Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2/includes functions.php,1.107,1.108
|
From: Paul S. O. <ps...@us...> - 2002-01-27 03:10:22
|
Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv10608/includes
Modified Files:
functions.php
Log Message:
Fix various bugs; password length warning, proper warnings for username/email errors
Index: functions.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions.php,v
retrieving revision 1.107
retrieving revision 1.108
diff -C2 -r1.107 -r1.108
*** functions.php 2002/01/22 18:13:59 1.107
--- functions.php 2002/01/27 03:10:19 1.108
***************
*** 192,196 ****
if( isset($SID) )
{
! // $boxstring .= '<input type="hidden" name="sid" value="' . $SID . '" />';
}
--- 192,196 ----
if( isset($SID) )
{
! $boxstring .= '<input type="hidden" name="sid" value="' . $SID . '" />';
}
***************
*** 305,309 ****
$images[$key] = ( file_exists($new_value) ) ? $new_value : str_replace("_lang", "_english", $value);
- // list($images_width[$key], $images_height[$key]) = getimagesize($images[$key]);
}
}
--- 305,308 ----
***************
*** 499,569 ****
function validate_username($username)
{
! global $db;
! switch(SQL_LAYER)
{
! case 'mysql':
! case 'mysql4':
! $sql_users = "SELECT u.username, g.group_name
! FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
! WHERE ug.user_id = u.user_id
! AND g.group_id = ug.group_id
! AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "'
! OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )";
! $sql_disallow = "SELECT disallow_username
! FROM " . DISALLOW_TABLE . "
! WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username";
! if($result = $db->sql_query($sql_users))
! {
! if($db->sql_numrows($result) > 0)
! {
! return(FALSE);
! }
! }
! if($result = $db->sql_query($sql_disallow))
! {
! if($db->sql_numrows($result) > 0)
! {
! return(FALSE);
! }
! }
! break;
! default:
! $sql = "SELECT u.username, g.group_name
! FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
! WHERE ug.user_id = u.user_id
! AND g.group_id = ug.group_id
! AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "'
! OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )
! UNION
! SELECT disallow_username, NULL
! FROM " . DISALLOW_TABLE . "
! WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username";
! if($result = $db->sql_query($sql))
! {
! if($db->sql_numrows($result) > 0)
! {
! return(FALSE);
! }
! }
! break;
}
$sql = "SELECT word
FROM " . WORDS_TABLE;
! if( !$words_result = $db->sql_query($sql) )
{
! message_die(GENERAL_ERROR, "Couldn't get censored words from database.", "", __LINE__, __FILE__, $sql);
! }
! else
! {
! $word_list = $db->sql_fetchrowset($words_result);
!
! for($i = 0; $i < count($word_list); $i++)
{
! if( preg_match("/\b(" . str_replace("\*", "\w*?", preg_quote($word_list[$i]['word'])) . ")\b/i", $username) )
{
! return(FALSE);
}
}
--- 498,537 ----
function validate_username($username)
{
! global $db, $lang;
! $sql = "SELECT u.username, g.group_name
! FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
! WHERE ug.user_id = u.user_id
! AND g.group_id = ug.group_id
! AND ( LOWER(u.username) = '" . strtolower(str_replace("\'", "''", $username)) . "'
! OR LOWER(g.group_name) = '" . strtolower(str_replace("\'", "''", $username)) . "' )";
! if ( $result = $db->sql_query($sql) )
{
! if ( $db->sql_fetchrow($result) )
! {
! return array('error' => $lang['Username_taken']);
! }
! }
! $sql = "SELECT disallow_username
! FROM " . DISALLOW_TABLE . "
! WHERE '" . str_replace("\'", "''", $username) . "' LIKE disallow_username";
! if ( $result = $db->sql_query($sql) )
! {
! if ( $db->sql_fetchrow($result) )
! {
! return array('error' => $lang['Username_disallowed']);
! }
}
$sql = "SELECT word
FROM " . WORDS_TABLE;
! if ( $result = $db->sql_query($sql) )
{
! while( $row = $db->sql_fetchrow($result) )
{
! if( preg_match("/\b(" . str_replace("\*", "\w*?", preg_quote($row['word'])) . ")\b/i", $username) )
{
! return array('error' => $lang['Username_disallowed']);
}
}
***************
*** 573,580 ****
if ( strstr($username, '"') )
{
! return FALSE;
}
! return(TRUE);
}
--- 541,548 ----
if ( strstr($username, '"') )
{
! return array('error' => $lang['Username_invalid']);
}
! return array('error' => '');
}
|
