diff -crN phpbb2011/admin/admin_db_utilities.php phpbb2017/admin/admin_db_utilities.php
*** phpbb2011/admin/admin_db_utilities.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/admin_db_utilities.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_db_utilities.php,v 1.42.2.10 2003/03/04 21:02:19 acydburn Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_db_utilities.php,v 1.42.2.11 2005/02/21 18:36:49 acydburn Exp $
*
****************************************************************************/
***************
*** 693,699 ****
include('./page_footer_admin.'.$phpEx);
}
! $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
--- 693,699 ----
include('./page_footer_admin.'.$phpEx);
}
! $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
diff -crN phpbb2011/admin/admin_forums.php phpbb2017/admin/admin_forums.php
*** phpbb2011/admin/admin_forums.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/admin_forums.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forums.php,v 1.40.2.11 2004/03/25 15:57:19 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forums.php,v 1.40.2.12 2005/05/07 22:18:10 acydburn Exp $
*
***************************************************************************/
***************
*** 233,238 ****
--- 233,239 ----
if( $mode == "addforum" )
{
list($cat_id) = each($HTTP_POST_VARS['addforum']);
+ $cat_id = intval($cat_id);
//
// stripslashes needs to be run on this because slashes are added when the forum name is posted
//
***************
*** 1024,1027 ****
include('./page_footer_admin.'.$phpEx);
! ?>
--- 1025,1028 ----
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb2011/admin/admin_smilies.php phpbb2017/admin/admin_smilies.php
*** phpbb2011/admin/admin_smilies.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/admin_smilies.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_smilies.php,v 1.22.2.13 2004/03/25 15:57:20 acydburn Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_smilies.php,v 1.22.2.14 2005/05/06 20:50:09 acydburn Exp $
*
****************************************************************************/
***************
*** 447,452 ****
--- 447,455 ----
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+ $smile_code = trim($smile_code);
+ $smile_url = trim($smile_url);
+ $smile_emotion = trim($smile_emotion);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
***************
*** 553,556 ****
//
include('./page_footer_admin.'.$phpEx);
! ?>
--- 556,559 ----
//
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb2011/admin/admin_styles.php phpbb2017/admin/admin_styles.php
*** phpbb2011/admin/admin_styles.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/admin_styles.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_styles.php,v 1.27.2.13 2004/07/15 17:57:50 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_styles.php,v 1.27.2.14 2005/03/17 17:33:30 acydburn Exp $
*
*
***************************************************************************/
***************
*** 75,81 ****
if( isset($install_to) )
{
! include($phpbb_root_path. "templates/" . $install_to . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
--- 75,81 ----
if( isset($install_to) )
{
! include($phpbb_root_path. "templates/" . basename($install_to) . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
***************
*** 739,745 ****
@umask(0111);
! $fp = @fopen($phpbb_root_path . 'templates/' . $template_name . '/theme_info.cfg', 'w');
if( !$fp )
{
--- 739,745 ----
@umask(0111);
! $fp = @fopen($phpbb_root_path . 'templates/' . basename($template_name) . '/theme_info.cfg', 'w');
if( !$fp )
{
diff -crN phpbb2011/admin/admin_ug_auth.php phpbb2017/admin/admin_ug_auth.php
*** phpbb2011/admin/admin_ug_auth.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/admin_ug_auth.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ug_auth.php,v 1.13.2.5 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ug_auth.php,v 1.13.2.9 2005/07/19 20:01:05 acydburn Exp $
*
*
***************************************************************************/
***************
*** 414,419 ****
--- 414,420 ----
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
WHERE ug.group_id = aa.group_id
AND u.user_id = ug.user_id
+ AND ug.user_pending = 0
AND u.user_level NOT IN (" . MOD . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) > 0";
***************
*** 508,513 ****
--- 509,556 ----
}
}
+ $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
+ WHERE group_id = $group_id";
+ $result = $db->sql_query($sql);
+
+ $group_user = array();
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $group_user[$row['user_id']] = $row['user_id'];
+ }
+ $db->sql_freeresult($result);
+
+ $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod
+ FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
+ WHERE ug.user_id IN (" . implode(', ', $group_user) . ")
+ AND aa.group_id = ug.group_id
+ AND aa.auth_mod = 1
+ GROUP BY ug.user_id";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
+ }
+
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['is_auth_mod'])
+ {
+ unset($group_user[$row['user_id']]);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ if (sizeof($group_user))
+ {
+ $sql = "UPDATE " . USERS_TABLE . "
+ SET user_level = " . USER . "
+ WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
+ }
+ }
+
message_die(GENERAL_MESSAGE, $message);
}
}
***************
*** 526,534 ****
//
// Front end
//
! $sql = "SELECT *
! FROM " . FORUMS_TABLE . " f
! ORDER BY forum_order";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
--- 569,578 ----
//
// Front end
//
! $sql = "SELECT f.*
! FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
! WHERE f.cat_id = c.cat_id
! ORDER BY c.cat_order, f.forum_order ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
***************
*** 561,567 ****
}
}
! $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
--- 605,611 ----
}
}
! $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user, ug.user_pending FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 764,770 ****
$i++;
}
! @reset($auth_user);
if ( $mode == 'user' )
{
--- 808,814 ----
$i++;
}
! // @reset($auth_user);
if ( $mode == 'user' )
{
***************
*** 789,800 ****
if( count($name) )
{
! $t_usergroup_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&' . POST_GROUPS_URL : 'user&' . POST_USERS_URL;
! $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
}
}
else
--- 833,851 ----
if( count($name) )
{
! $t_usergroup_list = $t_pending_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&' . POST_GROUPS_URL : 'user&' . POST_USERS_URL;
! if (!$ug_info[$i]['user_pending'])
! {
! $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
! }
! else
! {
! $t_pending_list .= ( ( $t_pending_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
! }
}
}
else
***************
*** 857,863 ****
$template->assign_vars(array(
'USERNAME' => $t_groupname,
! 'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list)
);
}
--- 908,914 ----
$template->assign_vars(array(
'USERNAME' => $t_groupname,
! 'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list . '
' . $lang['Pending_members'] . ' : ' . $t_pending_list)
);
}
diff -crN phpbb2011/admin/admin_users.php phpbb2017/admin/admin_users.php
*** phpbb2011/admin/admin_users.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/admin_users.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_users.php,v 1.57.2.26 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_users.php,v 1.57.2.27 2005/07/19 20:01:07 acydburn Exp $
*
*
***************************************************************************/
***************
*** 86,92 ****
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
! SET poster_id = " . DELETED . ", post_username = '$username'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
--- 86,92 ----
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
! SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
diff -crN phpbb2011/admin/index.php phpbb2017/admin/index.php
*** phpbb2011/admin/index.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/index.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.40.2.6 2004/07/11 16:46:15 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.40.2.7 2005/02/21 18:37:02 acydburn Exp $
*
*
***************************************************************************/
***************
*** 559,564 ****
--- 559,629 ----
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}
+
+ // Check for new version
+ $current_version = explode('.', '2' . $board_config['version']);
+ $minor_revision = (int) $current_version[2];
+
+ $errno = 0;
+ $errstr = $version_info = '';
+
+ if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
+ {
+ @fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
+ @fputs($fsock, "HOST: www.phpbb.com\r\n");
+ @fputs($fsock, "Connection: close\r\n\r\n");
+
+ $get_info = false;
+ while (!@feof($fsock))
+ {
+ if ($get_info)
+ {
+ $version_info .= @fread($fsock, 1024);
+ }
+ else
+ {
+ if (@fgets($fsock, 1024) == "\r\n")
+ {
+ $get_info = true;
+ }
+ }
+ }
+ @fclose($fsock);
+
+ $version_info = explode("\n", $version_info);
+ $latest_head_revision = (int) $version_info[0];
+ $latest_minor_revision = (int) $version_info[2];
+ $latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
+
+ if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
+ {
+ $version_info = '' . $lang['Version_up_to_date'] . '
';
+ }
+ else
+ {
+ $version_info = '' . $lang['Version_not_up_to_date'];
+ $version_info .= '
' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '
';
+ }
+ }
+ else
+ {
+ if ($errstr)
+ {
+ $version_info = '' . sprintf($lang['Connect_socket_error'], $errstr) . '
';
+ }
+ else
+ {
+ $version_info = '' . $lang['Socket_functions_disabled'] . '
';
+ }
+ }
+
+ $version_info .= '' . $lang['Mailing_list_subscribe_reminder'] . '
';
+
+
+ $template->assign_vars(array(
+ 'VERSION_INFO' => $version_info,
+ 'L_VERSION_INFORMATION' => $lang['Version_information'])
+ );
$template->pparse("body");
diff -crN phpbb2011/admin/page_footer_admin.php phpbb2017/admin/page_footer_admin.php
*** phpbb2011/admin/page_footer_admin.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/page_footer_admin.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_footer_admin.php,v 1.9.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_footer_admin.php,v 1.9.2.3 2005/04/15 20:15:47 acydburn Exp $
*
*
***************************************************************************/
***************
*** 33,39 ****
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
--- 33,39 ----
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => ($userdata['user_level'] == ADMIN && $userdata['user_id'] != ANONYMOUS) ? '2' . $board_config['version'] : '',
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
diff -crN phpbb2011/admin/page_header_admin.php phpbb2017/admin/page_header_admin.php
*** phpbb2011/admin/page_header_admin.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/page_header_admin.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header_admin.php,v 1.12.2.5 2003/06/10 20:48:18 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header_admin.php,v 1.12.2.6 2005/03/26 14:15:59 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
{
$phpver = phpversion();
! $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
--- 35,41 ----
{
$phpver = phpversion();
! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
diff -crN phpbb2011/admin/pagestart.php phpbb2017/admin/pagestart.php
*** phpbb2011/admin/pagestart.php Thu Nov 18 21:02:11 2004
--- phpbb2017/admin/pagestart.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: pagestart.php,v 1.1.2.7 2004/03/24 14:43:31 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: pagestart.php,v 1.1.2.9 2005/06/26 14:39:30 acydburn Exp $
*
*
***************************************************************************/
***************
*** 40,46 ****
if (!$userdata['session_logged_in'])
{
! redirect(append_sid("login.$phpEx?redirect=admin/", true));
}
else if ($userdata['user_level'] != ADMIN)
{
--- 40,46 ----
if (!$userdata['session_logged_in'])
{
! redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx", true));
}
else if ($userdata['user_level'] != ADMIN)
{
***************
*** 57,62 ****
--- 57,67 ----
$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];
redirect("index.$phpEx?sid=" . $userdata['session_id']);
+ }
+
+ if (!$userdata['session_admin'])
+ {
+ redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true));
}
if (empty($no_page_header))
diff -crN phpbb2011/common.php phpbb2017/common.php
*** phpbb2011/common.php Thu Nov 18 21:02:13 2004
--- phpbb2017/common.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: common.php,v 1.74.2.14 2004/11/18 17:49:34 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: common.php,v 1.74.2.17 2005/02/21 19:29:30 acydburn Exp $
*
***************************************************************************/
***************
*** 53,59 ****
// We 'flip' the array of variables to test like this so that
// we can validate later with isset($test[$var]) (no in_array())
! $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);
// Loop through each input array
@reset($test);
--- 53,59 ----
// We 'flip' the array of variables to test like this so that
// we can validate later with isset($test[$var]) (no in_array())
! $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
// Loop through each input array
@reset($test);
***************
*** 72,78 ****
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
// PHP4+ path
!
// Not only will array_merge give a warning if a parameter
// is not an array, it will actually fail. So we check if
// HTTP_SESSION_VARS has been initialised.
--- 72,79 ----
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
// PHP4+ path
! $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
!
// Not only will array_merge give a warning if a parameter
// is not an array, it will actually fail. So we check if
// HTTP_SESSION_VARS has been initialised.
***************
*** 86,95 ****
$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
unset($input['input']);
!
while (list($var,) = @each($input))
{
! unset($$var);
}
unset($input);
--- 87,100 ----
$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
unset($input['input']);
! unset($input['not_unset']);
!
while (list($var,) = @each($input))
{
! if (!in_array($var, $not_unset))
! {
! unset($$var);
! }
}
unset($input);
***************
*** 199,205 ****
// even bother complaining ... go scream and shout at the idiots out there who feel
// "clever" is doing harm rather than good ... karma is a great thing ... :)
//
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
$user_ip = encode_ip($client_ip);
//
--- 204,210 ----
// even bother complaining ... go scream and shout at the idiots out there who feel
// "clever" is doing harm rather than good ... karma is a great thing ... :)
//
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
$user_ip = encode_ip($client_ip);
//
diff -crN phpbb2011/db/oracle.php phpbb2017/db/oracle.php
*** phpbb2011/db/oracle.php Thu Nov 18 21:02:11 2004
--- phpbb2017/db/oracle.php Thu Jan 1 01:00:00 1970
***************
*** 1,472 ****
- persistency = $persistency;
- $this->user = $sqluser;
- $this->password = $sqlpassword;
- $this->server = $sqlserver;
- $this->dbname = $database;
-
- if($this->persistency)
- {
- $this->db_connect_id = @OCIPLogon($this->user, $this->password, $this->server);
- }
- else
- {
- $this->db_connect_id = @OCINLogon($this->user, $this->password, $this->server);
- }
- if($this->db_connect_id)
- {
- return $this->db_connect_id;
- }
- else
- {
- return false;
- }
- }
-
- //
- // Other base methods
- //
- function sql_close()
- {
- if($this->db_connect_id)
- {
- // Commit outstanding transactions
- if($this->in_transaction)
- {
- OCICommit($this->db_connect_id);
- }
-
- if($this->query_result)
- {
- @OCIFreeStatement($this->query_result);
- }
- $result = @OCILogoff($this->db_connect_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
-
- //
- // Base query method
- //
- function sql_query($query = "", $transaction = FALSE)
- {
- // Remove any pre-existing queries
- unset($this->query_result);
-
- // Put us in transaction mode because with Oracle as soon as you make a query you're in a transaction
- $this->in_transaction = TRUE;
-
- if($query != "")
- {
- $this->last_query = $query;
- $this->num_queries++;
-
- if(eregi("LIMIT", $query))
- {
- preg_match("/^(.*)LIMIT ([0-9]+)[, ]*([0-9]+)*/s", $query, $limits);
-
- $query = $limits[1];
- if($limits[3])
- {
- $row_offset = $limits[2];
- $num_rows = $limits[3];
- }
- else
- {
- $row_offset = 0;
- $num_rows = $limits[2];
- }
- }
-
- if(eregi("^(INSERT|UPDATE) ", $query))
- {
- $query = preg_replace("/\\\'/s", "''", $query);
- }
-
- $this->query_result = @OCIParse($this->db_connect_id, $query);
- $success = @OCIExecute($this->query_result, OCI_DEFAULT);
- }
- if($success)
- {
- if($transaction == END_TRANSACTION)
- {
- OCICommit($this->db_connect_id);
- $this->in_transaction = FALSE;
- }
-
- unset($this->row[$this->query_result]);
- unset($this->rowset[$this->query_result]);
- $this->last_query_text[$this->query_result] = $query;
-
- return $this->query_result;
- }
- else
- {
- if($this->in_transaction)
- {
- OCIRollback($this->db_connect_id);
- }
- return false;
- }
- }
-
- //
- // Other query methods
- //
- function sql_numrows($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIFetchStatement($query_id, $this->rowset);
- // OCIFetchStatment kills our query result so we have to execute the statment again
- // if we ever want to use the query_id again.
- @OCIExecute($query_id, OCI_DEFAULT);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_affectedrows($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIRowCount($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_numfields($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCINumCols($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fieldname($offset, $query_id = 0)
- {
- // OCIColumnName uses a 1 based array so we have to up the offset by 1 in here to maintain
- // full abstraction compatibitly
- $offset += 1;
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = strtolower(@OCIColumnName($query_id, $offset));
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fieldtype($offset, $query_id = 0)
- {
- // This situation is the same as fieldname
- $offset += 1;
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIColumnType($query_id, $offset);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fetchrow($query_id = 0, $debug = FALSE)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result_row = "";
- $result = @OCIFetchInto($query_id, $result_row, OCI_ASSOC+OCI_RETURN_NULLS);
- if($debug)
- {
- echo "Query was: ".$this->last_query . "
";
- echo "Result: $result
";
- echo "Query ID: $query_id
";
- echo "";
- var_dump($result_row);
- echo "
";
- }
- if($result_row == "")
- {
- return false;
- }
-
- for($i = 0; $i < count($result_row); $i++)
- {
- list($key, $val) = each($result_row);
- $return_arr[strtolower($key)] = $val;
- }
- $this->row[$query_id] = $return_arr;
-
- return $this->row[$query_id];
- }
- else
- {
- return false;
- }
- }
- // This function probably isn't as efficant is it could be but any other way I do it
- // I end up losing 1 row...
- function sql_fetchrowset($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $rows = @OCIFetchStatement($query_id, $results);
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rows; $i++)
- {
- @OCIFetchInto($query_id, $tmp_result, OCI_ASSOC+OCI_RETURN_NULLS);
-
- for($j = 0; $j < count($tmp_result); $j++)
- {
- list($key, $val) = each($tmp_result);
- $return_arr[strtolower($key)] = $val;
- }
- $result[] = $return_arr;
- }
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fetchfield($field, $rownum = -1, $query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- if($rownum > -1)
- {
- // Reset the internal rownum pointer.
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rownum; $i++)
- {
- // Move the interal pointer to the row we want
- @OCIFetch($query_id);
- }
- // Get the field data.
- $result = @OCIResult($query_id, strtoupper($field));
- }
- else
- {
- // The internal pointer should be where we want it
- // so we just grab the field out of the current row.
- $result = @OCIResult($query_id, strtoupper($field));
- }
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_rowseek($rownum, $query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rownum; $i++)
- {
- @OCIFetch($query_id);
- }
- $result = @OCIFetch($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_nextid($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id && $this->last_query_text[$query_id] != "")
- {
- if( eregi("^(INSERT{1}|^INSERT INTO{1})[[:space:]][\"]?([a-zA-Z0-9\_\-]+)[\"]?", $this->last_query_text[$query_id], $tablename))
- {
- $query = "SELECT ".$tablename[2]."_id_seq.currval FROM DUAL";
- $stmt = @OCIParse($this->db_connect_id, $query);
- @OCIExecute($stmt,OCI_DEFAULT );
- $temp_result = @OCIFetchInto($stmt, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS);
- if($temp_result)
- {
- return $temp_result['CURRVAL'];
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
-
- function sql_nextid($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id && $this->last_query_text[$query_id] != "")
- {
- if( eregi("^(INSERT{1}|^INSERT INTO{1})[[:space:]][\"]?([a-zA-Z0-9\_\-]+)[\"]?", $this->last_query_text[$query_id], $tablename))
- {
- $query = "SELECT ".$tablename[2]."_id_seq.CURRVAL FROM DUAL";
- $temp_q_id = @OCIParse($this->db_connect_id, $query);
- @OCIExecute($temp_q_id, OCI_DEFAULT);
- @OCIFetchInto($temp_q_id, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS);
-
- if($temp_result)
- {
- return $temp_result['CURRVAL'];
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
-
-
-
- function sql_freeresult($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIFreeStatement($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_error($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- $result = @OCIError($query_id);
- return $result;
- }
-
- } // class sql_db
-
- } // if ... define
-
- ?>
\ No newline at end of file
--- 0 ----
diff -crN phpbb2011/db/postgres7.php phpbb2017/db/postgres7.php
*** phpbb2011/db/postgres7.php Thu Nov 18 21:02:11 2004
--- phpbb2017/db/postgres7.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : supportphpbb.com
*
! * $Id: postgres7.php,v 1.19 2002/03/05 02:19:38 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : supportphpbb.com
*
! * $Id: postgres7.php,v 1.19.2.3 2005/05/06 20:50:10 acydburn Exp $
*
***************************************************************************/
diff -crN phpbb2011/groupcp.php phpbb2017/groupcp.php
*** phpbb2011/groupcp.php Thu Nov 18 21:02:13 2004
--- phpbb2017/groupcp.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: groupcp.php,v 1.58.2.22 2004/11/18 17:49:34 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: groupcp.php,v 1.58.2.23 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 337,343 ****
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
--- 337,343 ----
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
diff -crN phpbb2011/includes/bbcode.php phpbb2017/includes/bbcode.php
*** phpbb2011/includes/bbcode.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/bbcode.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: bbcode.php,v 1.36.2.32 2004/07/11 16:46:19 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: bbcode.php,v 1.36.2.35 2005/07/19 20:01:10 acydburn Exp $
*
***************************************************************************/
***************
*** 124,129 ****
--- 124,131 ----
{
global $lang, $bbcode_tpl;
+ $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
+
// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
$text = " " . $text;
***************
*** 194,216 ****
// [img]image_url_here[/img] code..
// This one gets first-passed..
! $patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
$replacements[] = $bbcode_tpl['img'];
// matches a [url]xxxx://www.phpbb.com[/url] code..
! $patterns[] = "#\[url\]([\w]+?://[^ \"\n\r\t<]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url\]((www|ftp)\.[^ \"\n\r\t<]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
! $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
--- 196,218 ----
// [img]image_url_here[/img] code..
// This one gets first-passed..
! $patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";
$replacements[] = $bbcode_tpl['img'];
// matches a [url]xxxx://www.phpbb.com[/url] code..
! $patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
! $patterns[] = "#\[url=([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url=((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
***************
*** 614,619 ****
--- 616,622 ----
*/
function make_clickable($text)
{
+ $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
// pad it with a space so we can match things at the start of the 1st line.
$ret = ' ' . $text;
***************
*** 621,633 ****
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, comma, double quote or <
! $ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1\\2", $ret);
// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// zzzz is optional.. will contain everything up to the first space, newline,
// comma, double quote or <.
! $ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1\\2", $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
--- 624,636 ----
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, comma, double quote or <
! $ret = preg_replace("#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1\\2", $ret);
// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// zzzz is optional.. will contain everything up to the first space, newline,
// comma, double quote or <.
! $ret = preg_replace("#(^|[\n ])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1\\2", $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
diff -crN phpbb2011/includes/functions.php phpbb2017/includes/functions.php
*** phpbb2011/includes/functions.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/functions.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions.php,v 1.133.2.33 2004/11/18 17:49:42 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions.php,v 1.133.2.35 2005/07/19 20:01:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 77,89 ****
// added at phpBB 2.0.11 to properly format the username
function phpbb_clean_username($username)
{
! $username = htmlspecialchars(rtrim(trim($username), "\\"));
! $username = substr(str_replace("\\'", "'", $username), 0, 25);
! $username = str_replace("'", "\\'", $username);
return $username;
}
//
// Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
//
--- 77,115 ----
// added at phpBB 2.0.11 to properly format the username
function phpbb_clean_username($username)
{
! $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
! $username = phpbb_rtrim($username, "\\");
! $username = str_replace("'", "\'", $username);
return $username;
}
+ // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
+ function phpbb_rtrim($str, $charlist = false)
+ {
+ if ($charlist === false)
+ {
+ return rtrim($str);
+ }
+
+ $php_version = explode('.', PHP_VERSION);
+
+ // php version < 4.1.0
+ if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
+ {
+ while ($str{strlen($str)-1} == $charlist)
+ {
+ $str = substr($str, 0, strlen($str)-1);
+ }
+ }
+ else
+ {
+ $str = rtrim($str, $charlist);
+ }
+
+ return $str;
+ }
+
//
// Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
//
***************
*** 91,97 ****
{
global $db;
! if (intval($user) == 0 || $force_str)
{
$user = phpbb_clean_username($user);
}
--- 117,123 ----
{
global $db;
! if (!is_numeric($user) || $force_str)
{
$user = phpbb_clean_username($user);
}
***************
*** 552,558 ****
die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
}
! define(HAS_DIED, 1);
$sql_store = $sql;
--- 578,584 ----
die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
}
! define('HAS_DIED', 1);
$sql_store = $sql;
***************
*** 579,585 ****
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '
Line : ' . $err_line . '
File : ' . $err_file;
}
}
--- 605,611 ----
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '
Line : ' . $err_line . '
File : ' . basename($err_file);
}
}
diff -crN phpbb2011/includes/functions_selects.php phpbb2017/includes/functions_selects.php
*** phpbb2011/includes/functions_selects.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/functions_selects.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_selects.php,v 1.3.2.4 2002/12/22 12:20:35 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_selects.php,v 1.3.2.5 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 108,111 ****
return $tz_select;
}
! ?>
--- 108,111 ----
return $tz_select;
}
! ?>
\ No newline at end of file
diff -crN phpbb2011/includes/functions_validate.php phpbb2017/includes/functions_validate.php
*** phpbb2011/includes/functions_validate.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/functions_validate.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_validate.php,v 1.6.2.12 2003/06/09 19:13:05 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_validate.php,v 1.6.2.13 2005/07/19 20:01:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,40 ****
global $db, $lang, $userdata;
// Remove doubled up spaces
! $username = preg_replace('#\s+#', ' ', $username);
! // Limit username length
! $username = substr(str_replace("\'", "'", $username), 0, 25);
! $username = str_replace("'", "''", $username);
!
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
--- 30,38 ----
global $db, $lang, $userdata;
// Remove doubled up spaces
! $username = preg_replace('#\s+#', ' ', trim($username));
! $username = phpbb_clean_username($username);
!
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
diff -crN phpbb2011/includes/page_header.php phpbb2017/includes/page_header.php
*** phpbb2011/includes/page_header.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/page_header.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header.php,v 1.106.2.23 2004/07/11 16:46:19 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header.php,v 1.106.2.24 2005/03/26 14:15:59 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
{
$phpver = phpversion();
! $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
--- 35,41 ----
{
$phpver = phpversion();
! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
***************
*** 466,472 ****
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
! if (!empty($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache/2'))
{
header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
--- 466,472 ----
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
! if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
{
header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
diff -crN phpbb2011/includes/page_tail.php phpbb2017/includes/page_tail.php
*** phpbb2011/includes/page_tail.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/page_tail.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_tail.php,v 1.27.2.2 2002/11/26 11:42:12 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_tail.php,v 1.27.2.3 2004/12/22 02:04:00 psotfx Exp $
*
*
***************************************************************************/
***************
*** 35,42 ****
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
! 'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
);
--- 35,41 ----
);
$template->assign_vars(array(
! 'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
);
diff -crN phpbb2011/includes/sessions.php phpbb2017/includes/sessions.php
*** phpbb2011/includes/sessions.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/sessions.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: sessions.php,v 1.58.2.11 2004/07/11 16:46:19 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: sessions.php,v 1.58.2.14 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 24,30 ****
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0)
{
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
--- 24,30 ----
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)
{
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
***************
*** 53,58 ****
--- 53,60 ----
$session_id = '';
}
+ $page_id = (int) $page_id;
+
$last_visit = 0;
$current_time = time();
$expiry_time = $current_time - $board_config['session_length'];
***************
*** 79,85 ****
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
! if( $sessiondata['autologinid'] == $auto_login_key )
{
// autologinid matches password
$login = 1;
--- 81,87 ----
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
! if( $sessiondata['autologinid'] === $auto_login_key )
{
// autologinid matches password
$login = 1;
***************
*** 91,96 ****
--- 93,103 ----
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
+
+ $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+ $result = $db->sql_query($sql);
+ $userdata = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
}
}
else
***************
*** 99,104 ****
--- 106,116 ----
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
+
+ $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+ $result = $db->sql_query($sql);
+ $userdata = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
}
}
else
***************
*** 143,158 ****
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login
WHERE session_id = '" . $session_id . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
{
! $session_id = md5(uniqid($user_ip));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
--- 155,172 ----
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
WHERE session_id = '" . $session_id . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
{
! list($sec, $usec) = explode(' ', microtime());
! mt_srand((float) $sec + ((float) $usec * 100000));
! $session_id = md5(uniqid(mt_rand(), true));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
***************
*** 163,179 ****
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
! $sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
! WHERE user_id = $user_id";
! if ( !$db->sql_query($sql) )
{
! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
}
$userdata['user_lastvisit'] = $last_visit;
! $sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '';
$sessiondata['userid'] = $user_id;
}
--- 177,196 ----
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
! if (!$admin)
{
! $sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
! WHERE user_id = $user_id";
! if ( !$db->sql_query($sql) )
! {
! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
! }
}
$userdata['user_lastvisit'] = $last_visit;
! $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
$sessiondata['userid'] = $user_id;
}
***************
*** 184,189 ****
--- 201,207 ----
$userdata['session_page'] = $page_id;
$userdata['session_start'] = $current_time;
$userdata['session_time'] = $current_time;
+ $userdata['session_admin'] = $admin;
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
***************
*** 229,234 ****
--- 247,254 ----
$session_id = '';
}
+ $thispage_id = (int) $thispage_id;
+
//
// Does a session exist?
//
***************
*** 271,278 ****
//
if ( $current_time - $userdata['session_time'] > 60 )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_time = $current_time, session_page = $thispage_id
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
--- 291,301 ----
//
if ( $current_time - $userdata['session_time'] > 60 )
{
+ // A little trick to reset session_admin on session re-usage
+ $update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';
+
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_time = $current_time, session_page = $thispage_id$update_admin
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
***************
*** 282,288 ****
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
--- 305,311 ----
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
***************
*** 294,299 ****
--- 317,323 ----
// Delete expired sessions
//
$expiry_time = $current_time - $board_config['session_length'];
+
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_time < $expiry_time
AND session_id <> '$session_id'";
diff -crN phpbb2011/includes/smtp.php phpbb2017/includes/smtp.php
*** phpbb2011/includes/smtp.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/smtp.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: smtp.php,v 1.16.2.9 2003/07/18 16:34:01 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: smtp.php,v 1.16.2.10 2005/05/06 20:50:11 acydburn Exp $
*
***************************************************************************/
***************
*** 106,112 ****
// Ok we have error checked as much as we can to this point let's get on
// it already.
! if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
{
message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);
}
--- 106,112 ----
// Ok we have error checked as much as we can to this point let's get on
// it already.
! if( !$socket = @fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
{
message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);
}
diff -crN phpbb2011/includes/template.php phpbb2017/includes/template.php
*** phpbb2011/includes/template.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/template.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: template.php,v 1.10.2.3 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: template.php,v 1.10.2.5 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 230,236 ****
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/')
{
! $filename = phpbb_realpath($this->root . '/' . $filename);
}
if (!file_exists($filename))
--- 230,236 ----
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/')
{
! $filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
}
if (!file_exists($filename))
***************
*** 475,478 ****
}
! ?>
--- 475,478 ----
}
! ?>
\ No newline at end of file
diff -crN phpbb2011/includes/topic_review.php phpbb2017/includes/topic_review.php
*** phpbb2011/includes/topic_review.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/topic_review.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: topic_review.php,v 1.5.2.3 2004/11/18 17:49:45 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: topic_review.php,v 1.5.2.4 2005/05/06 20:50:12 acydburn Exp $
*
*
***************************************************************************/
***************
*** 225,228 ****
}
}
! ?>
--- 225,228 ----
}
}
! ?>
\ No newline at end of file
diff -crN phpbb2011/includes/usercp_activate.php phpbb2017/includes/usercp_activate.php
*** phpbb2011/includes/usercp_activate.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/usercp_activate.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_activate.php,v 1.6.2.7 2003/05/03 23:24:02 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_activate.php,v 1.6.2.8 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 47,52 ****
--- 47,57 ----
}
else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
{
+ if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $userdata['user_level'] != ADMIN)
+ {
+ message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
+ }
+
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
diff -crN phpbb2011/includes/usercp_avatar.php phpbb2017/includes/usercp_avatar.php
*** phpbb2011/includes/usercp_avatar.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/usercp_avatar.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_avatar.php,v 1.8.2.18 2004/07/11 16:46:20 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_avatar.php,v 1.8.2.21 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 51,56 ****
--- 51,57 ----
{
global $board_config, $userdata;
+ $avatar_file = basename($avatar_file);
if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
{
if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $avatar_file)) )
***************
*** 65,70 ****
--- 66,78 ----
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
+
+ $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
+ if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
+ {
+ return '';
+ }
+
if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
{
$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
***************
*** 78,83 ****
--- 86,93 ----
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
+ global $lang;
+
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
***************
*** 191,197 ****
return;
}
! if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$new_filename = uniqid(rand()) . $imgtype;
--- 201,207 ----
return;
}
! if ( $width > 0 && $height > 0 && $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$new_filename = uniqid(rand()) . $imgtype;
***************
*** 224,229 ****
--- 234,243 ----
$move_file = 'copy';
}
+ if (!is_uploaded_file($avatar_filename))
+ {
+ message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
+ }
$move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");
}
diff -crN phpbb2011/includes/usercp_register.php phpbb2017/includes/usercp_register.php
*** phpbb2011/includes/usercp_register.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/usercp_register.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_register.php,v 1.20.2.58 2004/11/18 17:49:45 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_register.php,v 1.20.2.61 2005/06/26 12:03:44 acydburn Exp $
*
*
***************************************************************************/
***************
*** 409,417 ****
// Error is already triggered, since one field is empty.
$error = TRUE;
}
! else if ( $username != $userdata['username'] || $mode == 'register' )
{
! if (strtolower($username) != strtolower($userdata['username']))
{
$result = validate_username($username);
if ( $result['error'] )
--- 409,417 ----
// Error is already triggered, since one field is empty.
$error = TRUE;
}
! else if ( $username != $userdata['username'] || $mode == 'register')
{
! if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register')
{
$result = validate_username($username);
if ( $result['error'] )
***************
*** 454,465 ****
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}
!
if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
--- 454,465 ----
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}
! else
if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
diff -crN phpbb2011/includes/usercp_viewprofile.php phpbb2017/includes/usercp_viewprofile.php
*** phpbb2011/includes/usercp_viewprofile.php Thu Nov 18 21:02:11 2004
--- phpbb2017/includes/usercp_viewprofile.php Tue Jul 19 22:14:57 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_viewprofile.php,v 1.5.2.3 2004/11/18 17:49:45 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_viewprofile.php,v 1.5.2.5 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 33,38 ****
--- 33,43 ----
}
$profiledata = get_userdata($HTTP_GET_VARS[POST_USERS_URL]);
+ if (!$profiledata)
+ {
+ message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
+ }
+
$sql = "SELECT *
FROM " . RANKS_TABLE . "
ORDER BY rank_special, rank_min";
***************
*** 160,167 ****
$yim = ( $profiledata['user_yim'] ) ? '' . $lang['YIM'] . '' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&showresults=posts");
! $search_img = '![' . $lang['Search_user_posts'] . '](' . $images['icon_search'] . ' "' . $lang['Search_user_posts'] . '")
';
! $search = '' . $lang['Search_user_posts'] . '';
//
// Generate page
--- 165,172 ----
$yim = ( $profiledata['user_yim'] ) ? '' . $lang['YIM'] . '' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&showresults=posts");
! $search_img = '';
! $search = '' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '';
//
// Generate page
diff -crN phpbb2011/language/lang_english/lang_admin.php phpbb2017/language/lang_english/lang_admin.php
*** phpbb2011/language/lang_english/lang_admin.php Thu Nov 18 21:02:12 2004
--- phpbb2017/language/lang_english/lang_admin.php Tue Jul 19 22:14:57 2005
***************
*** 7,13 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_admin.php,v 1.35.2.9 2003/06/10 00:31:19 psotfx Exp $
*
****************************************************************************/
--- 7,13 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_admin.php,v 1.35.2.10 2005/02/21 18:38:17 acydburn Exp $
*
****************************************************************************/
***************
*** 723,728 ****
--- 723,740 ----
$lang['Install_No_Ext'] = 'The PHP configuration on your server doesn\'t support the database type that you chose';
$lang['Install_No_PCRE'] = 'phpBB2 Requires the Perl-Compatible Regular Expressions Module for PHP which your PHP configuration doesn\'t appear to support!';
+
+ //
+ // Version Check
+ //
+ $lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
+ $lang['Version_not_up_to_date'] = 'Your installation does not seem to be up to date. Updates are available for your version of phpBB, please visit http://www.phpbb.com/downloads.php to obtain the latest version.';
+ $lang['Latest_version_info'] = 'The latest available version is phpBB %s.';
+ $lang['Current_version_info'] = 'You are running phpBB %s.';
+ $lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:
%s';
+ $lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
+ $lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not subscribe to our mailing list.';
+ $lang['Version_information'] = 'Version Information';
//
// That's all Folks!
diff -crN phpbb2011/language/lang_english/lang_main.php phpbb2017/language/lang_english/lang_main.php
*** phpbb2011/language/lang_english/lang_main.php Thu Nov 18 21:02:12 2004
--- phpbb2017/language/lang_english/lang_main.php Tue Jul 19 22:14:57 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_main.php,v 1.85.2.15 2003/06/10 00:31:19 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_main.php,v 1.85.2.16 2005/05/06 20:50:13 acydburn Exp $
*
****************************************************************************/
***************
*** 1017,1022 ****
--- 1017,1024 ----
$lang['Critical_Error'] = 'Critical Error';
$lang['An_error_occured'] = 'An Error Occurred';
$lang['A_critical_error'] = 'A Critical Error Occurred';
+
+ $lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticate yourself.';
//
// That's all, Folks!
diff -crN phpbb2011/login.php phpbb2017/login.php
*** phpbb2011/login.php Thu Nov 18 21:02:13 2004
--- phpbb2017/login.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: login.php,v 1.47.2.17 2004/11/18 17:49:35 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: login.php,v 1.47.2.18 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 52,58 ****
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
{
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
--- 52,58 ----
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) )
{
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
***************
*** 77,83 ****
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);
if( $session_id )
{
--- 77,84 ----
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
! $admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);
if( $session_id )
{
***************
*** 158,164 ****
// Do a full login page dohickey if
// user not already logged in
//
! if( !$userdata['session_logged_in'] )
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
--- 159,165 ----
// Do a full login page dohickey if
// user not already logged in
//
! if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN))
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
***************
*** 207,218 ****
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
$s_hidden_fields = '';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
! 'L_ENTER_PASSWORD' => $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
--- 208,220 ----
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
$s_hidden_fields = '';
+ $s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '' : '';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
! 'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
diff -crN phpbb2011/modcp.php phpbb2017/modcp.php
*** phpbb2011/modcp.php Thu Nov 18 21:02:13 2004
--- phpbb2017/modcp.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: modcp.php,v 1.71.2.24 2004/07/11 16:46:15 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: modcp.php,v 1.71.2.26 2005/06/26 12:03:46 acydburn Exp $
*
***************************************************************************/
***************
*** 131,136 ****
--- 131,141 ----
}
$topic_row = $db->sql_fetchrow($result);
+ if (!$topic_row)
+ {
+ message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
+ }
+
$forum_topics = ( $topic_row['forum_topics'] == 0 ) ? 1 : $topic_row['forum_topics'];
$forum_id = $topic_row['forum_id'];
$forum_name = $topic_row['forum_name'];
***************
*** 146,151 ****
--- 151,161 ----
}
$topic_row = $db->sql_fetchrow($result);
+ if (!$topic_row)
+ {
+ message_die(GENERAL_MESSAGE, 'Forum_not_exist');
+ }
+
$forum_topics = ( $topic_row['forum_topics'] == 0 ) ? 1 : $topic_row['forum_topics'];
$forum_name = $topic_row['forum_name'];
}
***************
*** 453,458 ****
--- 463,482 ----
$new_forum_id = intval($HTTP_POST_VARS['new_forum']);
$old_forum_id = $forum_id;
+ $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . '
+ WHERE forum_id = ' . $new_forum_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select from forums table', '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$db->sql_fetchrow($result))
+ {
+ message_die(GENERAL_MESSAGE, 'New forum does not exist');
+ }
+
+ $db->sql_freeresult($result);
+
if ( $new_forum_id != $old_forum_id )
{
$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
***************
*** 746,751 ****
--- 770,789 ----
$new_forum_id = intval($HTTP_POST_VARS['new_forum_id']);
$topic_time = time();
+ $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . '
+ WHERE forum_id = ' . $new_forum_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select from forums table', '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$db->sql_fetchrow($result))
+ {
+ message_die(GENERAL_MESSAGE, 'New forum does not exist');
+ }
+
+ $db->sql_freeresult($result);
+
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type)
VALUES ('" . str_replace("\'", "''", $post_subject) . "', $first_poster, " . $topic_time . ", $new_forum_id, " . TOPIC_UNLOCKED . ", " . POST_NORMAL . ")";
if (!($db->sql_query($sql, BEGIN_TRANSACTION)))
diff -crN phpbb2011/posting.php phpbb2017/posting.php
*** phpbb2011/posting.php Thu Nov 18 21:02:13 2004
--- phpbb2017/posting.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: posting.php,v 1.159.2.22 2004/07/11 16:46:16 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: posting.php,v 1.159.2.23 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 1105,1108 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 1105,1108 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb2011/privmsg.php phpbb2017/privmsg.php
*** phpbb2011/privmsg.php Thu Nov 18 21:02:13 2004
--- phpbb2017/privmsg.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: privmsg.php,v 1.96.2.37 2004/11/18 17:49:36 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: privmsg.php,v 1.96.2.40 2005/07/19 20:01:19 acydburn Exp $
*
*
***************************************************************************/
***************
*** 563,571 ****
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] )
{
! if ( $user_sig != '' && $privmsg['privmsgs_enable_sig'] && $userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
--- 563,571 ----
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] || !$userdata['user_allowhtml'])
{
! if ( $user_sig != '')
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
***************
*** 698,744 ****
}
else if ( $confirm )
{
! if ( $delete_all )
{
! switch($folder)
{
! case 'inbox':
! $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
! privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'outbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'sentbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
! break;
! case 'savebox':
! $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
! OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
! break;
! }
! $sql = "SELECT privmsgs_id
! FROM " . PRIVMSGS_TABLE . "
! WHERE $delete_type";
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain id list to delete all messages', '', __LINE__, __FILE__, $sql);
! }
! while ( $row = $db->sql_fetchrow($result) )
! {
! $mark_list[] = $row['privmsgs_id'];
! }
! unset($delete_type);
}
if ( count($mark_list) )
{
$delete_sql_id = '';
--- 698,754 ----
}
else if ( $confirm )
{
! $delete_sql_id = '';
!
! if (!$delete_all)
{
! for ($i = 0; $i < count($mark_list); $i++)
{
! $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
! }
! $delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
! }
! switch($folder)
! {
! case 'inbox':
! $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
! privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'outbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'sentbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
! break;
! case 'savebox':
! $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
! OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
! break;
! }
! $sql = "SELECT privmsgs_id
! FROM " . PRIVMSGS_TABLE . "
! WHERE $delete_type $delete_sql_id";
!
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain id list to delete messages', '', __LINE__, __FILE__, $sql);
! }
! $mark_list = array();
! while ( $row = $db->sql_fetchrow($result) )
! {
! $mark_list[] = $row['privmsgs_id'];
}
+ unset($delete_type);
+
if ( count($mark_list) )
{
$delete_sql_id = '';
***************
*** 1494,1499 ****
--- 1504,1513 ----
$mode = 'reply';
}
}
+ else
+ {
+ $privmsg_subject = $privmsg_message = '';
+ }
}
//
***************
*** 1528,1536 ****
//
// Finalise processing as per viewtopic
//
! if ( !$html_on )
{
! if ( $user_sig != '' || !$userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
--- 1542,1550 ----
//
// Finalise processing as per viewtopic
//
! if ( !$html_on || !$board_config['allow_html'] || !$userdata['user_allowhtml'] )
{
! if ( $user_sig != '' )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
***************
*** 2020,2025 ****
--- 2034,2043 ----
break;
}
}
+ else
+ {
+ $inbox_limit_img_length = $inbox_limit_pct = $l_box_size_status = '';
+ }
//
// Dump vars to template
***************
*** 2153,2156 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 2171,2174 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb2011/search.php phpbb2017/search.php
*** phpbb2011/search.php Thu Nov 18 21:02:13 2004
--- phpbb2017/search.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: search.php,v 1.72.2.15 2004/11/18 17:49:39 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: search.php,v 1.72.2.16 2005/03/15 18:34:34 acydburn Exp $
*
*
***************************************************************************/
***************
*** 197,202 ****
--- 197,207 ----
}
else
{
+ if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
+ {
+ $search_author = '';
+ }
+
$search_author = str_replace('*', '%', trim($search_author));
$sql = "SELECT user_id
***************
*** 264,269 ****
--- 269,280 ----
for($i = 0; $i < count($split_search); $i++)
{
+ if (preg_match('#^[\*%]+$#', trim($split_search[$i])) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($split_search[$i]))))
+ {
+ $split_search[$i] = '';
+ continue;
+ }
+
switch ( $split_search[$i] )
{
case 'and':
***************
*** 407,412 ****
--- 418,428 ----
//
if ( $search_author != '' )
{
+ if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
+ {
+ $search_author = '';
+ }
+
$search_author = str_replace('*', '%', trim(str_replace("\'", "''", $search_author)));
}
diff -crN phpbb2011/templates/subSilver/admin/index_body.tpl phpbb2017/templates/subSilver/admin/index_body.tpl
*** phpbb2011/templates/subSilver/admin/index_body.tpl Thu Nov 18 21:02:12 2004
--- phpbb2017/templates/subSilver/admin/index_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 77,79 ****
--- 77,85 ----
+
+ {L_VERSION_INFORMATION}
+
+ {VERSION_INFO}
+
+
diff -crN phpbb2011/templates/subSilver/faq_body.tpl phpbb2017/templates/subSilver/faq_body.tpl
*** phpbb2011/templates/subSilver/faq_body.tpl Thu Nov 18 21:02:12 2004
--- phpbb2017/templates/subSilver/faq_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 34,40 ****
! {faq_block.faq_row.FAQ_QUESTION}
{faq_block.faq_row.FAQ_ANSWER}
{L_BACK_TO_TOP} |
 |
--- 34,40 ----
! {faq_block.faq_row.FAQ_QUESTION}
{faq_block.faq_row.FAQ_ANSWER}
{L_BACK_TO_TOP} |
|
diff -crN phpbb2011/templates/subSilver/login_body.tpl phpbb2017/templates/subSilver/login_body.tpl
*** phpbb2011/templates/subSilver/login_body.tpl Thu Nov 18 21:02:12 2004
--- phpbb2017/templates/subSilver/login_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 19,31 ****
| {L_USERNAME}: |
!
|
| {L_PASSWORD}: |
!
|
--- 19,31 ----
| {L_USERNAME}: |
!
|
| {L_PASSWORD}: |
!
|
diff -crN phpbb2011/templates/subSilver/overall_footer.tpl phpbb2017/templates/subSilver/overall_footer.tpl
*** phpbb2011/templates/subSilver/overall_footer.tpl Thu Nov 18 21:02:12 2004
--- phpbb2017/templates/subSilver/overall_footer.tpl Tue Jul 19 22:14:57 2005
***************
*** 4,16 ****
We request you retain the full copyright notice below including the link to www.phpbb.com.
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
! reason) retain the full copyright we request you at least leave in place the
! Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
! to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
! Powered by phpBB {PHPBB_VERSION} © 2001, 2002 phpBB Group
{TRANSLATION_INFO}
--- 4,16 ----
We request you retain the full copyright notice below including the link to www.phpbb.com.
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
! reason) retain the full copyright we request you at least leave in place the
! Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
! to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
! Powered by phpBB © 2001, 2005 phpBB Group
{TRANSLATION_INFO}
diff -crN phpbb2011/templates/subSilver/simple_footer.tpl phpbb2017/templates/subSilver/simple_footer.tpl
*** phpbb2011/templates/subSilver/simple_footer.tpl Thu Nov 18 21:02:12 2004
--- phpbb2017/templates/subSilver/simple_footer.tpl Tue Jul 19 22:14:58 2005
***************
*** 5,16 ****
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
reason) retain the full copyright we request you at least leave in place the
! Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
! Powered by phpBB {PHPBB_VERSION} © 2001,2002 phpBB Group
--- 5,16 ----
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
reason) retain the full copyright we request you at least leave in place the
! Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
! Powered by phpBB © 2001, 2005 phpBB Group
diff -crN phpbb2011/viewonline.php phpbb2017/viewonline.php
*** phpbb2011/viewonline.php Thu Nov 18 21:02:13 2004
--- phpbb2017/viewonline.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: viewonline.php,v 1.54.2.3 2004/07/11 16:46:17 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: viewonline.php,v 1.54.2.4 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 286,289 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 286,289 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb2011/viewtopic.php phpbb2017/viewtopic.php
*** phpbb2011/viewtopic.php Thu Nov 18 21:02:13 2004
--- phpbb2017/viewtopic.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: viewtopic.php,v 1.186.2.37 2004/11/18 17:49:39 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: viewtopic.php,v 1.186.2.43 2005/07/19 20:01:21 acydburn Exp $
*
*
***************************************************************************/
***************
*** 495,500 ****
--- 495,501 ----
unset($words);
$highlight = urlencode($HTTP_GET_VARS['highlight']);
+ $highlight_match = phpbb_rtrim($highlight_match, "\\");
}
//
***************
*** 988,995 ****
$quote = '' . $lang['Reply_with_quote'] . '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&showresults=posts");
! $search_img = '';
! $search = '' . $lang['Search_user_posts'] . '';
if ( ( $userdata['user_id'] == $poster_id && $is_auth['auth_edit'] ) || $is_auth['auth_mod'] )
{
--- 989,996 ----
$quote = '' . $lang['Reply_with_quote'] . '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&showresults=posts");
! $search_img = '';
! $search = '' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '';
if ( ( $userdata['user_id'] == $poster_id && $is_auth['auth_edit'] ) || $is_auth['auth_mod'] )
{
***************
*** 1048,1056 ****
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] )
{
! if ( $user_sig != '' && $userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
--- 1049,1057 ----
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] || !$userdata['user_allowhtml'])
{
! if ( $user_sig != '' )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
***************
*** 1106,1112 ****
{
// This was shamelessly 'borrowed' from volker at multiartstudio dot de
// via php.net's annotated manual
! $message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . $highlight_match . ")\b#i', '\\\\1', '\\0')", '>' . $message . '<'), 1, -1));
}
//
--- 1107,1113 ----
{
// This was shamelessly 'borrowed' from volker at multiartstudio dot de
// via php.net's annotated manual
! $message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . str_replace('\\', '\\\\', addslashes($highlight_match)) . ")\b#i', '\\\\1', '\\0')", '>' . $message . '<'), 1, -1));
}
//
***************
*** 1118,1127 ****
if ($user_sig != '')
{
! $user_sig = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace(\$orig_word, \$replacement_word, '\\0')", '>' . $user_sig . '<'), 1, -1));
}
! $message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace(\$orig_word, \$replacement_word, '\\0')", '>' . $message . '<'), 1, -1));
}
//
--- 1119,1128 ----
if ($user_sig != '')
{
! $user_sig = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace(\$orig_word, \$replacement_word, '\\0')", '>' . $user_sig . '<'), 1, -1));
}
! $message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace(\$orig_word, \$replacement_word, '\\0')", '>' . $message . '<'), 1, -1));
}
//
***************
*** 1212,1215 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 1213,1216 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file