punbb-1.1.1/upload/admin_options.php |
punbb-1.1.4/upload/admin_options.php |
94: $form['maintenance'] = '0'; | 94: $form['maintenance'] = '0'; |
95: } | 95: } |
96: | 96: |
| 97: $form['timeout_visit'] = intval($form['timeout_visit']); |
| 98: $form['timeout_online'] = intval($form['timeout_online']); |
| 99: $form['redirect_delay'] = intval($form['redirect_delay']); |
| 100: $form['flood_interval'] = intval($form['flood_interval']); |
| 101: $form['topic_review'] = intval($form['topic_review']); |
| 102: $form['disp_topics_default'] = intval($form['disp_topics_default']); |
| 103: $form['disp_posts_default'] = intval($form['disp_posts_default']); |
| 104: $form['indent_num_spaces'] = intval($form['indent_num_spaces']); |
| 105: $form['avatars_width'] = intval($form['avatars_width']); |
| 106: $form['avatars_height'] = intval($form['avatars_height']); |
| 107: $form['avatars_size'] = intval($form['avatars_size']); |
97: | 108: |
98: while (list($key, $input) = @each($form)) | 109: while (list($key, $input) = @each($form)) |
99: { | 110: { |
100: // Only update values that have changed | 111: // Only update values that have changed |
101: if ($pun_config['o_'.$key] != $input) | 112: if ($pun_config['o_'.$key] != $input) |
102: { | 113: { |
103: if ($input != '') | 114: if ($input != '' || is_int($input)) |
104: $value = '\''.escape($input).'\''; | 115: $value = '\''.escape($input).'\''; |
105: else | 116: else |
106: $value = 'NULL'; | 117: $value = 'NULL'; |
392: </tr> | 403: </tr> |
393: <tr> | 404: <tr> |
394: <td class="punright" style="width: 35%"><b>SMTP username</b><br>Username for SMTP server. Only enter a username if it is required by the SMTP server (most servers <b>don't</b> require authentication).</td> | 405: <td class="punright" style="width: 35%"><b>SMTP username</b><br>Username for SMTP server. Only enter a username if it is required by the SMTP server (most servers <b>don't</b> require authentication).</td> |
395: <td style="width: 65%"><input type="text" name="form[smtp_user]" size="25" maxlength="25" value="<?php echo $pun_config['o_smtp_user'] ?>"></td> | 406: <td style="width: 65%"><input type="text" name="form[smtp_user]" size="25" maxlength="50" value="<?php echo $pun_config['o_smtp_user'] ?>"></td> |
396: </tr> | 407: </tr> |
397: <tr> | 408: <tr> |
398: <td class="punright" style="width: 35%"><b>SMTP password</b><br>Password for SMTP server. Only enter a password if it is required by the SMTP server (most servers <b>don't</b> require authentication).</td> | 409: <td class="punright" style="width: 35%"><b>SMTP password</b><br>Password for SMTP server. Only enter a password if it is required by the SMTP server (most servers <b>don't</b> require authentication).</td> |
399: <td style="width: 65%"><input type="text" name="form[smtp_pass]" size="25" maxlength="25" value="<?php echo $pun_config['o_smtp_pass'] ?>"></td> | 410: <td style="width: 65%"><input type="text" name="form[smtp_pass]" size="25" maxlength="50" value="<?php echo $pun_config['o_smtp_pass'] ?>"></td> |
400: </tr> | 411: </tr> |
401: </table> | 412: </table> |
402: </td> | 413: </td> |
punbb-1.1.1/upload/admin_prune.php |
punbb-1.1.4/upload/admin_prune.php |
87: $prune_from = $_POST['prune_from']; | 87: $prune_from = $_POST['prune_from']; |
88: | 88: |
89: // Concatenate together the query for counting number or topics to prune | 89: // Concatenate together the query for counting number or topics to prune |
90: $sql = 'SELECT COUNT(id) FROM '.$db->prefix.'topics WHERE last_post<'.$prune_date; | 90: $sql = 'SELECT COUNT(id) FROM '.$db->prefix.'topics WHERE last_post<'.$prune_date.' AND moved_to IS NULL'; |
91: | 91: |
92: if ($_POST['prune_sticky'] == '0') | 92: if ($_POST['prune_sticky'] == '0') |
93: $sql .= ' AND sticky=\'0\''; | 93: $sql .= ' AND sticky=\'0\''; |
98: | 98: |
99: // Fetch the forum name (just for cosmetic reasons) | 99: // Fetch the forum name (just for cosmetic reasons) |
100: $result = $db->query('SELECT forum_name FROM '.$db->prefix.'forums WHERE id='.$prune_from) or error('Unable to fetch forum name', __FILE__, __LINE__, $db->error()); | 100: $result = $db->query('SELECT forum_name FROM '.$db->prefix.'forums WHERE id='.$prune_from) or error('Unable to fetch forum name', __FILE__, __LINE__, $db->error()); |
101: $forum = '"'.$db->result($result, 0).'"'; | 101: $forum = '"'.pun_htmlspecialchars($db->result($result, 0)).'"'; |
102: } | 102: } |
103: else | 103: else |
104: $forum = 'all forums'; | 104: $forum = 'all forums'; |
punbb-1.1.1/upload/include/common_admin.php |
punbb-1.1.4/upload/include/common_admin.php |
82: // | 82: // |
83: function prune($forum_id, $prune_sticky, $prune_date) | 83: function prune($forum_id, $prune_sticky, $prune_date) |
84: { | 84: { |
85: global $db; | 85: global $pun_root, $db; |
86: | 86: |
87: if ($prune_date != -1) | 87: $extra_sql = ($prune_date != -1) ? ' AND last_post<'.$prune_date : ''; |
88: $extra = ' AND last_post<'.$prune_date; | |
89: | 88: |
90: if (!$prune_sticky) | 89: if (!$prune_sticky) |
91: $extra .= ' AND sticky=\'0\''; | 90: $extra_sql .= ' AND sticky=\'0\''; |
92: | 91: |
93: // Fetch topics to prune | 92: // Fetch topics to prune |
94: $result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id.$extra) or error('Unable to fetch topics', __FILE__, __LINE__, $db->error()); | 93: $result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id.$extra_sql) or error('Unable to fetch topics', __FILE__, __LINE__, $db->error()); |
95: | 94: |
96: while ($row = $db->fetch_row($result)) | 95: while ($row = $db->fetch_row($result)) |
97: $topic_ids .= (($topic_ids != '') ? ',' : '').$row[0]; | 96: $topic_ids .= (($topic_ids != '') ? ',' : '').$row[0]; |
112: $db->query('DELETE FROM '.$db->prefix.'posts WHERE id IN('.$post_ids.')') or error('Unable to prune posts', __FILE__, __LINE__, $db->error()); | 111: $db->query('DELETE FROM '.$db->prefix.'posts WHERE id IN('.$post_ids.')') or error('Unable to prune posts', __FILE__, __LINE__, $db->error()); |
113: | 112: |
114: // We removed a bunch of posts, so now we have to update the search index | 113: // We removed a bunch of posts, so now we have to update the search index |
115: require $pun_root.'include/search_idx.php'; | 114: require_once $pun_root.'include/search_idx.php'; |
116: strip_search_index($post_ids); | 115: strip_search_index($post_ids); |
117: } | 116: } |
118: } | 117: } |
punbb-1.1.1/upload/include/search_idx.php |
punbb-1.1.4/upload/include/search_idx.php |
43: | 43: |
44: if (empty($noise_match)) | 44: if (empty($noise_match)) |
45: { | 45: { |
46: $noise_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', ';', '!', '*'); | 46: $noise_match = array('quote', 'code', 'url', 'img', 'email', 'color', 'colour', '^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', ';', '!', '*'); |
47: $noise_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '' , ' ', ' ', ' ', ' ', ' ', ' '); | 47: $noise_replace = array('', '', '', '', '', '', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '' , ' ', ' ', ' ', ' ', ' ', ' '); |
48: | 48: |
49: $stopwords = @file('lang/'.$language.'/'.$language.'_stopwords.txt'); | 49: $stopwords = @file('lang/'.$language.'/'.$language.'_stopwords.txt'); |
50: } | 50: } |
punbb-1.1.1/upload/index.php |
punbb-1.1.4/upload/index.php |
53: | 53: |
54: | 54: |
55: // Print the categories and forums | 55: // Print the categories and forums |
56: if ($cur_user['status'] < PUN_MOD) | 56: $extra_sql = ($cur_user['status'] < PUN_MOD) ? ' WHERE f.admmod_only=\'0\'' : ''; |
57: $extra = ' WHERE f.admmod_only=\'0\''; | |
58: | 57: |
59: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.forum_desc, f.moderators, f.num_topics, f.num_posts, f.last_post, f.last_post_id, f.last_poster, f.closed FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); | 58: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.forum_desc, f.moderators, f.num_topics, f.num_posts, f.last_post, f.last_post_id, f.last_poster, f.closed FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra_sql.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); |
60: | 59: |
61: while ($cur_forum = $db->fetch_assoc($result)) | 60: while ($cur_forum = $db->fetch_assoc($result)) |
62: { | 61: { |
punbb-1.1.1/upload/install.php |
punbb-1.1.4/upload/install.php |
24: | 24: |
25: | 25: |
26: // The PunBB version this script installs | 26: // The PunBB version this script installs |
27: $punbb_version = '1.1.1'; | 27: $punbb_version = '1.1.4'; |
28: | 28: |
29: | 29: |
30: $pun_root = './'; | 30: $pun_root = './'; |
289: break; | 289: break; |
290: | 290: |
291: default: | 291: default: |
292: exit('\''.$db_type.'\' is not a valid database type. <a href="JavaScript: history.go(-1)">Go back</a>.'); | 292: exit('\''.htmlspecialchars($db_type).'\' is not a valid database type. <a href="JavaScript: history.go(-1)">Go back</a>.'); |
293: break; | 293: break; |
294: } | 294: } |
295: | 295: |
864: $db->query('INSERT INTO '.$db_prefix."users (username, password, email) VALUES('Guest', 'Guest', 'Guest')", 1) | 864: $db->query('INSERT INTO '.$db_prefix."users (username, password, email) VALUES('Guest', 'Guest', 'Guest')", 1) |
865: or exit('Unable to insert into table '.$db_prefix.'users. Please check your configuration and try again. <a href="JavaScript: history.go(-1)">Go back</a>.'); | 865: or exit('Unable to insert into table '.$db_prefix.'users. Please check your configuration and try again. <a href="JavaScript: history.go(-1)">Go back</a>.'); |
866: | 866: |
867: $db->query('INSERT INTO '.$db_prefix."users (username, password, email, num_posts, status, last_post, registered, last_visit) VALUES('".addslashes($username)."', '".pun_hash($password1)."', '$email', 1, 2, ".$now.", ".$now.", ".$now.')') | 867: $db->query('INSERT INTO '.$db_prefix."users (username, password, email, num_posts, status, last_post, registered, last_visit, last_action) VALUES('".addslashes($username)."', '".pun_hash($password1)."', '$email', 1, 2, ".$now.", ".$now.", ".$now.", ".$now.')') |
868: or exit('Unable to insert into table '.$db_prefix.'users. Please check your configuration and try again. <a href="JavaScript: history.go(-1)">Go back</a>.'); | 868: or exit('Unable to insert into table '.$db_prefix.'users. Please check your configuration and try again. <a href="JavaScript: history.go(-1)">Go back</a>.'); |
869: | 869: |
870: // Insert config data | 870: // Insert config data |
975: | 975: |
976: | 976: |
977: /// Display config.php and give further instructions | 977: /// Display config.php and give further instructions |
978: $config = '<?php'."\n\n".'$db_type = \''.$db_type."';\n".'$db_host = \''.$db_host."';\n".'$db_name = \''.$db_name."';\n".'$db_username = \''.$db_username."';\n".'$db_password = \''.$db_password."';\n".'$db_prefix = \''.$db_prefix."';\n".'$p_connect = true;'."\n\n".'$cookie_name = '."'punbb_cookie';\n".'$cookie_domain = '."'';\n".'$cookie_path = '."'/';\n".'$cookie_secure = 0;'."\n\n".'$language = \'en\';'."\n\ndefine('PUN', 1);\n\n?>"; | 978: $config = '<?php'."\n\n".'$db_type = \''.$db_type."';\n".'$db_host = \''.$db_host."';\n".'$db_name = \''.$db_name."';\n".'$db_username = \''.$db_username."';\n".'$db_password = \''.$db_password."';\n".'$db_prefix = \''.$db_prefix."';\n".'$p_connect = false;'."\n\n".'$cookie_name = '."'punbb_cookie';\n".'$cookie_domain = '."'';\n".'$cookie_path = '."'/';\n".'$cookie_secure = 0;'."\n\n".'$language = \'en\';'."\n\ndefine('PUN', 1);\n\n?>"; |
979: | 979: |
980: | 980: |
981: ?> | 981: ?> |
punbb-1.1.1/upload/lang/en/en_edit.php |
punbb-1.1.4/upload/lang/en/en_edit.php |
8: 'Too long subject' => 'Subjects cannot be longer than 70 characters.', | 8: 'Too long subject' => 'Subjects cannot be longer than 70 characters.', |
9: 'No caps subject' => 'Subjects must not contain only capital letters and special characters in this forum.', | 9: 'No caps subject' => 'Subjects must not contain only capital letters and special characters in this forum.', |
10: 'No message' => 'You must enter a message.', | 10: 'No message' => 'You must enter a message.', |
11: 'Too long message' => 'Posts cannot be longer that 65535 characters (64 Kb).', | 11: 'Too long message' => 'Posts cannot be longer that 65535 characters (64 KB).', |
12: 'No caps message' => 'Messages must not contain only capital letters and special characters in this forum.', | 12: 'No caps message' => 'Messages must not contain only capital letters and special characters in this forum.', |
13: | 13: |
14: // Miscellaneous | 14: // Miscellaneous |
15: 'Show smilies' => 'Show smilies', | 15: 'Show smilies' => 'Convert smilies to icons', |
16: 'Silent edit' => 'Silent edit (don\'t display "Edited by ..." in topic view)', | 16: 'Silent edit' => 'Silent edit (don\'t display "Edited by ..." in topic view)', |
17: 'Edit message' => 'Edit message', | 17: 'Edit message' => 'Edit message', |
18: 'Edit redirect' => 'Post updated. Redirecting ...' | 18: 'Edit redirect' => 'Post updated. Redirecting ...' |
punbb-1.1.1/upload/lang/en/en_post.php |
punbb-1.1.4/upload/lang/en/en_post.php |
8: 'Too long subject' => 'Subjects cannot be longer than 70 characters.', | 8: 'Too long subject' => 'Subjects cannot be longer than 70 characters.', |
9: 'No caps subject' => 'Subjects must not contain only capital letters and special characters in this forum.', | 9: 'No caps subject' => 'Subjects must not contain only capital letters and special characters in this forum.', |
10: 'No message' => 'You must enter a message.', | 10: 'No message' => 'You must enter a message.', |
11: 'Too long message' => 'Posts cannot be longer that 65535 characters (64 Kb).', | 11: 'Too long message' => 'Posts cannot be longer that 65535 characters (64 KB).', |
12: 'No caps message' => 'Messages must not contain only capital letters and special characters in this forum.', | 12: 'No caps message' => 'Messages must not contain only capital letters and special characters in this forum.', |
13: | 13: |
14: // Miscellaneous | 14: // Miscellaneous |
15: 'Post redirect' => 'Post entered. Redirecting ...', | 15: 'Post redirect' => 'Post entered. Redirecting ...', |
16: 'Post a reply' => 'Post a reply', | 16: 'Post a reply' => 'Post a reply', |
17: 'Post new topic' => 'Post new topic', | 17: 'Post new topic' => 'Post new topic', |
18: 'Show smilies' => 'Show smilies as icons', | 18: 'Show smilies' => 'Convert smilies to icons', |
19: 'Subscribe' => 'Subscribe to this topic', | 19: 'Subscribe' => 'Subscribe to this topic', |
20: 'Topic review' => 'Topic review (newest first)', | 20: 'Topic review' => 'Topic review (newest first)', |
21: 'Flood start' => 'At least', | 21: 'Flood start' => 'At least', |
punbb-1.1.1/upload/misc.php |
punbb-1.1.4/upload/misc.php |
105: | 105: |
106: pun_mail($recipient_email, $mail_subject, $mail_message, $cur_user['username'].' <'.$cur_user['email'].'>'); | 106: pun_mail($recipient_email, $mail_subject, $mail_message, $cur_user['username'].' <'.$cur_user['email'].'>'); |
107: | 107: |
108: redirect('profile.php?id='.$recipient_id, $lang_misc['E-mail sent redirect']); | 108: redirect($_POST['redirect_url'], $lang_misc['E-mail sent redirect']); |
109: } | 109: } |
110: | 110: |
111: | 111: |
| 112: // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent) |
| 113: $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? $_SERVER['HTTP_REFERER'] : 'index.php'; |
| 114: |
112: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail']; | 115: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail']; |
113: $validate_form = true; | 116: $validate_form = true; |
114: $element_names = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']); | 117: $element_names = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']); |
121: | 124: |
122: <form method="post" action="misc.php?email=<?php echo $recipient_id ?>" id="email" onsubmit="return process_form(this)"> | 125: <form method="post" action="misc.php?email=<?php echo $recipient_id ?>" id="email" onsubmit="return process_form(this)"> |
123: <input type="hidden" name="form_sent" value="1"> | 126: <input type="hidden" name="form_sent" value="1"> |
| 127: <input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>"> |
124: <table class="punmain" cellspacing="1" cellpadding="4"> | 128: <table class="punmain" cellspacing="1" cellpadding="4"> |
125: <tr class="punhead"> | 129: <tr class="punhead"> |
126: <td class="punhead" colspan="2"><?php echo $lang_misc['Send e-mail'] ?></td> | 130: <td class="punhead" colspan="2"><?php echo $lang_misc['Send e-mail'] ?></td> |
punbb-1.1.1/upload/post.php |
punbb-1.1.4/upload/post.php |
40: message($lang_post['Flood start'].' '.$pun_config['o_flood_interval'].' '.$lang_post['flood end']); | 40: message($lang_post['Flood start'].' '.$pun_config['o_flood_interval'].' '.$lang_post['flood end']); |
41: | 41: |
42: // Make sure form_user is correct | 42: // Make sure form_user is correct |
43: if (($cookie['is_guest'] && $_POST['form_user'] != 'Guest') || (!$cookie['is_guest'] && $_POST['form_user'] != $cur_user['username'])) | 43: if (($cookie['is_guest'] && $_POST['form_user'] != 'Guest') || (!$cookie['is_guest'] && unescape($_POST['form_user']) != $cur_user['username'])) |
44: message($lang_common['Bad request']); | 44: message($lang_common['Bad request']); |
45: | 45: |
46: $smilies = $_POST['smilies']; | 46: $smilies = $_POST['smilies']; |
110: else | 110: else |
111: { | 111: { |
112: $username = trim(unescape($_POST['req_username'])); | 112: $username = trim(unescape($_POST['req_username'])); |
113: $email = trim($_POST['req_email']); | 113: $email = strtolower(trim($_POST['req_email'])); |
114: | 114: |
115: // Load the register.php/profile.php language files | 115: // Load the register.php/profile.php language files |
116: require $pun_root.'lang/'.$language.'/'.$language.'_prof_reg.php'; | 116: require $pun_root.'lang/'.$language.'/'.$language.'_prof_reg.php'; |
punbb-1.1.1/upload/profile.php |
punbb-1.1.4/upload/profile.php |
49: { | 49: { |
50: // If the user is already logged in we shouldn't be here :) | 50: // If the user is already logged in we shouldn't be here :) |
51: if (!$cookie['is_guest']) | 51: if (!$cookie['is_guest']) |
| 52: { |
52: header('Location: index.php'); | 53: header('Location: index.php'); |
| 54: exit; |
| 55: } |
53: | 56: |
54: $key = $_GET['key']; | 57: $key = $_GET['key']; |
55: | 58: |
600: if ($cur_user['id'] != $id && $cur_user['status'] < PUN_MOD) | 603: if ($cur_user['id'] != $id && $cur_user['status'] < PUN_MOD) |
601: message($lang_common['No permission']); | 604: message($lang_common['No permission']); |
602: | 605: |
603: $form = $_POST['form']; | 606: // Extract elements from $_POST['form'] |
| 607: $wanted_elements = array('realname', 'url', 'icq', 'msn', 'aim', 'yahoo', 'location', 'use_avatar', 'disp_topics', 'disp_posts', 'timezone', 'email_setting', 'save_pass', 'notify_with_post', 'smilies', 'show_img', 'show_avatars', 'show_sig', 'link_to_new_win', 'style'); |
| 608: $form = array(); |
| 609: |
| 610: while (list($key, $value) = @each($_POST['form'])) |
| 611: { |
| 612: if (in_array($key, $wanted_elements)) |
| 613: $form[$key] = $value; |
| 614: } |
604: | 615: |
605: | 616: |
606: if ($cur_user['status'] > PUN_USER) | 617: if ($cur_user['status'] > PUN_USER) |
612: | 623: |
613: if (strlen($username) < 2) | 624: if (strlen($username) < 2) |
614: message($lang_prof_reg['Username too short']); | 625: message($lang_prof_reg['Username too short']); |
| 626: else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters |
| 627: message($lang_common['Bad request']); |
615: else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest'])) | 628: else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest'])) |
616: message($lang_prof_reg['Username guest']); | 629: message($lang_prof_reg['Username guest']); |
617: else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username)) | 630: else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username)) |
669: $form['url'] = 'http://'.$form['url']; | 682: $form['url'] = 'http://'.$form['url']; |
670: | 683: |
671: // If the ICQ UIN contains anything other than digits it's invalid | 684: // If the ICQ UIN contains anything other than digits it's invalid |
672: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form[icq])) | 685: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq'])) |
673: message($lang_prof_reg['Bad ICQ']); | 686: message($lang_prof_reg['Bad ICQ']); |
674: | 687: |
675: | 688: |
940: { | 953: { |
941: $username_field = '<input type="hidden" name="old_username" value="'.pun_htmlspecialchars($user['username']).'"><input type="text" name="username" value="'.pun_htmlspecialchars($user['username']).'" size="25" maxlength="25">'; | 954: $username_field = '<input type="hidden" name="old_username" value="'.pun_htmlspecialchars($user['username']).'"><input type="text" name="username" value="'.pun_htmlspecialchars($user['username']).'" size="25" maxlength="25">'; |
942: $email_field = '<input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50"> - <a href="misc.php?email='.$id.'">'.$lang_common['Send e-mail'].'</a>'; | 955: $email_field = '<input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50"> - <a href="misc.php?email='.$id.'">'.$lang_common['Send e-mail'].'</a>'; |
943: $user_title_field = '<input type="text" name="title" value="'.$user['title'].'" size="30" maxlength="50"> '.$lang_prof_reg['Leave blank']; | 956: $user_title_field = '<input type="text" name="title" value="'.$user['title'].'" size="30" maxlength="50"> '.$lang_profile['Leave blank']; |
944: | 957: |
945: if ($cur_user['status'] == PUN_ADMIN && $img_size) | 958: if ($cur_user['status'] == PUN_ADMIN && $img_size) |
946: $avatar_field .= '<br> <a href="profile.php?action=delete_avatar&id='.$id.'">'.$lang_profile['Delete avatar'].'</a>'; | 959: $avatar_field .= '<br> <a href="profile.php?action=delete_avatar&id='.$id.'">'.$lang_profile['Delete avatar'].'</a>'; |
955: $email_field = '<input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50">'; | 968: $email_field = '<input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50">'; |
956: | 969: |
957: if ($pun_config['p_users_set_title'] == '1') | 970: if ($pun_config['p_users_set_title'] == '1') |
958: $user_title_field = '<input type="text" name="title" value="'.$user['title'].'" size="30" maxlength="50"> '.$lang_prof_reg['Leave blank']; | 971: $user_title_field = '<input type="text" name="title" value="'.$user['title'].'" size="30" maxlength="50"> '.$lang_profile['Leave blank']; |
959: else | 972: else |
960: { | 973: { |
961: $user_title_field = get_title($user); | 974: $user_title_field = get_title($user); |
1040: </tr> | 1053: </tr> |
1041: <?php endif; ?> <tr> | 1054: <?php endif; ?> <tr> |
1042: <td class="puncon1right" style="width: 140px; white-space: nowrap"> | 1055: <td class="puncon1right" style="width: 140px; white-space: nowrap"> |
1043: <?php echo $lang_prof_reg['Signature'] ?> <br><br> | 1056: <?php echo $lang_profile['Signature'] ?> <br><br> |
1044: <a href="help.php#bbcode" target="_blank"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_sig_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br> | 1057: <a href="help.php#bbcode" target="_blank"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_sig_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br> |
1045: <a href="help.php#img" target="_blank"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_sig_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br> | 1058: <a href="help.php#img" target="_blank"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_sig_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br> |
1046: <a href="help.php#smilies" target="_blank"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies_sig'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br> | 1059: <a href="help.php#smilies" target="_blank"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies_sig'] == '1') ? $lang_common['on'] : $lang_common['off']; ?> <br> |
punbb-1.1.1/upload/register.php |
punbb-1.1.4/upload/register.php |
29: | 29: |
30: // If we are logged in, we shouldn't be here | 30: // If we are logged in, we shouldn't be here |
31: if (!$cookie['is_guest']) | 31: if (!$cookie['is_guest']) |
| 32: { |
32: header('Location: index.php'); | 33: header('Location: index.php'); |
| 34: exit; |
| 35: } |
33: | 36: |
34: // Load the register.php language file | 37: // Load the register.php language file |
35: require $pun_root.'lang/'.$language.'/'.$language.'_register.php'; | 38: require $pun_root.'lang/'.$language.'/'.$language.'_register.php'; |
99: // Validate username and passwords | 102: // Validate username and passwords |
100: if (strlen($username) < 2) | 103: if (strlen($username) < 2) |
101: message($lang_prof_reg['Username too short']); | 104: message($lang_prof_reg['Username too short']); |
| 105: else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters |
| 106: message($lang_common['Bad request']); |
102: else if (strlen($password1) < 4) | 107: else if (strlen($password1) < 4) |
103: message($lang_prof_reg['Pass too short']); | 108: message($lang_prof_reg['Pass too short']); |
104: else if ($password1 != $password2) | 109: else if ($password1 != $password2) |
punbb-1.1.1/upload/search.php |
punbb-1.1.4/upload/search.php |
53: | 53: |
54: | 54: |
55: // Detect two byte character sets | 55: // Detect two byte character sets |
56: $multibyte = (in_array($lang_common['lang_encoding'], array('utf-8', 'gb2312', 'big5', 'shift_jis', 'euc-kr'))) ? true : false; | 56: $multibyte = (isset($lang_common['lang_multibyte']) && $lang_common['lang_multibyte']) ? true : false; |
57: | 57: |
58: | 58: |
59: // Figure out what to do :-) | 59: // Figure out what to do :-) |
188: while (list(, $word) = @each($stopwords)) | 188: while (list(, $word) = @each($stopwords)) |
189: { | 189: { |
190: $word = trim($word); | 190: $word = trim($word); |
191: if ($word != 'and' || $word != 'or' || $word != 'not') | 191: if ($word != 'and' && $word != 'or' && $word != 'not') |
192: $text = preg_replace('#\b'.preg_quote($word).'\b#', ' ', $text); | 192: $keywords = preg_replace('#\b'.preg_quote($word).'\b#', ' ', $keywords); |
193: } | 193: } |
194: } | 194: } |
195: | 195: |
196: // Split up keywords | 196: // Split up keywords |
197: $keywords_array = preg_split('#[\s]+#', substr($keywords, 1, -1)); | 197: $keywords_array = preg_split('#[\s]+#', trim($keywords)); |
198: | 198: |
199: // Should we search in message body or topic subject specifically? | 199: // Should we search in message body or topic subject specifically? |
200: if ($search_in) | 200: $search_in_cond = ($search_in) ? (($search_in > 0) ? ' AND m.subject_match = 0' : ' AND m.subject_match = 1') : ''; |
201: $search_in_cond = ($search_in > 0) ? ' AND m.subject_match = 0' : ' AND m.subject_match = 1'; | |
202: } | 201: } |
203: | 202: |
204: $match_type = 'or'; | 203: $match_type = 'or'; |
565: if ($search_set[$i]['poster_id'] > 1) | 564: if ($search_set[$i]['poster_id'] > 1) |
566: $pposter = '<a href="profile.php?id='.$search_set[$i]['poster_id'].'">'.$pposter.'</a>'; | 565: $pposter = '<a href="profile.php?id='.$search_set[$i]['poster_id'].'">'.$pposter.'</a>'; |
567: | 566: |
568: if (pun_strlen($message) == 140) | 567: if (pun_strlen($message) >= 140) |
569: $message .= ' ...'; | 568: $message .= ' ...'; |
570: | 569: |
571: ?> | 570: ?> |
693: echo "\t\t\t\t\t".'<option value="-1">'.$lang_search['All forums'].'</option>'."\n"; | 692: echo "\t\t\t\t\t".'<option value="-1">'.$lang_search['All forums'].'</option>'."\n"; |
694: | 693: |
695: | 694: |
696: if ($cur_user['status'] < PUN_USER) | 695: $extra_sql = ($cur_user['status'] < PUN_MOD) ? ' WHERE f.admmod_only=\'0\'' : ''; |
697: $extra = ' WHERE f.admmod_only=\'0\''; | |
698: | 696: |
699: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); | 697: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); |
700: $num_forums = $db->num_rows($result); | 698: $num_forums = $db->num_rows($result); |