[Phpbb-checkins] phpBB2 memberlist.php, 1.251, 1.252 posting.php, 1.483, 1.484

[Meik S. <acy...@us...>]

Update of /cvsroot/phpbb/phpBB2
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9056

Modified Files:
	memberlist.php posting.php 
Log Message:
#i62 - #i65
gone through every javascript invocation and making sure we adhere to our coding guidelines.

Index: posting.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/posting.php,v
retrieving revision 1.483
retrieving revision 1.484
diff -C2 -d -r1.483 -r1.484
*** posting.php	30 Aug 2007 21:19:04 -0000	1.483
--- posting.php	22 Sep 2007 18:28:19 -0000	1.484
***************
*** 1290,1294 ****
  	'U_VIEW_TOPIC'			=> ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '',
  	'U_PROGRESS_BAR'		=> append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"),
! 	'UA_PROGRESS_BAR'		=> append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup", false),
  
  	'S_PRIVMSGS'				=> false,
--- 1290,1294 ----
  	'U_VIEW_TOPIC'			=> ($mode != 'post') ? append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id") : '',
  	'U_PROGRESS_BAR'		=> append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup"),
! 	'UA_PROGRESS_BAR'		=> addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", "f=$forum_id&mode=popup")),
  
  	'S_PRIVMSGS'				=> false,

Index: memberlist.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/memberlist.php,v
retrieving revision 1.251
retrieving revision 1.252
diff -C2 -d -r1.251 -r1.252
*** memberlist.php	18 Sep 2007 14:47:39 -0000	1.251
--- memberlist.php	22 Sep 2007 18:28:19 -0000	1.252
***************
*** 365,368 ****
--- 365,373 ----
  		$template->assign_vars(array(
  			'IM_CONTACT'	=> $row[$sql_field],
+ 			'A_IM_CONTACT'	=> addslashes($row[$sql_field]),
+ 
+ 			'U_AIM_CONTACT'	=> ($action == 'aim') ? 'aim:addbuddy?screenname=' . urlencode($row[$sql_field]) : '',
+ 			'U_AIM_MESSAGE'	=> ($action == 'aim') ? 'aim:goim?screenname=' . urlencode($row[$sql_field]) . '&message=' . urlencode($config['sitename']) : '',
+ 
  			'USERNAME'		=> $row['username'],
  			'CONTACT_NAME'	=> $row[$sql_field],
***************
*** 898,902 ****
  		$form			= request_var('form', '');
  		$field			= request_var('field', '');
! 		$select_single 	= request_var('select_single', false);	
  
  		if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
--- 903,911 ----
  		$form			= request_var('form', '');
  		$field			= request_var('field', '');
! 		$select_single 	= request_var('select_single', false);
! 
! 		// We validate form and field here, only id/class allowed
! 		$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
! 		$field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;
  
  		if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
***************
*** 1519,1522 ****
--- 1528,1533 ----
  		'U_VIEW_PROFILE'	=> get_username_string('profile', $user_id, $username, $data['user_colour']),
  
+ 		'A_USERNAME'		=> addslashes(get_username_string('username', $user_id, $username, $data['user_colour'])),
+ 
  		'ONLINE_IMG'		=> (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')),
  		'S_ONLINE'			=> ($config['load_onlinetrack'] && $online) ? true : false,