[phpMyChat CVS] CVS: phpMyChat-0.15/chat/lib/commands whois.cmd.php3,1.8,1.9 invite.cmd.php3,1.11,1.12 ignore.cmd.php3,1.7,1.8 banish.cmd.php3,1.10,1.11

[Lo?c C. <lo...@us...>]

Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/commands
In directory usw-pr-cvs1:/tmp/cvs-serv30544/chat/lib/commands

Modified Files:
	whois.cmd.php3 invite.cmd.php3 ignore.cmd.php3 banish.cmd.php3 
Log Message:
Improved security again

Index: whois.cmd.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/commands/whois.cmd.php3,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** whois.cmd.php3	2001/05/30 08:07:12	1.8
--- whois.cmd.php3	2001/06/01 20:44:40	1.9
***************
*** 60,64 ****
  	if (!$isProfile)
  	{
- 		$error			= sprintf(L_NONREG_USER, $cmd[1]);
  		if ($dbSessionVars['status'] == 'a' || $dbSessionVars['nick'] == $cmd[1])
  		{
--- 60,63 ----
***************
*** 72,83 ****
  					$ipProxyStr	=  ' (proxy)';
  				}
  				$hostname		= @gethostbyaddr($ip);
! 				$ipString		= $ip
! 								. ((isset($ipProxyStr)) ? $ipProxyStr : '')
  								. (($hostname) ? ' - ' . $hostname : '');
! 				$error		.= '\n' . sprintf(L_NONREG_USER_IP, $ipString);
  			}
  			$dbLink->cleanResults();
   		}
  	} // end of 'not a registered user'
  
--- 71,91 ----
  					$ipProxyStr	=  ' (proxy)';
  				}
+ 				else
+ 				{
+ 					$ipProxyStr	=  '';
+ 				}
+ 				
  				$hostname		= @gethostbyaddr($ip);
! 				$ipString		= $ip . $ipProxyStr
  								. (($hostname) ? ' - ' . $hostname : '');
! 				$success		= sprintf(L_NONREG_USER, $cmd[1])
! 								. '\n' . sprintf(L_NONREG_USER_IP, $ipString);
  			}
  			$dbLink->cleanResults();
   		}
+  		else
+  		{
+ 			$error				= sprintf(L_NONREG_USER, $cmd[1]);
+ 		}
  	} // end of 'not a registered user'
  

Index: invite.cmd.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/commands/invite.cmd.php3,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** invite.cmd.php3	2001/05/30 08:07:12	1.11
--- invite.cmd.php3	2001/06/01 20:44:40	1.12
***************
*** 86,90 ****
--- 86,92 ----
  		$invitedUsers[$i]	= trim($invitedUsers[$i]);
  		if ($invitedUsers[$i] == '')
+ 		{
  			continue;
+ 		}
  		$currentQuery		= str_replace('%TIME%', $currentTime + $i, $invitedQuery);
  		$slashedInvited		= pmcSlashSingleQuotes($invitedUsers[$i]);

Index: ignore.cmd.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/commands/ignore.cmd.php3,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -r1.7 -r1.8
*** ignore.cmd.php3	2001/05/30 08:07:12	1.7
--- ignore.cmd.php3	2001/06/01 20:44:40	1.8
***************
*** 87,91 ****
--- 87,93 ----
  	{
  		if (!dbSessionIsRegistered('ignoredSenders'))
+ 		{
  			$dbSessionVars['ignoredSenders'] = '';
+ 		}
  		$toAdd		= explode(',', $cmd[3]);
  		$toAddCnt	= count($toAdd);
***************
*** 95,99 ****
--- 97,103 ----
  			$toAdd[$i]	= trim($toAdd[$i]);
  			if ($toAdd[$i] == '')
+ 			{
  				continue;
+ 			}
  			if ($toAdd[$i] != $dbSessionVars['nick']
  				&& pmcIsInto($toAdd[$i], $dbSessionVars['ignoredSenders']) < 0)
***************
*** 138,142 ****
--- 142,148 ----
  				$toRemove[$i] = trim($toRemove[$i]);
  				if ($toRemove[$i] == '')
+ 				{
  					continue;
+ 				}
  				$pos			= pmcIsInto($toRemove[$i], $ignoredUsers);
  				if ($pos >= 0)
***************
*** 162,166 ****
--- 168,174 ----
  // Will completly reload the loader script
  if ($isCommand)
+ {
  	$enforceFirstLoad = 1;
+ }
  
  if (!$isPopup && $isCommand)

Index: banish.cmd.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/commands/banish.cmd.php3,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -r1.10 -r1.11
*** banish.cmd.php3	2001/05/30 08:07:12	1.10
--- banish.cmd.php3	2001/06/01 20:44:40	1.11
***************
*** 119,132 ****
--- 119,138 ----
  					$tmpArray				= explode(',', $targetOldBanRooms);
  					if (pmcIsInto($targetCurrentRoom, $tmpArray) < 0)
+ 					{
  						$targetNewBanRooms	= (count($tmpArray) > 2)
  											? '*'
  											: $slashedOldBanRooms . ',' . pmcSlashSingleQuotes($targetCurrentRoom);
+ 					}
  					else
+ 					{
  						$targetNewBanRooms	= $slashedOldBanRooms;
+ 					}
  					unset($tmpArray);
  				}
  				// IP needs to be updated?
  				if (substr($targetIp, 0, 1) == 'p' && substr($targetOldIp, 0, 1) != 'p')
+ 				{
  					$targetIp = $targetOldIp;
+ 				}
  				// Update the table
  				$dbLink->query("UPDATE " . C_BAN_TBL . " SET ip = '$targetIp', rooms = '$targetNewBanRooms', ban_until = '$banUntil' WHERE username = '$slashedTarget'");