ----
  
  $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  //
***************
*** 419,423 ****
  							WHERE aa.group_id = g.group_id  
  						)
! 					)";
  			break;
  
--- 420,425 ----
  							WHERE aa.group_id = g.group_id  
  						)
! 					)
! 				ORDER BY aa.auth_mod DESC";
  			break;
  
***************
*** 426,430 ****
  				FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
  				WHERE g.group_id = $group_id
! 					AND aa.group_id (+) = g.group_id";
  			break;
  
--- 428,433 ----
  				FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
  				WHERE g.group_id = $group_id
! 					AND aa.group_id (+) = g.group_id
! 				ORDER BY aa.auth_mod DESC";
  			break;
  
***************
*** 433,437 ****
  				FROM ( " . GROUPS_TABLE . " g 
  				LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
! 				WHERE g.group_id = $group_id";
  			break;
  	}
--- 436,441 ----
  				FROM ( " . GROUPS_TABLE . " g 
  				LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
! 				WHERE g.group_id = $group_id
! 				ORDER BY aa.auth_mod DESC";
  			break;
  	}

Index: viewforum.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/viewforum.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** viewforum.php	30 Jul 2004 02:12:38 -0000	1.2
--- viewforum.php	23 Dec 2006 23:21:49 -0000	1.3
***************
*** 43,46 ****
--- 43,47 ----
  
  $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  if ( isset($_GET['mark']) || isset($_POST['mark']) )

Index: modcp.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/modcp.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** modcp.php	8 Jun 2006 19:24:56 -0000	1.6
--- modcp.php	23 Dec 2006 23:21:49 -0000	1.7
***************
*** 72,75 ****
--- 72,76 ----
  //
  $start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  $delete = ( isset($_POST['delete']) ) ? TRUE : FALSE;

Index: privmsg.php
===================================================================
RCS file: /cvsroot/phpbb-php5mod/phpbb-php5/privmsg.php,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** privmsg.php	8 Jun 2006 19:24:56 -0000	1.9
--- privmsg.php	23 Dec 2006 23:21:49 -0000	1.10
***************
*** 51,54 ****
--- 51,55 ----
  $delete_all = ( isset($_POST['deleteall']) ) ? TRUE : 0;
  $save = ( isset($_POST['save']) ) ? TRUE : 0;
+ $sid = (isset($_POST['sid'])) ? $_POST['sid'] : 0;
  
  $refresh = $preview || $submit_search;
***************
*** 102,105 ****
--- 103,107 ----
  
  $start = ( !empty($_GET['start']) ) ? intval($_GET['start']) : 0;
+ $start = ($start < 0) ? 0 : $start;
  
  if ( isset($_POST[POST_POST_URL]) || isset($_GET[POST_POST_URL]) )
***************
*** 1162,1165 ****
--- 1164,1174 ----
  	if ( $submit )
  	{
+ 		// session id check
+ 		if ($sid == '' || $sid != $userdata['session_id'])
+ 		{
+ 			$error = true;
+ 			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
+ 		}
+ 
  		if ( !empty($_POST['username']) )
  		{
***************
*** 1376,1380 ****
  		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
  		$privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : '';
! 		$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
  		if ( !$preview )
  		{
--- 1385,1389 ----
  		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
  		$privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : '';
! 		//$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
  		if ( !$preview )
  		{
***************
*** 1480,1484 ****
  			
  			$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
! 			$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
  
  			$user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : '';
--- 1489,1493 ----
  			
  			$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
! 			// $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
  
  			$user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : '';
***************
*** 1522,1526 ****
  				$privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
  				$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
! 				$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
  				$privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
  				
--- 1531,1535 ----
  				$privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
  				$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
! 				// $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
  				$privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
  				
***************
*** 1735,1738 ****
--- 1744,1748 ----
  	$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
  	$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
+ 	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
  	if ( $mode == 'edit' )
  	{

Thread: [Phpbb-php5mod-cvs-checkins] phpbb-php5 groupcp.php, 1.5, 1.6 login.php, 1.7, 1.8 memberlist.php, 1

phpbb-php5mod-cvs-checkins