Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2/includes auth.php,1.35,1.36 emailer.php,1.13,1.14 functions.php,1.124,1.125 functions_admin.php,1.2,1.3 functions_search.php,1.3,1.4 functions_selects.php,1.2,1.3 functions_validate.php,1.3,1.4 prune.php,1.11,1.12 sessions.php,1.56,1.57 smtp.php,1.14,1.15 sql_parse.php,1.7,1.8 template.php,1.8,1.9 topic_review.php,1.2,1.3 usercp_activate.php,1.2,1.3 usercp_avatar.php,1.2,1.3 usercp_email.php,1.3,1.4 usercp_register.php,1.3,1.4 usercp_sendpasswd.php,1.2,1.3 usercp_viewprofile.php,1.2,1.3
Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv19133/includes
Modified Files:
auth.php emailer.php functions.php functions_admin.php
functions_search.php functions_selects.php
functions_validate.php prune.php sessions.php smtp.php
sql_parse.php template.php topic_review.php
usercp_activate.php usercp_avatar.php usercp_email.php
usercp_register.php usercp_sendpasswd.php
usercp_viewprofile.php
Log Message:
Stop being too paranoid about hacking of includes containing only fully inclusive functions
Index: auth.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/auth.php,v
retrieving revision 1.35
retrieving revision 1.36
diff -C2 -r1.35 -r1.36
*** auth.php 18 Mar 2002 13:35:21 -0000 1.35
--- auth.php 18 Mar 2002 23:53:12 -0000 1.36
***************
*** 21,29 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
/*
$type's accepted (pre-pend with AUTH_):
--- 21,24 ----
Index: emailer.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/emailer.php,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -r1.13 -r1.14
*** emailer.php 18 Mar 2002 13:35:22 -0000 1.13
--- emailer.php 18 Mar 2002 23:53:12 -0000 1.14
***************
*** 20,28 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
//
// The emailer class has support for attaching files, that isn't implemented
--- 20,23 ----
***************
*** 333,335 ****
} // class emailer
! ?>
--- 328,330 ----
} // class emailer
! ?>
\ No newline at end of file
Index: functions.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions.php,v
retrieving revision 1.124
retrieving revision 1.125
diff -C2 -r1.124 -r1.125
*** functions.php 18 Mar 2002 13:35:22 -0000 1.124
--- functions.php 18 Mar 2002 23:53:12 -0000 1.125
***************
*** 22,30 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
function get_db_stat($mode)
{
--- 22,25 ----
Index: functions_admin.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions_admin.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** functions_admin.php 18 Mar 2002 13:35:22 -0000 1.2
--- functions_admin.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,30 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
//
// Simple version of jumpbox, just lists authed forums
--- 22,25 ----
Index: functions_search.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions_search.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** functions_search.php 18 Mar 2002 13:35:22 -0000 1.3
--- functions_search.php 18 Mar 2002 23:53:12 -0000 1.4
***************
*** 20,28 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
{
--- 20,23 ----
Index: functions_selects.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions_selects.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** functions_selects.php 18 Mar 2002 13:35:22 -0000 1.2
--- functions_selects.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,30 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
//
// Pick a language, any language ...
--- 22,25 ----
Index: functions_validate.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/functions_validate.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** functions_validate.php 18 Mar 2002 19:42:05 -0000 1.3
--- functions_validate.php 18 Mar 2002 23:53:12 -0000 1.4
***************
*** 22,30 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
//
// Check to see if the username has been taken, or if it is disallowed.
--- 22,25 ----
Index: prune.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/prune.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** prune.php 18 Mar 2002 13:35:22 -0000 1.11
--- prune.php 18 Mar 2002 23:53:12 -0000 1.12
***************
*** 21,29 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
require($phpbb_root_path . 'includes/functions_search.'.$phpEx);
--- 21,24 ----
Index: sessions.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/sessions.php,v
retrieving revision 1.56
retrieving revision 1.57
diff -C2 -r1.56 -r1.57
*** sessions.php 18 Mar 2002 15:00:35 -0000 1.56
--- sessions.php 18 Mar 2002 23:53:12 -0000 1.57
***************
*** 21,29 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
//
// session_begin()
--- 21,24 ----
Index: smtp.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/smtp.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -r1.14 -r1.15
*** smtp.php 18 Mar 2002 13:35:22 -0000 1.14
--- smtp.php 18 Mar 2002 23:53:12 -0000 1.15
***************
*** 20,28 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
define('SMTP_INCLUDED', 1);
//
--- 20,23 ----
***************
*** 234,236 ****
}
! ?>
--- 229,231 ----
}
! ?>
\ No newline at end of file
Index: sql_parse.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/sql_parse.php,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -r1.7 -r1.8
*** sql_parse.php 18 Mar 2002 13:35:22 -0000 1.7
--- sql_parse.php 18 Mar 2002 23:53:12 -0000 1.8
***************
*** 29,37 ****
\***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
//
// remove_comments will strip the sql comment lines out of an uploaded sql file
--- 29,32 ----
***************
*** 68,71 ****
--- 63,67 ----
return $output;
}
+
//
// remove_remarks will strip the sql comment lines out of an uploaded sql file
***************
*** 193,195 ****
return $output;
}
! ?>
--- 189,192 ----
return $output;
}
!
! ?>
\ No newline at end of file
Index: template.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/template.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** template.php 18 Mar 2002 13:35:22 -0000 1.8
--- template.php 18 Mar 2002 23:53:12 -0000 1.9
***************
*** 21,29 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
/**
* Template class. By Nathan Codding of the phpBB group.
--- 21,24 ----
Index: topic_review.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/topic_review.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** topic_review.php 18 Mar 2002 13:35:23 -0000 1.2
--- topic_review.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,34 ****
***************************************************************************/
- if ( !defined('IN_PHPBB') )
- {
- die("Hacking attempt");
- }
-
- // -----------------------
- // Page specific functions
- //
-
function topic_review($topic_id, $is_inline_review)
{
--- 22,25 ----
***************
*** 217,223 ****
}
}
- //
- // End page specific functions
- // ---------------------------
?>
--- 208,211 ----
Index: usercp_activate.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_activate.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** usercp_activate.php 18 Mar 2002 13:35:23 -0000 1.2
--- usercp_activate.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,26 ****
***************************************************************************/
! if ( !defined('IN_PROFILE') )
{
die("Hacking attempt");
--- 22,26 ----
***************************************************************************/
! if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
Index: usercp_avatar.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_avatar.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** usercp_avatar.php 18 Mar 2002 13:35:23 -0000 1.2
--- usercp_avatar.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,31 ****
***************************************************************************/
- if ( !defined('IN_PROFILE') )
- {
- die("Hacking attempt");
- exit;
- }
-
function check_image_type(&$type, &$error, &$error_msg)
{
--- 22,25 ----
Index: usercp_email.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_email.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** usercp_email.php 18 Mar 2002 18:42:25 -0000 1.3
--- usercp_email.php 18 Mar 2002 23:53:12 -0000 1.4
***************
*** 22,26 ****
***************************************************************************/
! if ( !defined('IN_PROFILE') )
{
die("Hacking attempt");
--- 22,26 ----
***************************************************************************/
! if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
Index: usercp_register.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_register.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** usercp_register.php 18 Mar 2002 19:00:35 -0000 1.3
--- usercp_register.php 18 Mar 2002 23:53:12 -0000 1.4
***************
*** 22,26 ****
***************************************************************************/
! if ( !defined('IN_PROFILE') )
{
die("Hacking attempt");
--- 22,26 ----
***************************************************************************/
! if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
***************
*** 477,494 ****
if ( !($result = $db->sql_query($sql)) )
{
! message_die(GENERAL_ERROR, 'Could not obtained next user_id information', '', __LINE__, __FILE__, $sql);
}
! $row = $db->sql_fetchrow($result);
$user_id = $row['total'] + 1;
$sql = "SELECT MAX(group_id) AS total
FROM " . GROUPS_TABLE;
! if (!( $result = $db->sql_query($sql)) )
{
! message_die(GENERAL_ERROR, 'Could not obtained next user_id information', '', __LINE__, __FILE__, $sql);
}
! $row = $db->sql_fetchrow($result);
$group_id = $row['total'] + 1;
--- 477,500 ----
if ( !($result = $db->sql_query($sql)) )
{
! message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
! }
$user_id = $row['total'] + 1;
$sql = "SELECT MAX(group_id) AS total
FROM " . GROUPS_TABLE;
! if ( !($result = $db->sql_query($sql) ) )
{
! message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
! }
$group_id = $row['total'] + 1;
Index: usercp_sendpasswd.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_sendpasswd.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** usercp_sendpasswd.php 18 Mar 2002 13:35:23 -0000 1.2
--- usercp_sendpasswd.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,26 ****
***************************************************************************/
! if ( !defined('IN_PROFILE') )
{
die("Hacking attempt");
--- 22,26 ----
***************************************************************************/
! if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
Index: usercp_viewprofile.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_viewprofile.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** usercp_viewprofile.php 18 Mar 2002 13:35:23 -0000 1.2
--- usercp_viewprofile.php 18 Mar 2002 23:53:12 -0000 1.3
***************
*** 22,26 ****
***************************************************************************/
! if ( !defined('IN_PROFILE') )
{
die("Hacking attempt");
--- 22,26 ----
***************************************************************************/
! if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
|
