diff -crN phpbb204/admin/admin_board.php phpbb2017/admin/admin_board.php
*** phpbb204/admin/admin_board.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_board.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_board.php,v 1.51.2.3 2002/12/19 17:17:39 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_board.php,v 1.51.2.9 2004/11/18 17:49:33 acydburn Exp $
*
*
***************************************************************************/
***************
*** 16,22 ****
if( !empty($setmodules) )
{
$file = basename(__FILE__);
! $module['General']['Configuration'] = "$file?mode=config";
return;
}
--- 16,22 ----
if( !empty($setmodules) )
{
$file = basename(__FILE__);
! $module['General']['Configuration'] = "$file";
return;
}
***************
*** 43,49 ****
{
$config_name = $row['config_name'];
$config_value = $row['config_value'];
! $default_config[$config_name] = $config_value;
$new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name];
--- 43,49 ----
{
$config_name = $row['config_name'];
$config_value = $row['config_value'];
! $default_config[$config_name] = isset($HTTP_POST_VARS['submit']) ? str_replace("'", "\'", $config_value) : $config_value;
$new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name];
***************
*** 97,102 ****
--- 97,105 ----
$activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? "checked=\"checked\"" : "";
$activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? "checked=\"checked\"" : "";
+ $confirm_yes = ($new['enable_confirm']) ? 'checked="checked"' : '';
+ $confirm_no = (!$new['enable_confirm']) ? 'checked="checked"' : '';
+
$board_email_form_yes = ( $new['board_email_form'] ) ? "checked=\"checked\"" : "";
$board_email_form_no = ( !$new['board_email_form'] ) ? "checked=\"checked\"" : "";
***************
*** 160,165 ****
--- 163,170 ----
"L_NONE" => $lang['Acc_None'],
"L_USER" => $lang['Acc_User'],
"L_ADMIN" => $lang['Acc_Admin'],
+ "L_VISUAL_CONFIRM" => $lang['Visual_confirm'],
+ "L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'],
"L_COOKIE_SETTINGS" => $lang['Cookie_settings'],
"L_COOKIE_SETTINGS_EXPLAIN" => $lang['Cookie_settings_explain'],
"L_COOKIE_DOMAIN" => $lang['Cookie_domain'],
***************
*** 247,252 ****
--- 252,260 ----
"ACTIVATION_USER_CHECKED" => $activation_user,
"ACTIVATION_ADMIN" => USER_ACTIVATION_ADMIN,
"ACTIVATION_ADMIN_CHECKED" => $activation_admin,
+ "CONFIRM_ENABLE" => $confirm_yes,
+ "CONFIRM_DISABLE" => $confirm_no,
+ "ACTIVATION_NONE_CHECKED" => $activation_none,
"BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes,
"BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no,
"MAX_POLL_OPTIONS" => $new['max_poll_options'],
diff -crN phpbb204/admin/admin_db_utilities.php phpbb2017/admin/admin_db_utilities.php
*** phpbb204/admin/admin_db_utilities.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_db_utilities.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_db_utilities.php,v 1.42.2.9 2002/12/21 19:09:56 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_db_utilities.php,v 1.42.2.11 2005/02/21 18:36:49 acydburn Exp $
*
****************************************************************************/
***************
*** 693,699 ****
include('./page_footer_admin.'.$phpEx);
}
! $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
--- 693,699 ----
include('./page_footer_admin.'.$phpEx);
}
! $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
***************
*** 701,706 ****
--- 701,708 ----
$gzipcompress = (!empty($HTTP_POST_VARS['gzipcompress'])) ? $HTTP_POST_VARS['gzipcompress'] : ( (!empty($HTTP_GET_VARS['gzipcompress'])) ? $HTTP_GET_VARS['gzipcompress'] : 0 );
+ $drop = (!empty($HTTP_POST_VARS['drop'])) ? intval($HTTP_POST_VARS['drop']) : ( (!empty($HTTP_GET_VARS['drop'])) ? intval($HTTP_GET_VARS['drop']) : 0 );
+
if(!empty($additional_tables))
{
if(ereg(",", $additional_tables))
***************
*** 856,862 ****
break;
case 'restore':
! if(!isset($restore_start))
{
//
// Define Template files...
--- 858,864 ----
break;
case 'restore':
! if(!isset($HTTP_POST_VARS['restore_start']))
{
//
// Define Template files...
diff -crN phpbb204/admin/admin_forumauth.php phpbb2017/admin/admin_forumauth.php
*** phpbb204/admin/admin_forumauth.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_forumauth.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forumauth.php,v 1.23.2.4 2002/05/21 16:52:08 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forumauth.php,v 1.23.2.5 2004/03/25 15:57:19 acydburn Exp $
*
*
***************************************************************************/
***************
*** 102,121 ****
{
if(isset($HTTP_POST_VARS['simpleauth']))
{
! $simple_ary = $simple_auth_ary[$HTTP_POST_VARS['simpleauth']];
for($i = 0; $i < count($simple_ary); $i++)
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
}
! $sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
}
else
{
for($i = 0; $i < count($forum_auth_fields); $i++)
{
! $value = $HTTP_POST_VARS[$forum_auth_fields[$i]];
if ( $forum_auth_fields[$i] == 'auth_vote' )
{
--- 102,124 ----
{
if(isset($HTTP_POST_VARS['simpleauth']))
{
! $simple_ary = $simple_auth_ary[intval($HTTP_POST_VARS['simpleauth'])];
for($i = 0; $i < count($simple_ary); $i++)
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
}
! if (is_array($simple_ary))
! {
! $sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
! }
}
else
{
for($i = 0; $i < count($forum_auth_fields); $i++)
{
! $value = intval($HTTP_POST_VARS[$forum_auth_fields[$i]]);
if ( $forum_auth_fields[$i] == 'auth_vote' )
{
diff -crN phpbb204/admin/admin_forums.php phpbb2017/admin/admin_forums.php
*** phpbb204/admin/admin_forums.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_forums.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forums.php,v 1.40.2.10 2003/01/05 02:36:00 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forums.php,v 1.40.2.12 2005/05/07 22:18:10 acydburn Exp $
*
***************************************************************************/
***************
*** 55,60 ****
--- 55,61 ----
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 232,237 ****
--- 233,239 ----
if( $mode == "addforum" )
{
list($cat_id) = each($HTTP_POST_VARS['addforum']);
+ $cat_id = intval($cat_id);
//
// stripslashes needs to be run on this because slashes are added when the forum name is posted
//
***************
*** 1023,1026 ****
include('./page_footer_admin.'.$phpEx);
! ?>
--- 1025,1028 ----
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/admin/admin_groups.php phpbb2017/admin/admin_groups.php
*** phpbb204/admin/admin_groups.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_groups.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_groups.php,v 1.25.2.5 2002/07/31 19:14:46 dougk_ff7 Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_groups.php,v 1.25.2.9 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
***************
*** 43,54 ****
}
else
{
! $group_id = '';
}
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
}
else
{
--- 43,55 ----
}
else
{
! $group_id = 0;
}
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 171,176 ****
--- 172,227 ----
//
if ( isset($HTTP_POST_VARS['group_delete']) )
{
+ //
+ // Reset User Moderator Level
+ //
+
+ // Is Group moderating a forum ?
+ $sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . "
+ WHERE group_id = " . $group_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select auth_access', '', __LINE__, __FILE__, $sql);
+ }
+
+ $row = $db->sql_fetchrow($result);
+ if (intval($row['auth_mod']) == 1)
+ {
+ // Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums
+ $sql = "SELECT user_id FROM " . USER_GROUP_TABLE . "
+ WHERE group_id = " . $group_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select user_group', '', __LINE__, __FILE__, $sql);
+ }
+
+ $rows = $db->sql_fetchrowset($result);
+ for ($i = 0; $i < count($rows); $i++)
+ {
+ $sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
+ WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id)
+ AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain moderator permissions', '', __LINE__, __FILE__, $sql);
+ }
+
+ if ($db->sql_numrows($result) == 0)
+ {
+ $sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . "
+ WHERE user_level = " . MOD . " AND user_id = " . intval($rows[$i]['user_id']);
+
+ if ( !$db->sql_query($sql) )
+ {
+ message_die(GENERAL_ERROR, 'Could not update moderator permissions', '', __LINE__, __FILE__, $sql);
+ }
+ }
+ }
+ }
+
+ //
+ // Delete Group
+ //
$sql = "DELETE FROM " . GROUPS_TABLE . "
WHERE group_id = " . $group_id;
if ( !$db->sql_query($sql) )
***************
*** 213,219 ****
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
! $this_userdata = get_userdata($group_moderator);
$group_moderator = $this_userdata['user_id'];
if ( !$group_moderator )
--- 264,270 ----
message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
}
! $this_userdata = get_userdata($group_moderator, true);
$group_moderator = $this_userdata['user_id'];
if ( !$group_moderator )
diff -crN phpbb204/admin/admin_mass_email.php phpbb2017/admin/admin_mass_email.php
*** phpbb204/admin/admin_mass_email.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_mass_email.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_mass_email.php,v 1.15.2.5 2002/05/20 00:52:18 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_mass_email.php,v 1.15.2.7 2003/05/03 23:24:01 acydburn Exp $
*
****************************************************************************/
***************
*** 79,88 ****
if ( $row = $db->sql_fetchrow($result) )
{
! $bcc_list = '';
do
{
! $bcc_list .= ( ( $bcc_list != '' ) ? ', ' : '' ) . $row['user_email'];
}
while ( $row = $db->sql_fetchrow($result) );
--- 79,88 ----
if ( $row = $db->sql_fetchrow($result) )
{
! $bcc_list = array();
do
{
! $bcc_list[] = $row['user_email'];
}
while ( $row = $db->sql_fetchrow($result) );
***************
*** 116,127 ****
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'Return-Path: ' . $userdata['board_email'] . "\nFrom: " . $board_config['board_email'] . "\n";
! $email_headers .= 'X-AntiAbuse: Board servername - ' . $board_config['server_name'] . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
- $email_headers .= "Bcc: $bcc_list\n";
$emailer->use_template('admin_send_email');
$emailer->email_address($board_config['board_email']);
--- 116,133 ----
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
!
! for ($i = 0; $i < count($bcc_list); $i++)
! {
! $emailer->bcc($bcc_list[$i]);
! }
!
! $email_headers = 'X-AntiAbuse: Board servername - ' . $board_config['server_name'] . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
$emailer->use_template('admin_send_email');
$emailer->email_address($board_config['board_email']);
diff -crN phpbb204/admin/admin_ranks.php phpbb2017/admin/admin_ranks.php
*** phpbb204/admin/admin_ranks.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_ranks.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ranks.php,v 1.13.2.3 2002/11/28 00:11:39 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ranks.php,v 1.13.2.4 2004/03/25 15:57:20 acydburn Exp $
*
***************************************************************************/
***************
*** 38,43 ****
--- 38,44 ----
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
diff -crN phpbb204/admin/admin_smilies.php phpbb2017/admin/admin_smilies.php
*** phpbb204/admin/admin_smilies.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_smilies.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_smilies.php,v 1.22.2.12 2002/12/22 15:34:01 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_smilies.php,v 1.22.2.14 2005/05/06 20:50:09 acydburn Exp $
*
****************************************************************************/
***************
*** 57,62 ****
--- 57,63 ----
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 313,318 ****
--- 314,320 ----
//
$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $smiley_id = intval($smiley_id);
$sql = "DELETE FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
***************
*** 333,338 ****
--- 335,341 ----
//
$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $smiley_id = intval($smiley_id);
$sql = "SELECT *
FROM " . SMILIES_TABLE . "
***************
*** 444,449 ****
--- 447,455 ----
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+ $smile_code = trim($smile_code);
+ $smile_url = trim($smile_url);
+ $smile_emotion = trim($smile_emotion);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
***************
*** 550,553 ****
//
include('./page_footer_admin.'.$phpEx);
! ?>
--- 556,559 ----
//
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/admin/admin_styles.php phpbb2017/admin/admin_styles.php
*** phpbb204/admin/admin_styles.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_styles.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_styles.php,v 1.27.2.9 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_styles.php,v 1.27.2.14 2005/03/17 17:33:30 acydburn Exp $
*
*
***************************************************************************/
***************
*** 39,54 ****
// Check if the user has cancled a confirmation message.
//
$phpbb_root_path = "./../";
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
! if (empty($HTTP_POST_VARS['send_file']))
! {
! $no_page_header = ( $cancel ) ? TRUE : FALSE;
! require($phpbb_root_path . 'extension.inc');
! require('./pagestart.' . $phpEx);
! }
if ($cancel)
{
--- 39,55 ----
// Check if the user has cancled a confirmation message.
//
$phpbb_root_path = "./../";
+ require($phpbb_root_path . 'extension.inc');
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
! $no_page_header = (!empty($HTTP_POST_VARS['send_file']) || $cancel) ? TRUE : FALSE;
!
! require('./pagestart.' . $phpEx);
!
! $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
! $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
if ($cancel)
{
***************
*** 58,63 ****
--- 59,65 ----
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 73,79 ****
if( isset($install_to) )
{
! include($phpbb_root_path. "templates/" . $install_to . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
--- 75,81 ----
if( isset($install_to) )
{
! include($phpbb_root_path. "templates/" . basename($install_to) . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
***************
*** 490,496 ****
$themes_title = $lang['Edit_theme'];
$themes_explain = $lang['Edit_theme_explain'];
! $style_id = $HTTP_GET_VARS['style_id'];
$selected_names = array();
$selected_values = array();
--- 492,498 ----
$themes_title = $lang['Edit_theme'];
$themes_explain = $lang['Edit_theme_explain'];
! $style_id = intval($HTTP_GET_VARS['style_id']);
$selected_names = array();
$selected_values = array();
***************
*** 705,711 ****
$sql = "SELECT *
FROM " . THEMES_TABLE . "
! WHERE template_name = '$template_name'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get theme data for selected template", "", __LINE__, __FILE__, $sql);
--- 707,713 ----
$sql = "SELECT *
FROM " . THEMES_TABLE . "
! WHERE template_name = '" . str_replace("\'", "''", $template_name) . "'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get theme data for selected template", "", __LINE__, __FILE__, $sql);
***************
*** 737,743 ****
@umask(0111);
! $fp = @fopen($phpbb_root_path . 'templates/' . $template_name . '/theme_info.cfg', 'w');
if( !$fp )
{
--- 739,745 ----
@umask(0111);
! $fp = @fopen($phpbb_root_path . 'templates/' . basename($template_name) . '/theme_info.cfg', 'w');
if( !$fp )
{
diff -crN phpbb204/admin/admin_ug_auth.php phpbb2017/admin/admin_ug_auth.php
*** phpbb204/admin/admin_ug_auth.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_ug_auth.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ug_auth.php,v 1.13.2.2 2002/05/12 15:57:44 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ug_auth.php,v 1.13.2.9 2005/07/19 20:01:05 acydburn Exp $
*
*
***************************************************************************/
***************
*** 54,59 ****
--- 54,64 ----
}
}
+ $user_id = intval($user_id);
+ $group_id = intval($group_id);
+ $adv = intval($adv);
+ $mode = htmlspecialchars($mode);
+
//
// Start program - define vars
//
***************
*** 409,414 ****
--- 414,420 ----
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
WHERE ug.group_id = aa.group_id
AND u.user_id = ug.user_id
+ AND ug.user_pending = 0
AND u.user_level NOT IN (" . MOD . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) > 0";
***************
*** 503,508 ****
--- 509,556 ----
}
}
+ $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
+ WHERE group_id = $group_id";
+ $result = $db->sql_query($sql);
+
+ $group_user = array();
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $group_user[$row['user_id']] = $row['user_id'];
+ }
+ $db->sql_freeresult($result);
+
+ $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod
+ FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
+ WHERE ug.user_id IN (" . implode(', ', $group_user) . ")
+ AND aa.group_id = ug.group_id
+ AND aa.auth_mod = 1
+ GROUP BY ug.user_id";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
+ }
+
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['is_auth_mod'])
+ {
+ unset($group_user[$row['user_id']]);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ if (sizeof($group_user))
+ {
+ $sql = "UPDATE " . USERS_TABLE . "
+ SET user_level = " . USER . "
+ WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
+ }
+ }
+
message_die(GENERAL_MESSAGE, $message);
}
}
***************
*** 510,516 ****
{
if ( isset($HTTP_POST_VARS['username']) )
{
! $this_userdata = get_userdata($HTTP_POST_VARS['username']);
if ( !is_array($this_userdata) )
{
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
--- 558,564 ----
{
if ( isset($HTTP_POST_VARS['username']) )
{
! $this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
if ( !is_array($this_userdata) )
{
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
***************
*** 521,529 ****
//
// Front end
//
! $sql = "SELECT *
! FROM " . FORUMS_TABLE . " f
! ORDER BY forum_order";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
--- 569,578 ----
//
// Front end
//
! $sql = "SELECT f.*
! FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
! WHERE f.cat_id = c.cat_id
! ORDER BY c.cat_order, f.forum_order ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
***************
*** 556,562 ****
}
}
! $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
--- 605,611 ----
}
}
! $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user, ug.user_pending FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 759,765 ****
$i++;
}
! @reset($auth_user);
if ( $mode == 'user' )
{
--- 808,814 ----
$i++;
}
! // @reset($auth_user);
if ( $mode == 'user' )
{
***************
*** 784,795 ****
if( count($name) )
{
! $t_usergroup_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&' . POST_GROUPS_URL : 'user&' . POST_USERS_URL;
! $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
}
}
else
--- 833,851 ----
if( count($name) )
{
! $t_usergroup_list = $t_pending_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&' . POST_GROUPS_URL : 'user&' . POST_USERS_URL;
! if (!$ug_info[$i]['user_pending'])
! {
! $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
! }
! else
! {
! $t_pending_list .= ( ( $t_pending_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
! }
}
}
else
***************
*** 852,858 ****
$template->assign_vars(array(
'USERNAME' => $t_groupname,
! 'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list)
);
}
--- 908,914 ----
$template->assign_vars(array(
'USERNAME' => $t_groupname,
! 'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list . '
' . $lang['Pending_members'] . ' : ' . $t_pending_list)
);
}
diff -crN phpbb204/admin/admin_user_ban.php phpbb2017/admin/admin_user_ban.php
*** phpbb204/admin/admin_user_ban.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_user_ban.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_user_ban.php,v 1.21.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_user_ban.php,v 1.21.2.5 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
***************
*** 49,55 ****
$user_list = array();
if ( !empty($HTTP_POST_VARS['username']) )
{
! $this_userdata = get_userdata($HTTP_POST_VARS['username']);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
--- 49,55 ----
$user_list = array();
if ( !empty($HTTP_POST_VARS['username']) )
{
! $this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
***************
*** 155,161 ****
// contained in the annotated php manual at php.com (ereg
// section)
//
! if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) )
{
$email_list[] = trim($email_list_temp[$i]);
}
--- 155,161 ----
// contained in the annotated php manual at php.com (ereg
// section)
//
! if (preg_match('#^(([a-z0-9&.-_+])|(\*))+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$#is', trim($email_list_temp[$i])))
{
$email_list[] = trim($email_list_temp[$i]);
}
***************
*** 277,283 ****
{
if ( $user_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $user_list[$i];
}
}
}
--- 277,283 ----
{
if ( $user_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($user_list[$i]);
}
}
}
***************
*** 290,296 ****
{
if ( $ip_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $ip_list[$i];
}
}
}
--- 290,296 ----
{
if ( $ip_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $ip_list[$i]);
}
}
}
***************
*** 303,309 ****
{
if ( $email_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $email_list[$i];
}
}
}
--- 303,309 ----
{
if ( $email_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $email_list[$i]);
}
}
}
diff -crN phpbb204/admin/admin_users.php phpbb2017/admin/admin_users.php
*** phpbb204/admin/admin_users.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_users.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_users.php,v 1.57.2.17 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_users.php,v 1.57.2.27 2005/07/19 20:01:07 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,36 ****
return;
}
! $phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/bbcode.'.$phpEx);
--- 30,36 ----
return;
}
! $phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/bbcode.'.$phpEx);
***************
*** 47,52 ****
--- 47,53 ----
if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
{
$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 56,69 ****
//
// Begin program
//
! if( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) )
{
//
// Ok, the profile has been modified and submitted, let's update
//
! if( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
{
! $user_id = intval( $HTTP_POST_VARS['id'] );
if (!($this_userdata = get_userdata($user_id)))
{
--- 57,70 ----
//
// Begin program
//
! if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) )
{
//
// Ok, the profile has been modified and submitted, let's update
//
! if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
{
! $user_id = intval($HTTP_POST_VARS['id']);
if (!($this_userdata = get_userdata($user_id)))
{
***************
*** 85,91 ****
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
! SET poster_id = " . DELETED . ", post_username = '$username'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
--- 86,92 ----
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
! SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
***************
*** 216,222 ****
message_die(GENERAL_MESSAGE, $message);
}
! $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
--- 217,223 ----
message_die(GENERAL_MESSAGE, $message);
}
! $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
***************
*** 304,327 ****
$error = FALSE;
! if( stripslashes($username) != $this_userdata['username'] )
{
unset($rename_user);
! $result = validate_username($username);
! if ( $result['error'] )
{
! $error = TRUE;
! $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $result['error_msg'];
}
! else
{
! $username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
$rename_user = $username; // Used for renaming usergroup
}
}
! $passwd_sql = "";
if( !empty($password) && !empty($password_confirm) )
{
//
--- 305,337 ----
$error = FALSE;
! if (stripslashes($username) != $this_userdata['username'])
{
unset($rename_user);
! if ( stripslashes(strtolower($username)) != strtolower($this_userdata['username']) )
{
! $result = validate_username($username);
! if ( $result['error'] )
! {
! $error = TRUE;
! $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $result['error_msg'];
! }
! else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) )
! {
! $error = TRUE;
! $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Username_taken'];
! }
}
!
! if (!$error)
{
! $username_sql = "username = '" . str_replace("\\'", "''", $username) . "', ";
$rename_user = $username; // Used for renaming usergroup
}
}
! $passwd_sql = '';
if( !empty($password) && !empty($password_confirm) )
{
//
***************
*** 349,355 ****
$error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Password_mismatch'];
}
! if( $signature != "" )
{
$sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
if ( $allowhtml )
--- 359,365 ----
$error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Password_mismatch'];
}
! if ($signature != '')
{
$sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
if ( $allowhtml )
***************
*** 653,664 ****
{
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_name = '".str_replace("\'", "''", $rename_user)."'
! WHERE group_name = '".str_replace("\'", "''", $this_userdata['username'] )."'";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql);
}
}
$message .= $lang['Admin_user_updated'];
}
else
--- 663,687 ----
{
$sql = "UPDATE " . GROUPS_TABLE . "
SET group_name = '".str_replace("\'", "''", $rename_user)."'
! WHERE group_name = '".str_replace("'", "''", $this_userdata['username'] )."'";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql);
}
}
+
+ // Delete user session, to prevent the user navigating the forum (if logged in) when disabled
+ if (!$user_status)
+ {
+ $sql = "DELETE FROM " . SESSIONS_TABLE . "
+ WHERE session_user_id = " . $user_id;
+
+ if ( !$db->sql_query($sql) )
+ {
+ message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
+ }
+ }
+
$message .= $lang['Admin_user_updated'];
}
else
***************
*** 716,722 ****
}
else
{
! $this_userdata = get_userdata(htmlspecialchars($HTTP_POST_VARS['username']));
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
--- 739,745 ----
}
else
{
! $this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
***************
*** 727,733 ****
// Now parse and display it as a template
//
$user_id = $this_userdata['user_id'];
! $username = htmlspecialchars($this_userdata['username']);
$email = $this_userdata['user_email'];
$password = '';
$password_confirm = '';
--- 750,756 ----
// Now parse and display it as a template
//
$user_id = $this_userdata['user_id'];
! $username = $this_userdata['username'];
$email = $this_userdata['user_email'];
$password = '';
$password_confirm = '';
***************
*** 816,822 ****
if( isset($HTTP_POST_VARS['avatarcategory']) )
{
! $category = $HTTP_POST_VARS['avatarcategory'];
}
else
{
--- 839,845 ----
if( isset($HTTP_POST_VARS['avatarcategory']) )
{
! $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
}
else
{
***************
*** 1127,1130 ****
include('./page_footer_admin.'.$phpEx);
! ?>
--- 1150,1153 ----
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/admin/admin_words.php phpbb2017/admin/admin_words.php
*** phpbb204/admin/admin_words.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/admin_words.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_words.php,v 1.10.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_words.php,v 1.10.2.3 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
***************
*** 39,44 ****
--- 39,45 ----
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 63,69 ****
{
if( $mode == "edit" || $mode == "add" )
{
! $word_id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : 0;
$template->set_filenames(array(
"body" => "admin/words_edit_body.tpl")
--- 64,70 ----
{
if( $mode == "edit" || $mode == "add" )
{
! $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
$template->set_filenames(array(
"body" => "admin/words_edit_body.tpl")
***************
*** 113,119 ****
}
else if( $mode == "save" )
{
! $word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : 0;
$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";
$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";
--- 114,120 ----
}
else if( $mode == "save" )
{
! $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";
$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";
***************
*** 150,155 ****
--- 151,157 ----
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $word_id = intval($word_id);
}
else
{
diff -crN phpbb204/admin/index.php phpbb2017/admin/index.php
*** phpbb204/admin/index.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/index.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.40.2.3 2003/01/07 20:51:34 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.40.2.7 2005/02/21 18:37:02 acydburn Exp $
*
*
***************************************************************************/
***************
*** 132,137 ****
--- 132,138 ----
"L_ADMIN_INTRO" => $lang['Admin_intro'],
"L_FORUM_STATS" => $lang['Forum_stats'],
"L_WHO_IS_ONLINE" => $lang['Who_is_Online'],
+ "L_USERNAME" => $lang['Username'],
"L_LOCATION" => $lang['Location'],
"L_LAST_UPDATE" => $lang['Last_updated'],
"L_IP_ADDRESS" => $lang['IP_Address'],
***************
*** 331,337 ****
WHERE s.session_logged_in = " . TRUE . "
AND u.user_id = s.session_user_id
AND u.user_id <> " . ANONYMOUS . "
! AND u.user_session_time >= " . ( time() - 300 ) . "
ORDER BY u.user_session_time DESC";
if(!$result = $db->sql_query($sql))
{
--- 332,338 ----
WHERE s.session_logged_in = " . TRUE . "
AND u.user_id = s.session_user_id
AND u.user_id <> " . ANONYMOUS . "
! AND s.session_time >= " . ( time() - 300 ) . "
ORDER BY u.user_session_time DESC";
if(!$result = $db->sql_query($sql))
{
***************
*** 454,460 ****
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $reg_ip,
! "U_WHOIS_IP" => "http://www.geektools.com/cgi-bin/proxy.cgi?query=$reg_ip&targetnic=auto",
"U_USER_PROFILE" => append_sid("admin_users.$phpEx?mode=edit&" . POST_USERS_URL . "=" . $onlinerow_reg[$i]['user_id']),
"U_FORUM_LOCATION" => append_sid($location_url))
);
--- 455,461 ----
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $reg_ip,
! "U_WHOIS_IP" => "http://network-tools.com/default.asp?host=$reg_ip",
"U_USER_PROFILE" => append_sid("admin_users.$phpEx?mode=edit&" . POST_USERS_URL . "=" . $onlinerow_reg[$i]['user_id']),
"U_FORUM_LOCATION" => append_sid($location_url))
);
***************
*** 546,552 ****
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $guest_ip,
! "U_WHOIS_IP" => "http://www.geektools.com/cgi-bin/proxy.cgi?query=$guest_ip&targetnic=auto",
"U_FORUM_LOCATION" => append_sid($location_url))
);
}
--- 547,553 ----
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $guest_ip,
! "U_WHOIS_IP" => "http://network-tools.com/default.asp?host=$guest_ip",
"U_FORUM_LOCATION" => append_sid($location_url))
);
}
***************
*** 558,563 ****
--- 559,629 ----
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}
+
+ // Check for new version
+ $current_version = explode('.', '2' . $board_config['version']);
+ $minor_revision = (int) $current_version[2];
+
+ $errno = 0;
+ $errstr = $version_info = '';
+
+ if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
+ {
+ @fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
+ @fputs($fsock, "HOST: www.phpbb.com\r\n");
+ @fputs($fsock, "Connection: close\r\n\r\n");
+
+ $get_info = false;
+ while (!@feof($fsock))
+ {
+ if ($get_info)
+ {
+ $version_info .= @fread($fsock, 1024);
+ }
+ else
+ {
+ if (@fgets($fsock, 1024) == "\r\n")
+ {
+ $get_info = true;
+ }
+ }
+ }
+ @fclose($fsock);
+
+ $version_info = explode("\n", $version_info);
+ $latest_head_revision = (int) $version_info[0];
+ $latest_minor_revision = (int) $version_info[2];
+ $latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
+
+ if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
+ {
+ $version_info = '' . $lang['Version_up_to_date'] . '
';
+ }
+ else
+ {
+ $version_info = '' . $lang['Version_not_up_to_date'];
+ $version_info .= '
' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '
';
+ }
+ }
+ else
+ {
+ if ($errstr)
+ {
+ $version_info = '' . sprintf($lang['Connect_socket_error'], $errstr) . '
';
+ }
+ else
+ {
+ $version_info = '' . $lang['Socket_functions_disabled'] . '
';
+ }
+ }
+
+ $version_info .= '' . $lang['Mailing_list_subscribe_reminder'] . '
';
+
+
+ $template->assign_vars(array(
+ 'VERSION_INFO' => $version_info,
+ 'L_VERSION_INFORMATION' => $lang['Version_information'])
+ );
$template->pparse("body");
diff -crN phpbb204/admin/page_footer_admin.php phpbb2017/admin/page_footer_admin.php
*** phpbb204/admin/page_footer_admin.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/page_footer_admin.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_footer_admin.php,v 1.9.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_footer_admin.php,v 1.9.2.3 2005/04/15 20:15:47 acydburn Exp $
*
*
***************************************************************************/
***************
*** 33,39 ****
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
--- 33,39 ----
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => ($userdata['user_level'] == ADMIN && $userdata['user_id'] != ANONYMOUS) ? '2' . $board_config['version'] : '',
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
diff -crN phpbb204/admin/page_header_admin.php phpbb2017/admin/page_header_admin.php
*** phpbb204/admin/page_header_admin.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/page_header_admin.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header_admin.php,v 1.12.2.3 2002/12/10 11:13:58 bartvb Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header_admin.php,v 1.12.2.6 2005/03/26 14:15:59 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
{
$phpver = phpversion();
! $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
--- 35,41 ----
{
$phpver = phpversion();
! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
***************
*** 64,69 ****
--- 64,73 ----
'header' => 'admin/page_header.tpl')
);
+ // Format Timezone. We are unable to use array_pop here, because of PHP3 compatibility
+ $l_timezone = explode('.', $board_config['board_timezone']);
+ $l_timezone = (count($l_timezone) > 1 && $l_timezone[count($l_timezone)-1] != 0) ? $lang[sprintf('%.1f', $board_config['board_timezone'])] : $lang[number_format($board_config['board_timezone'])];
+
//
// The following assigns all _common_ variables that may be used at any point
// in a template. Note that all URL's should be wrapped in append_sid, as
***************
*** 79,85 ****
'U_INDEX' => append_sid('../index.'.$phpEx),
! 'S_TIMEZONE' => sprintf($lang['All_times'], $lang[$board_config['board_timezone']]),
'S_LOGIN_ACTION' => append_sid('../login.'.$phpEx),
'S_JUMPBOX_ACTION' => append_sid('../viewforum.'.$phpEx),
'S_CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),
--- 83,89 ----
'U_INDEX' => append_sid('../index.'.$phpEx),
! 'S_TIMEZONE' => sprintf($lang['All_times'], $l_timezone),
'S_LOGIN_ACTION' => append_sid('../login.'.$phpEx),
'S_JUMPBOX_ACTION' => append_sid('../viewforum.'.$phpEx),
'S_CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),
diff -crN phpbb204/admin/pagestart.php phpbb2017/admin/pagestart.php
*** phpbb204/admin/pagestart.php Sat Jul 10 20:16:21 2004
--- phpbb2017/admin/pagestart.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: pagestart.php,v 1.1.2.4 2002/11/30 21:37:43 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: pagestart.php,v 1.1.2.9 2005/06/26 14:39:30 acydburn Exp $
*
*
***************************************************************************/
***************
*** 40,46 ****
if (!$userdata['session_logged_in'])
{
! redirect(append_sid("login.$phpEx?redirect=admin/", true));
}
else if ($userdata['user_level'] != ADMIN)
{
--- 40,46 ----
if (!$userdata['session_logged_in'])
{
! redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx", true));
}
else if ($userdata['user_level'] != ADMIN)
{
***************
*** 49,59 ****
if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
{
! $url = preg_replace('/sid=([^&]*)(&?)/i', '', $HTTP_SERVER_VARS['REQUEST_URI']);
$url = preg_replace('/\?$/', '', $url);
$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];
! redirect($url);
}
if (empty($no_page_header))
--- 49,67 ----
if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
{
! $url = str_replace(preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name'])), '', $HTTP_SERVER_VARS['REQUEST_URI']);
! $url = str_replace(preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path'])), '', $url);
! $url = str_replace('//', '/', $url);
! $url = preg_replace('/sid=([^&]*)(&?)/i', '', $url);
$url = preg_replace('/\?$/', '', $url);
$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];
! redirect("index.$phpEx?sid=" . $userdata['session_id']);
! }
!
! if (!$userdata['session_admin'])
! {
! redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true));
}
if (empty($no_page_header))
diff -crN phpbb204/common.php phpbb2017/common.php
*** phpbb204/common.php Sat Jul 10 20:16:22 2004
--- phpbb2017/common.php Tue Jul 19 22:14:58 2005
***************
*** 6,13 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: common.php,v 1.74.2.5 2002/12/17 23:59:37 psotfx Exp $
! *
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: common.php,v 1.74.2.17 2005/02/21 19:29:30 acydburn Exp $
*
***************************************************************************/
***************
*** 25,33 ****
--- 24,105 ----
die("Hacking attempt");
}
+ //
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
+ // The following code (unsetting globals) was contributed by Matt Kavanagh
+
+ // PHP5 with register_long_arrays off?
+ if (!isset($HTTP_POST_VARS) && isset($_POST))
+ {
+ $HTTP_POST_VARS = $_POST;
+ $HTTP_GET_VARS = $_GET;
+ $HTTP_SERVER_VARS = $_SERVER;
+ $HTTP_COOKIE_VARS = $_COOKIE;
+ $HTTP_ENV_VARS = $_ENV;
+ $HTTP_POST_FILES = $_FILES;
+
+ // _SESSION is the only superglobal which is conditionally set
+ if (isset($_SESSION))
+ {
+ $HTTP_SESSION_VARS = $_SESSION;
+ }
+ }
+
+ if (@phpversion() < '4.0.0')
+ {
+ // PHP3 path; in PHP3, globals are _always_ registered
+
+ // We 'flip' the array of variables to test like this so that
+ // we can validate later with isset($test[$var]) (no in_array())
+ $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
+
+ // Loop through each input array
+ @reset($test);
+ while (list($input,) = @each($test))
+ {
+ while (list($var,) = @each($$input))
+ {
+ // Validate the variable to be unset
+ if (!isset($test[$var]) && $var != 'test' && $var != 'input')
+ {
+ unset($$var);
+ }
+ }
+ }
+ }
+ else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
+ {
+ // PHP4+ path
+ $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
+
+ // Not only will array_merge give a warning if a parameter
+ // is not an array, it will actually fail. So we check if
+ // HTTP_SESSION_VARS has been initialised.
+ if (!isset($HTTP_SESSION_VARS))
+ {
+ $HTTP_SESSION_VARS = array();
+ }
+
+ // Merge all into one extremely huge array; unset
+ // this later
+ $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
+
+ unset($input['input']);
+ unset($input['not_unset']);
+
+ while (list($var,) = @each($input))
+ {
+ if (!in_array($var, $not_unset))
+ {
+ unset($$var);
+ }
+ }
+
+ unset($input);
+ }
+
//
// addslashes to vars if magic_quotes_gpc is off
// this is a security precaution to prevent someone
***************
*** 106,111 ****
--- 178,184 ----
$theme = array();
$images = array();
$lang = array();
+ $nav_links = array();
$gen_simple_header = FALSE;
include($phpbb_root_path . 'config.'.$phpEx);
***************
*** 124,167 ****
include($phpbb_root_path . 'includes/db.'.$phpEx);
//
- // Mozilla navigation bar
- // Default items that should be valid on all pages.
- // Defined here and not in page_header.php so they can be redefined in the code
- //
- $nav_links['top'] = array (
- 'url' => append_sid($phpbb_root_dir."index.".$phpEx),
- 'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
- );
- $nav_links['search'] = array (
- 'url' => append_sid($phpbb_root_dir."search.".$phpEx),
- 'title' => $lang['Search']
- );
- $nav_links['help'] = array (
- 'url' => append_sid($phpbb_root_dir."faq.".$phpEx),
- 'title' => $lang['FAQ']
- );
- $nav_links['author'] = array (
- 'url' => append_sid($phpbb_root_dir."memberlist.".$phpEx),
- 'title' => $lang['Memberlist']
- );
-
- //
// Obtain and encode users IP
//
! if( getenv('HTTP_X_FORWARDED_FOR') != '' )
! {
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
!
! if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
! {
! $private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10.\.*/', '/^224.\.*/', '/^240.\.*/');
! $client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
! }
! }
! else
! {
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
! }
$user_ip = encode_ip($client_ip);
//
--- 197,210 ----
include($phpbb_root_path . 'includes/db.'.$phpEx);
//
// Obtain and encode users IP
//
! // I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
! // private range IP's appearing instead of the guilty routable IP, tough, don't
! // even bother complaining ... go scream and shout at the idiots out there who feel
! // "clever" is doing harm rather than good ... karma is a great thing ... :)
! //
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
$user_ip = encode_ip($client_ip);
//
diff -crN phpbb204/db/oracle.php phpbb2017/db/oracle.php
*** phpbb204/db/oracle.php Sat Jul 10 20:16:21 2004
--- phpbb2017/db/oracle.php Thu Jan 1 01:00:00 1970
***************
*** 1,472 ****
- persistency = $persistency;
- $this->user = $sqluser;
- $this->password = $sqlpassword;
- $this->server = $sqlserver;
- $this->dbname = $database;
-
- if($this->persistency)
- {
- $this->db_connect_id = @OCIPLogon($this->user, $this->password, $this->server);
- }
- else
- {
- $this->db_connect_id = @OCINLogon($this->user, $this->password, $this->server);
- }
- if($this->db_connect_id)
- {
- return $this->db_connect_id;
- }
- else
- {
- return false;
- }
- }
-
- //
- // Other base methods
- //
- function sql_close()
- {
- if($this->db_connect_id)
- {
- // Commit outstanding transactions
- if($this->in_transaction)
- {
- OCICommit($this->db_connect_id);
- }
-
- if($this->query_result)
- {
- @OCIFreeStatement($this->query_result);
- }
- $result = @OCILogoff($this->db_connect_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
-
- //
- // Base query method
- //
- function sql_query($query = "", $transaction = FALSE)
- {
- // Remove any pre-existing queries
- unset($this->query_result);
-
- // Put us in transaction mode because with Oracle as soon as you make a query you're in a transaction
- $this->in_transaction = TRUE;
-
- if($query != "")
- {
- $this->last_query = $query;
- $this->num_queries++;
-
- if(eregi("LIMIT", $query))
- {
- preg_match("/^(.*)LIMIT ([0-9]+)[, ]*([0-9]+)*/s", $query, $limits);
-
- $query = $limits[1];
- if($limits[3])
- {
- $row_offset = $limits[2];
- $num_rows = $limits[3];
- }
- else
- {
- $row_offset = 0;
- $num_rows = $limits[2];
- }
- }
-
- if(eregi("^(INSERT|UPDATE) ", $query))
- {
- $query = preg_replace("/\\\'/s", "''", $query);
- }
-
- $this->query_result = @OCIParse($this->db_connect_id, $query);
- $success = @OCIExecute($this->query_result, OCI_DEFAULT);
- }
- if($success)
- {
- if($transaction == END_TRANSACTION)
- {
- OCICommit($this->db_connect_id);
- $this->in_transaction = FALSE;
- }
-
- unset($this->row[$this->query_result]);
- unset($this->rowset[$this->query_result]);
- $this->last_query_text[$this->query_result] = $query;
-
- return $this->query_result;
- }
- else
- {
- if($this->in_transaction)
- {
- OCIRollback($this->db_connect_id);
- }
- return false;
- }
- }
-
- //
- // Other query methods
- //
- function sql_numrows($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIFetchStatement($query_id, $this->rowset);
- // OCIFetchStatment kills our query result so we have to execute the statment again
- // if we ever want to use the query_id again.
- @OCIExecute($query_id, OCI_DEFAULT);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_affectedrows($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIRowCount($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_numfields($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCINumCols($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fieldname($offset, $query_id = 0)
- {
- // OCIColumnName uses a 1 based array so we have to up the offset by 1 in here to maintain
- // full abstraction compatibitly
- $offset += 1;
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = strtolower(@OCIColumnName($query_id, $offset));
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fieldtype($offset, $query_id = 0)
- {
- // This situation is the same as fieldname
- $offset += 1;
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIColumnType($query_id, $offset);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fetchrow($query_id = 0, $debug = FALSE)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result_row = "";
- $result = @OCIFetchInto($query_id, $result_row, OCI_ASSOC+OCI_RETURN_NULLS);
- if($debug)
- {
- echo "Query was: ".$this->last_query . "
";
- echo "Result: $result
";
- echo "Query ID: $query_id
";
- echo "";
- var_dump($result_row);
- echo "
";
- }
- if($result_row == "")
- {
- return false;
- }
-
- for($i = 0; $i < count($result_row); $i++)
- {
- list($key, $val) = each($result_row);
- $return_arr[strtolower($key)] = $val;
- }
- $this->row[$query_id] = $return_arr;
-
- return $this->row[$query_id];
- }
- else
- {
- return false;
- }
- }
- // This function probably isn't as efficant is it could be but any other way I do it
- // I end up losing 1 row...
- function sql_fetchrowset($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $rows = @OCIFetchStatement($query_id, $results);
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rows; $i++)
- {
- @OCIFetchInto($query_id, $tmp_result, OCI_ASSOC+OCI_RETURN_NULLS);
-
- for($j = 0; $j < count($tmp_result); $j++)
- {
- list($key, $val) = each($tmp_result);
- $return_arr[strtolower($key)] = $val;
- }
- $result[] = $return_arr;
- }
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fetchfield($field, $rownum = -1, $query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- if($rownum > -1)
- {
- // Reset the internal rownum pointer.
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rownum; $i++)
- {
- // Move the interal pointer to the row we want
- @OCIFetch($query_id);
- }
- // Get the field data.
- $result = @OCIResult($query_id, strtoupper($field));
- }
- else
- {
- // The internal pointer should be where we want it
- // so we just grab the field out of the current row.
- $result = @OCIResult($query_id, strtoupper($field));
- }
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_rowseek($rownum, $query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rownum; $i++)
- {
- @OCIFetch($query_id);
- }
- $result = @OCIFetch($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_nextid($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id && $this->last_query_text[$query_id] != "")
- {
- if( eregi("^(INSERT{1}|^INSERT INTO{1})[[:space:]][\"]?([a-zA-Z0-9\_\-]+)[\"]?", $this->last_query_text[$query_id], $tablename))
- {
- $query = "SELECT ".$tablename[2]."_id_seq.currval FROM DUAL";
- $stmt = @OCIParse($this->db_connect_id, $query);
- @OCIExecute($stmt,OCI_DEFAULT );
- $temp_result = @OCIFetchInto($stmt, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS);
- if($temp_result)
- {
- return $temp_result['CURRVAL'];
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
-
- function sql_nextid($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id && $this->last_query_text[$query_id] != "")
- {
- if( eregi("^(INSERT{1}|^INSERT INTO{1})[[:space:]][\"]?([a-zA-Z0-9\_\-]+)[\"]?", $this->last_query_text[$query_id], $tablename))
- {
- $query = "SELECT ".$tablename[2]."_id_seq.CURRVAL FROM DUAL";
- $temp_q_id = @OCIParse($this->db_connect_id, $query);
- @OCIExecute($temp_q_id, OCI_DEFAULT);
- @OCIFetchInto($temp_q_id, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS);
-
- if($temp_result)
- {
- return $temp_result['CURRVAL'];
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
-
-
-
- function sql_freeresult($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIFreeStatement($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_error($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- $result = @OCIError($query_id);
- return $result;
- }
-
- } // class sql_db
-
- } // if ... define
-
- ?>
\ No newline at end of file
--- 0 ----
diff -crN phpbb204/db/postgres7.php phpbb2017/db/postgres7.php
*** phpbb204/db/postgres7.php Sat Jul 10 20:16:21 2004
--- phpbb2017/db/postgres7.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : supportphpbb.com
*
! * $Id: postgres7.php,v 1.19 2002/03/05 02:19:38 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : supportphpbb.com
*
! * $Id: postgres7.php,v 1.19.2.3 2005/05/06 20:50:10 acydburn Exp $
*
***************************************************************************/
diff -crN phpbb204/faq.php phpbb2017/faq.php
*** phpbb204/faq.php Sat Jul 10 20:16:21 2004
--- phpbb2017/faq.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: faq.php,v 1.14 2002/03/31 00:06:33 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: faq.php,v 1.14.2.2 2004/07/11 16:46:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 34,39 ****
--- 34,42 ----
// End session management
//
+ // Set vars to prevent naughtiness
+ $faq = array();
+
//
// Load the appropriate faq file
//
***************
*** 97,103 ****
$template->set_filenames(array(
'body' => 'faq_body.tpl')
);
! make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'L_FAQ_TITLE' => $l_title,
--- 100,106 ----
$template->set_filenames(array(
'body' => 'faq_body.tpl')
);
! make_jumpbox('viewforum.'.$phpEx);
$template->assign_vars(array(
'L_FAQ_TITLE' => $l_title,
diff -crN phpbb204/groupcp.php phpbb2017/groupcp.php
*** phpbb204/groupcp.php Sat Jul 10 20:16:21 2004
--- phpbb2017/groupcp.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: groupcp.php,v 1.58.2.12 2003/01/09 00:17:23 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: groupcp.php,v 1.58.2.23 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 137,142 ****
--- 137,143 ----
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 160,170 ****
redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
}
- if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
$sql = "SELECT group_moderator
FROM " . GROUPS_TABLE . "
WHERE group_id = $group_id";
--- 161,166 ----
***************
*** 214,224 ****
redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
}
- if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
$sql = "SELECT ug.user_id, g.group_type
FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
WHERE g.group_id = $group_id
--- 210,215 ----
***************
*** 284,295 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template('group_request', $moderator['user_lang']);
$emailer->email_address($moderator['user_email']);
$emailer->set_subject($lang['Group_request']);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
--- 275,286 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$emailer->use_template('group_request', $moderator['user_lang']);
$emailer->email_address($moderator['user_email']);
$emailer->set_subject($lang['Group_request']);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
***************
*** 324,334 ****
redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
}
- if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
if ( $confirm )
{
$sql = "DELETE FROM " . USER_GROUP_TABLE . "
--- 315,320 ----
***************
*** 351,357 ****
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
--- 337,343 ----
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
***************
*** 367,373 ****
'META' => '')
);
! $message = $lang['Usub_success'] . '
' . sprintf($lang['Click_return_group'], '', '') . '
' . sprintf($lang['Click_return_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
--- 353,359 ----
'META' => '')
);
! $message = $lang['Unsub_success'] . '
' . sprintf($lang['Click_return_group'], '', '') . '
' . sprintf($lang['Click_return_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
***************
*** 375,381 ****
{
$unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
! $s_hidden_fields = '';
$page_title = $lang['Group_Control_Panel'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
--- 361,367 ----
{
$unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
! $s_hidden_fields = '';
$page_title = $lang['Group_Control_Panel'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
***************
*** 439,445 ****
$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa
WHERE g.group_id = $group_id
! AND aa.group_id = g.group_id(+)";
break;
default:
--- 425,431 ----
$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa
WHERE g.group_id = $group_id
! AND aa.group_id (+) = g.group_id";
break;
default:
***************
*** 473,483 ****
redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
}
- if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
if ( !$is_moderator )
{
$template->assign_vars(array(
--- 459,464 ----
***************
*** 491,497 ****
if ( isset($HTTP_POST_VARS['add']) )
{
! $username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : "";
$sql = "SELECT user_id, user_email, user_lang, user_level
FROM " . USERS_TABLE . "
--- 472,478 ----
if ( isset($HTTP_POST_VARS['add']) )
{
! $username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$sql = "SELECT user_id, user_email, user_lang, user_level
FROM " . USERS_TABLE . "
***************
*** 572,583 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template('group_added', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['Group_added']);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
--- 553,564 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$emailer->use_template('group_added', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['Group_added']);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
***************
*** 610,616 ****
$sql_in = '';
for($i = 0; $i < count($members); $i++)
{
! $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . $members[$i];
}
if ( isset($HTTP_POST_VARS['approve']) )
--- 591,597 ----
$sql_in = '';
for($i = 0; $i < count($members); $i++)
{
! $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
}
if ( isset($HTTP_POST_VARS['approve']) )
***************
*** 704,713 ****
message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
}
! $email_addresses = '';
! while( $row = $db->sql_fetchrow($result) )
{
! $email_addresses .= ( ( $email_addresses != '' ) ? ', ' : '' ) . $row['user_email'];
}
//
--- 685,694 ----
message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
}
! $bcc_list = array();
! while ($row = $db->sql_fetchrow($result))
{
! $bcc_list[] = $row['user_email'];
}
//
***************
*** 727,738 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\nBcc: " . $email_addresses . "\n";
$emailer->use_template('group_approved');
- $emailer->email_address(' ');//$userdata['user_email']
$emailer->set_subject($lang['Group_approved']);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
--- 708,723 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
!
! for ($i = 0; $i < count($bcc_list); $i++)
! {
! $emailer->bcc($bcc_list[$i]);
! }
$emailer->use_template('group_approved');
$emailer->set_subject($lang['Group_approved']);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
***************
*** 912,918 ****
generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
! $s_hidden_fields .= '';
$template->assign_vars(array(
'L_GROUP_INFORMATION' => $lang['Group_Information'],
--- 897,903 ----
generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
! $s_hidden_fields .= '';
$template->assign_vars(array(
'L_GROUP_INFORMATION' => $lang['Group_Information'],
***************
*** 1164,1169 ****
--- 1149,1156 ----
// Select all group that the user is a member of or where the user has
// a pending membership.
//
+ $in_group = array();
+
if ( $userdata['session_logged_in'] )
{
$sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending
diff -crN phpbb204/includes/auth.php phpbb2017/includes/auth.php
*** phpbb204/includes/auth.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/auth.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: auth.php,v 1.37.2.2 2002/12/22 18:46:26 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: auth.php,v 1.37.2.5 2004/03/01 16:49:03 psotfx Exp $
*
*
***************************************************************************/
***************
*** 132,138 ****
$db->sql_freeresult($result);
return array();
}
-
$db->sql_freeresult($result);
}
--- 132,137 ----
***************
*** 172,177 ****
--- 171,177 ----
}
while( $row = $db->sql_fetchrow($result) );
}
+ $db->sql_freeresult($result);
}
$is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? TRUE : 0;
***************
*** 200,206 ****
{
case AUTH_ALL:
$auth_user[$key] = TRUE;
! $auth_user[$key . '_type'] = $lang['Auth_Anonymous_users'];
break;
case AUTH_REG:
--- 200,206 ----
{
case AUTH_ALL:
$auth_user[$key] = TRUE;
! $auth_user[$key . '_type'] = $lang['Auth_Anonymous_Users'];
break;
case AUTH_REG:
***************
*** 239,245 ****
{
case AUTH_ALL:
$auth_user[$f_forum_id][$key] = TRUE;
! $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_users'];
break;
case AUTH_REG:
--- 239,245 ----
{
case AUTH_ALL:
$auth_user[$f_forum_id][$key] = TRUE;
! $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_Users'];
break;
case AUTH_REG:
diff -crN phpbb204/includes/bbcode.php phpbb2017/includes/bbcode.php
*** phpbb204/includes/bbcode.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/bbcode.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: bbcode.php,v 1.36.2.19 2003/01/10 13:21:24 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: bbcode.php,v 1.36.2.35 2005/07/19 20:01:10 acydburn Exp $
*
***************************************************************************/
***************
*** 95,111 ****
$bbcode_tpl['img'] = str_replace('{URL}', '\\1', $bbcode_tpl['img']);
// We do URLs in several different ways..
! $bbcode_tpl['url1'] = str_replace('{URL}', '\1\2', $bbcode_tpl['url']);
! $bbcode_tpl['url1'] = str_replace('{DESCRIPTION}', '\1\2', $bbcode_tpl['url1']);
$bbcode_tpl['url2'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
$bbcode_tpl['url2'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url2']);
! $bbcode_tpl['url3'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
! $bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\6', $bbcode_tpl['url3']);
$bbcode_tpl['url4'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
! $bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\5', $bbcode_tpl['url4']);
$bbcode_tpl['email'] = str_replace('{EMAIL}', '\\1', $bbcode_tpl['email']);
--- 95,111 ----
$bbcode_tpl['img'] = str_replace('{URL}', '\\1', $bbcode_tpl['img']);
// We do URLs in several different ways..
! $bbcode_tpl['url1'] = str_replace('{URL}', '\\1', $bbcode_tpl['url']);
! $bbcode_tpl['url1'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url1']);
$bbcode_tpl['url2'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
$bbcode_tpl['url2'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url2']);
! $bbcode_tpl['url3'] = str_replace('{URL}', '\\1', $bbcode_tpl['url']);
! $bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\2', $bbcode_tpl['url3']);
$bbcode_tpl['url4'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
! $bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\3', $bbcode_tpl['url4']);
$bbcode_tpl['email'] = str_replace('{EMAIL}', '\\1', $bbcode_tpl['email']);
***************
*** 124,129 ****
--- 124,131 ----
{
global $lang, $bbcode_tpl;
+ $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
+
// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
$text = " " . $text;
***************
*** 194,220 ****
// [img]image_url_here[/img] code..
// This one gets first-passed..
! $patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
$replacements[] = $bbcode_tpl['img'];
! // [url]xxxx://www.phpbb.com[/url] code..
! $patterns[] = "#\[url\]([a-z0-9]+?://){1}([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url\]((www|ftp)\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\[/url\]#si";
$replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
! $patterns[] = "#\[url=([a-z0-9]+://)([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\](.*?)\[/url\]#si";
$replacements[] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url=(([\w\-]+\.)*?[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)\](.*?)\[/url\]#si";
$replacements[] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
! $patterns[] = "#\[email\]([a-z0-9\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si";
$replacements[] = $bbcode_tpl['email'];
$text = preg_replace($patterns, $replacements, $text);
--- 196,222 ----
// [img]image_url_here[/img] code..
// This one gets first-passed..
! $patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";
$replacements[] = $bbcode_tpl['img'];
! // matches a [url]xxxx://www.phpbb.com[/url] code..
! $patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
! $patterns[] = "#\[url=([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url=((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
! $patterns[] = "#\[email\]([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si";
$replacements[] = $bbcode_tpl['email'];
$text = preg_replace($patterns, $replacements, $text);
***************
*** 281,287 ****
$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);
// [img]image_url_here[/img] code..
! $text = preg_replace("#\[img\]((ht|f)tp://)([^\r\n\t<\"]*?)\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
// Remove our padding from the string..
return substr($text, 1);;
--- 283,289 ----
$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);
// [img]image_url_here[/img] code..
! $text = preg_replace("#\[img\]((http|ftp|https|ftps)://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
// Remove our padding from the string..
return substr($text, 1);;
***************
*** 393,399 ****
// Grab a bit more of the string to hopefully get all of it..
if ($close_pos = strpos($text, '"]', $curr_pos + 9))
{
! $possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 2);
}
}
--- 395,404 ----
// Grab a bit more of the string to hopefully get all of it..
if ($close_pos = strpos($text, '"]', $curr_pos + 9))
{
! if (strpos(substr($text, $curr_pos + 9, $close_pos - ($curr_pos + 9)), '[quote') === false)
! {
! $possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 2);
! }
}
}
***************
*** 576,581 ****
--- 581,589 ----
// Replace tabs with " " so tabbed code indents sorta right without making huge long lines.
$after_replace = str_replace("\t", " ", $after_replace);
+ // now Replace space occurring at the beginning of a line
+ $after_replace = preg_replace("/^ {1}/m", ' ', $after_replace);
+
$str_to_match = "[code:1:$uid]" . $before_replace . "[/code:1:$uid]";
$replacement = $code_start_html;
***************
*** 608,613 ****
--- 616,622 ----
*/
function make_clickable($text)
{
+ $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
// pad it with a space so we can match things at the start of the 1st line.
$ret = ' ' . $text;
***************
*** 615,631 ****
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, comma, double quote or <
! $ret = preg_replace("#([\t\r\n ])([a-z0-9]+?){1}://([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)#i", '\1\2://\3', $ret);
// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// zzzz is optional.. will contain everything up to the first space, newline,
// comma, double quote or <.
! $ret = preg_replace("#([\t\r\n ])(www|ftp)\.(([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)#i", '\1\2.\3', $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
! $ret = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1\\2@\\3", $ret);
// Remove our padding..
$ret = substr($ret, 1);
--- 624,640 ----
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, comma, double quote or <
! $ret = preg_replace("#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1\\2", $ret);
// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// zzzz is optional.. will contain everything up to the first space, newline,
// comma, double quote or <.
! $ret = preg_replace("#(^|[\n ])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1\\2", $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
! $ret = preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1\\2@\\3", $ret);
// Remove our padding..
$ret = substr($ret, 1);
***************
*** 731,764 ****
//
function smilies_pass($message)
{
! static $orig, $repl;
! if (!isset($orig))
! {
! global $db, $board_config;
! $orig = $repl = array();
! $sql = 'SELECT code, smile_url FROM ' . SMILIES_TABLE;
! if( !$result = $db->sql_query($sql) )
! {
! message_die(GENERAL_ERROR, "Couldn't obtain smilies data", "", __LINE__, __FILE__, $sql);
! }
! $smilies = $db->sql_fetchrowset($result);
! usort($smilies, 'smiley_sort');
! for($i = 0; $i < count($smilies); $i++)
! {
! $orig[] = "/(?<=.\W|\W.|^\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";
! $repl[] = '![' . $smilies[$i]['smile_url'] . ']('. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . ')
';
! }
! }
! if (count($orig))
! {
! $message = preg_replace($orig, $repl, ' ' . $message . ' ');
! $message = substr($message, 1, -1);
! }
! return $message;
}
function smiley_sort($a, $b)
--- 740,778 ----
//
function smilies_pass($message)
{
! static $orig, $repl;
! if (!isset($orig))
! {
! global $db, $board_config;
! $orig = $repl = array();
! $sql = 'SELECT * FROM ' . SMILIES_TABLE;
! if( !$result = $db->sql_query($sql) )
! {
! message_die(GENERAL_ERROR, "Couldn't obtain smilies data", "", __LINE__, __FILE__, $sql);
! }
! $smilies = $db->sql_fetchrowset($result);
! if (count($smilies))
! {
! usort($smilies, 'smiley_sort');
! }
! for ($i = 0; $i < count($smilies); $i++)
! {
! $orig[] = "/(?<=.\W|\W.|^\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";
! $repl[] = '';
! }
! }
!
! if (count($orig))
! {
! $message = preg_replace($orig, $repl, ' ' . $message . ' ');
! $message = substr($message, 1, -1);
! }
!
! return $message;
}
function smiley_sort($a, $b)
***************
*** 771,775 ****
return ( strlen($a['code']) > strlen($b['code']) ) ? -1 : 1;
}
!
! ?>
--- 785,788 ----
return ( strlen($a['code']) > strlen($b['code']) ) ? -1 : 1;
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/constants.php phpbb2017/includes/constants.php
*** phpbb204/includes/constants.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/constants.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : ('C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: constants.php,v 1.47.2.2 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : ('C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: constants.php,v 1.47.2.5 2004/11/18 17:49:42 acydburn Exp $
*
*
***************************************************************************/
***************
*** 148,153 ****
--- 148,154 ----
// Table names
+ define('CONFIRM_TABLE', $table_prefix.'confirm');
define('AUTH_ACCESS_TABLE', $table_prefix.'auth_access');
define('BANLIST_TABLE', $table_prefix.'banlist');
define('CATEGORIES_TABLE', $table_prefix.'categories');
***************
*** 178,181 ****
define('VOTE_RESULTS_TABLE', $table_prefix.'vote_results');
define('VOTE_USERS_TABLE', $table_prefix.'vote_voters');
! ?>
--- 179,182 ----
define('VOTE_RESULTS_TABLE', $table_prefix.'vote_results');
define('VOTE_USERS_TABLE', $table_prefix.'vote_voters');
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/emailer.php phpbb2017/includes/emailer.php
*** phpbb204/includes/emailer.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/emailer.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
copyright : (C) 2001 The phpBB Group
email : support@phpbb.com
! $Id: emailer.php,v 1.15.2.21 2003/01/15 13:31:53 psotfx Exp $
***************************************************************************/
--- 6,12 ----
copyright : (C) 2001 The phpBB Group
email : support@phpbb.com
! $Id: emailer.php,v 1.15.2.34 2003/07/26 11:41:35 acydburn Exp $
***************************************************************************/
***************
*** 26,159 ****
//
class emailer
{
! var $tpl_file;
var $use_smtp;
! var $msg;
! var $mimeOut;
! var $arrPlaceHolders = array(); // an associative array that has the key = placeHolderName and val = placeHolderValue.
! var $subject, $extra_headers, $address;
function emailer($use_smtp)
{
$this->use_smtp = $use_smtp;
! $this->tpl_file = NULL;
! $this->address = NULL;
! $this->msg = '';
! $this->mimeOut = '';
}
- //
// Resets all the data (address, template file, etc etc to default
- //
function reset()
{
! $this->tpl_file = '';
! $this->address = '';
! $this->msg = '';
! $this->memOut = '';
! $this->vars = '';
}
- //
// Sets an email address to send to
- //
function email_address($address)
{
! $this->address = '';
! $this->address .= $address;
}
- //
// set up subject for mail
- //
function set_subject($subject = '')
{
$this->subject = trim(preg_replace('#[\n\r]+#s', '', $subject));
}
- //
// set up extra mail headers
- //
function extra_headers($headers)
{
! $this->extra_headers = $headers;
}
function use_template($template_file, $template_lang = '')
{
global $board_config, $phpbb_root_path;
! if ( $template_lang == '' )
{
! $template_lang = $board_config['default_lang'];
}
! $this->tpl_file = @phpbb_realpath($phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.tpl');
!
! if ( !file_exists(phpbb_realpath($this->tpl_file)) )
{
! $this->tpl_file = @phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/email/' . $template_file . '.tpl');
!
! if ( !file_exists(phpbb_realpath($this->tpl_file)) )
! {
! message_die(GENERAL_ERROR, 'Could not find email template file ' . $template_file, '', __LINE__, __FILE__);
! }
}
! if ( !$this->load_msg() )
{
! message_die(GENERAL_ERROR, 'Could not load email template file ' . $template_file, '', __LINE__, __FILE__);
! }
! return true;
! }
! //
! // Open the template file and read in the message
! //
! function load_msg()
! {
! if ( $this->tpl_file == NULL )
! {
! message_die(GENERAL_ERROR, 'No template file set', '', __LINE__, __FILE__);
! }
! if ( !($fd = fopen($this->tpl_file, 'r')) )
! {
! message_die(GENERAL_ERROR, 'Failed opening template file', '', __LINE__, __FILE__);
}
! $this->msg .= fread($fd, filesize($this->tpl_file));
! fclose($fd);
return true;
}
function assign_vars($vars)
{
! $this->vars = ( empty($this->vars) ) ? $vars : $this->vars . $vars;
}
! function parse_email()
{
! global $lang;
! @reset($this->vars);
! while (list($key, $val) = @each($this->vars))
! {
! $$key = $val;
! }
// Escape all quotes, else the eval will fail.
$this->msg = str_replace ("'", "\'", $this->msg);
$this->msg = preg_replace('#\{([a-z0-9\-_]*?)\}#is', "' . $\\1 . '", $this->msg);
eval("\$this->msg = '$this->msg';");
! //
// We now try and pull a subject from the email body ... if it exists,
// do this here because the subject may contain a variable
! //
! $drop_header = "";
$match = array();
if (preg_match('#^(Subject:(.*?))$#m', $this->msg, $match))
{
--- 26,165 ----
//
class emailer
{
! var $msg, $subject, $extra_headers;
! var $addresses, $reply_to, $from;
var $use_smtp;
!
! var $tpl_msg = array();
function emailer($use_smtp)
{
+ $this->reset();
$this->use_smtp = $use_smtp;
! $this->reply_to = $this->from = '';
}
// Resets all the data (address, template file, etc etc to default
function reset()
{
! $this->addresses = array();
! $this->vars = $this->msg = $this->extra_headers = '';
}
// Sets an email address to send to
function email_address($address)
{
! $this->addresses['to'] = trim($address);
! }
!
! function cc($address)
! {
! $this->addresses['cc'][] = trim($address);
! }
!
! function bcc($address)
! {
! $this->addresses['bcc'][] = trim($address);
! }
!
! function replyto($address)
! {
! $this->reply_to = trim($address);
! }
!
! function from($address)
! {
! $this->from = trim($address);
}
// set up subject for mail
function set_subject($subject = '')
{
$this->subject = trim(preg_replace('#[\n\r]+#s', '', $subject));
}
// set up extra mail headers
function extra_headers($headers)
{
! $this->extra_headers .= trim($headers) . "\n";
}
function use_template($template_file, $template_lang = '')
{
global $board_config, $phpbb_root_path;
! if (trim($template_file) == '')
{
! message_die(GENERAL_ERROR, 'No template file set', '', __LINE__, __FILE__);
}
! if (trim($template_lang) == '')
{
! $template_lang = $board_config['default_lang'];
}
! if (empty($this->tpl_msg[$template_lang . $template_file]))
{
! $tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.tpl';
! if (!@file_exists(@phpbb_realpath($tpl_file)))
! {
! $tpl_file = $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/email/' . $template_file . '.tpl';
! if (!@file_exists(@phpbb_realpath($tpl_file)))
! {
! message_die(GENERAL_ERROR, 'Could not find email template file :: ' . $template_file, '', __LINE__, __FILE__);
! }
! }
! if (!($fd = @fopen($tpl_file, 'r')))
! {
! message_die(GENERAL_ERROR, 'Failed opening template file :: ' . $tpl_file, '', __LINE__, __FILE__);
! }
!
! $this->tpl_msg[$template_lang . $template_file] = fread($fd, filesize($tpl_file));
! fclose($fd);
}
! $this->msg = $this->tpl_msg[$template_lang . $template_file];
return true;
}
+ // assign variables
function assign_vars($vars)
{
! $this->vars = (empty($this->vars)) ? $vars : $this->vars . $vars;
}
! // Send the mail out to the recipients set previously in var $this->address
! function send()
{
! global $board_config, $lang, $phpEx, $phpbb_root_path, $db;
// Escape all quotes, else the eval will fail.
$this->msg = str_replace ("'", "\'", $this->msg);
$this->msg = preg_replace('#\{([a-z0-9\-_]*?)\}#is', "' . $\\1 . '", $this->msg);
+ // Set vars
+ reset ($this->vars);
+ while (list($key, $val) = each($this->vars))
+ {
+ $$key = $val;
+ }
+
eval("\$this->msg = '$this->msg';");
! // Clear vars
! reset ($this->vars);
! while (list($key, $val) = each($this->vars))
! {
! unset($$key);
! }
!
// We now try and pull a subject from the email body ... if it exists,
// do this here because the subject may contain a variable
! $drop_header = '';
$match = array();
if (preg_match('#^(Subject:(.*?))$#m', $this->msg, $match))
{
***************
*** 180,211 ****
$this->msg = trim(preg_replace('#' . $drop_header . '#s', '', $this->msg));
}
! return true;
! }
! //
! // Send the mail out to the recipients set previously in var $this->address
! //
! function send()
! {
! global $phpEx, $phpbb_root_path;
!
! if ( $this->address == NULL )
! {
! message_die(GENERAL_ERROR, 'No email address set', '', __LINE__, __FILE__);
! }
!
! if ( !$this->parse_email() )
! {
! return false;
! }
! //
! // Add date and encoding type
! //
! $universal_extra = "MIME-Version: 1.0\nContent-type: text/plain; charset=" . $this->encoding . "\nContent-transfer-encoding: 8bit\nDate: " . gmdate('D, d M Y H:i:s', time()) . " UT\nX-Priority: 3\nX-MSMail-Priority: Normal\nX-Mailer: PHP\n";
! $this->extra_headers = $universal_extra . trim($this->extra_headers);
if ( $this->use_smtp )
{
if ( !defined('SMTP_INCLUDED') )
--- 186,200 ----
$this->msg = trim(preg_replace('#' . $drop_header . '#s', '', $this->msg));
}
! $to = $this->addresses['to'];
! $cc = (count($this->addresses['cc'])) ? implode(', ', $this->addresses['cc']) : '';
! $bcc = (count($this->addresses['bcc'])) ? implode(', ', $this->addresses['bcc']) : '';
! // Build header
! $this->extra_headers = (($this->reply_to != '') ? "Reply-to: $this->reply_to\n" : '') . (($this->from != '') ? "From: $this->from\n" : "From: " . $board_config['board_email'] . "\n") . "Return-Path: " . $board_config['board_email'] . "\nMessage-ID: <" . md5(uniqid(time())) . "@" . $board_config['server_name'] . ">\nMIME-Version: 1.0\nContent-type: text/plain; charset=" . $this->encoding . "\nContent-transfer-encoding: 8bit\nDate: " . date('r', time()) . "\nX-Priority: 3\nX-MSMail-Priority: Normal\nX-Mailer: PHP\nX-MimeOLE: Produced By phpBB2\n" . $this->extra_headers . (($cc != '') ? "Cc: $cc\n" : '') . (($bcc != '') ? "Bcc: $bcc\n" : '');
+ // Send message ... removed $this->encode() from subject for time being
if ( $this->use_smtp )
{
if ( !defined('SMTP_INCLUDED') )
***************
*** 213,233 ****
include($phpbb_root_path . 'includes/smtp.' . $phpEx);
}
! $result = smtpmail($this->address, $this->subject, $this->msg, $this->extra_headers);
}
else
{
! $result = @mail($this->address, $this->subject, $this->msg, $this->extra_headers);
}
! if ( !$result )
{
! message_die(GENERAL_ERROR, 'Failed sending email :: ' . $result, '', __LINE__, __FILE__);
}
return true;
}
//
// Attach files via MIME.
--- 202,270 ----
include($phpbb_root_path . 'includes/smtp.' . $phpEx);
}
! $result = smtpmail($to, $this->subject, $this->msg, $this->extra_headers);
}
else
{
! $empty_to_header = ($to == '') ? TRUE : FALSE;
! $to = ($to == '') ? (($board_config['sendmail_fix']) ? ' ' : 'Undisclosed-recipients:;') : $to;
!
! $result = @mail($to, $this->subject, preg_replace("#(?msg), $this->extra_headers);
!
! if (!$result && !$board_config['sendmail_fix'] && $empty_to_header)
! {
! $to = ' ';
!
! $sql = "UPDATE " . CONFIG_TABLE . "
! SET config_value = '1'
! WHERE config_name = 'sendmail_fix'";
! if (!$db->sql_query($sql))
! {
! message_die(GENERAL_ERROR, 'Unable to update config table', '', __LINE__, __FILE__, $sql);
! }
!
! $board_config['sendmail_fix'] = 1;
! $result = @mail($to, $this->subject, preg_replace("#(?msg), $this->extra_headers);
! }
}
! // Did it work?
! if (!$result)
{
! message_die(GENERAL_ERROR, 'Failed sending email :: ' . (($this->use_smtp) ? 'SMTP' : 'PHP') . ' :: ' . $result, '', __LINE__, __FILE__);
}
return true;
}
+ // Encodes the given string for proper display for this encoding ... nabbed
+ // from php.net and modified. There is an alternative encoding method which
+ // may produce lesd output but it's questionable as to its worth in this
+ // scenario IMO
+ function encode($str)
+ {
+ if ($this->encoding == '')
+ {
+ return $str;
+ }
+
+ // define start delimimter, end delimiter and spacer
+ $end = "?=";
+ $start = "=?$this->encoding?B?";
+ $spacer = "$end\r\n $start";
+
+ // determine length of encoded text within chunks and ensure length is even
+ $length = 75 - strlen($start) - strlen($end);
+ $length = floor($length / 2) * 2;
+
+ // encode the string and split it into chunks with spacers after each chunk
+ $str = chunk_split(base64_encode($str), $length, $spacer);
+
+ // remove trailing spacer and add start and end delimiters
+ $str = preg_replace('#' . phpbb_preg_quote($spacer, '#') . '$#', '', $str);
+
+ return $start . $str . $end;
+ }
//
// Attach files via MIME.
***************
*** 237,243 ****
global $lang;
$mime_boundary = "--==================_846811060==_";
! $this->mailMsg = '--' . $mime_boundary . "\nContent-Type: text/plain;\n\tcharset=\"" . $lang['ENCODING'] . "\"\n\n" . $this->mailMsg;
if ($mime_filename)
{
--- 274,280 ----
global $lang;
$mime_boundary = "--==================_846811060==_";
! $this->msg = '--' . $mime_boundary . "\nContent-Type: text/plain;\n\tcharset=\"" . $lang['ENCODING'] . "\"\n\n" . $this->msg;
if ($mime_filename)
{
***************
*** 333,336 ****
} // class emailer
! ?>
--- 370,373 ----
} // class emailer
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/functions.php phpbb2017/includes/functions.php
*** phpbb204/includes/functions.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/functions.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions.php,v 1.133.2.21 2003/01/13 18:54:16 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions.php,v 1.133.2.35 2005/07/19 20:01:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 74,87 ****
return false;
}
! function get_userdata($user)
{
global $db;
$sql = "SELECT *
FROM " . USERS_TABLE . "
WHERE ";
! $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
--- 74,135 ----
return false;
}
! // added at phpBB 2.0.11 to properly format the username
! function phpbb_clean_username($username)
! {
! $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
! $username = phpbb_rtrim($username, "\\");
! $username = str_replace("'", "\'", $username);
!
! return $username;
! }
!
! // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
! function phpbb_rtrim($str, $charlist = false)
! {
! if ($charlist === false)
! {
! return rtrim($str);
! }
!
! $php_version = explode('.', PHP_VERSION);
!
! // php version < 4.1.0
! if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
! {
! while ($str{strlen($str)-1} == $charlist)
! {
! $str = substr($str, 0, strlen($str)-1);
! }
! }
! else
! {
! $str = rtrim($str, $charlist);
! }
!
! return $str;
! }
!
! //
! // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
! //
! function get_userdata($user, $force_str = false)
{
global $db;
+ if (!is_numeric($user) || $force_str)
+ {
+ $user = phpbb_clean_username($user);
+ }
+ else
+ {
+ $user = intval($user);
+ }
+
$sql = "SELECT *
FROM " . USERS_TABLE . "
WHERE ";
! $sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" . $user . "'" ) . " AND user_id <> " . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
***************
*** 92,98 ****
function make_jumpbox($action, $match_forum_id = 0)
{
! global $template, $userdata, $lang, $db, $nav_links, $phpEx;
// $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
--- 140,146 ----
function make_jumpbox($action, $match_forum_id = 0)
{
! global $template, $userdata, $lang, $db, $nav_links, $phpEx, $SID;
// $is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
***************
*** 174,183 ****
$boxstring .= '';
}
! if ( !empty($SID) )
! {
$boxstring .= '';
! }
$template->set_filenames(array(
'jumpbox' => 'jumpbox.tpl')
--- 222,232 ----
$boxstring .= '';
}
! // Let the jumpbox work again in sites having additional session id checks.
! // if ( !empty($SID) )
! // {
$boxstring .= '';
! // }
$template->set_filenames(array(
'jumpbox' => 'jumpbox.tpl')
***************
*** 201,206 ****
--- 250,256 ----
{
global $board_config, $theme, $images;
global $template, $lang, $phpEx, $phpbb_root_path;
+ global $nav_links;
if ( $userdata['user_id'] != ANONYMOUS )
{
***************
*** 253,258 ****
--- 303,331 ----
$theme = setup_style($board_config['default_style']);
+ //
+ // Mozilla navigation bar
+ // Default items that should be valid on all pages.
+ // Defined here to correctly assign the Language Variables
+ // and be able to change the variables within code.
+ //
+ $nav_links['top'] = array (
+ 'url' => append_sid($phpbb_root_path . 'index.' . $phpEx),
+ 'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
+ );
+ $nav_links['search'] = array (
+ 'url' => append_sid($phpbb_root_path . 'search.' . $phpEx),
+ 'title' => $lang['Search']
+ );
+ $nav_links['help'] = array (
+ 'url' => append_sid($phpbb_root_path . 'faq.' . $phpEx),
+ 'title' => $lang['FAQ']
+ );
+ $nav_links['author'] = array (
+ 'url' => append_sid($phpbb_root_path . 'memberlist.' . $phpEx),
+ 'title' => $lang['Memberlist']
+ );
+
return;
}
***************
*** 276,282 ****
$template_path = 'templates/' ;
$template_name = $row['template_name'] ;
! $template = new Template($phpbb_root_path . $template_path . $template_name, $board_config, $db);
if ( $template )
{
--- 349,355 ----
$template_path = 'templates/' ;
$template_name = $row['template_name'] ;
! $template = new Template($phpbb_root_path . $template_path . $template_name);
if ( $template )
{
***************
*** 505,511 ****
die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
}
! define(HAS_DIED, 1);
$sql_store = $sql;
--- 578,584 ----
die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
}
! define('HAS_DIED', 1);
$sql_store = $sql;
***************
*** 532,538 ****
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '
Line : ' . $err_line . '
File : ' . $err_file;
}
}
--- 605,611 ----
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '
Line : ' . $err_line . '
File : ' . basename($err_file);
}
}
***************
*** 692,697 ****
--- 765,772 ----
// dougk_ff7
function phpbb_realpath($path)
{
+ global $phpbb_root_path, $phpEx;
+
return (!@function_exists('realpath') || !@realpath($phpbb_root_path . 'includes/functions.'.$phpEx)) ? $path : @realpath($path);
}
***************
*** 702,707 ****
--- 777,787 ----
if (!empty($db))
{
$db->sql_close();
+ }
+
+ if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
+ {
+ message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
diff -crN phpbb204/includes/functions_post.php phpbb2017/includes/functions_post.php
*** phpbb204/includes/functions_post.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/functions_post.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_post.php,v 1.9.2.25 2003/01/13 22:03:24 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_post.php,v 1.9.2.37 2004/11/18 17:49:44 acydburn Exp $
*
*
***************************************************************************/
***************
*** 25,31 ****
die('Hacking attempt');
}
! $html_entities_match = array('#&[a-z]+?;#', '#<#', '#>#');
$html_entities_replace = array('&', '<', '>');
$unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
--- 25,31 ----
die('Hacking attempt');
}
! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
$html_entities_replace = array('&', '<', '>');
$unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
***************
*** 72,80 ****
for ($i = 0; $i < sizeof($allowed_html_tags); $i++)
{
$match_tag = trim($allowed_html_tags[$i]);
! if (preg_match('#^<\/?' . $match_tag . '(?!(.*?)((style)|( on[\w]+?[\s]?=))[\s]*?)#i', $hold_string))
{
! $tagallowed = true;
}
}
--- 72,80 ----
for ($i = 0; $i < sizeof($allowed_html_tags); $i++)
{
$match_tag = trim($allowed_html_tags[$i]);
! if (preg_match('#^<\/?' . $match_tag . '[> ]#i', $hold_string))
{
! $tagallowed = (preg_match('#^<\/?' . $match_tag . ' .*?(style[\t ]*?=|on[\w]+[\t ]*?=)#i', $hold_string)) ? false : true;
}
}
***************
*** 91,97 ****
}
}
! if ($end_html != strlen($message) && $tmp_message != '')
{
$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1));
}
--- 91,97 ----
}
}
! if (!$end_html || ($end_html != strlen($message) && $tmp_message != ''))
{
$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1));
}
***************
*** 128,134 ****
// Check username
if (!empty($username))
{
! $username = trim(strip_tags($username));
if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username']))
{
--- 128,134 ----
// Check username
if (!empty($username))
{
! $username = phpbb_clean_username($username);
if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username']))
{
***************
*** 222,228 ****
$current_time = time();
! if ($mode == 'newtopic' || $mode == 'reply')
{
//
// Flood control
--- 222,228 ----
$current_time = time();
! if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost')
{
//
// Flood control
***************
*** 242,248 ****
}
}
}
! else if ($mode == 'editpost')
{
remove_search_post($post_id);
}
--- 242,249 ----
}
}
}
!
! if ($mode == 'editpost')
{
remove_search_post($post_id);
}
***************
*** 250,256 ****
if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
{
$topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0;
! $sql = ($mode != "editpost") ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type, topic_vote = $topic_vote WHERE topic_id = $topic_id";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
--- 251,258 ----
if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
{
$topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0;
!
! $sql = ($mode != "editpost") ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type " . (($post_data['edit_vote'] || !empty($poll_title)) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = $topic_id";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
***************
*** 599,607 ****
$user_id_sql = '';
while ($row = $db->sql_fetchrow($result))
{
! if (isset($row['ban_userid']))
{
! $user_id_sql = ', ' . $row['ban_userid'];
}
}
--- 601,609 ----
$user_id_sql = '';
while ($row = $db->sql_fetchrow($result))
{
! if (isset($row['ban_userid']) && !empty($row['ban_userid']))
{
! $user_id_sql .= ', ' . $row['ban_userid'];
}
}
***************
*** 618,623 ****
--- 620,626 ----
$update_watched_sql = '';
$bcc_list_ary = array();
+
if ($row = $db->sql_fetchrow($result))
{
// Sixty second limit
***************
*** 627,633 ****
{
if ($row['user_email'] != '')
{
! $bcc_list_ary[$row['user_lang']] .= (($bcc_list_ary[$row['user_lang']] != '') ? ', ' : '') . $row['user_email'];
}
$update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id'];
}
--- 630,636 ----
{
if ($row['user_email'] != '')
{
! $bcc_list_ary[$row['user_lang']][] = $row['user_email'];
}
$update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id'];
}
***************
*** 652,682 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
- $orig_word = array();
- $replacement_word = array();
- obtain_word_list($orig_word, $replacement_word);
-
$script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path']));
$script_name = ($script_name != '') ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) . '/' : '/';
! $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title);
while (list($user_lang, $bcc_list) = each($bcc_list_ary))
{
$emailer->use_template('topic_notify', $user_lang);
! $emailer->email_address(' ');
// The Topic_reply_notification lang string below will be used
// if for some reason the mail template subject cannot be read
// ... note it will not necessarily be in the posters own language!
$emailer->set_subject($lang['Topic_reply_notification']);
- $emailer->extra_headers($email_headers . "Bcc: $bcc_list\n");
-
// This is a nasty kludge to remove the username var ... till (if?)
// translators update their templates
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);
--- 655,690 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path']));
$script_name = ($script_name != '') ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) . '/' : '/';
! $orig_word = array();
! $replacement_word = array();
! obtain_word_list($orig_word, $replacement_word);
!
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title);
+ @reset($bcc_list_ary);
while (list($user_lang, $bcc_list) = each($bcc_list_ary))
{
$emailer->use_template('topic_notify', $user_lang);
!
! for ($i = 0; $i < count($bcc_list); $i++)
! {
! $emailer->bcc($bcc_list[$i]);
! }
!
// The Topic_reply_notification lang string below will be used
// if for some reason the mail template subject cannot be read
// ... note it will not necessarily be in the posters own language!
$emailer->set_subject($lang['Topic_reply_notification']);
// This is a nasty kludge to remove the username var ... till (if?)
// translators update their templates
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);
***************
*** 761,767 ****
$gen_simple_header = TRUE;
! $page_title = $lang['Review_topic'] . " - $topic_title";
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
--- 769,775 ----
$gen_simple_header = TRUE;
! $page_title = $lang['Emoticons'] . " - $topic_title";
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
diff -crN phpbb204/includes/functions_search.php phpbb2017/includes/functions_search.php
*** phpbb204/includes/functions_search.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/functions_search.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2002 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_search.php,v 1.8.2.10 2003/01/06 09:18:35 bartvb Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2002 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_search.php,v 1.8.2.19 2004/11/18 17:49:45 acydburn Exp $
*
****************************************************************************/
***************
*** 58,64 ****
$entry = str_replace('*', ' ', $entry);
// 'words' that consist of <3 or >20 characters are removed.
! $entry = preg_replace('/\b([a-z0-9]{1,2}|[a-z0-9]{21,})\b/',' ', $entry);
}
if ( !empty($stopword_list) )
--- 58,64 ----
$entry = str_replace('*', ' ', $entry);
// 'words' that consist of <3 or >20 characters are removed.
! $entry = preg_replace('/[ ]([\S]{1,2}|[\S]{21,})[ ]/',' ', $entry);
}
if ( !empty($stopword_list) )
***************
*** 69,75 ****
if ( $mode == 'post' || ( $stopword != 'not' && $stopword != 'and' && $stopword != 'or' ) )
{
! $entry = preg_replace('#\b' . preg_quote($stopword) . '\b#', ' ', $entry);
}
}
}
--- 69,75 ----
if ( $mode == 'post' || ( $stopword != 'not' && $stopword != 'and' && $stopword != 'or' ) )
{
! $entry = str_replace(' ' . trim($stopword) . ' ', ' ', $entry);
}
}
}
***************
*** 81,87 ****
list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j])));
if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) )
{
! $entry = preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $entry);
}
}
}
--- 81,87 ----
list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j])));
if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) )
{
! $entry = str_replace(' ' . trim($match_synonym) . ' ', ' ' . trim($replace_synonym) . ' ', $entry);
}
}
}
***************
*** 91,100 ****
--- 91,105 ----
function split_words(&$entry, $mode = 'post')
{
+ // If you experience problems with the new method, uncomment this block.
+ /*
$rex = ( $mode == 'post' ) ? "/\b([\w±µ-ÿ][\w±µ-ÿ']*[\w±µ-ÿ]+|[\w±µ-ÿ]+?)\b/" : '/(\*?[a-z0-9±µ-ÿ]+\*?)|\b([a-z0-9±µ-ÿ]+)\b/';
preg_match_all($rex, $entry, $split_entries);
return $split_entries[1];
+ */
+ // Trim 1+ spaces to one space and split this trimmed string into words.
+ return explode(' ', trim(preg_replace('#\s+#', ' ', $entry)));
}
function add_search_words($mode, $post_id, $post_text, $post_title = '')
***************
*** 108,113 ****
--- 113,120 ----
$search_raw_words['text'] = split_words(clean_words('post', $post_text, $stopword_array, $synonym_array));
$search_raw_words['title'] = split_words(clean_words('post', $post_title, $stopword_array, $synonym_array));
+ @set_time_limit(0);
+
$word = array();
$word_insert_sql = array();
while ( list($word_in, $search_matches) = @each($search_raw_words) )
***************
*** 191,196 ****
--- 198,204 ----
$value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\', 0)';
break;
case 'mssql':
+ case 'mssql-odbc':
$value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "', 0";
break;
default:
***************
*** 215,220 ****
--- 223,229 ----
VALUES $value_sql";
break;
case 'mssql':
+ case 'mssql-odbc':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text, word_common)
$value_sql";
break;
***************
*** 246,252 ****
if ($mode == 'single')
{
! remove_common('single', 0.4, $word);
}
return;
--- 255,261 ----
if ($mode == 'single')
{
! remove_common('single', 4/10, $word);
}
return;
***************
*** 426,436 ****
$username_list = '';
if ( !empty($search_match) )
{
! $username_search = preg_replace('/\*/', '%', trim(strip_tags($search_match)));
$sql = "SELECT username
FROM " . USERS_TABLE . "
! WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "'
ORDER BY username";
if ( !($result = $db->sql_query($sql)) )
{
--- 435,445 ----
$username_list = '';
if ( !empty($search_match) )
{
! $username_search = preg_replace('/\*/', '%', phpbb_clean_username($search_match));
$sql = "SELECT username
FROM " . USERS_TABLE . "
! WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "' AND user_id <> " . ANONYMOUS . "
ORDER BY username";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 460,466 ****
);
$template->assign_vars(array(
! 'USERNAME' => ( !empty($search_match) ) ? strip_tags($search_match) : '',
'L_CLOSE_WINDOW' => $lang['Close_window'],
'L_SEARCH_USERNAME' => $lang['Find_username'],
--- 469,475 ----
);
$template->assign_vars(array(
! 'USERNAME' => (!empty($search_match)) ? phpbb_clean_username($search_match) : '',
'L_CLOSE_WINDOW' => $lang['Close_window'],
'L_SEARCH_USERNAME' => $lang['Find_username'],
***************
*** 486,489 ****
return;
}
! ?>
--- 495,498 ----
return;
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/functions_selects.php phpbb2017/includes/functions_selects.php
*** phpbb204/includes/functions_selects.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/functions_selects.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_selects.php,v 1.3.2.4 2002/12/22 12:20:35 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_selects.php,v 1.3.2.5 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 108,111 ****
return $tz_select;
}
! ?>
--- 108,111 ----
return $tz_select;
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/functions_validate.php phpbb2017/includes/functions_validate.php
*** phpbb204/includes/functions_validate.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/functions_validate.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_validate.php,v 1.6.2.5 2002/12/21 12:56:07 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_validate.php,v 1.6.2.13 2005/07/19 20:01:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 29,36 ****
{
global $db, $lang, $userdata;
! $username = str_replace("\'", "''", $username);
!
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
--- 29,38 ----
{
global $db, $lang, $userdata;
! // Remove doubled up spaces
! $username = preg_replace('#\s+#', ' ', trim($username));
! $username = phpbb_clean_username($username);
!
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
***************
*** 98,105 ****
}
$db->sql_freeresult($result);
! // Don't allow " in username.
! if (strstr($username, '"'))
{
return array('error' => true, 'error_msg' => $lang['Username_invalid']);
}
--- 100,107 ----
}
$db->sql_freeresult($result);
! // Don't allow " and ALT-255 in username.
! if (strstr($username, '"') || strstr($username, '"') || strstr($username, chr(160)))
{
return array('error' => true, 'error_msg' => $lang['Username_invalid']);
}
***************
*** 117,123 ****
if ($email != '')
{
! if (preg_match('/^[a-z0-9\.\-_\+]+@[a-z0-9\-_]+\.([a-z0-9\-_]+\.)*?[a-z]+$/is', $email))
{
$sql = "SELECT ban_email
FROM " . BANLIST_TABLE;
--- 119,125 ----
if ($email != '')
{
! if (preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$/is', $email))
{
$sql = "SELECT ban_email
FROM " . BANLIST_TABLE;
diff -crN phpbb204/includes/page_header.php phpbb2017/includes/page_header.php
*** phpbb204/includes/page_header.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/page_header.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header.php,v 1.106.2.11 2002/12/19 17:17:39 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header.php,v 1.106.2.24 2005/03/26 14:15:59 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
{
$phpver = phpversion();
! $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
--- 35,41 ----
{
$phpver = phpversion();
! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
***************
*** 91,96 ****
--- 91,97 ----
$logged_hidden_online = 0;
$guests_online = 0;
$online_userlist = '';
+ $l_online_users = '';
if (defined('SHOW_ONLINE'))
{
***************
*** 111,117 ****
$userlist_visible = array();
$prev_user_id = 0;
! $prev_user_ip = '';
while( $row = $db->sql_fetchrow($result) )
{
--- 112,118 ----
$userlist_visible = array();
$prev_user_id = 0;
! $prev_user_ip = $prev_session_ip = '';
while( $row = $db->sql_fetchrow($result) )
{
***************
*** 257,263 ****
// Obtain number of new private messages
// if user is logged in
//
! if ( $userdata['session_logged_in'] )
{
if ( $userdata['user_new_privmsg'] )
{
--- 258,264 ----
// Obtain number of new private messages
// if user is logged in
//
! if ( ($userdata['session_logged_in']) && (empty($gen_simple_header)) )
{
if ( $userdata['user_new_privmsg'] )
{
***************
*** 312,317 ****
--- 313,323 ----
//
// Generate HTML required for Mozilla Navigation bar
//
+ if (!isset($nav_links))
+ {
+ $nav_links = array();
+ }
+
$nav_links_html = '';
$nav_link_proto = '' . "\n";
while( list($nav_item, $nav_array) = @each($nav_links) )
***************
*** 330,335 ****
--- 336,344 ----
}
}
+ // Format Timezone. We are unable to use array_pop here, because of PHP3 compatibility
+ $l_timezone = explode('.', $board_config['board_timezone']);
+ $l_timezone = (count($l_timezone) > 1 && $l_timezone[count($l_timezone)-1] != 0) ? $lang[sprintf('%.1f', $board_config['board_timezone'])] : $lang[number_format($board_config['board_timezone'])];
//
// The following assigns all _common_ variables that may be used at any point
// in a template.
***************
*** 384,397 ****
'U_FAQ' => append_sid('faq.'.$phpEx),
'U_VIEWONLINE' => append_sid('viewonline.'.$phpEx),
'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
- 'U_MEMBERSLIST' => append_sid('memberlist.'.$phpEx),
'U_GROUP_CP' => append_sid('groupcp.'.$phpEx),
'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
'S_CONTENT_ENCODING' => $lang['ENCODING'],
'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
! 'S_TIMEZONE' => sprintf($lang['All_times'], $lang[number_format($board_config['board_timezone'])]),
'S_LOGIN_ACTION' => append_sid('login.'.$phpEx),
'T_HEAD_STYLESHEET' => $theme['head_stylesheet'],
--- 393,405 ----
'U_FAQ' => append_sid('faq.'.$phpEx),
'U_VIEWONLINE' => append_sid('viewonline.'.$phpEx),
'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
'U_GROUP_CP' => append_sid('groupcp.'.$phpEx),
'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
'S_CONTENT_ENCODING' => $lang['ENCODING'],
'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
! 'S_TIMEZONE' => sprintf($lang['All_times'], $l_timezone),
'S_LOGIN_ACTION' => append_sid('login.'.$phpEx),
'T_HEAD_STYLESHEET' => $theme['head_stylesheet'],
***************
*** 453,470 ****
}
}
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
{
! header ('Cache-Control: no-cache, pre-check=0, post-check=0, max-age=0');
}
else
{
header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
}
! header ('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
! header ('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
$template->pparse('overall_header');
--- 461,481 ----
}
}
+ // Add no-cache control for cookies if they are set
+ //$c_no_cache = (isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data'])) ? 'no-cache="set-cookie", ' : '';
+
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
{
! header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
else
{
header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
}
! header ('Expires: 0');
! header ('Pragma: no-cache');
$template->pparse('overall_header');
diff -crN phpbb204/includes/page_tail.php phpbb2017/includes/page_tail.php
*** phpbb204/includes/page_tail.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/page_tail.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_tail.php,v 1.27.2.2 2002/11/26 11:42:12 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_tail.php,v 1.27.2.3 2004/12/22 02:04:00 psotfx Exp $
*
*
***************************************************************************/
***************
*** 35,42 ****
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
! 'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
);
--- 35,41 ----
);
$template->assign_vars(array(
! 'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
);
diff -crN phpbb204/includes/prune.php phpbb2017/includes/prune.php
*** phpbb204/includes/prune.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/prune.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: prune.php,v 1.19.2.3 2002/11/29 06:58:37 dougk_ff7 Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: prune.php,v 1.19.2.6 2003/03/18 23:23:57 acydburn Exp $
*
*
***************************************************************************/
***************
*** 56,61 ****
--- 56,62 ----
{
$sql_topics .= ( ( $sql_topics != '' ) ? ', ' : '' ) . $row['topic_id'];
}
+ $db->sql_freeresult($result);
if( $sql_topics != '' )
{
***************
*** 73,78 ****
--- 74,80 ----
{
$sql_post .= ( ( $sql_post != '' ) ? ', ' : '' ) . $row['post_id'];
}
+ $db->sql_freeresult($result);
if ( $sql_post != '' )
{
***************
*** 108,120 ****
message_die(GENERAL_ERROR, 'Could not delete post during prune', '', __LINE__, __FILE__, $sql);
}
- $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "
- WHERE post_id IN ($sql_post)";
- if ( !$db->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete search matches', '', __LINE__, __FILE__, $sql);
- }
-
remove_search_post($sql_post);
return array ('topics' => $pruned_topics, 'posts' => $pruned_posts);
--- 110,115 ----
***************
*** 163,166 ****
return;
}
! ?>
--- 158,161 ----
return;
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/sessions.php phpbb2017/includes/sessions.php
*** phpbb204/includes/sessions.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/sessions.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: sessions.php,v 1.58.2.8 2002/12/18 01:06:19 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: sessions.php,v 1.58.2.14 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 24,30 ****
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0)
{
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
--- 24,30 ----
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)
{
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
***************
*** 37,52 ****
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
$session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
! $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : '';
$sessionmethod = SESSION_METHOD_COOKIE;
}
else
{
! $sessiondata = '';
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
$last_visit = 0;
$current_time = time();
$expiry_time = $current_time - $board_config['session_length'];
--- 37,60 ----
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
$session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
! $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
$sessionmethod = SESSION_METHOD_COOKIE;
}
else
{
! $sessiondata = array();
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
+ //
+ if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+ {
+ $session_id = '';
+ }
+
+ $page_id = (int) $page_id;
+
$last_visit = 0;
$current_time = time();
$expiry_time = $current_time - $board_config['session_length'];
***************
*** 73,79 ****
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
! if( $sessiondata['autologinid'] == $auto_login_key )
{
// autologinid matches password
$login = 1;
--- 81,87 ----
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
! if( $sessiondata['autologinid'] === $auto_login_key )
{
// autologinid matches password
$login = 1;
***************
*** 85,90 ****
--- 93,103 ----
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
+
+ $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+ $result = $db->sql_query($sql);
+ $userdata = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
}
}
else
***************
*** 93,98 ****
--- 106,116 ----
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
+
+ $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+ $result = $db->sql_query($sql);
+ $userdata = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
}
}
else
***************
*** 137,152 ****
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login
WHERE session_id = '" . $session_id . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
{
! $session_id = md5(uniqid($user_ip));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
--- 155,172 ----
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
WHERE session_id = '" . $session_id . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
{
! list($sec, $usec) = explode(' ', microtime());
! mt_srand((float) $sec + ((float) $usec * 100000));
! $session_id = md5(uniqid(mt_rand(), true));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
***************
*** 157,173 ****
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
! $sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
! WHERE user_id = $user_id";
! if ( !$db->sql_query($sql) )
{
! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
}
$userdata['user_lastvisit'] = $last_visit;
! $sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '';
$sessiondata['userid'] = $user_id;
}
--- 177,196 ----
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
! if (!$admin)
{
! $sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
! WHERE user_id = $user_id";
! if ( !$db->sql_query($sql) )
! {
! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
! }
}
$userdata['user_lastvisit'] = $last_visit;
! $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
$sessiondata['userid'] = $user_id;
}
***************
*** 178,183 ****
--- 201,207 ----
$userdata['session_page'] = $page_id;
$userdata['session_start'] = $current_time;
$userdata['session_time'] = $current_time;
+ $userdata['session_admin'] = $admin;
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
***************
*** 206,222 ****
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
! $sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename . '_data'] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : '';
$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessionmethod = SESSION_METHOD_COOKIE;
}
else
{
! $sessiondata = '';
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
//
// Does a session exist?
//
--- 230,254 ----
if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
{
! $sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename . '_data'] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessionmethod = SESSION_METHOD_COOKIE;
}
else
{
! $sessiondata = array();
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
+ //
+ if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+ {
+ $session_id = '';
+ }
+
+ $thispage_id = (int) $thispage_id;
+
//
// Does a session exist?
//
***************
*** 259,266 ****
//
if ( $current_time - $userdata['session_time'] > 60 )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_time = $current_time, session_page = $thispage_id
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
--- 291,301 ----
//
if ( $current_time - $userdata['session_time'] > 60 )
{
+ // A little trick to reset session_admin on session re-usage
+ $update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';
+
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_time = $current_time, session_page = $thispage_id$update_admin
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
***************
*** 270,276 ****
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
--- 305,311 ----
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
***************
*** 282,287 ****
--- 317,323 ----
// Delete expired sessions
//
$expiry_time = $current_time - $board_config['session_length'];
+
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_time < $expiry_time
AND session_id <> '$session_id'";
***************
*** 329,334 ****
--- 365,372 ----
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
+ $current_time = time();
+
//
// Pull cookiedata or grab the URI propagated sid
//
***************
*** 343,348 ****
--- 381,391 ----
$sessionmethod = SESSION_METHOD_GET;
}
+ if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+ {
+ return;
+ }
+
//
// Delete existing session
//
diff -crN phpbb204/includes/smtp.php phpbb2017/includes/smtp.php
*** phpbb204/includes/smtp.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/smtp.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: smtp.php,v 1.16.2.2 2002/12/22 15:09:17 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: smtp.php,v 1.16.2.10 2005/05/06 20:50:11 acydburn Exp $
*
***************************************************************************/
***************
*** 20,73 ****
***************************************************************************/
define('SMTP_INCLUDED', 1);
//
// This function has been modified as provided
// by SirSir to allow multiline responses when
// using SMTP Extensions
//
! function server_parse($socket, $response)
{
! while ( substr($server_response,3,1) != ' ' )
! {
! if( !( $server_response = fgets($socket, 256) ) )
! {
! message_die(GENERAL_ERROR, "Couldn't get mail server response codes", "", __LINE__, __FILE__);
! }
! }
!
! if( !( substr($server_response, 0, 3) == $response ) )
! {
! message_die(GENERAL_ERROR, "Ran into problems sending Mail. Response: $server_response", "", __LINE__, __FILE__);
! }
! }
!
! /****************************************************************************
! * Function: smtpmail
! * Description: This is a functional replacement for php's builtin mail
! * function, that uses smtp.
! * Usage: The usage for this function is identical to that of php's
! * built in mail function.
! ****************************************************************************/
! function smtpmail($mail_to, $subject, $message, $headers = "")
{
- // For now I'm using an array based $smtp_vars to hold the smtp server
- // info, but it should probably change to $board_config...
- // then the relevant info would be $board_config['smtp_host'] and
- // $board_config['smtp_port'].
global $board_config;
- //
// Fix any bare linefeeds in the message to make it RFC821 Compliant.
! //
! $message = preg_replace("/(? 1)
{
! $headers = join("\r\n", $headers);
}
else
{
--- 20,62 ----
***************************************************************************/
define('SMTP_INCLUDED', 1);
+
//
// This function has been modified as provided
// by SirSir to allow multiline responses when
// using SMTP Extensions
//
! function server_parse($socket, $response, $line = __LINE__)
{
! while (substr($server_response, 3, 1) != ' ')
! {
! if (!($server_response = fgets($socket, 256)))
! {
! message_die(GENERAL_ERROR, "Couldn't get mail server response codes", "", $line, __FILE__);
! }
! }
!
! if (!(substr($server_response, 0, 3) == $response))
! {
! message_die(GENERAL_ERROR, "Ran into problems sending Mail. Response: $server_response", "", $line, __FILE__);
! }
! }
!
! // Replacement or substitute for PHP's mail command
! function smtpmail($mail_to, $subject, $message, $headers = '')
{
global $board_config;
// Fix any bare linefeeds in the message to make it RFC821 Compliant.
! $message = preg_replace("#(? 1)
{
! $headers = join("\n", $headers);
}
else
{
***************
*** 76,215 ****
}
$headers = chop($headers);
- //
// Make sure there are no bare linefeeds in the headers
! //
! $headers = preg_replace("/(?\r\n");
! server_parse($socket, "250");
// Specify each user to send to and build to header.
! $to_header = "To: ";
! @reset( $mail_to_array );
! while( list( , $mail_to_address ) = each( $mail_to_array ))
! {
! //
! // Add an additional bit of error checking to the To field.
! //
! $mail_to_address = trim($mail_to_address);
! if ( preg_match('/[^ ]+\@[^ ]+/', $mail_to_address) )
! {
! fputs( $socket, "RCPT TO: <$mail_to_address>\r\n" );
! server_parse( $socket, "250" );
! }
! $to_header .= ( ( $mail_to_address != '' ) ? ', ' : '' ) . "<$mail_to_address>";
}
// Ok now do the CC and BCC fields...
! @reset( $bcc );
! while( list( , $bcc_address ) = each( $bcc ))
{
- //
// Add an additional bit of error checking to bcc header...
! //
! $bcc_address = trim( $bcc_address );
! if ( preg_match('/[^ ]+\@[^ ]+/', $bcc_address) )
{
! fputs( $socket, "RCPT TO: <$bcc_address>\r\n" );
! server_parse( $socket, "250" );
}
}
! @reset( $cc );
! while( list( , $cc_address ) = each( $cc ))
{
- //
// Add an additional bit of error checking to cc header
! //
! $cc_address = trim( $cc_address );
! if ( preg_match('/[^ ]+\@[^ ]+/', $cc_address) )
{
fputs($socket, "RCPT TO: <$cc_address>\r\n");
! server_parse($socket, "250");
}
}
// Ok now we tell the server we are ready to start sending data
fputs($socket, "DATA\r\n");
// This is the last response code we look for until the end of the message.
! server_parse($socket, "354");
// Send the Subject Line...
fputs($socket, "Subject: $subject\r\n");
// Now the To Header.
! fputs($socket, "$to_header\r\n");
// Now any custom headers....
fputs($socket, "$headers\r\n\r\n");
--- 65,193 ----
}
$headers = chop($headers);
// Make sure there are no bare linefeeds in the headers
! $headers = preg_replace('#(?\r\n");
! server_parse($socket, "250", __LINE__);
// Specify each user to send to and build to header.
! $to_header = '';
!
! // Add an additional bit of error checking to the To field.
! $mail_to = (trim($mail_to) == '') ? 'Undisclosed-recipients:;' : trim($mail_to);
! if (preg_match('#[^ ]+\@[^ ]+#', $mail_to))
! {
! fputs($socket, "RCPT TO: <$mail_to>\r\n");
! server_parse($socket, "250", __LINE__);
}
+
// Ok now do the CC and BCC fields...
! @reset($bcc);
! while(list(, $bcc_address) = each($bcc))
{
// Add an additional bit of error checking to bcc header...
! $bcc_address = trim($bcc_address);
! if (preg_match('#[^ ]+\@[^ ]+#', $bcc_address))
{
! fputs($socket, "RCPT TO: <$bcc_address>\r\n");
! server_parse($socket, "250", __LINE__);
}
}
!
! @reset($cc);
! while(list(, $cc_address) = each($cc))
{
// Add an additional bit of error checking to cc header
! $cc_address = trim($cc_address);
! if (preg_match('#[^ ]+\@[^ ]+#', $cc_address))
{
fputs($socket, "RCPT TO: <$cc_address>\r\n");
! server_parse($socket, "250", __LINE__);
}
}
+
// Ok now we tell the server we are ready to start sending data
fputs($socket, "DATA\r\n");
// This is the last response code we look for until the end of the message.
! server_parse($socket, "354", __LINE__);
// Send the Subject Line...
fputs($socket, "Subject: $subject\r\n");
// Now the To Header.
! fputs($socket, "To: $mail_to\r\n");
// Now any custom headers....
fputs($socket, "$headers\r\n\r\n");
***************
*** 219,225 ****
// Ok the all the ingredients are mixed in let's cook this puppy...
fputs($socket, ".\r\n");
! server_parse($socket, "250");
// Now tell the server we are done and close the socket...
fputs($socket, "QUIT\r\n");
--- 197,203 ----
// Ok the all the ingredients are mixed in let's cook this puppy...
fputs($socket, ".\r\n");
! server_parse($socket, "250", __LINE__);
// Now tell the server we are done and close the socket...
fputs($socket, "QUIT\r\n");
***************
*** 228,231 ****
return TRUE;
}
! ?>
--- 206,209 ----
return TRUE;
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/template.php phpbb2017/includes/template.php
*** phpbb204/includes/template.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/template.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: template.php,v 1.10.2.3 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: template.php,v 1.10.2.5 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 230,236 ****
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/')
{
! $filename = phpbb_realpath($this->root . '/' . $filename);
}
if (!file_exists($filename))
--- 230,236 ----
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/')
{
! $filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
}
if (!file_exists($filename))
***************
*** 475,478 ****
}
! ?>
--- 475,478 ----
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/topic_review.php phpbb2017/includes/topic_review.php
*** phpbb204/includes/topic_review.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/topic_review.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: topic_review.php,v 1.5.2.1 2002/05/03 15:58:35 the_systech Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: topic_review.php,v 1.5.2.4 2005/05/06 20:50:12 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,38 ****
if ( !$is_inline_review )
{
! if ( !isset($topic_id) )
{
! message_die(GENERAL_MESSAGE, 'Topic_not_exist');
}
//
--- 30,38 ----
if ( !$is_inline_review )
{
! if ( !isset($topic_id) || !$topic_id)
{
! message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
//
***************
*** 51,56 ****
--- 51,57 ----
{
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
+ $db->sql_freeresult($result);
$forum_id = $forum_row['forum_id'];
$topic_title = $forum_row['topic_title'];
***************
*** 207,212 ****
--- 208,214 ----
{
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist', '', __LINE__, __FILE__, $sql);
}
+ $db->sql_freeresult($result);
$template->assign_vars(array(
'L_AUTHOR' => $lang['Author'],
***************
*** 223,226 ****
}
}
! ?>
--- 225,228 ----
}
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/usercp_activate.php phpbb2017/includes/usercp_activate.php
*** phpbb204/includes/usercp_activate.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/usercp_activate.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_activate.php,v 1.6.2.5 2002/12/22 16:01:16 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_activate.php,v 1.6.2.8 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 37,43 ****
if ( $row = $db->sql_fetchrow($result) )
{
! if ( $row['user_active'] && $row['user_actkey'] == '' )
{
$template->assign_vars(array(
'META' => '')
--- 37,43 ----
if ( $row = $db->sql_fetchrow($result) )
{
! if ( $row['user_active'] && trim($row['user_actkey']) == '' )
{
$template->assign_vars(array(
'META' => '')
***************
*** 45,52 ****
message_die(GENERAL_MESSAGE, $lang['Already_activated']);
}
! else if ( $row['user_actkey'] == $HTTP_GET_VARS['act_key'] )
{
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
--- 45,57 ----
message_die(GENERAL_MESSAGE, $lang['Already_activated']);
}
! else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
{
+ if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $userdata['user_level'] != ADMIN)
+ {
+ message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
+ }
+
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
***************
*** 62,73 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template('admin_welcome_activated', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['Account_activated_subject']);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
--- 67,78 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$emailer->use_template('admin_welcome_activated', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['Account_activated_subject']);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
diff -crN phpbb204/includes/usercp_avatar.php phpbb2017/includes/usercp_avatar.php
*** phpbb204/includes/usercp_avatar.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/usercp_avatar.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_avatar.php,v 1.8.2.16 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_avatar.php,v 1.8.2.21 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 51,56 ****
--- 51,57 ----
{
global $board_config, $userdata;
+ $avatar_file = basename($avatar_file);
if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
{
if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $avatar_file)) )
***************
*** 65,70 ****
--- 66,78 ----
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
+
+ $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
+ if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
+ {
+ return '';
+ }
+
if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
{
$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
***************
*** 78,89 ****
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
! if ( !preg_match('#^((http)|(ftp):\/\/[\w\-]+?\.([\w\-]+\.)+[\w]+(:[0-9]+)*\/.*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
--- 86,99 ----
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
+ global $lang;
+
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
! if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
***************
*** 191,197 ****
return;
}
! if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$new_filename = uniqid(rand()) . $imgtype;
--- 201,207 ----
return;
}
! if ( $width > 0 && $height > 0 && $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$new_filename = uniqid(rand()) . $imgtype;
***************
*** 224,229 ****
--- 234,243 ----
$move_file = 'copy';
}
+ if (!is_uploaded_file($avatar_filename))
+ {
+ message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
+ }
$move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");
}
***************
*** 242,248 ****
return $avatar_sql;
}
! function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat, &$session_id)
{
global $board_config, $db, $template, $lang, $images, $theme;
global $phpbb_root_path, $phpEx;
--- 256,262 ----
return $avatar_sql;
}
! function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popup_pm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat, &$session_id)
{
global $board_config, $db, $template, $lang, $images, $theme;
global $phpbb_root_path, $phpEx;
***************
*** 318,324 ****
}
}
! $params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popuppm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat');
$s_hidden_vars = '';
--- 332,338 ----
}
}
! $params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popup_pm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat');
$s_hidden_vars = '';
***************
*** 342,345 ****
return;
}
! ?>
--- 356,359 ----
return;
}
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/usercp_confirm.php phpbb2017/includes/usercp_confirm.php
*** phpbb204/includes/usercp_confirm.php Thu Jan 1 01:00:00 1970
--- phpbb2017/includes/usercp_confirm.php Tue Jul 19 22:14:56 2005
***************
*** 0 ****
--- 1,435 ----
+ sql_query($sql);
+
+ // If we have a row then grab data else create a new id
+ if ($row = $db->sql_fetchrow($result))
+ {
+ $db->sql_freeresult($result);
+ $code = $row['code'];
+ }
+ else
+ {
+ exit;
+ }
+
+ // If we can we will generate a single filtered png else we will have to simply
+ // output six seperate original pngs ... first way is preferable!
+ if (@extension_loaded('zlib'))
+ {
+ $_png = define_filtered_pngs();
+
+ $total_width = 320;
+ $total_height = 50;
+ $img_height = 40;
+ $img_width = 0;
+ $l = 0;
+
+ list($usec, $sec) = explode(' ', microtime());
+ mt_srand($sec * $usec);
+
+ $char_widths = array();
+ for ($i = 0; $i < strlen($code); $i++)
+ {
+ $char = $code{$i};
+
+ $width = mt_rand(0, 4);
+ $char_widths[] = $width;
+ $img_width += $_png[$char]['width'] - $width;
+ }
+
+ $offset_x = mt_rand(0, $total_width - $img_width);
+ $offset_y = mt_rand(0, $total_height - $img_height);
+
+ $image = '';
+ $hold_chars = array();
+ for ($i = 0; $i < $total_height; $i++)
+ {
+ $image .= chr(0);
+
+ if ($i > $offset_y && $i < $offset_y + $img_height)
+ {
+ $j = 0;
+
+ for ($k = 0; $k < $offset_x; $k++)
+ {
+ $image .= chr(mt_rand(140, 255));
+ }
+
+ for ($k = 0; $k < strlen($code); $k++)
+ {
+ $char = $code{$k};
+
+ if (empty($hold_chars[$char]))
+ {
+ $hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
+ }
+ $image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
+ $j++;
+ }
+
+ for ($k = $offset_x + $img_width; $k < $total_width; $k++)
+ {
+ $image .= chr(mt_rand(140, 255));
+ }
+
+ $l++;
+ }
+ else
+ {
+ for ($k = 0; $k < $total_width; $k++)
+ {
+ $image .= chr(mt_rand(140, 255));
+ }
+ }
+
+ }
+ unset($hold);
+
+ $image = create_png(gzcompress($image), $total_width, $total_height);
+
+ // Output image
+ header('Content-Type: image/png');
+ header('Cache-control: no-cache, no-store');
+ echo $image;
+
+ unset($image);
+ unset($_png);
+ exit;
+
+ }
+ else
+ {
+ if (!empty($HTTP_GET_VARS['c']))
+ {
+ $_png = define_raw_pngs();
+
+ $char = substr($code, intval($HTTP_GET_VARS['c']) - 1, 1);
+ header('Content-Type: image/png');
+ header('Cache-control: no-cache, no-store');
+ echo base64_decode($_png[$char]);
+
+ unset($_png);
+ exit;
+ }
+ }
+
+ exit;
+
+ // This is designed to randomise the pixels of the image data within
+ // certain limits so as to keep it readable. It also varies the image
+ // width a little
+ function randomise($scanline, $width)
+ {
+ $new_line = '';
+ $start = floor($width/2);
+ $end = strlen($scanline) - ceil($width/2);
+
+ for ($i = $start; $i < $end; $i++)
+ {
+ $pixel = ord($scanline{$i});
+
+ if ($pixel < 190)
+ {
+ $new_line .= chr(mt_rand(0, 205));
+ }
+ else if ($pixel > 190)
+ {
+ $new_line .= chr(mt_rand(145, 255));
+ }
+ else
+ {
+ $new_line .= $scanline{$i};
+ }
+ }
+
+ return $new_line;
+ }
+
+ // This creates a chunk of the given type, with the given data
+ // of the given length adding the relevant crc
+ function png_chunk($length, $type, $data)
+ {
+ $raw = $type;
+ $raw .= $data;
+ $crc = crc32($raw);
+ $raw .= pack('C4', $crc >> 24, $crc >> 16, $crc >> 8, $crc);
+
+ return pack('C4', $length >> 24, $length >> 16, $length >> 8, $length) . $raw;
+ }
+
+ // Creates greyscale 8bit png - The PNG spec can be found at
+ // http://www.libpng.org/pub/png/spec/PNG-Contents.html we use
+ // png because it's a fully recognised open standard and supported
+ // by practically all modern browsers and OSs
+ function create_png($gzimage, $width, $height)
+ {
+ // SIG
+ $image = pack('C8', 137, 80, 78, 71, 13, 10, 26, 10);
+ // IHDR
+ $raw = pack('C4', $width >> 24, $width >> 16, $width >> 8, $width);
+ $raw .= pack('C4', $height >> 24, $height >> 16, $height >> 8, $height);
+ $raw .= pack('C5', 8, 0, 0, 0, 0);
+ $image .= png_chunk(13, 'IHDR', $raw);
+ // IDAT
+ $image .= png_chunk(strlen($gzimage), 'IDAT', $gzimage);
+ // IEND
+ $image .= png_chunk(0, 'IEND', '');
+
+ return $image;
+ }
+
+ // Each 'data' element is base64_encoded uncompressed IDAT
+ // png image data
+ function define_filtered_pngs()
+ {
+ $_png = array(
+ '0' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A///////////////////olFAkBAAAGDyA4P///M31/////////////wD////////////////0dAgAAAAAAAAAAAAEcPipFGHn////////////AP//////////////6DAAAAAAAAAAAAAAAAAALSEAN+T///////////8A//////////////xAAAAAAAAAAAAAAAAAAAAAACPA/////////////wD/////////////oAAAAAAAAAAAAAAAAAAAAAAAev//////////////AP////////////8oAAAAAAAAPNj/zDAAAAAAAABD//////////////8A////////////1AAAAAAAABjw////5BAAAAAAAADo/////////////wD///////////+QAAAAAAAAbP//////QgAAAAAAAKj/////////////AP///////////1wAAAAAAACs/////8AXAAAAAAAAcP////////////8A////////////OAAAAAAAAND////dNwAAAAAAAABI/////////////wD///////////8gAAAAAAAA4P//7koACwAAAAAAACT/////////////AP///////////wgAAAAAAAD///VqAwaPAAAAAAAAEP////////////8A////////////AAAAAAAAAP/8kQYDavUAAAAAAAAA/////////////wD///////////8AAAAAAAAA/6kNAEru/wAAAAAAAAD/////////////AP///////////wAAAAAAAADAIwA33f//AAAAAAAAAP////////////8A////////////FAAAAAAAADYAI8D///8AAAAAAAAQ/////////////wD///////////8kAAAAAAAAAA2p////5AAAAAAAACD/////////////AP///////////0gAAAAAAAAFkfz////UAAAAAAAAQP////////////8A////////////cAAAAAAAAET1/////7AAAAAAAABo/////////////wD///////////+oAAAAAAAAXfX/////sAAAAAAAAGj/////////////AAAAALgAAAAAAAAwAAAAAAAAAAAAAAD////////////oAAAAAAAACOT////oEAAAAAAAAOD/////////////AP////////////8+AAAAAAAAKMz/zDQAAAAAAAA0//////////////8A////////////7jgAAAAAAAAAAAAAAAAAAAAAAKT//////////////wD///////////VqAwIAAAAAAAAAAAAAAAAAAAA8////////////////AP//////////rQcDaVEAAAAAAAAAAAAAAAAAKOj///////////////8A///////////nblnu/IAIAAAAAAAAAAAAAFzw/////////////////wD////////////79////+iITCAAAAAgSITg////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////w==',
+ 'width' => 40
+ ),
+ '1' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////8BAAAAAAAP//////////////////AP////////////////////////9sAAAAAAAA//////////////////8A////////////////////////pAAAAAAAAAD//////////////////wD//////////////////////6wEAAAAAAAAAP//////////////////AP////////////////////h4AAAAAAAAAAAA//////////////////8A//////////////////ygJAAAAAAAAAAAAAD//////////////////wD//////////////9x8HAAAAAAAAAAAAAAAAP//////////////////AP//////////////AAAAAAAAAAAAAAAAAAAA//////////////////8A//////////////8AAAAAAAAAAAAAAAAAAAD//////////////////wD//////////////wAAAAAAAAR4AAAAAAAAAP//////////////////AP//////////////AAAAAAA4zP8AAAAAAAAA//////////////////8A//////////////8AAAA4sP///wAAAAAAAAD//////////////////wD//////////////yR80P//////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '2' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP/////////////////okFAkCAAABCBIfNT///////////////////8A///////////////8hAgAAAAAAAAAAAAAAFTo/////////////////wD//////////////1QAAAAAAAAAAAAAAAAAACjo////////////////AP////////////+MAAAAAAAAAAAAAAAAAAAAADj///////////////8A////////////9BAAAAAAAAAAAAAAAAAAAAAAALD//////////////wD///////////+gAAAAAAAAAHjs+KwMAAAAAAAAVP//////////////AP///////////1gAAAAAAABM/////6QAAAAAAAAU//////////////8A////////////KAAAAAAAALj/////+AAAAAAAAAD//////////////wD///////////+MfGBMOCAI8P/////wAAAAAAAACP//////////////AP///////////////////////////5wAAAAAAAAw//////////////8A///////////////////////////oFAAAAAAAAHz//////////////wD/////////////////////////6CgAAAAAAAAE3P//////////////AP///////////////////////9ggAAAAAAAAAHT///////////////8A//////////////////////+0DAAAAAAAAAA8+P///////////////wD/////////////////////gAAAAAAAAAAAKOj/////////////////AP//////////////////9FAAAAAAAAAAADzw//////////////////8A/////////////////+g4AAAAAAAAAABk/P///////////////////wD////////////////oKAAAAAAAAAAMqP//////////////////////AP//////////////6CgAAAAAAAAAMNz///////////////////////8A//////////////g4AAAAAAAAAFT0/////////////////////////wD/////////////bAAAAAAAAABU/P//////////////////////////AP///////////8wAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A////////////SAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////9wAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////hAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////9AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////xAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '3' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD////////////////8sGg0FAAAACA4cLz8////////////////////AP//////////////rBgAAAAAAAAAAAAAACTA//////////////////8A/////////////3QAAAAAAAAAAAAAAAAAAASs/////////////////wD///////////+YAAAAAAAAAAAAAAAAAAAAAAjc////////////////AP//////////6AwAAAAAAAAAAAAAAAAAAAAAAGT///////////////8A//////////94AAAAAAAABJDw/8g4AAAAAAAAHP///////////////wD//////////yAAAAAAAACE/////9gAAAAAAAAA////////////////AP///////////NSwiGQ4FOT//////AAAAAAAABD///////////////8A//////////////////////////+YAAAAAAAAVP///////////////wD//////////////////////P/ggAQAAAAAAATM////////////////AP////////////////////9gAAAAAAAAAAAElP////////////////8A/////////////////////0AAAAAAAAAAHLj//////////////////wD/////////////////////OAAAAAAAAAAwkPj/////////////////AP////////////////////8gAAAAAAAAAAAAINj///////////////8A/////////////////////xAAAAAAAAAAAAAAIPD//////////////wD/////////////////////uOz/4HgEAAAAAAAAhP//////////////AP///////////////////////////3wAAAAAAAAw//////////////8A////////////////////////////6AAAAAAAAAj//////////////wD/////////////////////////////AAAAAAAAAP//////////////AP//////////tJh8YEQoDNz//////+AAAAAAAAAY//////////////8A//////////88AAAAAAAAaP//////dAAAAAAAAEz//////////////wD//////////6QAAAAAAAAAdOD/5HQAAAAAAAAApP//////////////AP///////////CgAAAAAAAAAAAAAAAAAAAAAACD4//////////////8A////////////yAQAAAAAAAAAAAAAAAAAAAAEuP///////////////wD/////////////rAQAAAAAAAAAAAAAAAAABJD/////////////////AP//////////////zDQAAAAAAAAAAAAAACTA//////////////////8A/////////////////8BwOCAAAAAUNGi0/P///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '4' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////////////////nAAAAAAAAAD///////////////8A/////////////////////////8AEAAAAAAAAAP///////////////wD////////////////////////gGAAAAAAAAAAA////////////////AP//////////////////////9DAAAAAAAAAAAAD///////////////8A//////////////////////9UAAAAAAAAAAAAAP///////////////wD/////////////////////hAAAAAAAAAAAAAAA////////////////AP///////////////////7QAAAAAAAAAAAAAAAD///////////////8A///////////////////UDAAAAAAUAAAAAAAAAP///////////////wD/////////////////7CQAAAAABMAAAAAAAAAA////////////////AP////////////////xEAAAAAACU/wAAAAAAAAD///////////////8A////////////////cAAAAAAAZP//AAAAAAAAAP///////////////wD//////////////6AAAAAAADz8//8AAAAAAAAA////////////////AP/////////////IBAAAAAAc6P///wAAAAAAAAD///////////////8A////////////5BgAAAAADMz/////AAAAAAAAAP///////////////wD///////////g0AAAAAACk//////8AAAAAAAAA////////////////AP//////////XAAAAAAAfP///////wAAAAAAAAD///////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A////////////////////////////AAAAAAAAAP///////////////wD///////////////////////////8AAAAAAAAA////////////////AP///////////////////////////wAAAAAAAAD///////////////8A////////////////////////////AAAAAAAAAP///////////////wD///////////////////////////8AAAAAAAAA////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '5' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////8AAAAAAAAAAAAAAAAAAAAAAA//////////////8A///////////////MAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////////6wAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////////iAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////////9kAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////////0QAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////////IAAAAAAAYP////////////////////////////8A//////////////wAAAAAAAB8/////////////////////////////wD/////////////3AAAAAAAAIj/////////////////////////////AP////////////+4AAAAAAAAoLRYHAAEKGTE//////////////////8A/////////////5QAAAAAAAAQAAAAAAAAAABY9P///////////////wD/////////////dAAAAAAAAAAAAAAAAAAAAAA89P//////////////AP////////////9QAAAAAAAAAAAAAAAAAAAAAABg//////////////8A/////////////zAAAAAAAAAAAAAAAAAAAAAAAADQ/////////////wD/////////////IAAAAAAAAGjY/+h4BAAAAAAAAGz/////////////AP//////////////9NS0lHSc//////90AAAAAAAALP////////////8A/////////////////////////////9QAAAAAAAAE/////////////wD//////////////////////////////wAAAAAAAAD/////////////AP/////////////////////////////8AAAAAAAAEP////////////8A////////////pIRwWEAgDOD//////8wAAAAAAAA8/////////////wD///////////9EAAAAAAAAaP//////ZAAAAAAAAHz/////////////AP///////////6QAAAAAAAAAaOD/4GQAAAAAAAAE4P////////////8A/////////////CQAAAAAAAAAAAAAAAAAAAAAAGD//////////////wD/////////////yAQAAAAAAAAAAAAAAAAAAAAc7P//////////////AP//////////////rAwAAAAAAAAAAAAAAAAAGNj///////////////8A////////////////0EAAAAAAAAAAAAAAAFTo/////////////////wD//////////////////8h4QCAAAAAcQHzU////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '6' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////////////+0ZCwMAAAUNGjI////////////////////AP/////////////////EMAAAAAAAAAAAAABM6P////////////////8A////////////////lAQAAAAAAAAAAAAAAAAo6P///////////////wD//////////////6wAAAAAAAAAAAAAAAAAAABI////////////////AP/////////////oEAAAAAAAAAAAAAAAAAAAAACw//////////////8A/////////////3AAAAAAAAAoxP/YPAAAAAAAAEj//////////////wD////////////4EAAAAAAACOD////YDCBAVGiAoP//////////////AP///////////7gAAAAAAABY//////////////////////////////8A////////////eAAAAAAAAJT//////////////////////////////wD///////////9MAAAAAAAAvP/IXBgABCx03P//////////////////AP///////////ygAAAAAAADcdAAAAAAAAAAEiP////////////////8A////////////FAAAAAAAAFAAAAAAAAAAAAAAcP///////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAlP//////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAQ8P////////////8A////////////AAAAAAAAAABAyP/kZAAAAAAAAACQ/////////////wD///////////8MAAAAAAAALPj/////WAAAAAAAAET/////////////AP///////////yQAAAAAAACY///////MAAAAAAAAFP////////////8A////////////SAAAAAAAAMD///////wAAAAAAAAA/////////////wD///////////9wAAAAAAAAvP///////wAAAAAAAAD/////////////AP///////////7QAAAAAAACI///////UAAAAAAAAJP////////////8A////////////+AwAAAAAACDw/////2wAAAAAAABY/////////////wD/////////////cAAAAAAAADC8/Ox4AAAAAAAAAKj/////////////AP/////////////oEAAAAAAAAAAAAAAAAAAAAAAk/P////////////8A//////////////+oAAAAAAAAAAAAAAAAAAAABLj//////////////wD///////////////+QAAAAAAAAAAAAAAAAAACQ////////////////AP////////////////+0JAAAAAAAAAAAAAAkuP////////////////8A///////////////////8sGg0FAAADCxgqPz//////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '7' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAABP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAy4/////////////wD//////////////////////////+QUAAAAAAAEuP//////////////AP/////////////////////////8QAAAAAAAAKT///////////////8A/////////////////////////4wAAAAAAAB0/////////////////wD////////////////////////cCAAAAAAANPz/////////////////AP///////////////////////0QAAAAAAATY//////////////////8A//////////////////////+0AAAAAAAAeP///////////////////wD//////////////////////CQAAAAAABTw////////////////////AP////////////////////+gAAAAAAAAkP////////////////////8A/////////////////////ywAAAAAABDw/////////////////////wD///////////////////+4AAAAAAAAbP//////////////////////AP///////////////////1wAAAAAAADQ//////////////////////8A///////////////////4DAAAAAAAMP///////////////////////wD//////////////////7QAAAAAAAB8////////////////////////AP//////////////////aAAAAAAAAMj///////////////////////8A//////////////////8oAAAAAAAM/P///////////////////////wD/////////////////8AAAAAAAAET/////////////////////////AP////////////////+0AAAAAAAAcP////////////////////////8A/////////////////4wAAAAAAACY/////////////////////////wD/////////////////WAAAAAAAAMD/////////////////////////AP////////////////80AAAAAAAA4P////////////////////////8A/////////////////xAAAAAAAAD4/////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '8' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD////////////////////IdDQUAAAEIEiA1P//////////////////AP/////////////////gRAAAAAAAAAAAAAAAROD///////////////8A////////////////0BgAAAAAAAAAAAAAAAAAEMj//////////////wD///////////////AcAAAAAAAAAAAAAAAAAAAAHPD/////////////AP//////////////hAAAAAAAAAAAAAAAAAAAAAAAhP////////////8A//////////////8sAAAAAAAAKMz/zCgAAAAAAAAs/////////////wD//////////////wAAAAAAAADM////zAAAAAAAAAD/////////////AP//////////////BAAAAAAAAP//////AAAAAAAABP////////////8A//////////////8sAAAAAAAAzP///9QAAAAAAAAw/////////////wD//////////////3wAAAAAAAAoyP/YNAAAAAAAAIT/////////////AP//////////////7BgAAAAAAAAAAAAAAAAAAAAc8P////////////8A////////////////xBgAAAAAAAAAAAAAAAAAGNj//////////////wD/////////////////tAQAAAAAAAAAAAAAAACo////////////////AP///////////////HAAAAAAAAAAAAAAAAAAAAB8//////////////8A//////////////9gAAAAAAAAAAAAAAAAAAAAAAB8/////////////wD/////////////wAAAAAAAAABk4P/UWAAAAAAAAATQ////////////AP////////////9UAAAAAAAAaP//////XAAAAAAAAGT///////////8A/////////////xgAAAAAAADg///////cAAAAAAAAJP///////////wD/////////////AAAAAAAAAP////////8AAAAAAAAA////////////AP////////////8AAAAAAAAA4P//////3AAAAAAAAAT///////////8A/////////////ygAAAAAAABg//////9cAAAAAAAALP///////////wD/////////////ZAAAAAAAAABY1P/cXAAAAAAAAABw////////////AP/////////////QAAAAAAAAAAAAAAAAAAAAAAAABNz///////////8A//////////////9gAAAAAAAAAAAAAAAAAAAAAAB0/////////////wD///////////////Q8AAAAAAAAAAAAAAAAAAAAUPz/////////////AP////////////////x4CAAAAAAAAAAAAAAAEIT8//////////////8A///////////////////smFQwGAAAABg0ZKT0/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '9' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////////////ysYCwMAAAUNGiw/P//////////////////AP////////////////+4JAAAAAAAAAAAAAAkuP////////////////8A////////////////lAQAAAAAAAAAAAAAAAAAkP///////////////wD//////////////8AEAAAAAAAAAAAAAAAAAAAAqP//////////////AP/////////////8JAAAAAAAAAAAAAAAAAAAAAAQ7P////////////8A/////////////6wAAAAAAAAAfOz8vCwAAAAAAABw/////////////wD/////////////WAAAAAAAAHD/////7BgAAAAAAAz4////////////AP////////////8kAAAAAAAA1P//////hAAAAAAAALT///////////8A/////////////wAAAAAAAAD///////+4AAAAAAAAcP///////////wD/////////////AAAAAAAAAPz//////8AAAAAAAABI////////////AP////////////8UAAAAAAAAzP//////lAAAAAAAACT///////////8A/////////////0QAAAAAAABY//////gsAAAAAAAADP///////////wD/////////////kAAAAAAAAABw5P/IPAAAAAAAAAAA////////////AP/////////////wEAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A//////////////+UAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD///////////////9wAAAAAAAAAAAAAFAAAAAAAAAU////////////AP////////////////+IBAAAAAAAAABw3AAAAAAAACj///////////8A///////////////////cdCwEABhcxP+8AAAAAAAATP///////////wD//////////////////////////////5AAAAAAAAB4////////////AP//////////////////////////////UAAAAAAAALj///////////8A//////////////+kgGxUQCAM2P///+AIAAAAAAAQ+P///////////wD//////////////0gAAAAAAAA42P/EKAAAAAAAAHD/////////////AP//////////////sAAAAAAAAAAAAAAAAAAAAAAQ6P////////////8A////////////////TAAAAAAAAAAAAAAAAAAAAKz//////////////wD////////////////oKAAAAAAAAAAAAAAAAASU////////////////AP/////////////////sUAAAAAAAAAAAAAAwxP////////////////8A////////////////////yHA0FAAADCxktP///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'A' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////////////////+QAAAAAAAAAAAAAAOT/////////////////AP//////////////////kAAAAAAAAAAAAAAAkP////////////////8A//////////////////88AAAAAAAAAAAAAAA8/////////////////wD/////////////////5AAAAAAAAAAAAAAAAADk////////////////AP////////////////+QAAAAAAAAAAAAAAAAAJD///////////////8A/////////////////zwAAAAAAAAAAAAAAAAAPP///////////////wD////////////////kAAAAAAAAAAgAAAAAAAAA5P//////////////AP///////////////5AAAAAAAAAAgAAAAAAAAACQ//////////////8A////////////////PAAAAAAAAAz8HAAAAAAAADz//////////////wD//////////////+QAAAAAAAAAWP9kAAAAAAAAANz/////////////AP//////////////kAAAAAAAAACk/7wAAAAAAAAAhP////////////8A//////////////88AAAAAAAABOz//BQAAAAAAAAw/////////////wD/////////////4AAAAAAAAAA8////ZAAAAAAAAADc////////////AP////////////+EAAAAAAAAAIj///+8AAAAAAAAAIT///////////8A/////////////zAAAAAAAAAA2P////wQAAAAAAAAMP///////////wD////////////cAAAAAAAAACT//////1wAAAAAAAAA3P//////////AP///////////4QAAAAAAAAAAAAAAAAAAAAAAAAAAACE//////////8A////////////MAAAAAAAAAAAAAAAAAAAAAAAAAAAADD//////////wD//////////9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANz/////////AP//////////hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhP////////8A//////////8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/////////wD/////////3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADc////////AP////////+EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIT///////8A/////////zAAAAAAAAAAhP///////////2QAAAAAAAAAMP///////wD////////cAAAAAAAAAADM////////////vAAAAAAAAAAA3P//////AP///////4QAAAAAAAAAHP/////////////4DAAAAAAAAACE//////8A////////MAAAAAAAAABk//////////////9cAAAAAAAAADD//////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'B' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAEDh83P///////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAEhP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAeP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAxP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAABY////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAABT///////////8A//////////8AAAAAAAAAAP/////4zEwAAAAAAAAAAP///////////wD//////////wAAAAAAAAAA////////7AAAAAAAAAAQ////////////AP//////////AAAAAAAAAAD////////sAAAAAAAAAEj///////////8A//////////8AAAAAAAAAAP/////4zEQAAAAAAAAAtP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAFz/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAiA/P////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAIjPj//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAGKz/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAJT///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAABNz//////////wD//////////wAAAAAAAAAA///////sqCAAAAAAAAAAbP//////////AP//////////AAAAAAAAAAD/////////yAAAAAAAAAAs//////////8A//////////8AAAAAAAAAAP//////////AAAAAAAAAAT//////////wD//////////wAAAAAAAAAA/////////7wAAAAAAAAAAP//////////AP//////////AAAAAAAAAAD//////+ikGAAAAAAAAAAY//////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFT//////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsP//////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAADj///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAc6P///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAATOj/////////////AP//////////AAAAAAAAAAAAAAAAAAAEIEBkkNj///////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'C' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////////5JRULBAAAAgkTIDQ//////////////////8A////////////////1FAAAAAAAAAAAAAAAABAyP///////////////wD//////////////4gEAAAAAAAAAAAAAAAAAAAElP//////////////AP////////////9wAAAAAAAAAAAAAAAAAAAAAAAAlP////////////8A////////////kAAAAAAAAAAAAAAAAAAAAAAAAAAEyP///////////wD//////////9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAw////////////AP//////////WAAAAAAAAAAAWMz/8JwQAAAAAAAAAACw//////////8A/////////+wEAAAAAAAAAID//////9QMAAAAAAAAAET//////////wD/////////nAAAAAAAAAAo/P///////3wAAAAABDBspP//////////AP////////9gAAAAAAAAAIz/////////3BxQjMT0//////////////8A/////////zQAAAAAAAAAzP///////////////////////////////wD/////////GAAAAAAAAADo////////////////////////////////AP////////8AAAAAAAAAAP////////////////////////////////8A/////////wAAAAAAAAAA/////////////////////////////////wD/////////AAAAAAAAAAD/////////////////////////////////AP////////8cAAAAAAAAAOj///////////////////////////////8A/////////zgAAAAAAAAA0P/////////kIGio7P///////////////wD/////////bAAAAAAAAACg/////////5wAAAAAMHS49P//////////AP////////+oAAAAAAAAAEz/////////PAAAAAAAAAAc//////////8A//////////QIAAAAAAAAALz//////6QAAAAAAAAAAGT//////////wD//////////3AAAAAAAAAADIzo/+SEBAAAAAAAAAAAyP//////////AP//////////7BAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A////////////rAAAAAAAAAAAAAAAAAAAAAAAAAAE0P///////////wD/////////////fAAAAAAAAAAAAAAAAAAAAAAAAJz/////////////AP//////////////iAQAAAAAAAAAAAAAAAAAAASY//////////////8A////////////////yEAAAAAAAAAAAAAAAAA8yP///////////////wD//////////////////9yIUCwQAAAAIEB4yP//////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'D' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////8AAAAAAAAAAAAAAAAADChQkOT/////////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAABGjw//////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAACDY/////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAABjk////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAKj//////////wD///////////8AAAAAAAAAAP///+isSAAAAAAAAAAANP//////////AP///////////wAAAAAAAAAA////////hAAAAAAAAAAA2P////////8A////////////AAAAAAAAAAD/////////MAAAAAAAAACQ/////////wD///////////8AAAAAAAAAAP////////+MAAAAAAAAAFj/////////AP///////////wAAAAAAAAAA/////////8gAAAAAAAAAMP////////8A////////////AAAAAAAAAAD/////////5AAAAAAAAAAY/////////wD///////////8AAAAAAAAAAP//////////AAAAAAAAAAD/////////AP///////////wAAAAAAAAAA//////////8AAAAAAAAAAP////////8A////////////AAAAAAAAAAD//////////wAAAAAAAAAA/////////wD///////////8AAAAAAAAAAP/////////wAAAAAAAAABD/////////AP///////////wAAAAAAAAAA/////////9QAAAAAAAAAJP////////8A////////////AAAAAAAAAAD/////////qAAAAAAAAABI/////////wD///////////8AAAAAAAAAAP////////9QAAAAAAAAAHj/////////AP///////////wAAAAAAAAAA////////uAAAAAAAAAAAvP////////8A////////////AAAAAAAAAAD////w0HwEAAAAAAAAACT8/////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAADz8//////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAY6P///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAKNz/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAACHT0//////////////8A////////////AAAAAAAAAAAAAAAAABg4bKj0/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'E' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'F' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'G' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////////////////MB8TCgQAAAACCA4YJzs////////////////AP///////////////JQcAAAAAAAAAAAAAAAAAAhw8P////////////8A/////////////9gwAAAAAAAAAAAAAAAAAAAAAAAk2P///////////wD////////////EDAAAAAAAAAAAAAAAAAAAAAAAAAAc7P//////////AP//////////2AwAAAAAAAAAAAAAAAAAAAAAAAAAAABY//////////8A//////////wwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ/////////wD/////////kAAAAAAAAAAAEHzQ/P/gmCAAAAAAAAAAAFz/////////AP////////wcAAAAAAAAACjg////////8CwAAAAAAAAgWP////////8A////////vAAAAAAAAAAI2P//////////yBRAcJjI8P///////////wD///////94AAAAAAAAAGD/////////////////////////////////AP///////0AAAAAAAAAAsP////////////////////////////////8A////////IAAAAAAAAADc/////////////////////////////////wD///////8AAAAAAAAAAP///////wAAAAAAAAAAAAAAAAD/////////AP///////wAAAAAAAAAA////////AAAAAAAAAAAAAAAAAP////////8A////////AAAAAAAAAAD///////8AAAAAAAAAAAAAAAAA/////////wD///////8gAAAAAAAAAOD//////wAAAAAAAAAAAAAAAAD/////////AP///////0AAAAAAAAAAtP//////AAAAAAAAAAAAAAAAAP////////8A////////cAAAAAAAAABw//////8AAAAAAAAAAAAAAAAA/////////wD///////+8AAAAAAAAABDs////////////AAAAAAAAAAD/////////AP////////wYAAAAAAAAADz0//////////AAAAAAAAAAAP////////8A/////////5AAAAAAAAAAACCY4P//3KhcCAAAAAAAAAAA/////////wD/////////+CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////AP//////////xAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIP////////8A////////////rAQAAAAAAAAAAAAAAAAAAAAAAAAAAGTw/////////wD/////////////vBQAAAAAAAAAAAAAAAAAAAAAADjI////////////AP//////////////8HAQAAAAAAAAAAAAAAAAAEiw//////////////8A//////////////////iwcEAgBAAABCA4aKDk/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'H' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'I' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'J' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAj//////////////wD//////////+zMrIxwUDAQ//////wAAAAAAAAAIP//////////////AP//////////DAAAAAAAAADo////2AAAAAAAAAA0//////////////8A//////////8wAAAAAAAAAKj///+YAAAAAAAAAFj//////////////wD//////////2gAAAAAAAAAIND/yBgAAAAAAAAAkP//////////////AP//////////vAAAAAAAAAAAAAAAAAAAAAAAAADc//////////////8A////////////MAAAAAAAAAAAAAAAAAAAAAAAUP///////////////wD////////////EBAAAAAAAAAAAAAAAAAAAABjk////////////////AP////////////+sBAAAAAAAAAAAAAAAAAAY2P////////////////8A///////////////EMAAAAAAAAAAAAAAAVOj//////////////////wD/////////////////vHBAIAAAABg8fNT/////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'K' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////8AAAAAAAAAAP//////////wAQAAAAAAAAAAABw////////AP///////wAAAAAAAAAA/////////9AMAAAAAAAAAAAAcP////////8A////////AAAAAAAAAAD////////cGAAAAAAAAAAAAHD//////////wD///////8AAAAAAAAAAP//////6CgAAAAAAAAAAABs////////////AP///////wAAAAAAAAAA//////Q0AAAAAAAAAAAAVPz///////////8A////////AAAAAAAAAAD////8RAAAAAAAAAAAAFT8/////////////wD///////8AAAAAAAAAAP///1gAAAAAAAAAAABU/P//////////////AP///////wAAAAAAAAAA//9wAAAAAAAAAAAASPz///////////////8A////////AAAAAAAAAAD/jAAAAAAAAAAAADz0/////////////////wD///////8AAAAAAAAAAKQAAAAAAAAAAAA89P//////////////////AP///////wAAAAAAAAAABAAAAAAAAAAAFPT///////////////////8A////////AAAAAAAAAAAAAAAAAAAAAAAApP///////////////////wD///////8AAAAAAAAAAAAAAAAAAAAAAAAU8P//////////////////AP///////wAAAAAAAAAAAAAAAAAAAAAAAABk//////////////////8A////////AAAAAAAAAAAAAAAAAAAAAAAAAADE/////////////////wD///////8AAAAAAAAAAAAAAAAoEAAAAAAAACz8////////////////AP///////wAAAAAAAAAAAAAAGNiAAAAAAAAAAIj///////////////8A////////AAAAAAAAAAAAABjY//gYAAAAAAAACOD//////////////wD///////8AAAAAAAAAAAAY2P///5wAAAAAAAAASP//////////////AP///////wAAAAAAAAAAGNj//////CgAAAAAAAAAqP////////////8A////////AAAAAAAAAADI////////sAAAAAAAAAAc8P///////////wD///////8AAAAAAAAAAP//////////QAAAAAAAAABs////////////AP///////wAAAAAAAAAA///////////IAAAAAAAAAATI//////////8A////////AAAAAAAAAAD///////////9YAAAAAAAAADD8/////////wD///////8AAAAAAAAAAP///////////9wEAAAAAAAAAJD/////////AP///////wAAAAAAAAAA/////////////3AAAAAAAAAADOT///////8A////////AAAAAAAAAAD/////////////7BAAAAAAAAAAUP///////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'L' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'M' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////8AAAAAAAAAAAAAAHz//////3wAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAAAAAATP//////UAAAAAAAAAAAAAAA////////AP//////AAAAAAAAAAAAAAAc//////8cAAAAAAAAAAAAAAD///////8A//////8AAAAAAAAAAAAAAADw////8AAAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAAAAAAALz////AAAAAAAAAAAAAAAAA////////AP//////AAAAAAAAAAAAAAAAkP///5AAAAAAAAAAAAAAAAD///////8A//////8AAAAAAAAAAAAAAABc////ZAAAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAoAAAAADD///8wAAAAACQAAAAAAAAA////////AP//////AAAAAAAAAFwAAAAABPz//AgAAAAAXAAAAAAAAAD///////8A//////8AAAAAAAAAkAAAAAAA0P/UAAAAAACQAAAAAAAAAP///////wD//////wAAAAAAAADMAAAAAACg/6gAAAAAAMQAAAAAAAAA////////AP//////AAAAAAAAAPgEAAAAAHD/dAAAAAAE+AAAAAAAAAD///////8A//////8AAAAAAAAA/zQAAAAAQP9IAAAAADD/AAAAAAAAAP///////wD//////wAAAAAAAAD/bAAAAAAQ/xQAAAAAaP8AAAAAAAAA////////AP//////AAAAAAAAAP+gAAAAAADQAAAAAACc/wAAAAAAAAD///////8A//////8AAAAAAAAA/9QAAAAAAGgAAAAAAND/AAAAAAAAAP///////wD//////wAAAAAAAAD//wwAAAAAFAAAAAAM/P8AAAAAAAAA////////AP//////AAAAAAAAAP//RAAAAAAAAAAAADz//wAAAAAAAAD///////8A//////8AAAAAAAAA//94AAAAAAAAAAAAcP//AAAAAAAAAP///////wD//////wAAAAAAAAD//7AAAAAAAAAAAACo//8AAAAAAAAA////////AP//////AAAAAAAAAP//5AAAAAAAAAAAANz//wAAAAAAAAD///////8A//////8AAAAAAAAA////HAAAAAAAAAAQ////AAAAAAAAAP///////wD//////wAAAAAAAAD///9QAAAAAAAAAEz///8AAAAAAAAA////////AP//////AAAAAAAAAP///4gAAAAAAAAAfP///wAAAAAAAAD///////8A//////8AAAAAAAAA////vAAAAAAAAACw////AAAAAAAAAP///////wD//////wAAAAAAAAD////wAAAAAAAAAOz///8AAAAAAAAA////////AP//////AAAAAAAAAP////8sAAAAAAAc/////wAAAAAAAAD///////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'N' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////AAAAAAAAALD/////////////AAAAAAAAAP//////////AP////////8AAAAAAAAAFOj///////////8AAAAAAAAA//////////8A/////////wAAAAAAAAAASP///////////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAkP//////////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAI1P////////8AAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAw+P///////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAABw////////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAC8//////8AAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAABzs/////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAFD/////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAJz///8AAAAAAAAA//////////8A/////////wAAAAAAAAAUAAAAAAAADNz//wAAAAAAAAD//////////wD/////////AAAAAAAAALQAAAAAAAAANPz/AAAAAAAAAP//////////AP////////8AAAAAAAAA/2wAAAAAAAAAfP8AAAAAAAAA//////////8A/////////wAAAAAAAAD/+CwAAAAAAAAExAAAAAAAAAD//////////wD/////////AAAAAAAAAP//0AQAAAAAAAAgAAAAAAAAAP//////////AP////////8AAAAAAAAA////jAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD/////RAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP/////kFAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAA//////+sAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD///////9kAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP////////QkAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAA/////////8wEAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD//////////4QAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP///////////DwAAAAAAAAAAP//////////AP////////8AAAAAAAAA////////////4BAAAAAAAAAA//////////8A/////////wAAAAAAAAD/////////////qAAAAAAAAAD//////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'O' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A///////////////////0qGw4HAAAABw4aKT0/////////////////wD////////////////wcAwAAAAAAAAAAAAAAAho6P//////////////AP//////////////uBQAAAAAAAAAAAAAAAAAAAAMoP////////////8A/////////////6AEAAAAAAAAAAAAAAAAAAAAAAAAkP///////////wD///////////+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP//////////8BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5P////////8A//////////9wAAAAAAAAAAAsrPD/7KQsAAAAAAAAAABg/////////wD/////////+BAAAAAAAAAAUPj///////hQAAAAAAAAAAjs////////AP////////+sAAAAAAAAABDw//////////AYAAAAAAAAAKD///////8A/////////2wAAAAAAAAAdP///////////3wAAAAAAAAAYP///////wD/////////OAAAAAAAAAC4////////////xAAAAAAAAAAw////////AP////////8cAAAAAAAAAOD////////////oAAAAAAAAABT///////8A/////////wAAAAAAAAAA//////////////8AAAAAAAAAAP///////wD/////////AAAAAAAAAAD//////////////wAAAAAAAAAA////////AP////////8AAAAAAAAAAP/////////////8AAAAAAAAAAD///////8A/////////xwAAAAAAAAA5P///////////+AAAAAAAAAAHP///////wD/////////NAAAAAAAAAC8////////////uAAAAAAAAAA4////////AP////////9oAAAAAAAAAHj///////////98AAAAAAAAAGT///////8A/////////6gAAAAAAAAAGPD/////////+BgAAAAAAAAApP///////wD/////////9AwAAAAAAAAAUPz///////xcAAAAAAAAAAjs////////AP//////////cAAAAAAAAAAALKjs//CwOAAAAAAAAAAAYP////////8A///////////wFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzk/////////wD///////////+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP////////////+QAAAAAAAAAAAAAAAAAAAAAAAAAJD///////////8A//////////////+sEAAAAAAAAAAAAAAAAAAAAAyg/////////////wD////////////////oZAgAAAAAAAAAAAAAAARg4P//////////////AP//////////////////9KhsOCAAAAAUMFyc7P////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'P' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////////wAAAAAAAAAAAAAAAAAACCxguP////////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAOOD//////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAGOD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAARP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAxP///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAABo////////////AP///////////wAAAAAAAAAA////6JwMAAAAAAAAADD///////////8A////////////AAAAAAAAAAD//////6AAAAAAAAAADP///////////wD///////////8AAAAAAAAAAP//////9AAAAAAAAAAA////////////AP///////////wAAAAAAAAAA///////0AAAAAAAAAAD///////////8A////////////AAAAAAAAAAD//////5gAAAAAAAAAHP///////////wD///////////8AAAAAAAAAAP///9iICAAAAAAAAABI////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAJD///////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAI6P///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAIT/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAABU/P////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAIhPz//////////////wD///////////8AAAAAAAAAAAAAAAAABCRMkOz/////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'Q' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////SoaDQcAAAAHDhoqPT///////////////////8A//////////////BwDAAAAAAAAAAAAAAACHDo/////////////////wD///////////+4FAAAAAAAAAAAAAAAAAAAABCo////////////////AP//////////nAQAAAAAAAAAAAAAAAAAAAAAAACQ//////////////8A/////////7gEAAAAAAAAAAAAAAAAAAAAAAAAAACg/////////////wD////////wFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzo////////////AP///////3AAAAAAAAAAACyo8P/sqCwAAAAAAAAAAGT///////////8A///////4EAAAAAAAAABM+P///////FQAAAAAAAAACPT//////////wD//////7AAAAAAAAAAFPD/////////9BgAAAAAAAAApP//////////AP//////bAAAAAAAAAB4////////////fAAAAAAAAABk//////////8A//////84AAAAAAAAALz///////////+8AAAAAAAAADT//////////wD//////xwAAAAAAAAA6P///////////+QAAAAAAAAAHP//////////AP//////AAAAAAAAAAD//////////////wAAAAAAAAAA//////////8A//////8AAAAAAAAAAP//////////////AAAAAAAAAAD//////////wD//////wAAAAAAAAAA/P////////////8AAAAAAAAAAP//////////AP//////GAAAAAAAAADg////////////4AAAAAAAAAAc//////////8A//////84AAAAAAAAALT////MJHTo//+8AAAAAAAAADT//////////wD//////2wAAAAAAAAAdP///2AAABCg/3wAAAAAAAAAZP//////////AP//////rAAAAAAAAAAY9P/sCAAAAABMGAAAAAAAAACk//////////8A///////4EAAAAAAAAABU/P+0OAAAAAAAAAAAAAAACPT//////////wD///////94AAAAAAAAAAA4sPD/gAAAAAAAAAAAAABk////////////AP////////AcAAAAAAAAAAAAAAAAAAAAAAAAAAAADOT///////////8A/////////7wEAAAAAAAAAAAAAAAAAAAAAAAAAACQ/////////////wD//////////6wEAAAAAAAAAAAAAAAAAAAAAAAAABSs////////////AP///////////7gUAAAAAAAAAAAAAAAAAAAAAAAAAABAwP////////8A//////////////BwDAAAAAAAAAAAAAAABAgAAAAAAAA8/////////wD////////////////0qGg0GAAAABgwXJjkxBgAAAAAALD/////////AP//////////////////////////////////5DQAAAAk/P////////8A////////////////////////////////////+GwAAJD//////////wD//////////////////////////////////////8A49P//////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'R' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////wAAAAAAAAAAAAAAAAAAAAQgOGSk+P///////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAcuP//////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAEsP////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ6P///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADD///////////8A/////////wAAAAAAAAAA///////svDgAAAAAAAAACP///////////wD/////////AAAAAAAAAAD/////////7AAAAAAAAAAA////////////AP////////8AAAAAAAAAAP/////////cAAAAAAAAABD///////////8A/////////wAAAAAAAAAA//////DQoCQAAAAAAAAAQP///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPj///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAzU/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAA02P//////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAxctPz///////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAEDY/////////////////wD/////////AAAAAAAAAAD/9LAsAAAAAAAAAAzc////////////////AP////////8AAAAAAAAAAP///+wkAAAAAAAAADD8//////////////8A/////////wAAAAAAAAAA/////8QAAAAAAAAAAJD//////////////wD/////////AAAAAAAAAAD//////1QAAAAAAAAAFPD/////////////AP////////8AAAAAAAAAAP//////3AQAAAAAAAAAgP////////////8A/////////wAAAAAAAAAA////////aAAAAAAAAAAM6P///////////wD/////////AAAAAAAAAAD////////oCAAAAAAAAABs////////////AP////////8AAAAAAAAAAP////////+AAAAAAAAAAATc//////////8A/////////wAAAAAAAAAA//////////AUAAAAAAAAAFj//////////wD/////////AAAAAAAAAAD//////////5AAAAAAAAAAAND/////////AP////////8AAAAAAAAAAP//////////+CQAAAAAAAAAQP////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'S' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP/////////////////8vHBEIAgAAAQgQHC8/P////////////////8A////////////////pCQAAAAAAAAAAAAAAAAcoP///////////////wD//////////////FwAAAAAAAAAAAAAAAAAAAAAXP//////////////AP////////////9oAAAAAAAAAAAAAAAAAAAAAAAAhP////////////8A////////////zAAAAAAAAAAAAAAAAAAAAAAAAAAI6P///////////wD///////////9cAAAAAAAAAAAAAAAAAAAAAAAAAACA////////////AP///////////xgAAAAAAAAAUOD/8KwkAAAAAAAAADj///////////8A////////////AAAAAAAAAAD0/////8wABCAgICxASP///////////wD///////////8MAAAAAAAAAMz/////////////////////////////AP///////////0AAAAAAAAAACFiQxPT///////////////////////8A////////////oAAAAAAAAAAAAAAAADBwtPT//////////////////wD////////////8QAAAAAAAAAAAAAAAAAAACFTA////////////////AP/////////////oOAAAAAAAAAAAAAAAAAAAAABM6P////////////8A///////////////4fAgAAAAAAAAAAAAAAAAAAAAY2P///////////wD/////////////////7IwwAAAAAAAAAAAAAAAAAAAo+P//////////AP/////////////////////koGw0BAAAAAAAAAAAAACU//////////8A///////////////////////////4uFgAAAAAAAAAADz//////////wD//////////2BgSEA0IBwA6P///////5QAAAAAAAAADP//////////AP//////////JAAAAAAAAACc/////////AAAAAAAAAAA//////////8A//////////9YAAAAAAAAACDo///////AAAAAAAAAABT//////////wD//////////6QAAAAAAAAAACCk7P/snBQAAAAAAAAAUP//////////AP//////////+BAAAAAAAAAAAAAAAAAAAAAAAAAAAACs//////////8A////////////kAAAAAAAAAAAAAAAAAAAAAAAAAAAOP///////////wD////////////8RAAAAAAAAAAAAAAAAAAAAAAAABjc////////////AP/////////////0PAAAAAAAAAAAAAAAAAAAAAAg2P////////////8A///////////////8hBQAAAAAAAAAAAAAAAAMdPT//////////////wD/////////////////+LRwSCAMAAAAHDhoqPT/////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'T' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'U' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////JAAAAAAAAADk/////////+gAAAAAAAAAHP//////////AP////////9MAAAAAAAAAJz/////////nAAAAAAAAABE//////////8A/////////4gAAAAAAAAAHOj//////+ggAAAAAAAAAHz//////////wD/////////0AAAAAAAAAAAIJzs/+ykIAAAAAAAAAAA0P//////////AP//////////QAAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A///////////IBAAAAAAAAAAAAAAAAAAAAAAAAAAE0P///////////wD///////////+YAAAAAAAAAAAAAAAAAAAAAAAAAJj/////////////AP////////////+UBAAAAAAAAAAAAAAAAAAAAASU//////////////8A///////////////IPAAAAAAAAAAAAAAAAAAwyP///////////////wD/////////////////0IxYOCAIAAAEIEiAyP//////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'V' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////zAAAAAAAAAAYP//////////////ZAAAAAAAAAAw////////AP//////kAAAAAAAAAAU/P////////////8UAAAAAAAAAJD///////8A///////oBAAAAAAAAADE////////////xAAAAAAAAAAE7P///////wD///////9MAAAAAAAAAHD///////////94AAAAAAAAAEz/////////AP///////6gAAAAAAAAAJP///////////yQAAAAAAAAArP////////8A////////+BAAAAAAAAAA1P/////////YAAAAAAAAABT4/////////wD/////////aAAAAAAAAACE/////////4QAAAAAAAAAbP//////////AP/////////EAAAAAAAAADT/////////OAAAAAAAAADM//////////8A//////////8kAAAAAAAAAOT//////+QAAAAAAAAAKP///////////wD//////////4QAAAAAAAAAmP//////nAAAAAAAAACI////////////AP//////////5AAAAAAAAABE//////9EAAAAAAAABOT///////////8A////////////QAAAAAAAAAT0////9AgAAAAAAABI/////////////wD///////////+gAAAAAAAAAKT///+kAAAAAAAAAKj/////////////AP////////////QIAAAAAAAAXP///1wAAAAAAAAM+P////////////8A/////////////1wAAAAAAAAM+P/8DAAAAAAAAGT//////////////wD/////////////vAAAAAAAAAC8/7wAAAAAAAAAxP//////////////AP//////////////HAAAAAAAAGj/aAAAAAAAACT///////////////8A//////////////94AAAAAAAAHP8cAAAAAAAAhP///////////////wD//////////////9gAAAAAAAAAkAAAAAAAAADk////////////////AP///////////////zgAAAAAAAAQAAAAAAAAQP////////////////8A////////////////lAAAAAAAAAAAAAAAAACg/////////////////wD////////////////sCAAAAAAAAAAAAAAADPT/////////////////AP////////////////9QAAAAAAAAAAAAAABg//////////////////8A/////////////////7AAAAAAAAAAAAAAAMD//////////////////wD//////////////////BQAAAAAAAAAAAAc////////////////////AP//////////////////cAAAAAAAAAAAAHz///////////////////8A///////////////////MAAAAAAAAAAAA3P///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'W' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//8cAAAAAAAAALz/////4AAAAAAAAAAA6P////+8AAAAAAAAABz//wD//1QAAAAAAAAAjP////+gAAAAAAAAAACo/////4wAAAAAAAAAUP//AP//jAAAAAAAAABU/////2AAAAAAAAAAAGj/////VAAAAAAAAACM//8A///EAAAAAAAAACT/////IAAAAAAAAAAAKP////8kAAAAAAAAAMT//wD///gEAAAAAAAAAPD//+AAAAAAAAAAAAAA6P//8AAAAAAAAAAE9P//AP///zAAAAAAAAAAvP//oAAAAAAAAAAAAACo//+8AAAAAAAAADD///8A////bAAAAAAAAACM//9gAAAAAAAAAAAAAGT//4wAAAAAAAAAaP///wD///+kAAAAAAAAAFT//yAAAAAAAAAAAAAAIP//VAAAAAAAAACc////AP///9gAAAAAAAAAJP/gAAAAAAAAAAAAAAAA4P8kAAAAAAAAANT///8A/////xAAAAAAAAAA8KAAAAAAAAAAAAAAAACg8AAAAAAAAAAQ/////wD/////TAAAAAAAAAC8YAAAAAAAAAAAAAAAAGC8AAAAAAAAAET/////AP////+AAAAAAAAAAIwgAAAAAAAAAAAAAAAAIIwAAAAAAAAAfP////8A/////7gAAAAAAAAANAAAAAAAACwwAAAAAAAANAAAAAAAAACw/////wD/////8AAAAAAAAAAAAAAAAAAAdHgAAAAAAAAAAAAAAAAAAOz/////AP//////KAAAAAAAAAAAAAAAAAC4vAAAAAAAAAAAAAAAAAAg//////8A//////9gAAAAAAAAAAAAAAAACPj4CAAAAAAAAAAAAAAAAFj//////wD//////5QAAAAAAAAAAAAAAABE//9IAAAAAAAAAAAAAAAAkP//////AP//////0AAAAAAAAAAAAAAAAIj//4wAAAAAAAAAAAAAAADI//////8A///////8DAAAAAAAAAAAAAAAzP//1AAAAAAAAAAAAAAABPj//////wD///////88AAAAAAAAAAAAABT/////GAAAAAAAAAAAAAA0////////AP///////3QAAAAAAAAAAAAAWP////9gAAAAAAAAAAAAAHD///////8A////////sAAAAAAAAAAAAACg/////6QAAAAAAAAAAAAApP///////wD////////kAAAAAAAAAAAAAOT/////6AAAAAAAAAAAAADc////////AP////////8cAAAAAAAAAAAo////////MAAAAAAAAAAAEP////////8A/////////1QAAAAAAAAAAHD///////94AAAAAAAAAABM/////////wD/////////jAAAAAAAAAAAtP///////7wAAAAAAAAAAID/////////AP/////////EAAAAAAAAAAT0////////+AgAAAAAAAAAuP////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'X' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////9UAAAAAAAAAKz///////////+sAAAAAAAAAFD/////////AP///////+QQAAAAAAAAFOT/////////8BwAAAAAAAAM5P////////8A/////////5gAAAAAAAAATP////////9kAAAAAAAAAJD//////////wD//////////0AAAAAAAAAAoP//////wAAAAAAAAAA0/P//////////AP//////////2AgAAAAAAAAQ4P////gkAAAAAAAABMz///////////8A////////////iAAAAAAAAABA////dAAAAAAAAABw/////////////wD////////////8MAAAAAAAAACU/9AEAAAAAAAAHPD/////////////AP/////////////IBAAAAAAAAAzYMAAAAAAAAACs//////////////8A//////////////90AAAAAAAAABAAAAAAAAAATP///////////////wD///////////////QgAAAAAAAAAAAAAAAAAAzg////////////////AP///////////////7wAAAAAAAAAAAAAAAAAjP////////////////8A/////////////////2AAAAAAAAAAAAAAADD8/////////////////wD/////////////////7BQAAAAAAAAAAAAEyP//////////////////AP/////////////////gDAAAAAAAAAAAAAjY//////////////////8A/////////////////0AAAAAAAAAAAAAAADj8/////////////////wD///////////////+UAAAAAAAAAAAAAAAAAJD/////////////////AP//////////////4AwAAAAAAAAAAAAAAAAADOD///////////////8A//////////////9AAAAAAAAAAAAAAAAAAAAAQP///////////////wD/////////////nAAAAAAAAAAAWAAAAAAAAAAAlP//////////////AP///////////+QQAAAAAAAAAGD/YAAAAAAAAAAM4P////////////8A////////////TAAAAAAAAAAs9P/0LAAAAAAAAABM/////////////wD//////////6AAAAAAAAAADNT////UDAAAAAAAAACg////////////AP/////////kEAAAAAAAAACg//////+gAAAAAAAAABDk//////////8A/////////0wAAAAAAAAAYP////////9gAAAAAAAAAEz//////////wD///////+oAAAAAAAAACz0//////////QsAAAAAAAAAKT/////////AP//////7BQAAAAAAAAM1P///////////9QMAAAAAAAAFOz///////8A//////9UAAAAAAAAAKD//////////////6AAAAAAAAAAVP///////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'Y' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////1QAAAAAAAAAAGj//////////2gAAAAAAAAAAFT///////8A////////5BAAAAAAAAAAAMT////////EAAAAAAAAAAAQ5P///////wD/////////mAAAAAAAAAAAKPj/////+CgAAAAAAAAAAJj/////////AP//////////PAAAAAAAAAAAgP////+AAAAAAAAAAAA8//////////8A///////////YCAAAAAAAAAAE2P//2AQAAAAAAAAACNj//////////wD///////////+AAAAAAAAAAAA4//84AAAAAAAAAACA////////////AP////////////woAAAAAAAAAACUlAAAAAAAAAAAKPz///////////8A/////////////8gAAAAAAAAAABAQAAAAAAAAAADI/////////////wD//////////////2wAAAAAAAAAAAAAAAAAAAAAbP//////////////AP//////////////8BwAAAAAAAAAAAAAAAAAABzw//////////////8A////////////////tAAAAAAAAAAAAAAAAAAAtP///////////////wD/////////////////VAAAAAAAAAAAAAAAAFT/////////////////AP/////////////////oEAAAAAAAAAAAAAAQ6P////////////////8A//////////////////+cAAAAAAAAAAAAAJz//////////////////wD///////////////////9AAAAAAAAAAABA////////////////////AP///////////////////9gAAAAAAAAAANj///////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'Z' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAQ//////////////8A/////////////////////////1AAAAAAAAAABLz//////////////wD///////////////////////98AAAAAAAAAACY////////////////AP//////////////////////pAAAAAAAAAAAaP////////////////8A/////////////////////8QIAAAAAAAAAET8/////////////////wD////////////////////gGAAAAAAAAAAo9P//////////////////AP//////////////////9CwAAAAAAAAAFNz///////////////////8A//////////////////xMAAAAAAAAAATA/////////////////////wD/////////////////eAAAAAAAAAAAnP//////////////////////AP///////////////5wAAAAAAAAAAHT///////////////////////8A///////////////ABAAAAAAAAABM/P///////////////////////wD/////////////3BQAAAAAAAAALPT/////////////////////////AP////////////QoAAAAAAAAABjg//////////////////////////8A///////////8SAAAAAAAAAAExP///////////////////////////wD//////////2wAAAAAAAAAAKD/////////////////////////////AP////////+YAAAAAAAAAAB8//////////////////////////////8A/////////wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ );
+
+ return $_png;
+ }
+
+ // These define base64_encoded raw png image data used
+ // when we cannot generate our own single png image
+ function define_raw_pngs()
+ {
+ $_png = array(
+ '0' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QKCNGXKO6AAAAB3RJTUUH0wUOEDQ6EUG1VwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAXNJREFUeNpj/M9AHGAiUt2wVvhyaqAqKyOjpG3jQwaGv+e+IUn9RwJfSjjg4iwFP1aKJD6HyyErfGGAYrquIoP5E2wK/zigu0v5wH9sChdgeKDqP1aFGhBZmxv/z0Dd4IxV4RWIpMQHIPuJAITzAqEQETx7IFQIP5CQNoJwDmALxzMQCuyjg1chnBPYwtECwr8AZN41h0p6YHOjAkTuwf//77wYuCEcFWwKOWA2fM1iZuuHcASwKYQ55c9ENuasrxgRjKlwJS+D17v/hBUeUGYwv/sfn0IRiJQZJIbxuFEFagjvSlDUQNgK2GIGqpC1JRhIfoAqxBYz0DRhn8IMJO+giKEqhMaMJBeI3AHhIKdkRPqG8DlAifqFADyasKRHO6h1Z/6fMYEwTbCmx3cWGCl8CTaFwBhGz+M2/7EpXMvOnBmIok7jBVaFz/Mi3/1pQORrhpgPyOr+M8IL0j9/gKpeLjhy5QEwoDVsYuRR3cE4IktcAJNx8cJaZBeQAAAAAElFTkSuQmCC',
+ '1' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMi//xxVKAAAAB3RJTUUH0wUOEDYLcqnX7wAAAAlwSFlzAAALEgAACxIB0t1+/AAAAHpJREFUeNpj/M9AHGAiUh1WhR8FGUGAsMKaD9iM/I8BlmCVwVS4hoUohT8qcNiFyv2zQIWBCIV3amRwu54RKcDRAgQ1KigIcJYK7CqR3QsCFmf+Y8qgeQakbANMAz6FKjUXECbj8zWa76nm61GFw1UhI10KqVGFNFQIADdK9Zj7PsV9AAAAAElFTkSuQmCC',
+ '2' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMwPUBEjoAAAAB3RJTUUH0wUOEDUqFe2UcgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAQxJREFUeNpj/M9AHGAiUt2owkGrkAWF93LFgStPfjCwyGiYRGijqfyPAH9aOJAkQl78RwbICkNQjdB4gUNhD7qzLLAr/CKA4YENSAoRvl7zAUJXvPmxhgfCXILVMxEQvg+IDVUhgtVqDYjkDhD7B2aQIMIx5cOTN29evLAAsaEKObBajQzmQOQMcIQjHLwQgSisIaDwBdS5LHfwK7yhAHVVyX+8CrdAA5HB5gdehQ3Yoxpd4ZcAmDqbD//xKISEIjhU//zHoxDmXQaeFRhOZ8CmzuDOf3wKf8DsDfnyH6/CHJi6P//xKjyDJethVehBpMI7DPgVwrPCCgb8AK5wDwGFcNMF8EkCASOx1QcAGUxu1untnFIAAAAASUVORK5CYII=',
+ '3' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMxBQugk2AAAAB3RJTUUH0wUOEDU3duv4qwAAAAlwSFlzAAALEgAACxIB0t1+/AAAATdJREFUeNpj/M9AHGAiUt0IVciCzPm7ZceZB28YGBQkLHwcmNFU/keANRJI4ioH/qMAJIUlaHatwaFwBrqrOO5gVfiCB8P9KVgVVkAtnPDh/wkLCFsGq0IFiGQLiH0D06P/GWHJ7O+NOzfuXLlzQRrEhgSawHscwYPurxAcwQMBf/4/aIAYyHIGr8IEeDhO+Y9XoQNUncwOVHGMRPEDSovc+IkzrpGDCQgUbuC1WgBhhsIHfAp3vPn/oIIFKfRxKQSDGohCA4IKX0DTD7YoRAWMUJ9iyQpbn4DBBWUQ5yFEDDnFw622gXAzwBxoYvfB5sYlUI0lD/4/gWWKJdgU/tHAcKjCD6y+PsGCpo4FJbaRgmcNqkqWCThTzxkTJHXo+Ro1HA9uOPHiATDlKJj4eKCVFIzDqWgGAK7GW/haPS+zAAAAAElFTkSuQmCC',
+ '4' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMyqWttCEAAAAB3RJTUUH0wUOEDUxn4hdngAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKBJREFUeNpj/M9AHGAiUh2FCucyQgCK4H9McIAFixwWhQ8kGIhS+MWAgTiFIQzEKWxhIE7hFgbiFF7hASkQIajwjQpInuUAIYV/XMDyU/4TUlgAlk75T0jhArCszR9CCk+AY07mxX8CCp+AY47nzH8CCn+YgOWW/CekMAYsVfMfl0JGmCBq4kNEDp2zAn0UMmItABjRvDykPTO43DgyFQIANP6pTFLWAdoAAAAASUVORK5CYII=',
+ '5' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMzPy3XhEAAAAB3RJTUUH0wUOEDUk8lW5dQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAQpJREFUeNpj/M9AHGAiUt2oQuIVfmREBzgU3iHWxAfEKiTaRFpZnfAfAbAr/AsxUYagiVCbeQgqhPpFYmukLCOrZupRNJUIB02BCAjAZCK+/Ed2LoJZgm6bzRfsCgMw3JWAXaEBpg8uIGSRPPMBQmXc+P+iggXCnoOQZUQK1K8PgEAjGcQs7QGL6FzG5mtkcAUiyYIQYcRRUkDTLEIWR1b4ixamQMPhrKUP3rx48eDNFXmwdyFiOthixgXqaTAnBcKpwRaOS6A6Mx78fwBVx/IAm8I/KsTGzAkWNHUyb7Ar/L8GNSlK3MCRev7/v+CApC7kBUoUoAX4yQ0nHjwAWqpiE6GNFgNDoAwHAKC2Q2lMNcCmAAAAAElFTkSuQmCC',
+ '6' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNAObRd4vAAAAB3RJTUUH0wUOEDUc2lcB6wAAAAlwSFlzAAALEgAACxIB0t1+/AAAATtJREFUeNpj/M9AHGAiUh2Gwq2puryMjKKmmSfRVf5HBkcMEBI+L1CkUBROYUE2QuMFLoVr0CzzwKHwhQC6szZgV1gAtfHI/xs2mEYywsPxp8QHEMVxQ56B4aaJiIKIiIRCPDZf74DwI/5jB4hwPAChbAgG+BWoExlOxkoysuqW3sUV4BoQ/p0SqARLB44AF4HIByDMKMCuEIu7phCrUOADNl/DgMOJ/09SIMwPC7B5hgfC1/kB4kRAOC7YrFaByM0Ac85AOCLYrFaBhSMIQNPlG2wBDg3HP2CSGU/MuEAoiKVXUWxB9cwPiG8UwEGSg5FCMNOjwZ4/byqgpqwgMoWr/MGeZ1agqWPZgSNz/Z+AqnDCf1wK/29B8qbKDhQpRtTE8HfLjjMP3jDwKJh4hKCGJSPNC6lRhTRWCABWpdoxd/bZ4QAAAABJRU5ErkJggg==',
+ '7' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNA18/fMoAAAAB3RJTUUH0wUOEDUVo4u5TwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAM9JREFUeNpj/M9AHGAiUt2oQnorZIGzGLFJIyJ40HqGhUiFPFuQ/YUFPBGBmLcDSQybwj8OEDOW/CegsAeiruQ/AYV3OMDqTP4QUugCceCN/wQUQn1a8Z+Awj8qYHUiHwgpXAAxcMJ/Qgp1wOoEPhBSuANiYM5/QgpjIAovEFL4gweszgAz0NASxZ4vYMqHYDKDBiIWhWhWa0CS1x9CVn+8AaYsmAlZfQRC6RDMChADGTQIKjxDrMI7EEoBi0JGlMJe8AOY+sFOSCEeQHQBAABCZ7xyT9fJhwAAAABJRU5ErkJggg==',
+ '8' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNBeBnwpSAAAAB3RJTUUH0wUOEDUOKe5wowAAAAlwSFlzAAALEgAACxIB0t1+/AAAATVJREFUeNpj/M9AHGAiUt1AKmRB459cc+DBGwYWGQ2LEG1Umf/I4IELkozLA2QpFIUXJFDMEDiBQ+EHGTR3yHzArrAFwwct2BXqQGQ1zvw/owFh6mBXCDXmDJB5BsOrjEhxzfoHIgkiGCGB9xtrgEPtOwvEV6FWY4+ZAAgVc5LhZgKEGYI9wN+gBiPu4Pl/BFWlxA1cMfN/C0rUr8AVhX8K0KyuwaEwASNmarAqPACVTXnw/0oENBFewKYQGhYZYE4MVBM2hVAvQ1LhHQhHBVsUMjIgYhCdhy3PPASTd6GOxBYz0KhOQHajDjY3pkC1Rlz5fweqjqEAm8ILGK5gYLlDZICXYI+ZLzZo6gL+4EgUfyo4kJQJtCCpQ8kKQPB2zZ47L14AU5iMgUMAN7IM43AqHwdQIQAhMPz6Gz5V/wAAAABJRU5ErkJggg==',
+ '9' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNCQ+T2tEAAAAB3RJTUUH0wUOEDUHUDLIBwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAUZJREFUeNpj/M9AHGAiUh26wr9rE3V5GRlFTTM3/kVT+R8Z7FBBSKjsQJFCUTiFBcWMCbgUHmBBs20FdoV/VNDUMQi8wapwDVS65s2fPToQZgFWhRFIkm8kwGyeH9gUQm2+Aua0QDhb4LJI4XgHQmmDSRMIZw+emIEENAeEcwObQhEIdQHiABRbUGPGBSIQAWL/gHqbB5tnJkC1Fjz5f8IGwxwkhR8EsCQarFE4hViF/wsQCgKgHsSu8H8HLFkUQL2rgUPh/zslOiwMEjFH/kND2geXQvQgqMAWhSjgAIRygAswIuXCpXfevHjz4M0ZdQaGhxo/wAnyBTuWmPnvARGxuPH/iAa+9Ph/A7r9Ai+wK/zvg6ZwzX8cCl9oICtjmfIfl8L/bwIQ6gyO/Met8P//EwUmwHTJo5OyBU2CkdaF1KhCWisEAM/sJxmZkdWnAAAAAElFTkSuQmCC',
+ 'A' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QFwy1U7TfAAAAB3RJTUUH0wUOEC0ZKCZtPQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAO1JREFUeNrt1LERwiAUBuAHZ2GRwsIypQMwQEZwgBQpM4QDZBSLFI7gCA5gQWGRdA5gkTuMSh48eMTUnq96wH98B+QiDCwruTD3D76qF676ueAp0Y9lSBXeSkFWaLAje3T+kkzK4SgpBzZw8pqxJWcdOJuRsyGPbWDk0tS20zw9SXsobdfytJVXdzNsP61i6Zt3K7Ht0UeUgbPdjsrOXMd+2IS2C2qb271HVWi7YANcNXFQsUEVBTXwNdl46jYRxPl52dnwRUZbhkLSDmS8DnxFRWiULxg8UxvobefuRR8ZQYDKtffVVcQWv/RrfgJC4bd0upw4MQAAAABJRU5ErkJggg==',
+ 'B' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGAusrz2zAAAAB3RJTUUH0wUOEC01Gv4B3gAAAAlwSFlzAAALEgAACxIB0t1+/AAAANJJREFUeNpj/M9AHGAiUh0tFTKiAUHL2rsoKv9DARZDWFr+IwA+hQwMFcQqZDhCrMIIYhWK4FYIYv8444PuV+wK//9/A+UJwBUSCHAL3OEIsdoFyttCpGdiiAtHjoY/RCnk6PlBbBRKrCE6CqcQq5DlDs5whIT3CgUI788EvOEIBCegXB2YPCNMBSNMISqf5TeUjysK90LpP/itfrFEAhZCMHkWdKMYUbk2MAah7BqD02pUYEFkgMu8IE6hD0IdpmegwSejoKLjoY7syaFU7A0HhQA2e4cJytImvAAAAABJRU5ErkJggg==',
+ 'C' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGBbPqVFqAAAAB3RJTUUH0wUOEC4BEGemqAAAAAlwSFlzAAALEgAACxIB0t1+/AAAASlJREFUeNpj/M9AHGAiUt2owkGrkAWV+3TDgRtPPjBwyGiYBOijSv1HAlcCkGUcTiDLISvsQDOeZQp2hQWYDpuCTeEEbD44ganwDgc2vxpgKoyAyUWc+f9hjgCMtwFd4RuYRxog/ueBcl3QFc6BSmj8gfBrwE40yFmCrjABqrAH5mSZgJ4jX7AEjwlU4Zn/OAAsrp9AaRlccc0IzdeMsBilOPWQrBDmtpfEKnwBpZ8qZq58i6IS6vscKHcBcgQYlOz4gh6OK6AKfaB8G5hN6Aq/wBLPHjB3CczCFIzUA0u2PD0v/j9pgaf1ExgK3wgwYAEOWFL4GizqWC5gyzM1mArnEJkLZ2DPhf//n3BAVmeDkq8ZUZPL3TUn7gBLCgYFBYsAcxQZRmKrDwABNsv9SJSDwwAAAABJRU5ErkJggg==',
+ 'D' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGC1+orhOAAAAB3RJTUUH0wUOEC4yr7fHvgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAM9JREFUeNpj/M9AHGAiUt1AKmSBsxiRhXlkNBxCpFFU/ocBTDMyPvxHADwKGRgUbhCpkEHiCZEKGRyIVciwArdCIPPFGg8YzwSvQiBogXFvEFD43wDKnQDl44yZGCh9glAU2sCsJqRQBkq/gMUw3G2wuP6PnU/H9PgRSgsQUvgESosQUngFSqsQUrgCSsNiCFcU7oBx9+CL6w8XamB5SeUPkelxAZEJ1+YPcQolXhCXFTTuEJULOUq+IOVrFgasQELBxMaHG1mEcTiVjwOoEADAIkCnGpmJKgAAAABJRU5ErkJggg==',
+ 'E' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGDeDwEE0AAAAB3RJTUUH0wUOEC8CkHXGUwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD5JREFUeNpj/M9AHGAiUt2owkGrkAXGYMQqjUgJQ8EzpPsa05+D140oMYTk4KEQ4MMqZqgUhcM1czESW30AABfqB1XDnLzcAAAAAElFTkSuQmCC',
+ 'F' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGQe8AkDZAAAAB3RJTUUH0wUOEC8JB6cf2wAAAAlwSFlzAAALEgAACxIB0t1+/AAAADlJREFUeNpj/M9AHGAiUt3wUsiCYDJikUYE3lDwDDm+xvTp4HUjIoaQXTsUAnxYxcyoQryAcUSWuAAW/gZTg/yEMAAAAABJRU5ErkJggg==',
+ 'G' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGRFI1vWIAAAAB3RJTUUH0wUOEC8QY8y3GwAAAAlwSFlzAAALEgAACxIB0t1+/AAAASZJREFUeNpj/M9AHGAiUt0IVciCwvt7ZM+FOy8+MDBwSEho2AQII8v9R4A/U2RQtHEUfEBIIim8YYBhn8oNLAqP8GBxmcwbDIU3sKljYIhAV/jHgAE7uICmcAJMQqDmwp//D2YowPgxqAr/wPyr8QAi8EEHwleIQFW4BxYicG+eEHEomHECET5QhRVQhQn/cQFoFJ6AKgwgFNcPoFwdnAoZIXmGERahKDwkIdqlR1j4PiRW4RVCCmExvQenQrSYEXiDiAoUBfC4loAK23yBSnzArhCRehRmAJPFnRUxHDgU/lDA7zZECj/Cgl2dAkaeWYNVZcoHDIX/94hgKLM4gS27/v9QIICizGMDkiQjSon7c8eBCw+e/GFgkZEwsHCRRpZiHE5FMwCa2YE+WcAOUwAAAABJRU5ErkJggg==',
+ 'H' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGRw2Z4k1AAAAB3RJTUUH0wUOEC8agxleBQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD1JREFUeNpj/M9AHGAiUt2oQvyABUozQml4+KMLDAXPDAWFLGh8RlwKh4JnaB88GOlxELhxVCFewDgEynAAN2sFVHAvevkAAAAASUVORK5CYII=',
+ 'I' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGSlg1E0WAAAAB3RJTUUH0wUOEC86uHd+zQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD5JREFUeNpj/M9AHGAiUt1AKmRBMBkxJJE9OhQ8Q32FjGhxDQsjjCQwFDwzqnCwKkRKZqO5EBMwDqcSl2iFAMMeB0s/kLo2AAAAAElFTkSuQmCC',
+ 'J' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGywiiNsbAAAAB3RJTUUH0wUOEDAFw0tdbgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKdJREFUeNpj/M9AHGAiUh3xClmwijJCaSR3Ud/qUYWjCklTyIHEhifctw8ePHgCxO+B7L9QMQlsChW+QOiX4gwMd6BiItisVoHSB6AYWQwM/kNBBszkC/9PwKyc8B8B4Ar3YPHMHWwK/xtgqAv4j1XhEfScK/EEu8L/a1BVStz4j0Ph/yPItoe8QFH3nxGlkNq75cKDB0DDVBwitNEcwjhwpdmoQrwAAN6ioiFapgUdAAAAAElFTkSuQmCC',
+ 'K' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHAEoFhGpAAAAB3RJTUUH0wUOEDANzZDVXAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAPZJREFUeNpj/M9AHGAiUt2owgFSyAgFMOGDrDARxkKo0H8wYEDh/b/AAzepACqEVeEdCQx1WBW+0ICry/mPR+EXE7i6kD94FP5xwaYOi8IIrOowFRbA1Xkgq8NQ2ANXZ/PlPx6FS3CpQ1fIAmOIoKn7jxbXf2CMNxvQIxvVRAQQ+YDXaiSQQqxChiOEFGoIQGidP/gVStxogLI68CqUuPH/BzSVcTzAoxCo7v//ObBIxK0QrO7/H1iCXIFT4QkIFxbaMh9wKYQJO0D5OYQUnoDF/QkCCuHJ1+APAYV3YOloAgGF8JTO84SAwjfQiGQIgPAZqV4rAACnKSarzdlc4gAAAABJRU5ErkJggg==',
+ 'L' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHA64qQw4AAAAB3RJTUUH0wUOEDAXMPIsJgAAAAlwSFlzAAALEgAACxIB0t1+/AAAADlJREFUeNpj/M9AHGAiUt2QUMiCYDJCaezhMBQ8M6pwVCEdFLJgCjEisRH5Zyh4hvoKGUdkQUq0QgARaARRV9jUFQAAAABJRU5ErkJggg==',
+ 'M' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHBhMfblpAAAAB3RJTUUH0wUOEDAqaJpgNwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAPNJREFUeNrdlK0OgzAUhS8bCQYxMYmcmEAgEAgejQfZQyG2pAIxOYlATkAu691o2tvSYia2iv7lyzn3NG0jhG1tt5H7Aggom7ZuaKPhBFqKV+pFWDGjjcxStEAYXuvBkrKtoVX+gdRiK9i6sxjgeVGUMJzWwZLACaZOTqoAOAronmrlBuvPkQsIgHn8BqnE2AMmhaaYJ57jqTRFMwsDyW249XaJLhAujizm7UFM5XCUXTqiTvBLQYWRc7H3WWt+3NmlyGbOGh9q/45mjQxUb+CA6A2jSqu5MweX0ooQWLJxLYx6fz0GwmBOsww5GP3At/dX4Ayb7qpFI9y5ygAAAABJRU5ErkJggg==',
+ 'N' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHC6DxyzwAAAAB3RJTUUH0wUOEDAye/b4YQAAAAlwSFlzAAALEgAACxIB0t1+/AAAALRJREFUeNpj/M9AHGAiUt0IV8gIARsRMlAROP8/BEB5Ii/+/0cVgXNRhRk8iFXIMIFYhRxXiFTIYPCDSIUMBcQqZNhDrEKZN0QqZAggViHDHIIKRSAUzx1CCrdAaZM/BBT+z4Eyaggp/KEDYbAcIaDw/wUWCEuBkML/PagBgFvhfxdiFT4RIVLh/zXEKvyfQqzCLypEKvx/hoVIhf9biFX4x4ZIhf8fCBCp8P8KNBHG4VQ0AwDEOyeZhO5p1AAAAABJRU5ErkJggg==',
+ 'O' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHQExDSDoAAAAB3RJTUUH0wUOEDA4myMRfwAAAAlwSFlzAAALEgAACxIB0t1+/AAAATtJREFUeNpj/M9AHGAiUt3wUsiCyv265ciZJ08YGGRkDGwCuFGk/iOBDwU8SDIcGS+Q5JAV7hBBs45nAVaFC1gwXTYBi8IdWNQxMCzAUPhBBJs6Bp4n6AoLYFI6az78f7NEB8ZNQFP4QwAqEfADwg+A+f0NqsI1UHGBDzCnSKC6EhYzB6B0Cj+UwZ+CKgNTeAZKu8C94QGlL6DGjAyU+wAeXC+gIiIQLiM0KzDC9CFCBlWICsnsL3aFMDc+hcs8QZWBKYSF2g24whvYFZpA6T1whUegNCwyoYGxAmYyLGZ+wOxYghqFX2BpO+APmP8nBspHj2uk1LPizf8PGyxgXPTUQ3x6JDqF//8/AYs6bHkGmCYF0O3FnguBCSaFA0kZS8IDJDlG1IIUVFK8eABMWzI6DgHCyDKMI7LEBQCD5YgI9wbKGgAAAABJRU5ErkJggg==',
+ 'P' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHQvR2Mn2AAAAB3RJTUUH0wUOEDEDMzPJGgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKVJREFUeNpj/M9AHGAiUh05ChlRAKdu4k5Ulf9hANMQiwf/EQCfQgaJB0QqZHAhViHDEbg0AV8vwRM8QN0v5vBAOSfw+BrMWQDl8MClGeEKGGEKQcRXHmQemTGD1RMy+N14o4MDyvGAS7NgGMaIzPHAYyIy4HhBZMy0EBmFIX+IUsjRgqQOi2fAgEVBwyVGGEUEQw2O3EbLzDWSFDIOhtJsVCEWAAC/Yt2X+2PYcgAAAABJRU5ErkJggg==',
+ 'Q' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHRxSC0wxAAAAB3RJTUUH0wUOEDEKSu9xvgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAW1JREFUeNpj/M9AHGAiUt2QUMiCzPm65cCZF08YGGRkDBx8uNFU/oeDDwU8SOIcBS/+IwOEwh0iaEYIrMCqcA4LprsmYFG4A4s6BoYFGAo/iGBTx8DzAl1hAUxKZ8WH/29W6MC4KWgKfwhAJXx+gPl/QmB+/4KqcANUXOQDVPiLBFRkCUwhJGb2wGzihzK4U6CMA6hReAbKc4F7wwFKX0CNGRkoB+HJJ1ARGZgAIziFM8J0IUIGXYjMZPaXkEJYYDyBiz+EuRFVoQKUdwWIz6qWvmRguAMVkUBVaIIUalPu9GgshIefAWrwrIHp//L/DQc4KjFiBi2uQ/7832KB5AX0uP5fAZOx2PDhfwNCIXrq+f9BhgEb4HmCkcL3YE3hSHkBnmfWYFMpsoaYXAgGDgcwFKLlaxYOCG2DqRCYrldkmIACUMIgZsaTI5Cg3IBNISp4AoovlT+EFf7/kYPkb3wK//8/YAGPGcYhUIYDAHBC9Yak1w7iAAAAAElFTkSuQmCC',
+ 'R' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHSkEuIgSAAAAB3RJTUUH0wUOEDEUsOBM3QAAAAlwSFlzAAALEgAACxIB0t1+/AAAAOZJREFUeNpj/M9AHGAiUh0NFLJAaUY0YRkJHYcQdmSh/xCAzRCZHf8RAJ9CBpYNRCpkEHgBV4jfMx+mEOVGIDDAaTWY82aPBZTLgV8hUCkaH6cbP8B8gxHgyODjgwstMDfiVIgWQyFE+lrhB3EBznOFuJgxuUFMXPPEbPmDpA53FH55osKMIoAe4F826MDMvPMfj9WgWFGBBeIf/Ar/H4FxJhBQ+B8WzCIfCCi8A4uvBgIK/2fA/POCgMIXHFBuDqH02ABLM3cIKPwgAuVHEFD4fwJM4AIBhT9goe4AFWAcAsXesFIIAEvJyZHTCSiTAAAAAElFTkSuQmCC',
+ 'S' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHTRnvuTLAAAAB3RJTUUH0wUOEDEbIF9RTAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAVZJREFUeNpj/M9AHGAiUt2oQvyABYX398CWK3de/GBgkVEw8HFgRpH7jwSWqCDLyCxAlkNS+CcG3boY7AozMB3Wgk3hGSw+4HgBl0b4egIWhT9mYPGMBFQg4MH/D2tgvrKASzPC0yMjlP7CDSTOmrDIMDDwiHBsxzSRBypw5j9WgFDoAPNAxIQjX/ApXIDsC4OCLV9wKfzjwIACOEIO4IiZFxbooePzAqvC/z9qONBUStzAqvD//zc9BqgqNX5gVwgETxbkmCClvSk4FYLdsCMCptAGI2YSGV78+PLmz5MX4mDu1ByIMM9n9JiBxe4caGChy8MZMMsUIEFyAMoVwVC4BGaEwpI3/9/MEYGlJQyFPwQYsIE1mL7GlnCR0iNSXLtgqpO4gy1mvtigq1NAxCBKgP9pEUFWxlOCnNIYUYrmn3v23Ljx5gsw88sYOPhwI0sxDoEyHAABtSc836a1EQAAAABJRU5ErkJggg==',
+ 'T' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHgUdTbcyAAAAB3RJTUUH0wUOEDEgkVS4aAAAAAlwSFlzAAALEgAACxIB0t1+/AAAADdJREFUeNpj/M9AHGAiUt0IVcgCpRlxyMODeSh4hmiFjGipB+Z7jEQ1FDwzqnBU4WBSyDicimYAb/AFTaJpyH8AAAAASUVORK5CYII=',
+ 'U' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHhEHl2NPAAAAB3RJTUUH0wUOEDEon48wWgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKlJREFUeNpj/M9AHGAiUh3xClmgNCOUhrsEXYD6Vo8qHFVIuUIVKP0USr+E0jLoCjWg9A4ovQVNHJjUIaADZsILMPeFApRfA5X/D1N4AaZRYc6b/2+WwNQxXEBX+N8Bqxcc/mMoPMGCRR3LBUyF/2dgUTjjPxaF/6egm8ky5T9Whf9P2KCoMziBJPefEaWQurjnzIMXL34wsMhoWHiYo2hjHLjSbFQhXgAAKzejCLAOcVMAAAAASUVORK5CYII=',
+ 'V' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHh/gL05IAAAAB3RJTUUH0wUOEDEuduyVbwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAVNJREFUeNpj/M9AHGAiUt2owoFRaMgIAYlIMqlQMUMo/z8ITIByRP78hwMRqNgECBei8AULVPQIXN0RqAjLGwgfYrW4B1R4DdzmLVDaQxjZ6v8roDwVuIkqMK3/ka3+/0MAKn4FKn4D5uof/5GtZmCPgEpsQHNDBDsDitVwt5tA+RZQ/pn/qFYj3PQEzHsC5WnA3QyPmQQU3+5AE0VYDTfDBcxzgQbik/8YVv93gMp9AbK/cEAD8T+m1TBb/oD8veEHhs0IE2GmxADZMRAmz4//WKxGkv3DA2Gm/MeqcA/Ujj1w1hHsCv/LQKQz/megRzyawgqIvAxMRwsuhbCEAEvGT3AphEUwNCU5IEv9R8lcUH9/wAxE5HAEgjccSBI8X3CbKOyBxAnhxm3i/w1IEgdQZFA98/+PCFydDKo6VKsZmGPQ0wgOq/+fgYvfQTORkeq1AgCIAvD7+THsDgAAAABJRU5ErkJggg==',
+ 'W' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QFhZRKnzkAAAAB3RJTUUH0wUOEDIR66frkQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAXNJREFUeNrtlK1ywkAUhZdMZsJMKyIqKhAIBAKBiEBEVCDyCJV9iIo+Do9QGRERgUBEVCAqKhAIREVERURnTvfn3t27xSA6g+kOQ/ZkP/aec5NlBHXZSC7k/sE/AhUwoVkDPQ58/2RUQ2IC6B1XpN7MV8tg62/pUdjSDO7OwR2J0pbekpqZYlMG50bNSGwBDQ4pyV5YtCZ7mqZf1mO2IN2Jynba0XRx49pThjQCbEKWFfVRpIlBzlK4PuLdpxEWlTr4LHvYMEDOaTYS3HCW3DAJt8mmaSXYchZbOfEzkyYGZRbrEbX8qe7GMpLqFeyxV9F4fon1pwcxjxbqJpJTBPBJLoyHYSz1I3xq78aOMssepHZZHFjKhbX9/AZd6e9bsdABeyHTQXiE2PLO6PugCwiP/r1QVLYSlpXwKE1Wno7b7jY+hoWj0aegPyA9+jPrzgqwZJ0j8hhMVtElmDoD19FFPAvamc+sOXBm+KdYEzC63p/9D7Tr72kj/8qjAAAAAElFTkSuQmCC',
+ 'X' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHi/G9n7kAAAAB3RJTUUH0wUOEDIXAsROpAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAT9JREFUeNpj/M9AHGAiUt3IVhjKCAFr4RJroSKBMIH/YPBEAMITeQLh//8gAxHggQlAFf6fAdXnA+WnQPkT/qMp/O8AlVkA5h2A8kz+YCi8wQGREngA5PxQgXBYzvzHUPi/A2qIA5BdAmUX/Mei8I8BVHbK/wssEJbMB2wK/5+ASvPcgGlZ8x+rQriFAmghgKHwiwJKXPA8wKXw/x4UhT3/cSr8n4CkzuAPHoVvRODqWE6gyPxHTT1ffiAUCjCgAhRtDkgSFnisnoJixAScCh/wEBk8DmiucsChcA5MQQSMMQWrQlgiZ0iAByey5QiFPlBZnS//v+hgxjZc4QKYKVeAnCswby3AUAi3eAGKNoEn6Ap94A5EjXUfNIUrEA6EALgzl6AohCUGsAMhAOZMkTfICkMw3I5wZgiEyzicimYAFRFkVwgDfJ0AAAAASUVORK5CYII=',
+ 'Y' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHjkyIsu1AAAAB3RJTUUH0wUOEDIkvRQvsgAAAAlwSFlzAAALEgAACxIB0t1+/AAAANJJREFUeNrt1L0NgzAQBWAcUVB6AAZgBAoKhmAICoZgCAoKxmAECkbwABSUlBRILwF8duwYhFJEihJ37+6T5T9g8K6N20X3FdDDNjKKOeTIqZLtWcKBU73bCx1lPhgQNTWieY1zRLmGCZFQp1xTSSmBDUUgW754BF+GQLxAPUkMxMb0FlzUsqpKLXhxQPRqo+oIerggCvuMC7jhFJounA4gWhO2OIL6Jp/uzglHrh0fTyAaDRucQaTkUpxDQVBYDWZ/hYze6bsv/A8/DNlP/kgvwzuer4kCMGPZDgAAAABJRU5ErkJggg==',
+ 'Z' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHwfqWOdfAAAAB3RJTUUH0wUOEDIrLasyIwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAL5JREFUeNrl1C0OwkAQBWCWQIJEVPQIFT0GAlHBMRBIBKIHqahAIDlERY9R0UOs3ORh5qVLunmp5GfUZvczbzKzDqtltV7ofgtueHCp16h33xBGwn0KYqoTO/J868Csaj418e0cPujOkLDfmTsECcfcXOGhoC/NZQMUDBUDd5DwxiAtJGzprpCw48xVQcIhM1d6KOgLc/kIBcORgXtIeGGQOyRs6Oq0g7P92YbkRE7bRZhcwhh+6nLF5f7yx30B8Z7FgxzMWtEAAAAASUVORK5CYII=',
+ );
+
+ return $_png;
+ }
+
+ ?>
\ No newline at end of file
diff -crN phpbb204/includes/usercp_email.php phpbb2017/includes/usercp_email.php
*** phpbb204/includes/usercp_email.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/usercp_email.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_email.php,v 1.7.2.9 2003/01/05 01:06:40 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_email.php,v 1.7.2.13 2003/06/06 18:02:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 27,32 ****
--- 27,38 ----
exit;
}
+ // Is send through board enabled? No, return to index
+ if (!$board_config['board_email_form'])
+ {
+ redirect(append_sid("index.$phpEx", true));
+ }
+
if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) || !empty($HTTP_POST_VARS[POST_USERS_URL]) )
{
$user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? intval($HTTP_GET_VARS[POST_USERS_URL]) : intval($HTTP_POST_VARS[POST_USERS_URL]);
***************
*** 61,72 ****
if ( isset($HTTP_POST_VARS['submit']) )
{
- // session id check
- if ($sid == '' || $sid != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
$error = FALSE;
if ( !empty($HTTP_POST_VARS['subject']) )
--- 67,72 ----
***************
*** 99,106 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'Return-Path: ' . $userdata['user_email'] . "\nFrom: " . $userdata['user_email'] . "\n";
! $email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
--- 99,108 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($userdata['user_email']);
! $emailer->replyto($userdata['user_email']);
!
! $email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
***************
*** 122,132 ****
if ( !empty($HTTP_POST_VARS['cc_email']) )
{
! $email_headers = 'Return-Path: ' . $userdata['user_email'] . "\nFrom: " . $userdata['user_email'] . "\n";
$emailer->use_template('profile_send_email');
$emailer->email_address($userdata['user_email']);
$emailer->set_subject($subject);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
--- 124,134 ----
if ( !empty($HTTP_POST_VARS['cc_email']) )
{
! $emailer->from($userdata['user_email']);
! $emailer->replyto($userdata['user_email']);
$emailer->use_template('profile_send_email');
$emailer->email_address($userdata['user_email']);
$emailer->set_subject($subject);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
***************
*** 175,182 ****
$template->assign_vars(array(
'USERNAME' => $username,
! 'S_HIDDEN_FIELDS' => '',
! 'S_POST_ACTION' => append_sid("profile.$phpEx?&mode=email&" . POST_USERS_URL . "=$user_id"),
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],
'L_RECIPIENT' => $lang['Recipient'],
--- 177,184 ----
$template->assign_vars(array(
'USERNAME' => $username,
! 'S_HIDDEN_FIELDS' => '',
! 'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL . "=$user_id"),
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],
'L_RECIPIENT' => $lang['Recipient'],
diff -crN phpbb204/includes/usercp_register.php phpbb2017/includes/usercp_register.php
*** phpbb204/includes/usercp_register.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/usercp_register.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_register.php,v 1.20.2.35 2003/01/10 21:28:08 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_register.php,v 1.20.2.61 2005/06/26 12:03:44 acydburn Exp $
*
*
***************************************************************************/
***************
*** 21,32 ****
--- 21,48 ----
*
***************************************************************************/
+ /*
+
+ This code has been modified from its original form by psoTFX @ phpbb.com
+ Changes introduce the back-ported phpBB 2.2 visual confirmation code.
+
+ NOTE: Anyone using the modified code contained within this script MUST include
+ a relevant message such as this in usercp_register.php ... failure to do so
+ will affect a breach of Section 2a of the GPL and our copyright
+
+ png visual confirmation system : (c) phpBB Group, 2003 : All Rights Reserved
+
+ */
+
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
exit;
}
+ $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
+ $unhtml_specialchars_replace = array('>', '<', '"', '&');
+
// ---------------------------------------
// Load agreement template since user has not yet
// agreed to registration conditions/coppa
***************
*** 46,53 ****
"AGREE_UNDER_13" => $lang['Agree_under_13'],
'DO_NOT_AGREE' => $lang['Agree_not'],
! "U_AGREE_OVER13" => "profile.$phpEx?mode=register&agreed=true&sid=" . $userdata['session_id'],
! "U_AGREE_UNDER13" => "profile.$phpEx?mode=register&agreed=true&coppa=true&sid=" . $userdata['session_id'])
);
$template->pparse('body');
--- 62,69 ----
"AGREE_UNDER_13" => $lang['Agree_under_13'],
'DO_NOT_AGREE' => $lang['Agree_not'],
! "U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"),
! "U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true"))
);
$template->pparse('body');
***************
*** 80,91 ****
isset($HTTP_POST_VARS['cancelavatar']) ||
$mode == 'register' )
{
- // session id check
- if ($sid == '' || $sid != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
--- 96,101 ----
***************
*** 97,102 ****
--- 107,113 ----
}
$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
+ $strip_var_list['confirm_code'] = 'confirm_code';
// Strip all tags from data ... may p**s some people off, bah, strip_tags is
// doing the job but can still break HTML output ... have no choice, have
***************
*** 129,135 ****
$allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
! $popuppm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
if ( $mode == 'register' )
{
--- 140,146 ----
$allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
! $popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
if ( $mode == 'register' )
{
***************
*** 168,176 ****
}
$user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
! $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
--- 179,197 ----
}
$user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
+
+ $sql = "SELECT config_value
+ FROM " . CONFIG_TABLE . "
+ WHERE config_name = 'default_dateformat'";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select default dateformat', '', __LINE__, __FILE__, $sql);
+ }
+ $row = $db->sql_fetchrow($result);
+ $board_config['default_dateformat'] = $row['config_value'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
! $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
***************
*** 210,221 ****
}
}
}
//
// Let's make sure the user isn't logged in while registering,
// and ensure that they were trying to register a second time
// (Prevents double registrations)
//
! if ( $userdata['session_logged_in'] && $mode =="register" && $username == $userdata['username'])
{
message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__);
}
--- 231,243 ----
}
}
}
+
//
// Let's make sure the user isn't logged in while registering,
// and ensure that they were trying to register a second time
// (Prevents double registrations)
//
! if ($mode == 'register' && ($userdata['session_logged_in'] || $username == $userdata['username']))
{
message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__);
}
***************
*** 245,250 ****
--- 267,323 ----
}
}
+ if ($board_config['enable_confirm'] && $mode == 'register')
+ {
+ if (empty($HTTP_POST_VARS['confirm_id']))
+ {
+ $error = TRUE;
+ $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Confirm_code_wrong'];
+ }
+ else
+ {
+ $confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']);
+ if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
+ {
+ $confirm_id = '';
+ }
+
+ $sql = 'SELECT code
+ FROM ' . CONFIRM_TABLE . "
+ WHERE confirm_id = '$confirm_id'
+ AND session_id = '" . $userdata['session_id'] . "'";
+ if (!($result = $db->sql_query($sql)))
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['code'] != $confirm_code)
+ {
+ $error = TRUE;
+ $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Confirm_code_wrong'];
+ }
+ else
+ {
+ $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
+ WHERE confirm_id = '$confirm_id'
+ AND session_id = '" . $userdata['session_id'] . "'";
+ if (!$db->sql_query($sql))
+ {
+ message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
+ }
+ }
+ }
+ else
+ {
+ $error = TRUE;
+ $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Confirm_code_wrong'];
+ }
+ $db->sql_freeresult($result);
+ }
+ }
+
$passwd_sql = '';
if ( !empty($new_password) && !empty($password_confirm) )
{
***************
*** 333,344 ****
{
if ( empty($username) )
{
$error = TRUE;
- $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Username_disallowed'];
}
! else if ( $username != $userdata['username'] || $mode == 'register' )
{
! if (strtolower($username) != strtolower($userdata['username']))
{
$result = validate_username($username);
if ( $result['error'] )
--- 406,417 ----
{
if ( empty($username) )
{
+ // Error is already triggered, since one field is empty.
$error = TRUE;
}
! else if ( $username != $userdata['username'] || $mode == 'register')
{
! if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register')
{
$result = validate_username($username);
if ( $result['error'] )
***************
*** 370,376 ****
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
}
- //??
if ( $website != '' )
{
rawurlencode($website);
--- 443,448 ----
***************
*** 382,393 ****
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}
!
if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
--- 454,465 ----
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}
! else
if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
***************
*** 445,451 ****
}
$sql = "UPDATE " . USERS_TABLE . "
! SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
--- 517,523 ----
}
$sql = "UPDATE " . USERS_TABLE . "
! SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popup_pm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 460,475 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template('user_activate', stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject($lang['Reactivate']);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
! 'USERNAME' => $username,
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
--- 532,547 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$emailer->use_template('user_activate', stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject($lang['Reactivate']);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
! 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
***************
*** 509,515 ****
// Get current date
//
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
! VALUES ($user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa )
{
$user_actkey = gen_rand_string(true);
--- 581,587 ----
// Get current date
//
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
! VALUES ($user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa )
{
$user_actkey = gen_rand_string(true);
***************
*** 568,586 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template($email_template, stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));
- $emailer->extra_headers($email_headers);
if( $coppa )
{
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
! 'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']),
--- 640,658 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$emailer->use_template($email_template, stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));
if( $coppa )
{
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
! 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']),
***************
*** 602,608 ****
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
! 'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']),
--- 674,680 ----
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
! 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']),
***************
*** 615,634 ****
if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
{
! //$emailer->use_template("admin_activate", stripslashes($user_lang));
! $emailer->use_template("admin_activate", $board_config['default_lang']);
! $emailer->email_address($board_config['board_email']);
! $emailer->set_subject($lang['New_account_subject']);
! $emailer->extra_headers($email_headers);
!
! $emailer->assign_vars(array(
! 'USERNAME' => $username,
! 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']),
!
! 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
! );
! $emailer->send();
! $emailer->reset();
}
$message = $message . '
' . sprintf($lang['Click_return_index'], '', '');
--- 687,720 ----
if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
{
! $sql = "SELECT user_email, user_lang
! FROM " . USERS_TABLE . "
! WHERE user_level = " . ADMIN;
!
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
! }
!
! while ($row = $db->sql_fetchrow($result))
! {
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
!
! $emailer->email_address(trim($row['user_email']));
! $emailer->use_template("admin_activate", $row['user_lang']);
! $emailer->set_subject($lang['New_account_subject']);
!
! $emailer->assign_vars(array(
! 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
! 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $board_config['board_email_sig']),
!
! 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
! );
! $emailer->send();
! $emailer->reset();
! }
! $db->sql_freeresult($result);
}
$message = $message . '
' . sprintf($lang['Click_return_index'], '', '');
***************
*** 659,665 ****
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$signature = stripslashes($signature);
! $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $signature) : $signature;
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
--- 745,751 ----
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$signature = stripslashes($signature);
! $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $signature) : $signature;
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
***************
*** 683,693 ****
$occupation = $userdata['user_occ'];
$interests = $userdata['user_interests'];
$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
! $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid\]/si", ']', $userdata['user_sig']) : $userdata['user_sig'];
$viewemail = $userdata['user_viewemail'];
$notifypm = $userdata['user_notify_pm'];
! $popuppm = $userdata['user_popup_pm'];
$notifyreply = $userdata['user_notify'];
$attachsig = $userdata['user_attachsig'];
$allowhtml = $userdata['user_allowhtml'];
--- 769,779 ----
$occupation = $userdata['user_occ'];
$interests = $userdata['user_interests'];
$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
! $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $userdata['user_sig']) : $userdata['user_sig'];
$viewemail = $userdata['user_viewemail'];
$notifypm = $userdata['user_notify_pm'];
! $popup_pm = $userdata['user_popup_pm'];
$notifyreply = $userdata['user_notify'];
$attachsig = $userdata['user_attachsig'];
$allowhtml = $userdata['user_allowhtml'];
***************
*** 724,730 ****
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
! $avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? $HTTP_POST_VARS['avatarcategory'] : '';
$template->set_filenames(array(
'body' => 'profile_avatar_gallery.tpl')
--- 810,816 ----
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
! $avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarcategory']) : '';
$template->set_filenames(array(
'body' => 'profile_avatar_gallery.tpl')
***************
*** 732,738 ****
$allowviewonline = !$allowviewonline;
! display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popuppm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
}
else
{
--- 818,824 ----
$allowviewonline = !$allowviewonline;
! display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
}
else
{
***************
*** 765,771 ****
}
}
! $s_hidden_fields = '';
if( $mode == 'editprofile' )
{
$s_hidden_fields .= '';
--- 851,857 ----
}
}
! $s_hidden_fields = '';
if( $mode == 'editprofile' )
{
$s_hidden_fields .= '';
***************
*** 805,810 ****
--- 891,982 ----
$template->assign_block_vars('switch_edit_profile', array());
}
+ if ( ($mode == 'register') || ($board_config['allow_namechange']) )
+ {
+ $template->assign_block_vars('switch_namechange_allowed', array());
+ }
+ else
+ {
+ $template->assign_block_vars('switch_namechange_disallowed', array());
+ }
+
+
+ // Visual Confirmation
+ $confirm_image = '';
+ if (!empty($board_config['enable_confirm']) && $mode == 'register')
+ {
+ $sql = 'SELECT session_id
+ FROM ' . SESSIONS_TABLE;
+ if (!($result = $db->sql_query($sql)))
+ {
+ message_die(GENERAL_ERROR, 'Could not select session data', '', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result))
+ {
+ $confirm_sql = '';
+ do
+ {
+ $confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'";
+ }
+ while ($row = $db->sql_fetchrow($result));
+
+ $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
+ WHERE session_id NOT IN ($confirm_sql)";
+ if (!$db->sql_query($sql))
+ {
+ message_die(GENERAL_ERROR, 'Could not delete stale confirm data', '', __LINE__, __FILE__, $sql);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ $sql = 'SELECT COUNT(session_id) AS attempts
+ FROM ' . CONFIRM_TABLE . "
+ WHERE session_id = '" . $userdata['session_id'] . "'";
+ if (!($result = $db->sql_query($sql)))
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain confirm code count', '', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['attempts'] > 3)
+ {
+ message_die(GENERAL_MESSAGE, $lang['Too_many_registers']);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ $confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+
+ list($usec, $sec) = explode(' ', microtime());
+ mt_srand($sec * $usec);
+
+ $max_chars = count($confirm_chars) - 1;
+ $code = '';
+ for ($i = 0; $i < 6; $i++)
+ {
+ $code .= $confirm_chars[mt_rand(0, $max_chars)];
+ }
+
+ $confirm_id = md5(uniqid($user_ip));
+
+ $sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code)
+ VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')";
+ if (!$db->sql_query($sql))
+ {
+ message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql);
+ }
+
+ unset($code);
+
+ $confirm_image = (@extension_loaded('zlib')) ? '
' : '';
+ $s_hidden_fields .= '';
+
+ $template->assign_block_vars('switch_confirm', array());
+ }
+
+
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
***************
*** 818,823 ****
--- 990,996 ----
'NEW_PASSWORD' => $new_password,
'PASSWORD_CONFIRM' => $password_confirm,
'EMAIL' => $email,
+ 'CONFIRM_IMG' => $confirm_image,
'YIM' => $yim,
'ICQ' => $icq,
'MSN' => $msn,
***************
*** 833,840 ****
'HIDE_USER_NO' => ( $allowviewonline ) ? 'checked="checked"' : '',
'NOTIFY_PM_YES' => ( $notifypm ) ? 'checked="checked"' : '',
'NOTIFY_PM_NO' => ( !$notifypm ) ? 'checked="checked"' : '',
! 'POPUP_PM_YES' => ( $popuppm ) ? 'checked="checked"' : '',
! 'POPUP_PM_NO' => ( !$popuppm ) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_YES' => ( $attachsig ) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_NO' => ( !$attachsig ) ? 'checked="checked"' : '',
'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
--- 1006,1013 ----
'HIDE_USER_NO' => ( $allowviewonline ) ? 'checked="checked"' : '',
'NOTIFY_PM_YES' => ( $notifypm ) ? 'checked="checked"' : '',
'NOTIFY_PM_NO' => ( !$notifypm ) ? 'checked="checked"' : '',
! 'POPUP_PM_YES' => ( $popup_pm ) ? 'checked="checked"' : '',
! 'POPUP_PM_NO' => ( !$popup_pm ) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_YES' => ( $attachsig ) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_NO' => ( !$attachsig ) ? 'checked="checked"' : '',
'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
***************
*** 912,917 ****
--- 1085,1094 ----
'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
+ 'L_CONFIRM_CODE_IMPAIRED' => sprintf($lang['Confirm_code_impaired'], '', ''),
+ 'L_CONFIRM_CODE' => $lang['Confirm_code'],
+ 'L_CONFIRM_CODE_EXPLAIN' => $lang['Confirm_code_explain'],
+
'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'],
'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'],
'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'],
***************
*** 957,960 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 1134,1137 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/includes/usercp_sendpasswd.php phpbb2017/includes/usercp_sendpasswd.php
*** phpbb204/includes/usercp_sendpasswd.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/usercp_sendpasswd.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_sendpasswd.php,v 1.6.2.9 2003/01/10 13:22:00 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_sendpasswd.php,v 1.6.2.12 2004/11/18 17:49:45 acydburn Exp $
*
*
***************************************************************************/
***************
*** 29,41 ****
if ( isset($HTTP_POST_VARS['submit']) )
{
! // session id check
! if ($sid == '' || $sid != $userdata['session_id'])
! {
! message_die(GENERAL_ERROR, 'Invalid_session');
! }
!
! $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
$sql = "SELECT user_id, username, user_email, user_active, user_lang
--- 29,35 ----
if ( isset($HTTP_POST_VARS['submit']) )
{
! $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
$sql = "SELECT user_id, username, user_email, user_active, user_lang
***************
*** 71,82 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template('user_activate_passwd', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['New_password_activation']);
- $emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
--- 65,76 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
! $emailer->from($board_config['board_email']);
! $emailer->replyto($board_config['board_email']);
$emailer->use_template('user_activate_passwd', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject($lang['New_password_activation']);
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
***************
*** 133,139 ****
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
! 'S_HIDDEN_FIELDS' => '',
'S_PROFILE_ACTION' => append_sid("profile.$phpEx?mode=sendpassword"))
);
--- 127,133 ----
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
! 'S_HIDDEN_FIELDS' => '',
'S_PROFILE_ACTION' => append_sid("profile.$phpEx?mode=sendpassword"))
);
diff -crN phpbb204/includes/usercp_viewprofile.php phpbb2017/includes/usercp_viewprofile.php
*** phpbb204/includes/usercp_viewprofile.php Sat Jul 10 20:16:21 2004
--- phpbb2017/includes/usercp_viewprofile.php Tue Jul 19 22:14:57 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_viewprofile.php,v 1.5 2002/03/31 00:06:34 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_viewprofile.php,v 1.5.2.5 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 31,37 ****
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}
! $profiledata = get_userdata(intval($HTTP_GET_VARS[POST_USERS_URL]));
$sql = "SELECT *
FROM " . RANKS_TABLE . "
--- 31,42 ----
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}
! $profiledata = get_userdata($HTTP_GET_VARS[POST_USERS_URL]);
!
! if (!$profiledata)
! {
! message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
! }
$sql = "SELECT *
FROM " . RANKS_TABLE . "
***************
*** 41,46 ****
--- 46,52 ----
message_die(GENERAL_ERROR, 'Could not obtain ranks information', '', __LINE__, __FILE__, $sql);
}
+ $ranksrow = array();
while ( $row = $db->sql_fetchrow($result) )
{
$ranksrow[] = $row;
***************
*** 159,166 ****
$yim = ( $profiledata['user_yim'] ) ? '' . $lang['YIM'] . '' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&showresults=posts");
! $search_img = '![' . $lang['Search_user_posts'] . '](' . $images['icon_search'] . ' "' . $lang['Search_user_posts'] . '")
';
! $search = '' . $lang['Search_user_posts'] . '';
//
// Generate page
--- 165,172 ----
$yim = ( $profiledata['user_yim'] ) ? '' . $lang['YIM'] . '' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&showresults=posts");
! $search_img = '';
! $search = '' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '';
//
// Generate page
***************
*** 168,173 ****
--- 174,188 ----
$page_title = $lang['Viewing_profile'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
+ if (function_exists('get_html_translation_table'))
+ {
+ $u_search_author = urlencode(strtr($profiledata['username'], array_flip(get_html_translation_table(HTML_ENTITIES))));
+ }
+ else
+ {
+ $u_search_author = urlencode(str_replace(array('&', ''', '"', '<', '>'), array('&', "'", '"', '<', '>'), $profiledata['username']));
+ }
+
$template->assign_vars(array(
'USERNAME' => $profiledata['username'],
'JOINED' => create_date($lang['DATE_FORMAT'], $profiledata['user_regdate'], $board_config['board_timezone']),
***************
*** 222,228 ****
'L_OCCUPATION' => $lang['Occupation'],
'L_INTERESTS' => $lang['Interests'],
! 'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username'])),
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
);
--- 237,243 ----
'L_OCCUPATION' => $lang['Occupation'],
'L_INTERESTS' => $lang['Interests'],
! 'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . $u_search_author),
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
);
diff -crN phpbb204/index.php phpbb2017/index.php
*** phpbb204/index.php Sat Jul 10 20:16:21 2004
--- phpbb2017/index.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.99.2.1 2002/12/19 17:17:40 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.99.2.3 2004/07/11 16:46:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 118,124 ****
--- 118,126 ----
message_die(GENERAL_ERROR, 'Could not query categories list', '', __LINE__, __FILE__, $sql);
}
+ $category_rows = array();
while( $category_rows[] = $db->sql_fetchrow($result) );
+ $db->sql_freeresult($result);
if( ( $total_categories = count($category_rows) ) )
{
***************
*** 170,175 ****
--- 172,178 ----
{
$forum_data[] = $row;
}
+ $db->sql_freeresult($result);
if ( !($total_forums = count($forum_data)) )
{
***************
*** 197,202 ****
--- 200,206 ----
{
$new_topic_data[$topic_data['forum_id']][$topic_data['topic_id']] = $topic_data['post_time'];
}
+ $db->sql_freeresult($result);
}
//
***************
*** 222,227 ****
--- 226,232 ----
{
$forum_moderators[$row['forum_id']][] = '' . $row['username'] . '';
}
+ $db->sql_freeresult($result);
$sql = "SELECT aa.forum_id, g.group_id, g.group_name
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
***************
*** 241,246 ****
--- 246,252 ----
{
$forum_moderators[$row['forum_id']][] = '' . $row['group_name'] . '';
}
+ $db->sql_freeresult($result);
//
// Find which forums are visible for this user
diff -crN phpbb204/language/lang_english/email/coppa_welcome_inactive.tpl phpbb2017/language/lang_english/email/coppa_welcome_inactive.tpl
*** phpbb204/language/lang_english/email/coppa_welcome_inactive.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/language/lang_english/email/coppa_welcome_inactive.tpl Tue Jul 19 22:14:57 2005
***************
*** 44,50 ****
------------------------------ CUT HERE ------------------------------
! Once the administrator has recived the above form via fax or regular mail your account will be activated.
Please do not forget your password as it has been encrypted in our database and we cannot retrieve it for you. However, should you forget your password you can request a new one which will be activated in the same way as this account.
--- 44,50 ----
------------------------------ CUT HERE ------------------------------
! Once the administrator has received the above form via fax or regular mail your account will be activated.
Please do not forget your password as it has been encrypted in our database and we cannot retrieve it for you. However, should you forget your password you can request a new one which will be activated in the same way as this account.
diff -crN phpbb204/language/lang_english/lang_admin.php phpbb2017/language/lang_english/lang_admin.php
*** phpbb204/language/lang_english/lang_admin.php Sat Jul 10 20:16:22 2004
--- phpbb2017/language/lang_english/lang_admin.php Tue Jul 19 22:14:57 2005
***************
*** 7,13 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_admin.php,v 1.35.2.4 2002/12/18 15:40:18 psotfx Exp $
*
****************************************************************************/
--- 7,13 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_admin.php,v 1.35.2.10 2005/02/21 18:38:17 acydburn Exp $
*
****************************************************************************/
***************
*** 251,257 ****
$lang['Site_name'] = 'Site name';
$lang['Site_desc'] = 'Site description';
$lang['Board_disable'] = 'Disable board';
! $lang['Board_disable_explain'] = 'This will make the board unavailable to users. Do not log out when you disable the board because you will not be able to log back in!';
$lang['Acct_activation'] = 'Enable account activation';
$lang['Acc_None'] = 'None'; // These three entries are the type of activation
$lang['Acc_User'] = 'User';
--- 251,257 ----
$lang['Site_name'] = 'Site name';
$lang['Site_desc'] = 'Site description';
$lang['Board_disable'] = 'Disable board';
! $lang['Board_disable_explain'] = 'This will make the board unavailable to users. Administrators are able to access the Administration Panel while the board is disabled.';
$lang['Acct_activation'] = 'Enable account activation';
$lang['Acc_None'] = 'None'; // These three entries are the type of activation
$lang['Acc_User'] = 'User';
***************
*** 331,336 ****
--- 331,339 ----
$lang['Cookie_secure_explain'] = 'If your server is running via SSL, set this to enabled, else leave as disabled';
$lang['Session_length'] = 'Session length [ seconds ]';
+ // Visual Confirmation
+ $lang['Visual_confirm'] = 'Enable Visual Confirmation';
+ $lang['Visual_confirm_explain'] = 'Requires users enter a code defined by an image when registering.';
//
// Forum Management
***************
*** 720,725 ****
--- 723,740 ----
$lang['Install_No_Ext'] = 'The PHP configuration on your server doesn\'t support the database type that you chose';
$lang['Install_No_PCRE'] = 'phpBB2 Requires the Perl-Compatible Regular Expressions Module for PHP which your PHP configuration doesn\'t appear to support!';
+
+ //
+ // Version Check
+ //
+ $lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
+ $lang['Version_not_up_to_date'] = 'Your installation does not seem to be up to date. Updates are available for your version of phpBB, please visit http://www.phpbb.com/downloads.php to obtain the latest version.';
+ $lang['Latest_version_info'] = 'The latest available version is phpBB %s.';
+ $lang['Current_version_info'] = 'You are running phpBB %s.';
+ $lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:
%s';
+ $lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
+ $lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not subscribe to our mailing list.';
+ $lang['Version_information'] = 'Version Information';
//
// That's all Folks!
diff -crN phpbb204/language/lang_english/lang_main.php phpbb2017/language/lang_english/lang_main.php
*** phpbb204/language/lang_english/lang_main.php Sat Jul 10 20:16:22 2004
--- phpbb2017/language/lang_english/lang_main.php Tue Jul 19 22:14:57 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_main.php,v 1.85.2.9 2002/12/21 18:31:54 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_main.php,v 1.85.2.16 2005/05/06 20:50:13 acydburn Exp $
*
****************************************************************************/
***************
*** 604,609 ****
--- 604,610 ----
$lang['Password_mismatch'] = 'The passwords you entered did not match.';
$lang['Current_password_mismatch'] = 'The current password you supplied does not match that stored in the database.';
$lang['Password_long'] = 'Your password must be no more than 32 characters.';
+ $lang['Too_many_registers'] = 'You have made too many registration attempts. Please try again later.';
$lang['Username_taken'] = 'Sorry, but this username has already been taken.';
$lang['Username_invalid'] = 'Sorry, but this username contains an invalid character such as \'.';
$lang['Username_disallowed'] = 'Sorry, but this username has been disallowed.';
***************
*** 658,663 ****
--- 659,675 ----
//
+ // Visual confirmation system strings
+ //
+ $lang['Confirm_code_wrong'] = 'The confirmation code you entered was incorrect';
+ $lang['Too_many_registers'] = 'You have exceeded the number of registration attempts for this session. Please try again later.';
+ $lang['Confirm_code_impaired'] = 'If you are visually impaired or cannot otherwise read this code please contact the %sAdministrator%s for help.';
+ $lang['Confirm_code'] = 'Confirmation code';
+ $lang['Confirm_code_explain'] = 'Enter the code exactly as you see it. The code is case sensitive and zero has a diagonal line through it.';
+
+
+
+ //
// Memberslist
//
$lang['Select_sort_method'] = 'Select sort method';
***************
*** 873,879 ****
$lang['Too_many_error'] = 'You have selected too many posts. You can only select one post to split a topic after!';
! $lang['None_selected'] = 'You have no selected any topics to perform this operation on. Please go back and select at least one.';
$lang['New_forum'] = 'New forum';
$lang['This_posts_IP'] = 'IP address for this post';
--- 885,891 ----
$lang['Too_many_error'] = 'You have selected too many posts. You can only select one post to split a topic after!';
! $lang['None_selected'] = 'You have not selected any topics to perform this operation on. Please go back and select at least one.';
$lang['New_forum'] = 'New forum';
$lang['This_posts_IP'] = 'IP address for this post';
***************
*** 919,924 ****
--- 931,937 ----
$lang['10'] = 'GMT + 10 Hours';
$lang['11'] = 'GMT + 11 Hours';
$lang['12'] = 'GMT + 12 Hours';
+ $lang['13'] = 'GMT + 13 Hours';
// These are displayed in the timezone select box
$lang['tz']['-12'] = 'GMT - 12 Hours';
***************
*** 1004,1009 ****
--- 1017,1024 ----
$lang['Critical_Error'] = 'Critical Error';
$lang['An_error_occured'] = 'An Error Occurred';
$lang['A_critical_error'] = 'A Critical Error Occurred';
+
+ $lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticate yourself.';
//
// That's all, Folks!
diff -crN phpbb204/login.php phpbb2017/login.php
*** phpbb204/login.php Sat Jul 10 20:16:21 2004
--- phpbb2017/login.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: login.php,v 1.47.2.9 2003/01/02 15:43:59 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: login.php,v 1.47.2.18 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 52,65 ****
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
{
! $username = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level
FROM " . USERS_TABLE . "
! WHERE username = '" . str_replace("\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
--- 52,65 ----
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) )
{
! $username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level
FROM " . USERS_TABLE . "
! WHERE username = '" . str_replace("\\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
***************
*** 77,87 ****
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);
if( $session_id )
{
! $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "index.$phpEx";
redirect(append_sid($url, true));
}
else
--- 77,88 ----
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
! $admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);
if( $session_id )
{
! $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
redirect(append_sid($url, true));
}
else
***************
*** 91,104 ****
}
else
{
! $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : '';
! $redirect = str_replace("?", "&", $redirect);
$template->assign_vars(array(
! 'META' => '')
);
! $message = $lang['Error_login'] . '
' . sprintf($lang['Click_return_login'], '', '') . '
' . sprintf($lang['Click_return_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
--- 92,110 ----
}
else
{
! $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
! $redirect = str_replace('?', '&', $redirect);
!
! if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
! {
! message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
! }
$template->assign_vars(array(
! 'META' => "")
);
! $message = $lang['Error_login'] . '
' . sprintf($lang['Click_return_login'], "", '') . '
' . sprintf($lang['Click_return_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
***************
*** 106,131 ****
}
else
{
! $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "";
$redirect = str_replace("?", "&", $redirect);
$template->assign_vars(array(
! 'META' => '')
);
! $message = $lang['Error_login'] . '
' . sprintf($lang['Click_return_login'], '', '') . '
' . sprintf($lang['Click_return_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
}
else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
{
- // session id check
- if ($sid == '' || $sid != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
if( $userdata['session_logged_in'] )
{
session_end($userdata['session_id'], $userdata['user_id']);
--- 112,136 ----
}
else
{
! $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
$redirect = str_replace("?", "&", $redirect);
+ if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
+ {
+ message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
+ }
+
$template->assign_vars(array(
! 'META' => "")
);
! $message = $lang['Error_login'] . '
' . sprintf($lang['Click_return_login'], "", '') . '
' . sprintf($lang['Click_return_index'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
}
else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
{
if( $userdata['session_logged_in'] )
{
session_end($userdata['session_id'], $userdata['user_id']);
***************
*** 133,139 ****
if (!empty($HTTP_POST_VARS['redirect']) || !empty($HTTP_GET_VARS['redirect']))
{
! $url = (!empty($HTTP_POST_VARS['redirect'])) ? $HTTP_POST_VARS['redirect'] : $HTTP_GET_VARS['redirect'];
redirect(append_sid($url, true));
}
else
--- 138,145 ----
if (!empty($HTTP_POST_VARS['redirect']) || !empty($HTTP_GET_VARS['redirect']))
{
! $url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']);
! $url = str_replace('&', '&', $url);
redirect(append_sid($url, true));
}
else
***************
*** 143,149 ****
}
else
{
! $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "index.$phpEx";
redirect(append_sid($url, true));
}
}
--- 149,155 ----
}
else
{
! $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
redirect(append_sid($url, true));
}
}
***************
*** 153,159 ****
// Do a full login page dohickey if
// user not already logged in
//
! if( !$userdata['session_logged_in'] )
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
--- 159,165 ----
// Do a full login page dohickey if
// user not already logged in
//
! if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN))
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
***************
*** 201,213 ****
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
! $s_hidden_fields = '';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
! 'L_ENTER_PASSWORD' => $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
--- 207,220 ----
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
! $s_hidden_fields = '';
! $s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '' : '';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
! 'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
diff -crN phpbb204/memberlist.php phpbb2017/memberlist.php
*** phpbb204/memberlist.php Sat Jul 10 20:16:21 2004
--- phpbb2017/memberlist.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: memberlist.php,v 1.36.2.5 2002/12/18 14:14:10 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: memberlist.php,v 1.36.2.10 2004/07/11 16:46:15 acydburn Exp $
*
***************************************************************************/
***************
*** 37,43 ****
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
! $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
}
else
{
--- 37,43 ----
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
! $mode = ( isset($HTTP_POST_VARS['mode']) ) ? htmlspecialchars($HTTP_POST_VARS['mode']) : htmlspecialchars($HTTP_GET_VARS['mode']);
}
else
{
***************
*** 117,123 ****
switch( $mode )
{
case 'joined':
! $order_by = "user_regdate ASC LIMIT $start, " . $board_config['topics_per_page'];
break;
case 'username':
$order_by = "username $sort_order LIMIT $start, " . $board_config['topics_per_page'];
--- 117,123 ----
switch( $mode )
{
case 'joined':
! $order_by = "user_regdate $sort_order LIMIT $start, " . $board_config['topics_per_page'];
break;
case 'username':
$order_by = "username $sort_order LIMIT $start, " . $board_config['topics_per_page'];
***************
*** 235,241 ****
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('memberrow', array(
! 'ROW_NUMBER' => $i + ( $HTTP_GET_VARS['start'] + 1 ),
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'USERNAME' => $username,
--- 235,241 ----
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('memberrow', array(
! 'ROW_NUMBER' => $i + ( $start + 1 ),
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'USERNAME' => $username,
***************
*** 269,274 ****
--- 269,275 ----
$i++;
}
while ( $row = $db->sql_fetchrow($result) );
+ $db->sql_freeresult($result);
}
if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
***************
*** 288,293 ****
--- 289,295 ----
$pagination = generate_pagination("memberlist.$phpEx?mode=$mode&order=$sort_order", $total_members, $board_config['topics_per_page'], $start). ' ';
}
+ $db->sql_freeresult($result);
}
else
{
***************
*** 306,309 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 308,311 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/modcp.php phpbb2017/modcp.php
*** phpbb204/modcp.php Sat Jul 10 20:16:21 2004
--- phpbb2017/modcp.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: modcp.php,v 1.71.2.18 2003/01/09 00:17:23 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: modcp.php,v 1.71.2.26 2005/06/26 12:03:46 acydburn Exp $
*
***************************************************************************/
***************
*** 80,85 ****
--- 80,86 ----
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 130,135 ****
--- 131,141 ----
}
$topic_row = $db->sql_fetchrow($result);
+ if (!$topic_row)
+ {
+ message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
+ }
+
$forum_topics = ( $topic_row['forum_topics'] == 0 ) ? 1 : $topic_row['forum_topics'];
$forum_id = $topic_row['forum_id'];
$forum_name = $topic_row['forum_name'];
***************
*** 145,150 ****
--- 151,161 ----
}
$topic_row = $db->sql_fetchrow($result);
+ if (!$topic_row)
+ {
+ message_die(GENERAL_MESSAGE, 'Forum_not_exist');
+ }
+
$forum_topics = ( $topic_row['forum_topics'] == 0 ) ? 1 : $topic_row['forum_topics'];
$forum_name = $topic_row['forum_name'];
}
***************
*** 221,234 ****
{
include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
! $topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
$topic_id_sql = '';
for($i = 0; $i < count($topics); $i++)
{
! $topic_id_sql .= ( ( $topic_id_sql != '' ) ? ', ' : '' ) . $topics[$i];
}
$sql = "SELECT poster_id, COUNT(post_id) AS posts
FROM " . POSTS_TABLE . "
WHERE topic_id IN ($topic_id_sql)
--- 232,261 ----
{
include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
! $topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
$topic_id_sql = '';
for($i = 0; $i < count($topics); $i++)
{
! $topic_id_sql .= ( ( $topic_id_sql != '' ) ? ', ' : '' ) . intval($topics[$i]);
}
+ $sql = "SELECT topic_id
+ FROM " . TOPICS_TABLE . "
+ WHERE topic_id IN ($topic_id_sql)
+ AND forum_id = $forum_id";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not get topic id information', '', __LINE__, __FILE__, $sql);
+ }
+
+ $topic_id_sql = '';
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $topic_id_sql .= (($topic_id_sql != '') ? ', ' : '') . intval($row['topic_id']);
+ }
+ $db->sql_freeresult($result);
+
$sql = "SELECT poster_id, COUNT(post_id) AS posts
FROM " . POSTS_TABLE . "
WHERE topic_id IN ($topic_id_sql)
***************
*** 269,275 ****
$post_id_sql = '';
while ( $row = $db->sql_fetchrow($result) )
{
! $post_id_sql .= ( ( $post_id_sql != '' ) ? ', ' : '' ) . $row['post_id'];
}
$db->sql_freeresult($result);
--- 296,302 ----
$post_id_sql = '';
while ( $row = $db->sql_fetchrow($result) )
{
! $post_id_sql .= ( ( $post_id_sql != '' ) ? ', ' : '' ) . intval($row['post_id']);
}
$db->sql_freeresult($result);
***************
*** 433,441 ****
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
! $new_forum_id = $HTTP_POST_VARS['new_forum'];
$old_forum_id = $forum_id;
if ( $new_forum_id != $old_forum_id )
{
$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
--- 460,482 ----
message_die(GENERAL_MESSAGE, $lang['None_selected']);
}
! $new_forum_id = intval($HTTP_POST_VARS['new_forum']);
$old_forum_id = $forum_id;
+ $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . '
+ WHERE forum_id = ' . $new_forum_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select from forums table', '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$db->sql_fetchrow($result))
+ {
+ message_die(GENERAL_MESSAGE, 'New forum does not exist');
+ }
+
+ $db->sql_freeresult($result);
+
if ( $new_forum_id != $old_forum_id )
{
$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
***************
*** 448,454 ****
$sql = "SELECT *
FROM " . TOPICS_TABLE . "
! WHERE topic_id IN ($topic_list)
AND topic_status <> " . TOPIC_MOVED;
if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
{
--- 489,496 ----
$sql = "SELECT *
FROM " . TOPICS_TABLE . "
! WHERE topic_id IN ($topic_list)
! AND forum_id = $old_forum_id
AND topic_status <> " . TOPIC_MOVED;
if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
{
***************
*** 582,593 ****
$topic_id_sql = '';
for($i = 0; $i < count($topics); $i++)
{
! $topic_id_sql .= ( ( $topic_id_sql != '' ) ? ', ' : '' ) . $topics[$i];
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_LOCKED . "
WHERE topic_id IN ($topic_id_sql)
AND topic_moved_id = 0";
if ( !($result = $db->sql_query($sql)) )
{
--- 624,636 ----
$topic_id_sql = '';
for($i = 0; $i < count($topics); $i++)
{
! $topic_id_sql .= ( ( $topic_id_sql != '' ) ? ', ' : '' ) . intval($topics[$i]);
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_LOCKED . "
WHERE topic_id IN ($topic_id_sql)
+ AND forum_id = $forum_id
AND topic_moved_id = 0";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 626,637 ****
$topic_id_sql = '';
for($i = 0; $i < count($topics); $i++)
{
! $topic_id_sql .= ( ( $topic_id_sql != "") ? ', ' : '' ) . $topics[$i];
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_UNLOCKED . "
WHERE topic_id IN ($topic_id_sql)
AND topic_moved_id = 0";
if ( !($result = $db->sql_query($sql)) )
{
--- 669,681 ----
$topic_id_sql = '';
for($i = 0; $i < count($topics); $i++)
{
! $topic_id_sql .= ( ( $topic_id_sql != "") ? ', ' : '' ) . intval($topics[$i]);
}
$sql = "UPDATE " . TOPICS_TABLE . "
SET topic_status = " . TOPIC_UNLOCKED . "
WHERE topic_id IN ($topic_id_sql)
+ AND forum_id = $forum_id
AND topic_moved_id = 0";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 663,677 ****
$page_title = $lang['Mod_CP'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
if (isset($HTTP_POST_VARS['split_type_all']) || isset($HTTP_POST_VARS['split_type_beyond']))
{
$posts = $HTTP_POST_VARS['post_id_list'];
- $post_id_sql = '';
for ($i = 0; $i < count($posts); $i++)
{
$post_id_sql .= (($post_id_sql != '') ? ', ' : '') . intval($posts[$i]);
}
$sql = "SELECT post_id, poster_id, topic_id, post_time
FROM " . POSTS_TABLE . "
--- 707,741 ----
$page_title = $lang['Mod_CP'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
+ $post_id_sql = '';
+
if (isset($HTTP_POST_VARS['split_type_all']) || isset($HTTP_POST_VARS['split_type_beyond']))
{
$posts = $HTTP_POST_VARS['post_id_list'];
for ($i = 0; $i < count($posts); $i++)
{
$post_id_sql .= (($post_id_sql != '') ? ', ' : '') . intval($posts[$i]);
}
+ }
+
+ if ($post_id_sql != '')
+ {
+ $sql = "SELECT post_id
+ FROM " . POSTS_TABLE . "
+ WHERE post_id IN ($post_id_sql)
+ AND forum_id = $forum_id";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not get post id information', '', __LINE__, __FILE__, $sql);
+ }
+
+ $post_id_sql = '';
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $post_id_sql .= (($post_id_sql != '') ? ', ' : '') . intval($row['post_id']);
+ }
+ $db->sql_freeresult($result);
$sql = "SELECT post_id, poster_id, topic_id, post_time
FROM " . POSTS_TABLE . "
***************
*** 705,710 ****
--- 769,788 ----
$new_forum_id = intval($HTTP_POST_VARS['new_forum_id']);
$topic_time = time();
+
+ $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . '
+ WHERE forum_id = ' . $new_forum_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select from forums table', '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$db->sql_fetchrow($result))
+ {
+ message_die(GENERAL_MESSAGE, 'New forum does not exist');
+ }
+
+ $db->sql_freeresult($result);
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type)
VALUES ('" . str_replace("\'", "''", $post_subject) . "', $first_poster, " . $topic_time . ", $new_forum_id, " . TOPIC_UNLOCKED . ", " . POST_NORMAL . ")";
***************
*** 769,775 ****
message_die(GENERAL_ERROR, 'Could not get topic/post information', '', __LINE__, __FILE__, $sql);
}
! $s_hidden_fields = '';
if( ( $total_posts = $db->sql_numrows($result) ) > 0 )
{
--- 847,853 ----
message_die(GENERAL_ERROR, 'Could not get topic/post information', '', __LINE__, __FILE__, $sql);
}
! $s_hidden_fields = '';
if( ( $total_posts = $db->sql_numrows($result) ) > 0 )
{
***************
*** 801,810 ****
'S_FORUM_SELECT' => make_forum_select("new_forum_id", false, $forum_id))
);
for($i = 0; $i < $total_posts; $i++)
{
$post_id = $postrow[$i]['post_id'];
! $poster_id = $postrow[$i]['user_id'];
$poster = $postrow[$i]['username'];
$post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']);
--- 879,895 ----
'S_FORUM_SELECT' => make_forum_select("new_forum_id", false, $forum_id))
);
+ //
+ // Define censored word matches
+ //
+ $orig_word = array();
+ $replacement_word = array();
+ obtain_word_list($orig_word, $replacement_word);
+
for($i = 0; $i < $total_posts; $i++)
{
$post_id = $postrow[$i]['post_id'];
! $poster_id = $postrow[$i]['poster_id'];
$poster = $postrow[$i]['username'];
$post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']);
***************
*** 830,842 ****
$message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
}
- //
- // Define censored word matches
- //
- $orig_word = array();
- $replacement_word = array();
- obtain_word_list($orig_word, $replacement_word);
-
if ( count($orig_word) )
{
$post_subject = preg_replace($orig_word, $replacement_word, $post_subject);
--- 915,920 ----
***************
*** 896,902 ****
// Look up relevent data for this post
$sql = "SELECT poster_ip, poster_id
FROM " . POSTS_TABLE . "
! WHERE post_id = $post_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not get poster IP information', '', __LINE__, __FILE__, $sql);
--- 974,981 ----
// Look up relevent data for this post
$sql = "SELECT poster_ip, poster_id
FROM " . POSTS_TABLE . "
! WHERE post_id = $post_id
! AND forum_id = $forum_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not get poster IP information', '', __LINE__, __FILE__, $sql);
***************
*** 1146,1152 ****
}
$template->assign_vars(array(
! 'PAGINATION' => generate_pagination("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id", $forum_topics, $board_config['topics_per_page'], $start),
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $forum_topics / $board_config['topics_per_page'] )),
'L_GOTO_PAGE' => $lang['Goto_page'])
);
--- 1225,1231 ----
}
$template->assign_vars(array(
! 'PAGINATION' => generate_pagination("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&sid=" . $userdata['session_id'], $forum_topics, $board_config['topics_per_page'], $start),
'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $forum_topics / $board_config['topics_per_page'] )),
'L_GOTO_PAGE' => $lang['Goto_page'])
);
diff -crN phpbb204/posting.php phpbb2017/posting.php
*** phpbb204/posting.php Sat Jul 10 20:16:21 2004
--- phpbb2017/posting.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: posting.php,v 1.159.2.15 2002/12/03 17:43:59 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: posting.php,v 1.159.2.23 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,41 ****
//
// Check and set various parameters
//
! $params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
{
! $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? $HTTP_POST_VARS[$param] : $HTTP_GET_VARS[$param];
}
else
{
--- 30,41 ----
//
// Check and set various parameters
//
! $params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
{
! $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]);
}
else
{
***************
*** 43,48 ****
--- 43,50 ----
}
}
+ $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
+
$params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
while( list($var, $param) = @each($params) )
{
***************
*** 120,145 ****
}
//
- // Compare sid ... if sids don't match
- // output message ... note that AOL'ers may
- // obtain this error until the session code
- // is modified to change the 6 to 4 in the IP
- // comparison checks ... or if a user takes
- // longer than session time to submit the form
- // both can be easily altered by the admin
- //
- if ( $submit || $refresh )
- {
- if (!isset($HTTP_POST_VARS['sid']) || $HTTP_POST_VARS['sid'] != $userdata['session_id'])
- {
- // I've not added this to the language set at this time ... re-releasing
- // every single language to include this for the once in a blue moon
- // time it will be output is just not worthwhile at present.
- message_die(GENERAL_MESSAGE, 'Invalid_session');
- }
- }
-
- //
// What auth type do we need to check?
//
$is_auth = array();
--- 122,127 ----
***************
*** 241,246 ****
--- 223,229 ----
if ( $result = $db->sql_query($sql) )
{
$post_info = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
$forum_id = $post_info['forum_id'];
$forum_name = $post_info['forum_name'];
***************
*** 295,300 ****
--- 278,284 ----
}
while ( $row = $db->sql_fetchrow($result) );
}
+ $db->sql_freeresult($result);
$post_data['edit_poll'] = ( ( !$poll_results_sum || $is_auth['auth_mod'] ) && $post_data['first_post'] ) ? true : 0;
}
***************
*** 417,422 ****
--- 401,407 ----
}
$notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];
+ $db->sql_freeresult($result);
}
else
{
***************
*** 434,440 ****
//
// Confirm deletion
//
! $s_hidden_fields = '';
$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '' : '';
$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
--- 419,425 ----
//
// Confirm deletion
//
! $s_hidden_fields = '';
$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '' : '';
$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
***************
*** 491,502 ****
FROM " . VOTE_USERS_TABLE . "
WHERE vote_id = $vote_id
AND vote_user_id = " . $userdata['user_id'];
! if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) )
{
$sql = "UPDATE " . VOTE_RESULTS_TABLE . "
SET vote_result = vote_result + 1
--- 476,487 ----
FROM " . VOTE_USERS_TABLE . "
WHERE vote_id = $vote_id
AND vote_user_id = " . $userdata['user_id'];
! if ( !($result2 = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result2)) )
{
$sql = "UPDATE " . VOTE_RESULTS_TABLE . "
SET vote_result = vote_result + 1
***************
*** 520,530 ****
--- 505,517 ----
{
$message = $lang['Already_voted'];
}
+ $db->sql_freeresult($result2);
}
else
{
$message = $lang['No_vote_option'];
}
+ $db->sql_freeresult($result);
$template->assign_vars(array(
'META' => '')
***************
*** 532,537 ****
--- 519,528 ----
$message .= '
' . sprintf($lang['Click_view_message'], '', '');
message_die(GENERAL_MESSAGE, $message);
}
+ else
+ {
+ redirect(append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id", true));
+ }
}
else if ( $submit || $confirm )
{
***************
*** 926,932 ****
}
}
! $hidden_form_fields = '';
switch( $mode )
{
--- 917,923 ----
}
}
! $hidden_form_fields = '';
switch( $mode )
{
***************
*** 1078,1084 ****
'POLL_LENGTH' => $poll_length)
);
! if( $mode == 'editpost' && $post_data['edit_poll'] )
{
$template->assign_block_vars('switch_poll_delete_toggle', array());
}
--- 1069,1075 ----
'POLL_LENGTH' => $poll_length)
);
! if( $mode == 'editpost' && $post_data['edit_poll'] && $post_data['has_poll'])
{
$template->assign_block_vars('switch_poll_delete_toggle', array());
}
***************
*** 1114,1117 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 1105,1108 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/privmsg.php phpbb2017/privmsg.php
*** phpbb204/privmsg.php Sat Jul 10 20:16:21 2004
--- phpbb2017/privmsg.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: privmsg.php,v 1.96.2.23 2003/01/15 00:38:13 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: privmsg.php,v 1.96.2.40 2005/07/19 20:01:19 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
message_die(GENERAL_MESSAGE, 'PM_disabled');
}
! $html_entities_match = array('#&#', '#<#', '#>#');
$html_entities_replace = array('&', '<', '>');
//
--- 35,41 ----
message_die(GENERAL_MESSAGE, 'PM_disabled');
}
! $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
$html_entities_replace = array('&', '<', '>');
//
***************
*** 58,63 ****
--- 58,64 ----
if ( isset($HTTP_POST_VARS['folder']) || isset($HTTP_GET_VARS['folder']) )
{
$folder = ( isset($HTTP_POST_VARS['folder']) ) ? $HTTP_POST_VARS['folder'] : $HTTP_GET_VARS['folder'];
+ $folder = htmlspecialchars($folder);
if ( $folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox' )
{
***************
*** 69,84 ****
$folder = 'inbox';
}
- // session id check
- if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid']))
- {
- $sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid'];
- }
- else
- {
- $sid = '';
- }
-
//
// Start session management
//
--- 70,75 ----
***************
*** 102,107 ****
--- 93,99 ----
if ( !empty($HTTP_POST_VARS['mode']) || !empty($HTTP_GET_VARS['mode']) )
{
$mode = ( !empty($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 220,226 ****
break;
case 'savebox':
$l_box_name = $lang['Savebox'];
! $pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
--- 212,218 ----
break;
case 'savebox':
$l_box_name = $lang['Savebox'];
! $pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
***************
*** 371,377 ****
'quote_img' => '![' . $lang['Post_quote_pm'] . '](' . $images['pm_quotemsg'] . ')
',
'quote' => '' . $lang['Post_quote_pm'] . '',
'edit_img' => '![' . $lang['Edit_pm'] . '](' . $images['pm_editmsg'] . ')
',
! 'edit' => '' . $lang['Edit_pm'] . ''
);
if ( $folder == 'inbox' )
--- 363,369 ----
'quote_img' => '',
'quote' => '' . $lang['Post_quote_pm'] . '',
'edit_img' => '',
! 'edit' => '' . $lang['Edit_pm'] . ''
);
if ( $folder == 'inbox' )
***************
*** 437,443 ****
$l_box_name = $lang['Sent'];
}
! $s_hidden_fields = '';
$page_title = $lang['Read_pm'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
--- 429,435 ----
$l_box_name = $lang['Sent'];
}
! $s_hidden_fields = '';
$page_title = $lang['Read_pm'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
***************
*** 501,507 ****
$profile_img = '![' . $lang['Read_profile'] . '](' . $images['icon_profile'] . ' "' . $lang['Read_profile'] . '")
';
$profile = '' . $lang['Read_profile'] . '';
! $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$poster_id");
$pm_img = '![' . $lang['Send_private_message'] . '](' . $images['icon_pm'] . ' "' . $lang['Send_private_message'] . '")
';
$pm = '' . $lang['Send_private_message'] . '';
--- 493,499 ----
$profile_img = '';
$profile = '' . $lang['Read_profile'] . '';
! $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$user_id_from");
$pm_img = '';
$pm = '' . $lang['Send_private_message'] . '';
***************
*** 571,579 ****
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] )
{
! if ( $user_sig != '' && $privmsg['privmsgs_enable_sig'] && $userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
--- 563,571 ----
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] || !$userdata['user_allowhtml'])
{
! if ( $user_sig != '')
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
***************
*** 664,675 ****
redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
}
- // session id check
- if ($sid == '' || $sid != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
if ( isset($mark_list) && !is_array($mark_list) )
{
// Set to empty array instead of '0' if nothing is selected.
--- 656,661 ----
***************
*** 678,684 ****
if ( !$confirm )
{
! $s_hidden_fields = '';
$s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '' : '';
for($i = 0; $i < count($mark_list); $i++)
--- 664,670 ----
if ( !$confirm )
{
! $s_hidden_fields = '';
$s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '' : '';
for($i = 0; $i < count($mark_list); $i++)
***************
*** 712,758 ****
}
else if ( $confirm )
{
! if ( $delete_all )
{
! switch($folder)
{
! case 'inbox':
! $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
! privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'outbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'sentbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
! break;
! case 'savebox':
! $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
! OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
! break;
! }
! $sql = "SELECT privmsgs_id
! FROM " . PRIVMSGS_TABLE . "
! WHERE $delete_type";
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain id list to delete all messages', '', __LINE__, __FILE__, $sql);
! }
! while ( $row = $db->sql_fetchrow($result) )
! {
! $mark_list[] = $row['privmsgs_id'];
! }
! unset($delete_type);
}
if ( count($mark_list) )
{
$delete_sql_id = '';
--- 698,754 ----
}
else if ( $confirm )
{
! $delete_sql_id = '';
!
! if (!$delete_all)
{
! for ($i = 0; $i < count($mark_list); $i++)
{
! $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
! }
! $delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
! }
! switch($folder)
! {
! case 'inbox':
! $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
! privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'outbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'sentbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
! break;
! case 'savebox':
! $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
! OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
! break;
! }
! $sql = "SELECT privmsgs_id
! FROM " . PRIVMSGS_TABLE . "
! WHERE $delete_type $delete_sql_id";
!
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain id list to delete messages', '', __LINE__, __FILE__, $sql);
! }
! $mark_list = array();
! while ( $row = $db->sql_fetchrow($result) )
! {
! $mark_list[] = $row['privmsgs_id'];
}
+ unset($delete_type);
+
if ( count($mark_list) )
{
$delete_sql_id = '';
***************
*** 896,907 ****
{
redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
}
-
- // session id check
- if ($sid == '' || $sid != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
if (sizeof($mark_list))
{
--- 892,897 ----
***************
*** 1062,1068 ****
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
! OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) ";
break;
case 'sentbox':
--- 1052,1058 ----
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
! OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
break;
case 'sentbox':
***************
*** 1079,1085 ****
message_die(GENERAL_ERROR, 'Could not save private messages', '', __LINE__, __FILE__, $saved_sql);
}
! redirect("privmsg.$phpEx?folder=savebox");
}
}
else if ( $submit || $refresh || $mode != '' )
--- 1069,1075 ----
message_die(GENERAL_ERROR, 'Could not save private messages', '', __LINE__, __FILE__, $saved_sql);
}
! redirect(append_sid("privmsg.$phpEx?folder=savebox", true));
}
}
else if ( $submit || $refresh || $mode != '' )
***************
*** 1150,1164 ****
if ( $submit )
{
- // session id check
- if ($sid == '' || $sid != $userdata['session_id'])
- {
- message_die(GENERAL_ERROR, 'Invalid_session');
- }
-
if ( !empty($HTTP_POST_VARS['username']) )
{
! $to_username = $HTTP_POST_VARS['username'];
$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
FROM " . USERS_TABLE . "
--- 1140,1148 ----
if ( $submit )
{
if ( !empty($HTTP_POST_VARS['username']) )
{
! $to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
FROM " . USERS_TABLE . "
***************
*** 1318,1325 ****
if ( $to_userdata['user_notify_pm'] && !empty($to_userdata['user_email']) && $to_userdata['user_active'] )
{
- $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
-
$script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx;
$server_name = trim($board_config['server_name']);
--- 1302,1307 ----
***************
*** 1329,1336 ****
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer->use_template('privmsg_notify', $to_userdata['user_lang']);
- $emailer->extra_headers($email_headers);
$emailer->email_address($to_userdata['user_email']);
$emailer->set_subject($lang['Notification_subject']);
--- 1311,1320 ----
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
+ $emailer->from($board_config['board_email']);
+ $emailer->replyto($board_config['board_email']);
+
$emailer->use_template('privmsg_notify', $to_userdata['user_lang']);
$emailer->email_address($to_userdata['user_email']);
$emailer->set_subject($lang['Notification_subject']);
***************
*** 1363,1369 ****
// passed to the script, process it a little, do some checks
// where neccessary, etc.
//
! $to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : '';
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
$privmsg_message = preg_replace('##si', '</textarea>', $privmsg_message);
! $user_sig = ( $board_config['allow_sig'] ) ? $privmsg['user_sig'] : '';
$to_username = $privmsg['username'];
$to_userid = $privmsg['user_id'];
--- 1458,1464 ----
$privmsg_message = str_replace('
', "\n", $privmsg_message);
$privmsg_message = preg_replace('##si', '</textarea>', $privmsg_message);
! $user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : '';
$to_username = $privmsg['username'];
$to_userid = $privmsg['user_id'];
***************
*** 1519,1524 ****
--- 1504,1513 ----
$mode = 'reply';
}
}
+ else
+ {
+ $privmsg_subject = $privmsg_message = '';
+ }
}
//
***************
*** 1553,1561 ****
//
// Finalise processing as per viewtopic
//
! if ( !$html_on )
{
! if ( $user_sig != '' || !$userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
--- 1542,1550 ----
//
// Finalise processing as per viewtopic
//
! if ( !$html_on || !$board_config['allow_html'] || !$userdata['user_allowhtml'] )
{
! if ( $user_sig != '' )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
***************
*** 1594,1600 ****
$preview_message = make_clickable($preview_message);
$preview_message = str_replace("\n", '
', $preview_message);
! $s_hidden_fields = '';
$s_hidden_fields .= '';
if ( isset($privmsg_id) )
--- 1583,1589 ----
$preview_message = make_clickable($preview_message);
$preview_message = str_replace("\n", '
', $preview_message);
! $s_hidden_fields = '';
$s_hidden_fields .= '';
if ( isset($privmsg_id) )
***************
*** 1716,1722 ****
$post_a = $lang['Edit_message'];
}
! $s_hidden_fields = '';
$s_hidden_fields .= '';
if ( $mode == 'edit' )
{
--- 1705,1711 ----
$post_a = $lang['Edit_message'];
}
! $s_hidden_fields = '';
$s_hidden_fields .= '';
if ( $mode == 'edit' )
{
***************
*** 1728,1736 ****
//
generate_smilies('inline', PAGE_PRIVMSGS);
$template->assign_vars(array(
! 'SUBJECT' => preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject),
! 'USERNAME' => preg_replace($html_entities_match, $html_entities_replace, $to_username),
'MESSAGE' => $privmsg_message,
'HTML_STATUS' => $html_status,
'SMILIES_STATUS' => $smilies_status,
--- 1717,1728 ----
//
generate_smilies('inline', PAGE_PRIVMSGS);
+ $privmsg_subject = preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject);
+ $privmsg_subject = str_replace('"', '"', $privmsg_subject);
+
$template->assign_vars(array(
! 'SUBJECT' => $privmsg_subject,
! 'USERNAME' => $to_username,
'MESSAGE' => $privmsg_message,
'HTML_STATUS' => $html_status,
'SMILIES_STATUS' => $smilies_status,
***************
*** 1875,1881 ****
//
// New message
//
! $post_new_mesg_url = '![' . $lang['Post_new_message'] . '](' . $images['post_new'] . ')
';
//
// General SQL to obtain messages
--- 1867,1873 ----
//
// New message
//
! $post_new_mesg_url = '';
//
// General SQL to obtain messages
***************
*** 1955,1962 ****
}
else
{
! $limit_msg_time = '';
! $post_days = 0;
}
$sql .= $limit_msg_time . " ORDER BY pm.privmsgs_date DESC LIMIT $start, " . $board_config['topics_per_page'];
--- 1947,1954 ----
}
else
{
! $limit_msg_time = $limit_msg_time_total = '';
! $msg_days = 0;
}
$sql .= $limit_msg_time . " ORDER BY pm.privmsgs_date DESC LIMIT $start, " . $board_config['topics_per_page'];
***************
*** 2042,2047 ****
--- 2034,2043 ----
break;
}
}
+ else
+ {
+ $inbox_limit_img_length = $inbox_limit_pct = $l_box_size_status = '';
+ }
//
// Dump vars to template
***************
*** 2082,2092 ****
'L_SAVE_MARKED' => $lang['Save_marked'],
'S_PRIVMSGS_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"),
! 'S_HIDDEN_FIELDS' => '',
'S_POST_NEW_MSG' => $post_new_mesg_url,
'S_SELECT_MSG_DAYS' => $select_msg_days,
! 'U_POST_NEW_TOPIC' => $post_new_topic_url)
);
//
--- 2078,2088 ----
'L_SAVE_MARKED' => $lang['Save_marked'],
'S_PRIVMSGS_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"),
! 'S_HIDDEN_FIELDS' => '',
'S_POST_NEW_MSG' => $post_new_mesg_url,
'S_SELECT_MSG_DAYS' => $select_msg_days,
! 'U_POST_NEW_TOPIC' => append_sid("privmsg.$phpEx?mode=post"))
);
//
***************
*** 2099,2104 ****
--- 2095,2101 ----
if ( $row = $db->sql_fetchrow($result) )
{
+ $i = 0;
do
{
$privmsg_id = $row['privmsgs_id'];
***************
*** 2133,2138 ****
--- 2130,2136 ----
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
+ $i++;
$template->assign_block_vars('listrow', array(
'ROW_COLOR' => '#' . $row_color,
***************
*** 2173,2176 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 2171,2174 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb204/profile.php phpbb2017/profile.php
*** phpbb204/profile.php Sat Jul 10 20:16:21 2004
--- phpbb2017/profile.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: profile.php,v 1.193.2.2 2002/12/03 20:55:30 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: profile.php,v 1.193.2.5 2004/11/18 17:49:37 acydburn Exp $
*
*
***************************************************************************/
***************
*** 83,88 ****
--- 83,89 ----
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
if ( $mode == 'viewprofile' )
{
***************
*** 99,104 ****
--- 100,116 ----
include($phpbb_root_path . 'includes/usercp_register.'.$phpEx);
exit;
}
+ else if ( $mode == 'confirm' )
+ {
+ // Visual Confirmation
+ if ( $userdata['session_logged_in'] )
+ {
+ exit;
+ }
+
+ include($phpbb_root_path . 'includes/usercp_confirm.'.$phpEx);
+ exit;
+ }
else if ( $mode == 'sendpassword' )
{
include($phpbb_root_path . 'includes/usercp_sendpasswd.'.$phpEx);
***************
*** 115,123 ****
exit;
}
}
! else
! {
! redirect(append_sid("index.$phpEx", true));
! }
?>
--- 127,133 ----
exit;
}
}
!
! redirect(append_sid("index.$phpEx", true));
?>
diff -crN phpbb204/search.php phpbb2017/search.php
*** phpbb204/search.php Sat Jul 10 20:16:21 2004
--- phpbb2017/search.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: search.php,v 1.72.2.6 2003/01/09 00:17:23 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: search.php,v 1.72.2.16 2005/03/15 18:34:34 acydburn Exp $
*
*
***************************************************************************/
***************
*** 60,65 ****
--- 60,66 ----
if ( isset($HTTP_POST_VARS['search_author']) || isset($HTTP_GET_VARS['search_author']))
{
$search_author = ( isset($HTTP_POST_VARS['search_author']) ) ? $HTTP_POST_VARS['search_author'] : $HTTP_GET_VARS['search_author'];
+ $search_author = phpbb_clean_username($search_author);
}
else
{
***************
*** 69,74 ****
--- 70,76 ----
$search_id = ( isset($HTTP_GET_VARS['search_id']) ) ? $HTTP_GET_VARS['search_id'] : '';
$show_results = ( isset($HTTP_POST_VARS['show_results']) ) ? $HTTP_POST_VARS['show_results'] : 'posts';
+ $show_results = ($show_results == 'topics') ? 'topics' : 'posts';
if ( isset($HTTP_POST_VARS['search_terms']) )
{
***************
*** 107,116 ****
--- 109,120 ----
if ( !empty($HTTP_POST_VARS['search_time']) || !empty($HTTP_GET_VARS['search_time']))
{
$search_time = time() - ( ( ( !empty($HTTP_POST_VARS['search_time']) ) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']) ) * 86400 );
+ $topic_days = (!empty($HTTP_POST_VARS['search_time'])) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']);
}
else
{
$search_time = 0;
+ $topic_days = 0;
}
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
***************
*** 144,149 ****
--- 148,158 ----
else if ( $search_keywords != '' || $search_author != '' || $search_id )
{
$store_vars = array('search_results', 'total_match_count', 'split_search', 'sort_by', 'sort_dir', 'show_results', 'return_chars');
+ $search_results = '';
+
+ //
+ // Search ID Limiter, decrease this value if you experience further timeout problems with searching forums
+ $limiter = 5000;
//
// Cycle through options ...
***************
*** 175,181 ****
{
$sql = "SELECT post_id
FROM " . POSTS_TABLE . "
! WHERE poster_id = " . $userdata['user_id'];;
}
else
{
--- 184,190 ----
{
$sql = "SELECT post_id
FROM " . POSTS_TABLE . "
! WHERE poster_id = " . $userdata['user_id'];
}
else
{
***************
*** 188,193 ****
--- 197,207 ----
}
else
{
+ if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
+ {
+ $search_author = '';
+ }
+
$search_author = str_replace('*', '%', trim($search_author));
$sql = "SELECT user_id
***************
*** 215,220 ****
--- 229,239 ----
$sql = "SELECT post_id
FROM " . POSTS_TABLE . "
WHERE poster_id IN ($matching_userids)";
+
+ if ($search_time)
+ {
+ $sql .= " AND post_time >= " . $search_time;
+ }
}
if ( !($result = $db->sql_query($sql)) )
***************
*** 236,242 ****
{
$stopword_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_stopwords.txt');
$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt');
!
$split_search = array();
$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ? split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);
--- 255,261 ----
{
$stopword_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_stopwords.txt');
$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt');
!
$split_search = array();
$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ? split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);
***************
*** 250,255 ****
--- 269,280 ----
for($i = 0; $i < count($split_search); $i++)
{
+ if (preg_match('#^[\*%]+$#', trim($split_search[$i])) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($split_search[$i]))))
+ {
+ $split_search[$i] = '';
+ continue;
+ }
+
switch ( $split_search[$i] )
{
case 'and':
***************
*** 393,398 ****
--- 418,428 ----
//
if ( $search_author != '' )
{
+ if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
+ {
+ $search_author = '';
+ }
+
$search_author = str_replace('*', '%', trim(str_replace("\'", "''", $search_author)));
}
***************
*** 400,495 ****
{
if ( $show_results == 'topics' )
{
! $where_sql = '';
! if ( $search_time )
{
! $where_sql .= ( $search_author == '' && $auth_sql == '' ) ? " AND post_time >= $search_time " : " AND p.post_time >= $search_time ";
}
!
! if ( $search_author == '' && $auth_sql == '' )
{
! $sql = "SELECT topic_id
! FROM " . POSTS_TABLE . "
! WHERE post_id IN (" . implode(", ", $search_ids) . ")
! $where_sql
! GROUP BY topic_id";
}
! else
{
! $from_sql = POSTS_TABLE . " p";
! if ( $search_author != '' )
{
! $from_sql .= ", " . USERS_TABLE . " u";
! $where_sql .= " AND u.user_id = p.poster_id AND u.username LIKE '$search_author' ";
}
!
! if ( $auth_sql != '' )
{
! $from_sql .= ", " . FORUMS_TABLE . " f";
! $where_sql .= " AND f.forum_id = p.forum_id AND $auth_sql";
}
! $sql = "SELECT p.topic_id
! FROM $from_sql
! WHERE p.post_id IN (" . implode(", ", $search_ids) . ")
! $where_sql
! GROUP BY p.topic_id";
! }
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain topic ids', '', __LINE__, __FILE__, $sql);
! }
! $search_ids = array();
! while( $row = $db->sql_fetchrow($result) )
! {
! $search_ids[] = $row['topic_id'];
}
- $db->sql_freeresult($result);
$total_match_count = sizeof($search_ids);
}
else if ( $search_author != '' || $search_time || $auth_sql != '' )
{
! $where_sql = ( $search_author == '' && $auth_sql == '' ) ? 'post_id IN (' . implode(', ', $search_ids) . ')' : 'p.post_id IN (' . implode(', ', $search_ids) . ')';
! $from_sql = ( $search_author == '' && $auth_sql == '' ) ? POSTS_TABLE : POSTS_TABLE . ' p';
! if ( $search_time )
{
! $where_sql .= ( $search_author == '' && $auth_sql == '' ) ? " AND post_time >= $search_time " : " AND p.post_time >= $search_time";
}
!
! if ( $auth_sql != '' )
{
! $from_sql .= ", " . FORUMS_TABLE . " f";
! $where_sql .= " AND f.forum_id = p.forum_id AND $auth_sql";
}
! if ( $search_author != '' )
! {
! $from_sql .= ", " . USERS_TABLE . " u";
! $where_sql .= " AND u.user_id = p.poster_id AND u.username LIKE '$search_author'";
! }
! $sql = "SELECT p.post_id
! FROM $from_sql
! WHERE $where_sql";
! if ( !($result = $db->sql_query($sql)) )
{
! message_die(GENERAL_ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
! }
! $search_ids = array();
! while( $row = $db->sql_fetchrow($result) )
! {
! $search_ids[] = $row['post_id'];
! }
! $db->sql_freeresult($result);
$total_match_count = count($search_ids);
}
--- 430,582 ----
{
if ( $show_results == 'topics' )
{
! //
! // This one is a beast, try to seperate it a bit (workaround for connection timeouts)
! //
! $search_id_chunks = array();
! $count = 0;
! $chunk = 0;
! if (count($search_ids) > $limiter)
{
! for ($i = 0; $i < count($search_ids); $i++)
! {
! if ($count == $limiter)
! {
! $chunk++;
! $count = 0;
! }
!
! $search_id_chunks[$chunk][$count] = $search_ids[$i];
! $count++;
! }
}
! else
{
! $search_id_chunks[0] = $search_ids;
}
!
! $search_ids = array();
!
! for ($i = 0; $i < count($search_id_chunks); $i++)
{
! $where_sql = '';
! if ( $search_time )
{
! $where_sql .= ( $search_author == '' && $auth_sql == '' ) ? " AND post_time >= $search_time " : " AND p.post_time >= $search_time ";
}
!
! if ( $search_author == '' && $auth_sql == '' )
{
! $sql = "SELECT topic_id
! FROM " . POSTS_TABLE . "
! WHERE post_id IN (" . implode(", ", $search_id_chunks[$i]) . ")
! $where_sql
! GROUP BY topic_id";
}
+ else
+ {
+ $from_sql = POSTS_TABLE . " p";
! if ( $search_author != '' )
! {
! $from_sql .= ", " . USERS_TABLE . " u";
! $where_sql .= " AND u.user_id = p.poster_id AND u.username LIKE '$search_author' ";
! }
! if ( $auth_sql != '' )
! {
! $from_sql .= ", " . FORUMS_TABLE . " f";
! $where_sql .= " AND f.forum_id = p.forum_id AND $auth_sql";
! }
! $sql = "SELECT p.topic_id
! FROM $from_sql
! WHERE p.post_id IN (" . implode(", ", $search_id_chunks[$i]) . ")
! $where_sql
! GROUP BY p.topic_id";
! }
!
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain topic ids', '', __LINE__, __FILE__, $sql);
! }
!
! while ($row = $db->sql_fetchrow($result))
! {
! $search_ids[] = $row['topic_id'];
! }
! $db->sql_freeresult($result);
}
$total_match_count = sizeof($search_ids);
}
else if ( $search_author != '' || $search_time || $auth_sql != '' )
{
! $search_id_chunks = array();
! $count = 0;
! $chunk = 0;
! if (count($search_ids) > $limiter)
{
! for ($i = 0; $i < count($search_ids); $i++)
! {
! if ($count == $limiter)
! {
! $chunk++;
! $count = 0;
! }
!
! $search_id_chunks[$chunk][$count] = $search_ids[$i];
! $count++;
! }
}
! else
{
! $search_id_chunks[0] = $search_ids;
}
! $search_ids = array();
! for ($i = 0; $i < count($search_id_chunks); $i++)
{
! $where_sql = ( $search_author == '' && $auth_sql == '' ) ? 'post_id IN (' . implode(', ', $search_id_chunks[$i]) . ')' : 'p.post_id IN (' . implode(', ', $search_id_chunks[$i]) . ')';
! $select_sql = ( $search_author == '' && $auth_sql == '' ) ? 'post_id' : 'p.post_id';
! $from_sql = ( $search_author == '' && $auth_sql == '' ) ? POSTS_TABLE : POSTS_TABLE . ' p';
! if ( $search_time )
! {
! $where_sql .= ( $search_author == '' && $auth_sql == '' ) ? " AND post_time >= $search_time " : " AND p.post_time >= $search_time";
! }
! if ( $auth_sql != '' )
! {
! $from_sql .= ", " . FORUMS_TABLE . " f";
! $where_sql .= " AND f.forum_id = p.forum_id AND $auth_sql";
! }
!
! if ( $search_author != '' )
! {
! $from_sql .= ", " . USERS_TABLE . " u";
! $where_sql .= " AND u.user_id = p.poster_id AND u.username LIKE '$search_author'";
! }
!
! $sql = "SELECT " . $select_sql . "
! FROM $from_sql
! WHERE $where_sql";
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain post ids', '', __LINE__, __FILE__, $sql);
! }
!
! while( $row = $db->sql_fetchrow($result) )
! {
! $search_ids[] = $row['post_id'];
! }
! $db->sql_freeresult($result);
! }
$total_match_count = count($search_ids);
}
***************
*** 575,580 ****
--- 662,682 ----
// so we can serialize it and place it in the DB
//
$store_search_data = array();
+
+ //
+ // Limit the character length (and with this the results displayed at all following pages) to prevent
+ // truncated result arrays. Normally, search results above 12000 are affected.
+ // - to include or not to include
+ /*
+ $max_result_length = 60000;
+ if (strlen($search_results) > $max_result_length)
+ {
+ $search_results = substr($search_results, 0, $max_result_length);
+ $search_results = substr($search_results, 0, strrpos($search_results, ','));
+ $total_match_count = count(explode(', ', $search_results));
+ }
+ */
+
for($i = 0; $i < count($store_vars); $i++)
{
$store_search_data[$store_vars[$i]] = $$store_vars[$i];
***************
*** 587,593 ****
$search_id = mt_rand();
$sql = "UPDATE " . SEARCH_TABLE . "
! SET search_id = $search_id, search_array = '$result_array'
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
{
--- 689,695 ----
$search_id = mt_rand();
$sql = "UPDATE " . SEARCH_TABLE . "
! SET search_id = $search_id, search_array = '" . str_replace("\'", "''", $result_array) . "'
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
{
***************
*** 601,607 ****
}
else
{
! if ( intval($search_id) )
{
$sql = "SELECT search_array
FROM " . SEARCH_TABLE . "
--- 703,710 ----
}
else
{
! $search_id = intval($search_id);
! if ( $search_id )
{
$sql = "SELECT search_array
FROM " . SEARCH_TABLE . "
***************
*** 779,789 ****
$message = preg_replace("/\[.*?:$bbcode_uid:?.*?\]/si", '', $message);
$message = preg_replace('/\[url\]|\[\/url\]/si', '', $message);
$message = ( strlen($message) > $return_chars ) ? substr($message, 0, $return_chars) . ' ...' : $message;
-
- if ( count($search_string) )
- {
- $message = preg_replace($search_string, $replace_string, $message);
- }
}
else
{
--- 882,887 ----
diff -crN phpbb204/templates/subSilver/admin/board_config_body.tpl phpbb2017/templates/subSilver/admin/board_config_body.tpl
*** phpbb204/templates/subSilver/admin/board_config_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/admin/board_config_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 36,41 ****
--- 36,45 ----
{L_NONE} {L_USER} {L_ADMIN} |
+ {L_VISUAL_CONFIRM}
{L_VISUAL_CONFIRM_EXPLAIN} |
+ {L_YES} {L_NO} |
+
+
{L_BOARD_EMAIL_FORM}
{L_BOARD_EMAIL_FORM_EXPLAIN} |
{L_ENABLED} {L_DISABLED} |
diff -crN phpbb204/templates/subSilver/admin/forum_edit_body.tpl phpbb2017/templates/subSilver/admin/forum_edit_body.tpl
*** phpbb204/templates/subSilver/admin/forum_edit_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/admin/forum_edit_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 10,16 ****
| {L_FORUM_NAME} |
! |
| {L_FORUM_DESCRIPTION} |
--- 10,16 ----
| {L_FORUM_NAME} |
! |
| {L_FORUM_DESCRIPTION} |
***************
*** 33,43 ****
| {L_PRUNE_DAYS} |
! {L_DAYS} |
| {L_PRUNE_FREQ} |
! {L_DAYS} |
--- 33,43 ----
| {L_PRUNE_DAYS} |
! {L_DAYS} |
| {L_PRUNE_FREQ} |
! {L_DAYS} |
diff -crN phpbb204/templates/subSilver/admin/index_body.tpl phpbb2017/templates/subSilver/admin/index_body.tpl
*** phpbb204/templates/subSilver/admin/index_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/admin/index_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 77,79 ****
--- 77,85 ----
+
+ {L_VERSION_INFORMATION}
+
+ {VERSION_INFO}
+
+
diff -crN phpbb204/templates/subSilver/admin/user_edit_body.tpl phpbb2017/templates/subSilver/admin/user_edit_body.tpl
*** phpbb204/templates/subSilver/admin/user_edit_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/admin/user_edit_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 28,41 ****
{L_NEW_PASSWORD}: *
{L_PASSWORD_IF_CHANGED} |
!
|
{L_CONFIRM_PASSWORD}: *
{L_PASSWORD_CONFIRM_IF_CHANGED} |
!
|
--- 28,41 ----
{L_NEW_PASSWORD}: *
{L_PASSWORD_IF_CHANGED} |
!
|
{L_CONFIRM_PASSWORD}: *
{L_PASSWORD_CONFIRM_IF_CHANGED} |
!
|
diff -crN phpbb204/templates/subSilver/admin/user_select_body.tpl phpbb2017/templates/subSilver/admin/user_select_body.tpl
*** phpbb204/templates/subSilver/admin/user_select_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/admin/user_select_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 8,13 ****
| {L_USER_SELECT} |
! | {S_HIDDEN_FIELDS} |
--- 8,13 ----
{L_USER_SELECT} |
! | {S_HIDDEN_FIELDS} |
diff -crN phpbb204/templates/subSilver/faq_body.tpl phpbb2017/templates/subSilver/faq_body.tpl
*** phpbb204/templates/subSilver/faq_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/faq_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 34,40 ****
! {faq_block.faq_row.FAQ_QUESTION}
{faq_block.faq_row.FAQ_ANSWER}
{L_BACK_TO_TOP} |
 |
--- 34,40 ----
! {faq_block.faq_row.FAQ_QUESTION}
{faq_block.faq_row.FAQ_ANSWER}
{L_BACK_TO_TOP} |
|
diff -crN phpbb204/templates/subSilver/index_body.tpl phpbb2017/templates/subSilver/index_body.tpl
*** phpbb204/templates/subSilver/index_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/index_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 61,67 ****
--- 61,69 ----
***************
*** 74,80 ****
{L_USERNAME}:
{L_PASSWORD}:
!
{L_AUTO_LOGIN}
--- 76,82 ----
| {L_USERNAME}:
{L_PASSWORD}:
!
{L_AUTO_LOGIN}
***************
*** 89,101 ****
!  |
{L_NEW_POSTS} |
|
!  |
{L_NO_NEW_POSTS} |
|
!  |
{L_FORUM_LOCKED} |
--- 91,103 ----
!  |
{L_NEW_POSTS} |
|
!  |
{L_NO_NEW_POSTS} |
|
!  |
{L_FORUM_LOCKED} |
diff -crN phpbb204/templates/subSilver/login_body.tpl phpbb2017/templates/subSilver/login_body.tpl
*** phpbb204/templates/subSilver/login_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/login_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 19,31 ****
| {L_USERNAME}: |
!
|
| {L_PASSWORD}: |
!
|
--- 19,31 ----
| {L_USERNAME}: |
!
|
| {L_PASSWORD}: |
!
|
diff -crN phpbb204/templates/subSilver/memberlist_body.tpl phpbb2017/templates/subSilver/memberlist_body.tpl
*** phpbb204/templates/subSilver/memberlist_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/memberlist_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 32,38 ****
! | |
diff -crN phpbb204/templates/subSilver/overall_footer.tpl phpbb2017/templates/subSilver/overall_footer.tpl
*** phpbb204/templates/subSilver/overall_footer.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/overall_footer.tpl Tue Jul 19 22:14:57 2005
***************
*** 4,16 ****
We request you retain the full copyright notice below including the link to www.phpbb.com.
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
! reason) retain the full copyright we request you at least leave in place the
! Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
! to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
! Powered by phpBB {PHPBB_VERSION} © 2001, 2002 phpBB Group
{TRANSLATION_INFO}
--- 4,16 ----
We request you retain the full copyright notice below including the link to www.phpbb.com.
This not only gives respect to the large amount of time given freely by the developers
but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
! reason) retain the full copyright we request you at least leave in place the
! Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
! to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
! Powered by phpBB © 2001, 2005 phpBB Group
{TRANSLATION_INFO}
|
diff -crN phpbb204/templates/subSilver/overall_header.tpl phpbb2017/templates/subSilver/overall_header.tpl
*** phpbb204/templates/subSilver/overall_header.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/overall_header.tpl Tue Jul 19 22:14:57 2005
***************
*** 220,226 ****
!
--- 220,226 ----
!
diff -crN phpbb204/templates/subSilver/posting_body.tpl phpbb2017/templates/subSilver/posting_body.tpl
*** phpbb204/templates/subSilver/posting_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/posting_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 96,102 ****
text = ' ' + text + ' ';
if (txtarea.createTextRange && txtarea.caretPos) {
var caretPos = txtarea.caretPos;
! caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? text + ' ' : text;
txtarea.focus();
} else {
txtarea.value += text;
--- 96,102 ----
text = ' ' + text + ' ';
if (txtarea.createTextRange && txtarea.caretPos) {
var caretPos = txtarea.caretPos;
! caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? caretPos.text + text + ' ' : caretPos.text + text;
txtarea.focus();
} else {
txtarea.value += text;
***************
*** 135,140 ****
--- 135,141 ----
function bbstyle(bbnumber) {
var txtarea = document.post.message;
+ txtarea.focus();
donotinsert = false;
theSelection = false;
bblast = 0;
diff -crN phpbb204/templates/subSilver/privmsgs_read_body.tpl phpbb2017/templates/subSilver/privmsgs_read_body.tpl
*** phpbb204/templates/subSilver/privmsgs_read_body.tpl Sat Jul 10 20:16:22 2004
--- phpbb2017/templates/subSilver/privmsgs_read_body.tpl Tue Jul 19 22:14:57 2005
***************
*** 53,59 ****
{PROFILE_IMG} {PM_IMG} {EMAIL_IMG}
{WWW_IMG} {AIM_IMG} {YIM_IMG} {MSN_IMG} | | |