Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2 profile.php,1.156,1.157
|
From: Paul S. O. <ps...@us...> - 2001-12-21 18:42:34
|
Update of /cvsroot/phpbb/phpBB2
In directory usw-pr-cvs1:/tmp/cvs-serv27772
Modified Files:
profile.php
Log Message:
More \' updates + fix bug #490842 by changing " into " when jumping to gallery
Index: profile.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/profile.php,v
retrieving revision 1.156
retrieving revision 1.157
diff -C2 -r1.156 -r1.157
*** profile.php 2001/12/21 02:22:07 1.156
--- profile.php 2001/12/21 18:42:31 1.157
***************
*** 69,73 ****
$sql = "SELECT user_email
FROM " . USERS_TABLE . "
! WHERE user_email = '" . $email . "'";
if(!$result = $db->sql_query($sql))
{
--- 69,73 ----
$sql = "SELECT user_email
FROM " . USERS_TABLE . "
! WHERE user_email = '" . str_replace("\'", "''", $email) . "'";
if(!$result = $db->sql_query($sql))
{
***************
*** 613,617 ****
{
$password = md5($password);
! $passwd_sql = "user_password = '$password', ";
}
}
--- 613,617 ----
{
$password = md5($password);
! $passwd_sql = "user_password = '" . str_replace("\'", "''", $password) . "', ";
}
}
***************
*** 655,659 ****
else
{
! $username_sql = "username = '$username', ";
}
}
--- 655,659 ----
else
{
! $username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
}
}
***************
*** 969,973 ****
if( preg_match("#^http:\/\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+\/.*?\.(gif|jpg|png)$#is", $user_avatar_remoteurl) )
{
! $avatar_sql = ", user_avatar = '$user_avatar_remoteurl', user_avatar_type = " . USER_AVATAR_REMOTE;
}
else
--- 969,973 ----
if( preg_match("#^http:\/\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+\/.*?\.(gif|jpg|png)$#is", $user_avatar_remoteurl) )
{
! $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE;
}
else
***************
*** 979,983 ****
else if( $user_avatar_local != "" && $board_config['allow_avatar_local'] && $avatar_sql == "" && !$error )
{
! $avatar_sql = ", user_avatar = '$user_avatar_local', user_avatar_type = " . USER_AVATAR_GALLERY;
}
--- 979,983 ----
else if( $user_avatar_local != "" && $board_config['allow_avatar_local'] && $avatar_sql == "" && !$error )
{
! $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
}
***************
*** 1007,1013 ****
$sql = "UPDATE " . USERS_TABLE . "
! SET " . $username_sql . $passwd_sql . "user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occupation', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_lang = '$user_lang', user_style = $user_style, user_active = $user_active, user_actkey = '$user_actkey'" . $avatar_sql . "
WHERE user_id = $user_id";
-
if( $result = $db->sql_query($sql) )
{
--- 1007,1012 ----
$sql = "UPDATE " . USERS_TABLE . "
! SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
WHERE user_id = $user_id";
if( $result = $db->sql_query($sql) )
{
***************
*** 1092,1101 ****
//
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
! VALUES ($new_user_id, '$username', " . time() . ", '$password', '$email', '$icq', '$website', '$occupation', '$location', '$interests', '$signature', '$signature_bbcode_uid', '$avatar_filename', $viewemail, '$aim', '$yim', '$msn', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '$user_dateformat', '$user_lang', $user_style, 0, 1, ";
if( $board_config['require_activation'] ==USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa == 1)
{
$user_actkey = generate_activation_key();
! $sql .= "0, '$user_actkey')";
}
else
--- 1091,1100 ----
//
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
! VALUES ($new_user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', '" . str_replace("\'", "''", $avatar_filename) . "', $viewemail, '" . str_replace("\'", "''", $aim) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
if( $board_config['require_activation'] ==USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa == 1)
{
$user_actkey = generate_activation_key();
! $sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')";
}
else
***************
*** 1276,1281 ****
$occupation = $userdata['user_occ'];
$interests = $userdata['user_interests'];
- $signature = $userdata['user_sig'];
$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
$viewemail = $userdata['user_viewemail'];
--- 1275,1280 ----
$occupation = $userdata['user_occ'];
$interests = $userdata['user_interests'];
$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
+ $signature = ( $signature_bbcode_uid != "" ) ? preg_replace("/\:(([a-z0-9]:)?)$signature_bbcode_uid/si", "", $userdata['user_sig']) : $userdata['user_sig'];
$viewemail = $userdata['user_viewemail'];
***************
*** 1354,1361 ****
}
}
- else
- {
-
- }
}
--- 1353,1356 ----
***************
*** 1404,1419 ****
$s_hidden_vars = '<input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" /><input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />';
! $s_hidden_vars .= '<input type="hidden" name="user_id" value="' . $user_id . '" />';
! $s_hidden_vars .= '<input type="hidden" name="username" value="' . $username . '" />';
! $s_hidden_vars .= '<input type="hidden" name="email" value="' . $email . '" />';
! $s_hidden_vars .= '<input type="hidden" name="icq" value="' . $icq . '" />';
! $s_hidden_vars .= '<input type="hidden" name="aim" value="' . $aim . '" />';
! $s_hidden_vars .= '<input type="hidden" name="msn" value="' . $msn . '" />';
! $s_hidden_vars .= '<input type="hidden" name="yim" value="' . $yim . '" />';
! $s_hidden_vars .= '<input type="hidden" name="website" value="' . $website . '" />';
! $s_hidden_vars .= '<input type="hidden" name="location" value="' . $location . '" />';
! $s_hidden_vars .= '<input type="hidden" name="occupation" value="' . $occupation . '" />';
! $s_hidden_vars .= '<input type="hidden" name="interests" value="' . $interests . '" />';
! $s_hidden_vars .= '<input type="hidden" name="signature" value="' . $signature . '" />';
$s_hidden_vars .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />';
$s_hidden_vars .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />';
--- 1399,1414 ----
$s_hidden_vars = '<input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" /><input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />';
! $s_hidden_vars .= '<input type="hidden" name="user_id" value="' . str_replace("\"", """, $user_id) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="username" value="' . str_replace("\"", """, $username) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="email" value="' . str_replace("\"", """, $email) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="icq" value="' . str_replace("\"", """, $icq) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="aim" value="' . str_replace("\"", """, $aim) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="msn" value="' . str_replace("\"", """, $msn) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="yim" value="' . str_replace("\"", """, $yim) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="website" value="' . str_replace("\"", """, $website) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="location" value="' . str_replace("\"", """, $location) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="occupation" value="' . str_replace("\"", """, $occupation) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="interests" value="' . str_replace("\"", """, $interests) . '" />';
! $s_hidden_vars .= '<input type="hidden" name="signature" value="' . str_replace("\"", """, $signature) . '" />';
$s_hidden_vars .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />';
$s_hidden_vars .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />';
***************
*** 1428,1432 ****
$s_hidden_vars .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
$s_hidden_vars .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
! $s_hidden_vars .= '<input type="hidden" name="dateformat" value="' . $user_dateformat . '" />';
$template->assign_vars(array(
--- 1423,1427 ----
$s_hidden_vars .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
$s_hidden_vars .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
! $s_hidden_vars .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", """, $user_dateformat) . '" />';
$template->assign_vars(array(
***************
*** 1579,1583 ****
"DATE_FORMAT" => $user_dateformat,
"HTML_STATUS" => $html_status,
! "BBCODE_STATUS" => $bbcode_status,
"SMILIES_STATUS" => $smilies_status,
--- 1574,1578 ----
"DATE_FORMAT" => $user_dateformat,
"HTML_STATUS" => $html_status,
! "BBCODE_STATUS" => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
"SMILIES_STATUS" => $smilies_status,
***************
*** 1681,1686 ****
$sql = "SELECT user_id, username, user_email, user_active
FROM " . USERS_TABLE . "
! WHERE user_email = '$email'
! AND username = '$username'";
if( $result = $db->sql_query($sql) )
{
--- 1676,1681 ----
$sql = "SELECT user_id, username, user_email, user_active
FROM " . USERS_TABLE . "
! WHERE user_email = '" . str_replace("\'", "''", $email) . "'
! AND username = '" . str_replace("\'", "''", $username) . "'";
if( $result = $db->sql_query($sql) )
{
***************
*** 1805,1809 ****
$sql = "SELECT user_id, user_email, user_newpasswd
FROM " . USERS_TABLE . "
! WHERE user_actkey = '" . $HTTP_GET_VARS['act_key'] . "'";
if( $result = $db->sql_query($sql) )
{
--- 1800,1804 ----
$sql = "SELECT user_id, user_email, user_newpasswd
FROM " . USERS_TABLE . "
! WHERE user_actkey = '" . str_replace("\'", "''", $HTTP_GET_VARS['act_key']) . "'";
if( $result = $db->sql_query($sql) )
{
***************
*** 1812,1816 ****
if( $row['user_newpasswd'] != "" )
{
! $sql_update_pass = ", user_password = '" . $row['user_newpasswd'] . "', user_newpasswd = ''";
}
else
--- 1807,1811 ----
if( $row['user_newpasswd'] != "" )
{
! $sql_update_pass = ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''";
}
else
***************
*** 2056,2058 ****
}
! ?>
--- 2051,2053 ----
}
! ?>
\ No newline at end of file
|
