punbb-1.1.3/upload/admin_bans.php |
punbb-1.1.5/upload/admin_bans.php |
122: <table class="punplain" cellpadding="6"> | 122: <table class="punplain" cellpadding="6"> |
123: <tr> | 123: <tr> |
124: <td class="punright" style="width: 35%"><b>Username</b><br>The username to ban.</td> | 124: <td class="punright" style="width: 35%"><b>Username</b><br>The username to ban.</td> |
125: <td style="width: 35%"><input type="text" name="ban_user" size="25" maxlength="25" value="<?php echo $ban_user ?>" tabindex="1"></td> | 125: <td style="width: 35%"><input type="text" name="ban_user" size="25" maxlength="25" value="<?php echo pun_htmlspecialchars($ban_user) ?>" tabindex="1"></td> |
126: </tr> | 126: </tr> |
127: <tr> | 127: <tr> |
128: <td class="punright" style="width: 35%"><b>IP-adresses</b><br>The IP or IP-ranges you wish to ban (e.g. 150.11.110.1 or 150.11.110). Separate addresses with spaces. If an IP is entered already it is the last known IP of this user in the database.<?php if ($ban_user != '') echo ' Click <a href="admin_users.php?ip_stats='.$user_id.'">here</a> to see IP statistics for this user.' ?></td> | 128: <td class="punright" style="width: 35%"><b>IP-adresses</b><br>The IP or IP-ranges you wish to ban (e.g. 150.11.110.1 or 150.11.110). Separate addresses with spaces. If an IP is entered already it is the last known IP of this user in the database.<?php if ($ban_user != '') echo ' Click <a href="admin_users.php?ip_stats='.$user_id.'">here</a> to see IP statistics for this user.' ?></td> |
punbb-1.1.3/upload/header.php |
punbb-1.1.5/upload/header.php |
23: ************************************************************************/ | 23: ************************************************************************/ |
24: | 24: |
25: | 25: |
| 26: // Make sure no one attempts to run this script "directly" |
| 27: if (!defined('PUN')) |
| 28: exit; |
| 29: |
26: // Send no-cache headers | 30: // Send no-cache headers |
27: header('Cache-Control: no-store, no-cache, must-revalidate'); | 31: //header('Cache-Control: no-store, no-cache, must-revalidate'); |
28: header('Cache-Control: post-check=0, pre-check=0', false); | 32: header('Cache-Control: post-check=0, pre-check=0', false); |
29: header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); | 33: header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); |
30: header('Expires: Thu, 21 Jul 1977 07:30:00 GMT'); // When yours truly first set eyes on this world! :) | 34: header('Expires: Thu, 21 Jul 1977 07:30:00 GMT'); // When yours truly first set eyes on this world! :) |
punbb-1.1.3/upload/include/functions.php |
punbb-1.1.5/upload/include/functions.php |
607: { | 607: { |
608: global $pun_config, $lang_common; | 608: global $pun_config, $lang_common; |
609: | 609: |
610: if (!preg_match('#^'.preg_quote($pun_config['o_base_url'].'/'.$script, '#').'#i', $_SERVER['HTTP_REFERER'])) | 610: if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/'.$script, '#').'#i', str_replace('www.', '', $_SERVER['HTTP_REFERER']))) |
611: message($lang_common['Bad referer']); | 611: message($lang_common['Bad referer']); |
612: } | 612: } |
613: | 613: |
punbb-1.1.3/upload/include/parser.php |
punbb-1.1.5/upload/include/parser.php |
173: { | 173: { |
174: global $cur_user; | 174: global $cur_user; |
175: | 175: |
176: $full_url = $url; | 176: $full_url = str_replace(' ', '%20', $url); |
177: if (strpos($url, 'www.') === 0) | 177: if (strpos($url, 'www.') === 0) |
178: $full_url = 'http://'.$full_url; | 178: $full_url = 'http://'.$full_url; |
179: else if (strpos($url, 'ftp.') === 0) | 179: else if (strpos($url, 'ftp.') === 0) |
180: $full_url = 'ftp://'.$full_url; | 180: $full_url = 'ftp://'.$full_url; |
181: else if (strpos($url, 'http://') !== 0) | 181: else if (!preg_match('#^([a-z]{3,5})://#', $url)) |
182: $full_url = 'http://'.$full_url; | 182: $full_url = 'http://'.$full_url; |
183: | 183: |
184: // Ok, not very pretty :-) | 184: // Ok, not very pretty :-) |
punbb-1.1.3/upload/post.php |
punbb-1.1.5/upload/post.php |
40: message($lang_post['Flood start'].' '.$pun_config['o_flood_interval'].' '.$lang_post['flood end']); | 40: message($lang_post['Flood start'].' '.$pun_config['o_flood_interval'].' '.$lang_post['flood end']); |
41: | 41: |
42: // Make sure form_user is correct | 42: // Make sure form_user is correct |
43: if (($cookie['is_guest'] && $_POST['form_user'] != 'Guest') || (!$cookie['is_guest'] && $_POST['form_user'] != $cur_user['username'])) | 43: if (($cookie['is_guest'] && $_POST['form_user'] != 'Guest') || (!$cookie['is_guest'] && unescape($_POST['form_user']) != $cur_user['username'])) |
44: message($lang_common['Bad request']); | 44: message($lang_common['Bad request']); |
45: | 45: |
46: $smilies = $_POST['smilies']; | 46: $smilies = $_POST['smilies']; |
110: else | 110: else |
111: { | 111: { |
112: $username = trim(unescape($_POST['req_username'])); | 112: $username = trim(unescape($_POST['req_username'])); |
113: $email = trim($_POST['req_email']); | 113: $email = strtolower(trim($_POST['req_email'])); |
114: | 114: |
115: // Load the register.php/profile.php language files | 115: // Load the register.php/profile.php language files |
116: require $pun_root.'lang/'.$language.'/'.$language.'_prof_reg.php'; | 116: require $pun_root.'lang/'.$language.'/'.$language.'_prof_reg.php'; |
punbb-1.1.3/upload/profile.php |
punbb-1.1.5/upload/profile.php |
603: if ($cur_user['id'] != $id && $cur_user['status'] < PUN_MOD) | 603: if ($cur_user['id'] != $id && $cur_user['status'] < PUN_MOD) |
604: message($lang_common['No permission']); | 604: message($lang_common['No permission']); |
605: | 605: |
606: $form = $_POST['form']; | 606: // Extract elements from $_POST['form'] |
| 607: $wanted_elements = array('realname', 'url', 'icq', 'msn', 'aim', 'yahoo', 'location', 'use_avatar', 'disp_topics', 'disp_posts', 'timezone', 'email_setting', 'save_pass', 'notify_with_post', 'smilies', 'show_img', 'show_avatars', 'show_sig', 'link_to_new_win', 'style'); |
| 608: $form = array(); |
| 609: |
| 610: while (list($key, $value) = @each($_POST['form'])) |
| 611: { |
| 612: if (in_array($key, $wanted_elements)) |
| 613: $form[$key] = $value; |
| 614: } |
607: | 615: |
608: | 616: |
609: if ($cur_user['status'] > PUN_USER) | 617: if ($cur_user['status'] > PUN_USER) |
615: | 623: |
616: if (strlen($username) < 2) | 624: if (strlen($username) < 2) |
617: message($lang_prof_reg['Username too short']); | 625: message($lang_prof_reg['Username too short']); |
| 626: else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters |
| 627: message($lang_common['Bad request']); |
618: else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest'])) | 628: else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest'])) |
619: message($lang_prof_reg['Username guest']); | 629: message($lang_prof_reg['Username guest']); |
620: else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username)) | 630: else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username)) |
672: $form['url'] = 'http://'.$form['url']; | 682: $form['url'] = 'http://'.$form['url']; |
673: | 683: |
674: // If the ICQ UIN contains anything other than digits it's invalid | 684: // If the ICQ UIN contains anything other than digits it's invalid |
675: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form[icq])) | 685: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq'])) |
676: message($lang_prof_reg['Bad ICQ']); | 686: message($lang_prof_reg['Bad ICQ']); |
677: | 687: |
678: | 688: |
punbb-1.1.3/upload/register.php |
punbb-1.1.5/upload/register.php |
102: // Validate username and passwords | 102: // Validate username and passwords |
103: if (strlen($username) < 2) | 103: if (strlen($username) < 2) |
104: message($lang_prof_reg['Username too short']); | 104: message($lang_prof_reg['Username too short']); |
| 105: else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters |
| 106: message($lang_common['Bad request']); |
105: else if (strlen($password1) < 4) | 107: else if (strlen($password1) < 4) |
106: message($lang_prof_reg['Pass too short']); | 108: message($lang_prof_reg['Pass too short']); |
107: else if ($password1 != $password2) | 109: else if ($password1 != $password2) |
punbb-1.1.3/upload/search.php |
punbb-1.1.5/upload/search.php |
694: | 694: |
695: $extra_sql = ($cur_user['status'] < PUN_MOD) ? ' WHERE f.admmod_only=\'0\'' : ''; | 695: $extra_sql = ($cur_user['status'] < PUN_MOD) ? ' WHERE f.admmod_only=\'0\'' : ''; |
696: | 696: |
697: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); | 697: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra_sql.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); |
698: $num_forums = $db->num_rows($result); | 698: $num_forums = $db->num_rows($result); |
699: | 699: |
700: while ($num_forums--) | 700: while ($num_forums--) |