PunBB 1.2.12 to 1.2.17 changes

PunBB 1.2.12 to 1.2.17 changes	Legend
	Lines removed
	Lines changed
		Lines added

punbb-1.2.12/upload/admin_bans.php	punbb-1.2.17/upload/admin_bans.php
192:	192:
193: if ($ban_user == '' && $ban_ip == '' && $ban_email == '')	193: if ($ban_user == '' && $ban_ip == '' && $ban_email == '')
194: message('You must enter either a username, an IP address or an e-mail address (at least).');	194: message('You must enter either a username, an IP address or an e-mail address (at least).');
	195: else if (strtolower($ban_user) == 'guest')
	196: message('The guest user cannot be banned.');
195:	197:
196: // Validate IP/IP range (it's overkill, I know)	198: // Validate IP/IP range (it's overkill, I know)
197: if ($ban_ip != '')	199: if ($ban_ip != '')

punbb-1.2.12/upload/admin_categories.php	punbb-1.2.17/upload/admin_categories.php
118: <fieldset>	118: <fieldset>
119: <legend>Confirm delete category</legend>	119: <legend>Confirm delete category</legend>
120: <div class="infldset">	120: <div class="infldset">
121: <p>Are you sure that you want to delete the category "<?php echo $cat_name ?>"?</p>	121: <p>Are you sure that you want to delete the category "<?php echo pun_htmlspecialchars($cat_name) ?>"?</p>
122: <p>WARNING! Deleting a category will delete all forums and posts (if any) in that category!</p>	122: <p>WARNING! Deleting a category will delete all forums and posts (if any) in that category!</p>
123: </div>	123: </div>
124: </fieldset>	124: </fieldset>
151: if ($cat_name[$i] == '')	151: if ($cat_name[$i] == '')
152: message('You must enter a category name.');	152: message('You must enter a category name.');
153:	153:
154: if (!preg_match('#^\d+$#', $cat_order[$i]))	154: if (!@preg_match('#^\d+$#', $cat_order[$i]))
155: message('Position must be an integer value.');	155: message('Position must be an integer value.');
156:	156:
157: list($cat_id, $position) = $db->fetch_row($result);	157: list($cat_id, $position) = $db->fetch_row($result);

punbb-1.2.12/upload/admin_forums.php	punbb-1.2.17/upload/admin_forums.php
137:	137:
138: while (list($forum_id, $disp_position) = @each($_POST['position']))	138: while (list($forum_id, $disp_position) = @each($_POST['position']))
139: {	139: {
140: if (!preg_match('#^\d+$#', $disp_position))	140: if (!@preg_match('#^\d+$#', $disp_position))
141: message('Position must be a positive integer value.');	141: message('Position must be a positive integer value.');
142:	142:
143: $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.$forum_id) or error('Unable to update forum', __FILE__, __LINE__, $db->error());	143: $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.intval($forum_id)) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
144: }	144: }
145:	145:
146: // Regenerate the quickjump cache	146: // Regenerate the quickjump cache
186: $result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());	186: $result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
187: while ($cur_group = $db->fetch_assoc($result))	187: while ($cur_group = $db->fetch_assoc($result))
188: {	188: {
189: $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? $_POST['read_forum_new'][$cur_group['g_id']] : '0' : $_POST['read_forum_old'][$cur_group['g_id']];	189: $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? '1' : '0' : intval($_POST['read_forum_old'][$cur_group['g_id']]);
190: $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? $_POST['post_replies_new'][$cur_group['g_id']] : '0';	190: $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? '1' : '0';
191: $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? $_POST['post_topics_new'][$cur_group['g_id']] : '0';	191: $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? '1' : '0';
192:	192:
193: // Check if the new settings differ from the old	193: // Check if the new settings differ from the old
194: if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] \|\| $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] \|\| $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']])	194: if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] \|\| $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] \|\| $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']])
385: <?php	385: <?php
386:	386:
387: $result = $db->query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error());	387: $result = $db->query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error());
388: while ($cur_cat = $db->fetch_assoc($result))	388: if ($db->num_rows($result) > 0)
389: echo "\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_cat['id'].'">'.pun_htmlspecialchars($cur_cat['cat_name']).'</option>'."\n";	389: {
	390: while ($cur_cat = $db->fetch_assoc($result))
	391: echo "\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_cat['id'].'">'.pun_htmlspecialchars($cur_cat['cat_name']).'</option>'."\n";
	392: }
	393: else
	394: echo "\t\t\t\t\t\t\t\t\t".'<option value="0" disabled="disabled">No categories exist</option>'."\n";
390:	395:
391: ?>	396: ?>
392: </select>	397: </select>
399: </div>	404: </div>
400: </form>	405: </form>
401: </div>	406: </div>
	407: <?php
	408:
	409: // Display all the categories and forums
	410: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.disp_position FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
	411:
	412: if ($db->num_rows($result) > 0)
	413: {
402:	414:
	415: ?>
403: <h2 class="block2"><span>Edit forums</span></h2>	416: <h2 class="block2"><span>Edit forums</span></h2>
404: <div class="box">	417: <div class="box">
405: <form id="edforum" method="post" action="admin_forums.php?action=edit">	418: <form id="edforum" method="post" action="admin_forums.php?action=edit">
408:	421:
409: $tabindex_count = 4;	422: $tabindex_count = 4;
410:	423:
411: // Display all the categories and forums
412: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.disp_position FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
413:
414: $cur_category = 0;	424: $cur_category = 0;
415: while ($cur_forum = $db->fetch_assoc($result))	425: while ($cur_forum = $db->fetch_assoc($result))
416: {	426: {
449: <p class="submitend"><input type="submit" name="update_positions" value="Update positions" tabindex="<?php echo $tabindex_count ?>" /></p>	459: <p class="submitend"><input type="submit" name="update_positions" value="Update positions" tabindex="<?php echo $tabindex_count ?>" /></p>
450: </form>	460: </form>
451: </div>	461: </div>
	462: <?php
	463:
	464: }
	465:
	466: ?>
452: </div>	467: </div>
453: <div class="clearer"></div>	468: <div class="clearer"></div>
454: </div>	469: </div>

punbb-1.2.12/upload/admin_groups.php	punbb-1.2.17/upload/admin_groups.php
264: confirm_referrer('admin_groups.php');	264: confirm_referrer('admin_groups.php');
265:	265:
266: $group_id = intval($_POST['default_group']);	266: $group_id = intval($_POST['default_group']);
267: if ($group_id < 1)	267: if ($group_id < 4)
268: message($lang_common['Bad request']);	268: message($lang_common['Bad request']);
269:	269:
270: $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$group_id.' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());	270: $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$group_id.' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());

punbb-1.2.12/upload/admin_loader.php	punbb-1.2.17/upload/admin_loader.php
37:	37:
38: // The plugin to load should be supplied via GET	38: // The plugin to load should be supplied via GET
39: $plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';	39: $plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
40: if (!preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))	40: if (!@preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))
41: message($lang_common['Bad request']);	41: message($lang_common['Bad request']);
42:	42:
43: // AP_ == Admins only, AMP_ == admins and moderators	43: // AP_ == Admins only, AMP_ == admins and moderators

punbb-1.2.12/upload/admin_maintenance.php	punbb-1.2.17/upload/admin_maintenance.php
52: // This is the only potentially "dangerous" thing we can do here, so we check the referer	52: // This is the only potentially "dangerous" thing we can do here, so we check the referer
53: confirm_referrer('admin_maintenance.php');	53: confirm_referrer('admin_maintenance.php');
54:	54:
55: $truncate_sql = ($db_type != 'sqlite') ? 'TRUNCATE TABLE ' : 'DELETE FROM ';	55: $truncate_sql = ($db_type != 'sqlite' && $db_type != 'pgsql') ? 'TRUNCATE TABLE ' : 'DELETE FROM ';
56: $db->query($truncate_sql.$db->prefix.'search_matches') or error('Unable to empty search index match table', __FILE__, __LINE__, $db->error());	56: $db->query($truncate_sql.$db->prefix.'search_matches') or error('Unable to empty search index match table', __FILE__, __LINE__, $db->error());
57: $db->query($truncate_sql.$db->prefix.'search_words') or error('Unable to empty search index words table', __FILE__, __LINE__, $db->error());	57: $db->query($truncate_sql.$db->prefix.'search_words') or error('Unable to empty search index words table', __FILE__, __LINE__, $db->error());
58:	58:
65: break;	65: break;
66:	66:
67: case 'pgsql';	67: case 'pgsql';
68: $result = $db->query('SELECT setval(\'search_words_id_seq\', 1, false)') or error('Unable to update sequence', __FILE__, __LINE__, $db->error());	68: $result = $db->query('SELECT setval(\''.$db->prefix.'search_words_id_seq\', 1, false)') or error('Unable to update sequence', __FILE__, __LINE__, $db->error());
69: }	69: }
70: }	70: }
71:	71:
72: $end_at = $start_at + $per_page;
73:
74: ?>	72: ?>
75: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">	73: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
76:	74:
95: require PUN_ROOT.'include/search_idx.php';	93: require PUN_ROOT.'include/search_idx.php';
96:	94:
97: // Fetch posts to process	95: // Fetch posts to process
98: $result = $db->query('SELECT DISTINCT t.id, p.id, p.message FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'posts AS p ON t.id=p.topic_id WHERE t.id>='.$start_at.' AND t.id<'.$end_at.' ORDER BY t.id') or error('Unable to fetch topic/post info', __FILE__, __LINE__, $db->error());	96: $result = $db->query('SELECT DISTINCT t.id, p.id, p.message FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'posts AS p ON t.id=p.topic_id WHERE t.id>='.$start_at.' ORDER BY t.id LIMIT '.$per_page) or error('Unable to fetch topic/post info', __FILE__, __LINE__, $db->error());
99:	97:
100: $cur_topic = 0;	98: $cur_topic = 0;
101: while ($cur_post = $db->fetch_row($result))	99: while ($cur_post = $db->fetch_row($result))
118: }	116: }
119:	117:
120: // Check if there is more work to do	118: // Check if there is more work to do
121: $result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE id>'.$end_at) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());	119: $result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE id>'.$cur_topic.' ORDER BY id ASC LIMIT 1') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
122:	120:
123: $query_str = ($db->num_rows($result)) ? '?i_per_page='.$per_page.'&i_start_at='.$end_at : '';	121: $query_str = ($db->num_rows($result)) ? '?i_per_page='.$per_page.'&i_start_at='.$db->result($result) : '';
124:	122:
125: $db->end_transaction();	123: $db->end_transaction();
126: $db->close();	124: $db->close();

punbb-1.2.12/upload/admin_options.php	punbb-1.2.17/upload/admin_options.php
37:	37:
38: if (isset($_POST['form_sent']))	38: if (isset($_POST['form_sent']))
39: {	39: {
40: // Lazy referer check (in case base_url isn't correct)	40: // Custom referrer check (so we can output a custom error message)
41: if (!isset($_SERVER['HTTP_REFERER']) \|\| !preg_match('#/admin_options\.php#i', $_SERVER['HTTP_REFERER']))	41: if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/admin_options.php', '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
42: message($lang_common['Bad referrer']);	42: message('Bad HTTP_REFERER. If you have moved these forums from one location to another or switched domains, you need to update the Base URL manually in the database (look for o_base_url in the config table) and then clear the cache by deleting all .php files in the /cache directory.');
43:	43:
44: $form = array_map('trim', $_POST['form']);	44: $form = array_map('trim', $_POST['form']);
45:	45:
46: if ($form['board_title'] == '')	46: if ($form['board_title'] == '')
47: message('You must enter a board title.');	47: message('You must enter a board title.');
48:	48:
	49: // Clean default_lang
	50: $form['default_lang'] = preg_replace('#[\.\\\/]#', '', $form['default_lang']);
	51:
49: require PUN_ROOT.'include/email.php';	52: require PUN_ROOT.'include/email.php';
50:	53:
51: $form['admin_email'] = strtolower($form['admin_email']);	54: $form['admin_email'] = strtolower($form['admin_email']);
63: if (substr($form['base_url'], -1) == '/')	66: if (substr($form['base_url'], -1) == '/')
64: $form['base_url'] = substr($form['base_url'], 0, -1);	67: $form['base_url'] = substr($form['base_url'], 0, -1);
65:	68:
	69: // Clean avatars_dir
	70: $form['avatars_dir'] = str_replace("\0", '', $form['avatars_dir']);
	71:
66: // Make sure avatars_dir doesn't end with a slash	72: // Make sure avatars_dir doesn't end with a slash
67: if (substr($form['avatars_dir'], -1) == '/')	73: if (substr($form['avatars_dir'], -1) == '/')
68: $form['avatars_dir'] = substr($form['avatars_dir'], 0, -1);	74: $form['avatars_dir'] = substr($form['avatars_dir'], 0, -1);

punbb-1.2.12/upload/admin_prune.php	punbb-1.2.17/upload/admin_prune.php
84:	84:
85:	85:
86: $prune_days = $_POST['req_prune_days'];	86: $prune_days = $_POST['req_prune_days'];
87: if (!preg_match('#^\d+$#', $prune_days))	87: if (!@preg_match('#^\d+$#', $prune_days))
88: message('Days to prune must be a positive integer.');	88: message('Days to prune must be a positive integer.');
89:	89:
90: $prune_date = time() - ($prune_days*86400);	90: $prune_date = time() - ($prune_days*86400);

punbb-1.2.12/upload/admin_ranks.php	punbb-1.2.17/upload/admin_ranks.php
46: if ($rank == '')	46: if ($rank == '')
47: message('You must enter a rank title.');	47: message('You must enter a rank title.');
48:	48:
49: if (!preg_match('#^\d+$#', $min_posts))	49: if (!@preg_match('#^\d+$#', $min_posts))
50: message('Minimum posts must be a positive integer value.');	50: message('Minimum posts must be a positive integer value.');
51:	51:
52: // Make sure there isn't already a rank with the same min_posts value	52: // Make sure there isn't already a rank with the same min_posts value
77: if ($rank == '')	77: if ($rank == '')
78: message('You must enter a rank title.');	78: message('You must enter a rank title.');
79:	79:
80: if (!preg_match('#^\d+$#', $min_posts))	80: if (!@preg_match('#^\d+$#', $min_posts))
81: message('Minimum posts must be a positive integer value.');	81: message('Minimum posts must be a positive integer value.');
82:	82:
83: // Make sure there isn't already a rank with the same min_posts value	83: // Make sure there isn't already a rank with the same min_posts value
84: $result = $db->query('SELECT 1 FROM '.$db->prefix.'ranks WHERE id!='.$id.' && min_posts='.$min_posts) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());	84: $result = $db->query('SELECT 1 FROM '.$db->prefix.'ranks WHERE id!='.$id.' AND min_posts='.$min_posts) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());
85: if ($db->num_rows($result))	85: if ($db->num_rows($result))
86: message('There is already a rank with a minimun posts value of '.$min_posts.'.');	86: message('There is already a rank with a minimun posts value of '.$min_posts.'.');
87:	87:

punbb-1.2.12/upload/edit.php	punbb-1.2.17/upload/edit.php
197:	197:
198: ?>	198: ?>
199: <div class="blockform">	199: <div class="blockform">
200: <h2><?php echo $lang_post['Edit post'] ?></h2>	200: <h2><span><?php echo $lang_post['Edit post'] ?></span></h2>
201: <div class="box">	201: <div class="box">
202: <form id="edit" method="post" action="edit.php?id=<?php echo $id ?>&action=edit" onsubmit="return process_form(this)">	202: <form id="edit" method="post" action="edit.php?id=<?php echo $id ?>&action=edit" onsubmit="return process_form(this)">
203: <div class="inform">	203: <div class="inform">

punbb-1.2.12/upload/extern.php	punbb-1.2.17/upload/extern.php
149: if (!isset($lang_common))	149: if (!isset($lang_common))
150: exit('There is no valid language pack \''.$pun_config['o_default_lang'].'\' installed. Please reinstall a language of that name.');	150: exit('There is no valid language pack \''.$pun_config['o_default_lang'].'\' installed. Please reinstall a language of that name.');
151:	151:
	152: // Check if we are to display a maintenance message
	153: if ($pun_config['o_maintenance'] && !defined('PUN_TURN_OFF_MAINT'))
	154: maintenance_message();
	155:
152: if (!isset($_GET['action']))	156: if (!isset($_GET['action']))
153: exit('No parameters supplied. See extern.php for instructions.');	157: exit('No parameters supplied. See extern.php for instructions.');
154:	158:

punbb-1.2.12/upload/footer.php	punbb-1.2.17/upload/footer.php
139: // END SUBST - <pun_footer>	139: // END SUBST - <pun_footer>
140:	140:
141:	141:
142: // START SUBST - <pun_include "*">
143: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_main, $cur_include))
144: {
145: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
146: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template main.tpl. There is no such file in folder /include/user/');
147:
148: ob_start();
149: include PUN_ROOT.'include/user/'.$cur_include[1];
150: $tpl_temp = ob_get_contents();
151: $tpl_main = str_replace($cur_include[0], $tpl_temp, $tpl_main);
152: ob_end_clean();
153: }
154: // END SUBST - <pun_include "*">
155:
156:
157: // Close the db connection (and free up any result data)	142: // Close the db connection (and free up any result data)
158: $db->close();	143: $db->close();
159:	144:

punbb-1.2.12/upload/header.php	punbb-1.2.17/upload/header.php
43: $tpl_main = file_get_contents(PUN_ROOT.'include/template/main.tpl');	43: $tpl_main = file_get_contents(PUN_ROOT.'include/template/main.tpl');
44:	44:
45:	45:
	46: // START SUBST - <pun_include "*">
	47: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?\|inc\|html?\|txt)">#', $tpl_main, $cur_include))
	48: {
	49: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]))
	50: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template main.tpl. There is no such file in folder /include/user/');
	51:
	52: ob_start();
	53: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2];
	54: $tpl_temp = ob_get_contents();
	55: $tpl_main = str_replace($cur_include[0], $tpl_temp, $tpl_main);
	56: ob_end_clean();
	57: }
	58: // END SUBST - <pun_include "*">
	59:
	60:
46: // START SUBST - <pun_content_direction>	61: // START SUBST - <pun_content_direction>
47: $tpl_main = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_main);	62: $tpl_main = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_main);
48: // END SUBST - <pun_content_direction>	63: // END SUBST - <pun_content_direction>
132:	147:
133: // START SUBST - <pun_page>	148: // START SUBST - <pun_page>
134: $tpl_main = str_replace('<pun_page>', htmlspecialchars(basename($_SERVER['PHP_SELF'], '.php')), $tpl_main);	149: $tpl_main = str_replace('<pun_page>', htmlspecialchars(basename($_SERVER['PHP_SELF'], '.php')), $tpl_main);
135: // END SUBST - <pun_title>	150: // END SUBST - <pun_page>
136:	151:
137:	152:
138: // START SUBST - <pun_title>	153: // START SUBST - <pun_title>

punbb-1.2.12/upload/include/common.php	punbb-1.2.17/upload/include/common.php
37: require PUN_ROOT.'include/functions.php';	37: require PUN_ROOT.'include/functions.php';
38:	38:
39: // Reverse the effect of register_globals	39: // Reverse the effect of register_globals
40: if (@ini_get('register_globals'))	40: unregister_globals();
41: unregister_globals();
42:	41:
43:	42:
44: @include PUN_ROOT.'config.php';	43: @include PUN_ROOT.'config.php';
71: $_COOKIE = stripslashes_array($_COOKIE);	70: $_COOKIE = stripslashes_array($_COOKIE);
72: }	71: }
73:	72:
74: // Seed the random number generator	73: // Seed the random number generator (PHP <4.2.0 only)
75: mt_srand((double)microtime()*1000000);	74: if (version_compare(PHP_VERSION, '4.2.0', '<'))
	75: mt_srand((double)microtime()*1000000);
76:	76:
77: // If a cookie name is not specified in config.php, we use the default (punbb_cookie)	77: // If a cookie name is not specified in config.php, we use the default (punbb_cookie)
78: if (empty($cookie_name))	78: if (empty($cookie_name))

punbb-1.2.12/upload/include/dblayer/mysql.php	punbb-1.2.17/upload/include/dblayer/mysql.php
156:	156:
157: function escape($str)	157: function escape($str)
158: {	158: {
159: if (function_exists('mysql_real_escape_string'))	159: if (is_array($str))
	160: return '';
	161: else if (function_exists('mysql_real_escape_string'))
160: return mysql_real_escape_string($str, $this->link_id);	162: return mysql_real_escape_string($str, $this->link_id);
161: else	163: else
162: return mysql_escape_string($str);	164: return mysql_escape_string($str);

punbb-1.2.12/upload/include/dblayer/mysqli.php	punbb-1.2.17/upload/include/dblayer/mysqli.php
159:	159:
160: function escape($str)	160: function escape($str)
161: {	161: {
162: return mysqli_real_escape_string($this->link_id, $str);	162: return is_array($str) ? '' : mysqli_real_escape_string($this->link_id, $str);
163: }	163: }
164:	164:
165:	165:

punbb-1.2.12/upload/include/dblayer/pgsql.php	punbb-1.2.17/upload/include/dblayer/pgsql.php
217:	217:
218: function escape($str)	218: function escape($str)
219: {	219: {
220: return pg_escape_string($str);	220: return is_array($str) ? '' : pg_escape_string($str);
221: }	221: }
222:	222:
223:	223:

punbb-1.2.12/upload/include/dblayer/sqlite.php	punbb-1.2.17/upload/include/dblayer/sqlite.php
219:	219:
220: function escape($str)	220: function escape($str)
221: {	221: {
222: return sqlite_escape_string($str);	222: return is_array($str) ? '' : sqlite_escape_string($str);
223: }	223: }
224:	224:
225:	225:

punbb-1.2.12/upload/include/email.php	punbb-1.2.17/upload/include/email.php
77:	77:
78: $headers = 'From: '.$from."\r\n".'Date: '.date('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset='.$lang_common['lang_encoding']."\r\n".'X-Mailer: PunBB Mailer';	78: $headers = 'From: '.$from."\r\n".'Date: '.date('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset='.$lang_common['lang_encoding']."\r\n".'X-Mailer: PunBB Mailer';
79:	79:
80: // Make sure all linebreaks are CRLF in message	80: // Make sure all linebreaks are CRLF in message (and strip out any NULL bytes)
81: $message = str_replace("\n", "\r\n", pun_linebreaks($message));	81: $message = str_replace(array("\n", "\0"), array("\r\n", ''), pun_linebreaks($message));
82:	82:
83: if ($pun_config['o_smtp_host'] != '')	83: if ($pun_config['o_smtp_host'] != '')
84: smtp_mail($to, $subject, $message, $headers);	84: smtp_mail($to, $subject, $message, $headers);

punbb-1.2.12/upload/include/functions.php	punbb-1.2.17/upload/include/functions.php
27: //	27: //
28: function check_cookie(&$pun_user)	28: function check_cookie(&$pun_user)
29: {	29: {
30: global $db, $pun_config, $cookie_name, $cookie_seed;	30: global $db, $db_type, $pun_config, $cookie_name, $cookie_seed;
31:	31:
32: $now = time();	32: $now = time();
33: $expire = $now + 31536000; // The cookie expires after a year	33: $expire = $now + 31536000; // The cookie expires after a year
48: // If user authorisation failed	48: // If user authorisation failed
49: if (!isset($pun_user['id']) \|\| md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash'])	49: if (!isset($pun_user['id']) \|\| md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash'])
50: {	50: {
51: pun_setcookie(0, random_pass(8), $expire);	51: pun_setcookie(1, md5(uniqid(rand(), true)), $expire);
52: set_default_user();	52: set_default_user();
53:	53:
54: return;	54: return;
75: {	75: {
76: // Update the online list	76: // Update the online list
77: if (!$pun_user['logged'])	77: if (!$pun_user['logged'])
78: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$now.')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());	78: {
	79: $pun_user['logged'] = $now;
	80:
	81: // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table
	82: switch ($db_type)
	83: {
	84: case 'mysql':
	85: case 'mysqli':
	86: $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	87: break;
	88:
	89: default:
	90: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	91: break;
	92: }
	93: }
79: else	94: else
80: {	95: {
81: // Special case: We've timed out, but no other user has browsed the forums since we timed out	96: // Special case: We've timed out, but no other user has browsed the forums since we timed out
102: //	117: //
103: function set_default_user()	118: function set_default_user()
104: {	119: {
105: global $db, $pun_user, $pun_config;	120: global $db, $db_type, $pun_user, $pun_config;
106:	121:
107: $remote_addr = get_remote_address();	122: $remote_addr = get_remote_address();
108:	123:
115:	130:
116: // Update online list	131: // Update online list
117: if (!$pun_user['logged'])	132: if (!$pun_user['logged'])
118: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.time().')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());	133: {
	134: $pun_user['logged'] = time();
	135:
	136: // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table
	137: switch ($db_type)
	138: {
	139: case 'mysql':
	140: case 'mysqli':
	141: $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	142: break;
	143:
	144: default:
	145: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	146: break;
	147: }
	148: }
119: else	149: else
120: $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());	150: $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());
121:	151:
138: // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6)	168: // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6)
139: // @header('P3P: CP="CUR ADM"');	169: // @header('P3P: CP="CUR ADM"');
140:	170:
141: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure);	171: if (version_compare(PHP_VERSION, '5.2.0', '>='))
	172: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure, true);
	173: else
	174: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path.'; HttpOnly', $cookie_domain, $cookie_secure);
142: }	175: }
143:	176:
144:	177:
262: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';	295: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';
263:	296:
264: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';	297: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';
265: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>';	298: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'&csrf_token='.sha1($pun_user['id'].sha1(get_remote_address())).'">'.$lang_common['Logout'].'</a>';
266: }	299: }
267: else	300: else
268: {	301: {
269: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';	302: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>';
270: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';	303: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';
271: $links[] = '<li id="navadmin"><a href="admin_index.php">'.$lang_common['Admin'].'</a>';	304: $links[] = '<li id="navadmin"><a href="admin_index.php">'.$lang_common['Admin'].'</a>';
272: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>';	305: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'&csrf_token='.sha1($pun_user['id'].sha1(get_remote_address())).'">'.$lang_common['Logout'].'</a>';
273: }	306: }
274: }	307: }
275:	308:
319:	352:
320:	353:
321: //	354: //
322: // Update posts, topics, last_post, last_post_id and last_poster for a forum (redirect topics are not included)	355: // Update posts, topics, last_post, last_post_id and last_poster for a forum
323: //	356: //
324: function update_forum($forum_id)	357: function update_forum($forum_id)
325: {	358: {
326: global $db;	359: global $db;
327:	360:
328: $result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE moved_to IS NULL AND forum_id='.$forum_id) or error('Unable to fetch forum topic count', __FILE__, __LINE__, $db->error());	361: $result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id) or error('Unable to fetch forum topic count', __FILE__, __LINE__, $db->error());
329: list($num_topics, $num_posts) = $db->fetch_row($result);	362: list($num_topics, $num_posts) = $db->fetch_row($result);
330:	363:
331: $num_posts = $num_posts + $num_topics; // $num_posts is only the sum of all replies (we have to add the topic posts)	364: $num_posts = $num_posts + $num_topics; // $num_posts is only the sum of all replies (we have to add the topic posts)
338: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());	371: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
339: }	372: }
340: else // There are no topics	373: else // There are no topics
341: $db->query('UPDATE '.$db->prefix.'forums SET num_topics=0, num_posts=0, last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());	374: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
342: }	375: }
343:	376:
344:	377:
749: $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl'));	782: $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl'));
750:	783:
751:	784:
	785: // START SUBST - <pun_include "*">
	786: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?\|inc\|html?\|txt)">#', $tpl_maint, $cur_include))
	787: {
	788: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]))
	789: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template maintenance.tpl. There is no such file in folder /include/user/');
	790:
	791: ob_start();
	792: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2];
	793: $tpl_temp = ob_get_contents();
	794: $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint);
	795: ob_end_clean();
	796: }
	797: // END SUBST - <pun_include "*">
	798:
	799:
752: // START SUBST - <pun_content_direction>	800: // START SUBST - <pun_content_direction>
753: $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint);	801: $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint);
754: // END SUBST - <pun_content_direction>	802: // END SUBST - <pun_content_direction>
787: $db->end_transaction();	835: $db->end_transaction();
788:	836:
789:	837:
790: // START SUBST - <pun_include "*">
791: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_maint, $cur_include))
792: {
793: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
794: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template maintenance.tpl. There is no such file in folder /include/user/');
795:
796: ob_start();
797: include PUN_ROOT.'include/user/'.$cur_include[1];
798: $tpl_temp = ob_get_contents();
799: $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint);
800: ob_end_clean();
801: }
802: // END SUBST - <pun_include "*">
803:
804:
805: // Close the db connection (and free up any result data)	838: // Close the db connection (and free up any result data)
806: $db->close();	839: $db->close();
807:	840:
816: {	849: {
817: global $db, $pun_config, $lang_common, $pun_user;	850: global $db, $pun_config, $lang_common, $pun_user;
818:	851:
819: if ($destination_url == '')	852: // Prefix with o_base_url (unless there's already a valid URI)
820: $destination_url = 'index.php';	853: if (strpos($destination_url, 'http://') !== 0 && strpos($destination_url, 'https://') !== 0 && strpos($destination_url, '/') !== 0)
	854: $destination_url = $pun_config['o_base_url'].'/'.$destination_url;
	855:
	856: // Do a little spring cleaning
	857: $destination_url = preg_replace('/([\r\n])\|(%0[ad])\|(;[\s]data[\s]:)/i', '', $destination_url);
821:	858:
822: // If the delay is 0 seconds, we might as well skip the redirect all together	859: // If the delay is 0 seconds, we might as well skip the redirect all together
823: if ($pun_config['o_redirect_delay'] == '0')	860: if ($pun_config['o_redirect_delay'] == '0')
828: $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl'));	865: $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl'));
829:	866:
830:	867:
	868: // START SUBST - <pun_include "*">
	869: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?\|inc\|html?\|txt)">#', $tpl_redir, $cur_include))
	870: {
	871: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]))
	872: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template redirect.tpl. There is no such file in folder /include/user/');
	873:
	874: ob_start();
	875: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2];
	876: $tpl_temp = ob_get_contents();
	877: $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir);
	878: ob_end_clean();
	879: }
	880: // END SUBST - <pun_include "*">
	881:
	882:
831: // START SUBST - <pun_content_direction>	883: // START SUBST - <pun_content_direction>
832: $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir);	884: $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir);
833: // END SUBST - <pun_content_direction>	885: // END SUBST - <pun_content_direction>
880: // END SUBST - <pun_footer>	932: // END SUBST - <pun_footer>
881:	933:
882:	934:
883: // START SUBST - <pun_include "*">
884: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_redir, $cur_include))
885: {
886: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
887: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template redirect.tpl. There is no such file in folder /include/user/');
888:
889: ob_start();
890: include PUN_ROOT.'include/user/'.$cur_include[1];
891: $tpl_temp = ob_get_contents();
892: $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir);
893: ob_end_clean();
894: }
895: // END SUBST - <pun_include "*">
896:
897:
898: // Close the db connection (and free up any result data)	935: // Close the db connection (and free up any result data)
899: $db->close();	936: $db->close();
900:	937:
922:	959:
923: ?>	960: ?>
924: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	961: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
925: <html dir="ltr">	962: <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
926: <head>	963: <head>
927: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />	964: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
928: <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title>	965: <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title>
1031: //	1068: //
1032: // Unset any variables instantiated as a result of register_globals being enabled	1069: // Unset any variables instantiated as a result of register_globals being enabled
1033: //	1070: //
1034: function unregister_globals()	1071: function unregister_globals()
1035: {	1072: {
1036: // Prevent script.php?GLOBALS[foo]=bar	1073: $register_globals = @ini_get('register_globals');
1037: if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']))	1074: if ($register_globals === "" \|\| $register_globals === "0" \|\| strtolower($register_globals) === "off")
1038: exit('I\'ll have a steak sandwich and... a steak sandwich.');	1075: return;
1039:	1076:
1040: // Variables that shouldn't be unset	1077: // Prevent script.php?GLOBALS[foo]=bar
1041: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');	1078: if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']))
	1079: exit('I\'ll have a steak sandwich and... a steak sandwich.');
	1080:
	1081: // Variables that shouldn't be unset
	1082: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');
1042:	1083:
1043: // Remove elements in $GLOBALS that are present in any of the superglobals	1084: // Remove elements in $GLOBALS that are present in any of the superglobals
1044: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());	1085: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
1045: foreach ($input as $k => $v)	1086: foreach ($input as $k => $v)
1046: {	1087: {
1047: if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))	1088: if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))
1048: unset($GLOBALS[$k]);	1089: {
1049: }	1090: unset($GLOBALS[$k]);
	1091: unset($GLOBALS[$k]); // Double unset to circumvent the zend_hash_del_key_or_index hole in PHP <4.4.3 and <5.1.4
	1092: }
	1093: }
1050: }	1094: }
1051:	1095:
1052:	1096:

punbb-1.2.12/upload/include/template/admin.tpl	punbb-1.2.17/upload/include/template/admin.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.12/upload/include/template/help.tpl	punbb-1.2.17/upload/include/template/help.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.12/upload/include/template/main.tpl	punbb-1.2.17/upload/include/template/main.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.12/upload/include/template/maintenance.tpl	punbb-1.2.17/upload/include/template/maintenance.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.12/upload/include/template/redirect.tpl	punbb-1.2.17/upload/include/template/redirect.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.12/upload/install.php	punbb-1.2.17/upload/install.php
24:	24:
25:	25:
26: // The PunBB version this script installs	26: // The PunBB version this script installs
27: $punbb_version = '1.2.12';	27: $punbb_version = '1.2.17';
28:	28:
29:	29:
30: define('PUN_ROOT', './');	30: define('PUN_ROOT', './');
757: poster_id INT(10) UNSIGNED NOT NULL DEFAULT 1,	757: poster_id INT(10) UNSIGNED NOT NULL DEFAULT 1,
758: poster_ip VARCHAR(15),	758: poster_ip VARCHAR(15),
759: poster_email VARCHAR(50),	759: poster_email VARCHAR(50),
760: message TEXT NOT NULL DEFAULT '',	760: message TEXT,
761: hide_smilies TINYINT(1) NOT NULL DEFAULT 0,	761: hide_smilies TINYINT(1) NOT NULL DEFAULT 0,
762: posted INT(10) UNSIGNED NOT NULL DEFAULT 0,	762: posted INT(10) UNSIGNED NOT NULL DEFAULT 0,
763: edited INT(10) UNSIGNED,	763: edited INT(10) UNSIGNED,
774: poster_id INT NOT NULL DEFAULT 1,	774: poster_id INT NOT NULL DEFAULT 1,
775: poster_ip VARCHAR(15),	775: poster_ip VARCHAR(15),
776: poster_email VARCHAR(50),	776: poster_email VARCHAR(50),
777: message TEXT NOT NULL DEFAULT '',	777: message TEXT,
778: hide_smilies SMALLINT NOT NULL DEFAULT 0,	778: hide_smilies SMALLINT NOT NULL DEFAULT 0,
779: posted INT NOT NULL DEFAULT 0,	779: posted INT NOT NULL DEFAULT 0,
780: edited INT,	780: edited INT,
791: poster_id INTEGER NOT NULL DEFAULT 1,	791: poster_id INTEGER NOT NULL DEFAULT 1,
792: poster_ip VARCHAR(15),	792: poster_ip VARCHAR(15),
793: poster_email VARCHAR(50),	793: poster_email VARCHAR(50),
794: message TEXT NOT NULL DEFAULT '',	794: message TEXT,
795: hide_smilies INTEGER NOT NULL DEFAULT 0,	795: hide_smilies INTEGER NOT NULL DEFAULT 0,
796: posted INTEGER NOT NULL DEFAULT 0,	796: posted INTEGER NOT NULL DEFAULT 0,
797: edited INTEGER,	797: edited INTEGER,
852: forum_id INT(10) UNSIGNED NOT NULL DEFAULT 0,	852: forum_id INT(10) UNSIGNED NOT NULL DEFAULT 0,
853: reported_by INT(10) UNSIGNED NOT NULL DEFAULT 0,	853: reported_by INT(10) UNSIGNED NOT NULL DEFAULT 0,
854: created INT(10) UNSIGNED NOT NULL DEFAULT 0,	854: created INT(10) UNSIGNED NOT NULL DEFAULT 0,
855: message TEXT NOT NULL DEFAULT '',	855: message TEXT,
856: zapped INT(10) UNSIGNED,	856: zapped INT(10) UNSIGNED,
857: zapped_by INT(10) UNSIGNED,	857: zapped_by INT(10) UNSIGNED,
858: PRIMARY KEY (id)	858: PRIMARY KEY (id)
867: forum_id INT NOT NULL DEFAULT 0,	867: forum_id INT NOT NULL DEFAULT 0,
868: reported_by INT NOT NULL DEFAULT 0,	868: reported_by INT NOT NULL DEFAULT 0,
869: created INT NOT NULL DEFAULT 0,	869: created INT NOT NULL DEFAULT 0,
870: message TEXT NOT NULL DEFAULT '',	870: message TEXT,
871: zapped INT,	871: zapped INT,
872: zapped_by INT,	872: zapped_by INT,
873: PRIMARY KEY (id)	873: PRIMARY KEY (id)
882: forum_id INTEGER NOT NULL DEFAULT 0,	882: forum_id INTEGER NOT NULL DEFAULT 0,
883: reported_by INTEGER NOT NULL DEFAULT 0,	883: reported_by INTEGER NOT NULL DEFAULT 0,
884: created INTEGER NOT NULL DEFAULT 0,	884: created INTEGER NOT NULL DEFAULT 0,
885: message TEXT NOT NULL DEFAULT '',	885: message TEXT,
886: zapped INTEGER,	886: zapped INTEGER,
887: zapped_by INTEGER,	887: zapped_by INTEGER,
888: PRIMARY KEY (id)	888: PRIMARY KEY (id)
901: $sql = 'CREATE TABLE '.$db_prefix."search_cache (	901: $sql = 'CREATE TABLE '.$db_prefix."search_cache (
902: id INT(10) UNSIGNED NOT NULL DEFAULT 0,	902: id INT(10) UNSIGNED NOT NULL DEFAULT 0,
903: ident VARCHAR(200) NOT NULL DEFAULT '',	903: ident VARCHAR(200) NOT NULL DEFAULT '',
904: search_data TEXT NOT NULL DEFAULT '',	904: search_data TEXT,
905: PRIMARY KEY (id)	905: PRIMARY KEY (id)
906: ) TYPE=MyISAM;";	906: ) TYPE=MyISAM;";
907: break;	907: break;
910: $sql = 'CREATE TABLE '.$db_prefix."search_cache (	910: $sql = 'CREATE TABLE '.$db_prefix."search_cache (
911: id INT NOT NULL DEFAULT 0,	911: id INT NOT NULL DEFAULT 0,
912: ident VARCHAR(200) NOT NULL DEFAULT '',	912: ident VARCHAR(200) NOT NULL DEFAULT '',
913: search_data TEXT NOT NULL DEFAULT '',	913: search_data TEXT,
914: PRIMARY KEY (id)	914: PRIMARY KEY (id)
915: )";	915: )";
916: break;	916: break;
919: $sql = 'CREATE TABLE '.$db_prefix."search_cache (	919: $sql = 'CREATE TABLE '.$db_prefix."search_cache (
920: id INTEGER NOT NULL DEFAULT 0,	920: id INTEGER NOT NULL DEFAULT 0,
921: ident VARCHAR(200) NOT NULL DEFAULT '',	921: ident VARCHAR(200) NOT NULL DEFAULT '',
922: search_data TEXT NOT NULL DEFAULT '',	922: search_data TEXT,
923: PRIMARY KEY (id)	923: PRIMARY KEY (id)
924: )";	924: )";
925: break;	925: break;
1234: case 'mysql':	1234: case 'mysql':
1235: case 'mysqli':	1235: case 'mysqli':
1236: // We use MySQL's ALTER TABLE ... ADD INDEX syntax instead of CREATE INDEX to avoid problems with users lacking the INDEX privilege	1236: // We use MySQL's ALTER TABLE ... ADD INDEX syntax instead of CREATE INDEX to avoid problems with users lacking the INDEX privilege
	1237: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD UNIQUE INDEX '.$db_prefix.'online_user_id_ident_idx(user_id,ident)';
1237: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD INDEX '.$db_prefix.'online_user_id_idx(user_id)';	1238: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD INDEX '.$db_prefix.'online_user_id_idx(user_id)';
1238: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_topic_id_idx(topic_id)';	1239: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_topic_id_idx(topic_id)';
1239: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_multi_idx(poster_id, topic_id)';	1240: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_multi_idx(poster_id, topic_id)';
1400:	1401:
1401:	1402:
1402: /// Display config.php and give further instructions	1403: /// Display config.php and give further instructions
1403: $config = '<?php'."\n\n".'$db_type = \''.$db_type."';\n".'$db_host = \''.$db_host."';\n".'$db_name = \''.$db_name."';\n".'$db_username = \''.$db_username."';\n".'$db_password = \''.$db_password."';\n".'$db_prefix = \''.$db_prefix."';\n".'$p_connect = false;'."\n\n".'$cookie_name = '."'punbb_cookie';\n".'$cookie_domain = '."'';\n".'$cookie_path = '."'/';\n".'$cookie_secure = 0;'."\n".'$cookie_seed = \''.substr(md5(time()), -8)."';\n\ndefine('PUN', 1);";	1404: $config = '<?php'."\n\n".'$db_type = \''.$db_type."';\n".'$db_host = \''.$db_host."';\n".'$db_name = \''.$db_name."';\n".'$db_username = \''.$db_username."';\n".'$db_password = \''.$db_password."';\n".'$db_prefix = \''.$db_prefix."';\n".'$p_connect = false;'."\n\n".'$cookie_name = '."'punbb_cookie';\n".'$cookie_domain = '."'';\n".'$cookie_path = '."'/';\n".'$cookie_secure = 0;'."\n".'$cookie_seed = \''.substr(sha1(uniqid(rand(), true)), 0, 16)."';\n\ndefine('PUN', 1);";
1404:	1405:
1405:	1406:
1406: ?>	1407: ?>

punbb-1.2.12/upload/login.php	punbb-1.2.17/upload/login.php
84:	84:
85: else if ($action == 'out')	85: else if ($action == 'out')
86: {	86: {
87: if ($pun_user['is_guest'] \|\| !isset($_GET['id']) \|\| $_GET['id'] != $pun_user['id'])	87: if ($pun_user['is_guest'] \|\| !isset($_GET['id']) \|\| $_GET['id'] != $pun_user['id'] \|\| !isset($_GET['csrf_token']) \|\| $_GET['csrf_token'] != sha1($pun_user['id'].sha1(get_remote_address())))
88: {	88: {
89: header('Location: index.php');	89: header('Location: index.php');
90: exit;	90: exit;
97: if (isset($pun_user['logged']))	97: if (isset($pun_user['logged']))
98: $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());	98: $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
99:	99:
100: pun_setcookie(1, random_pass(8), time() + 31536000);	100: pun_setcookie(1, md5(uniqid(rand(), true)), time() + 31536000);
101:	101:
102: redirect('index.php', $lang_login['Logout redirect']);	102: redirect('index.php', $lang_login['Logout redirect']);
103: }	103: }

punbb-1.2.12/upload/misc.php	punbb-1.2.17/upload/misc.php
125:	125:
126:	126:
127: // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)	127: // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)
128: $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? $_SERVER['HTTP_REFERER'] : 'index.php';	128: $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
129:	129:
130: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);	130: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);
131: $required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);	131: $required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);
252: if ($topic_id < 1)	252: if ($topic_id < 1)
253: message($lang_common['Bad request']);	253: message($lang_common['Bad request']);
254:	254:
	255: // Make sure the user can view the topic
	256: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id=1) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
	257: if (!$db->num_rows($result))
	258: message($lang_common['Bad request']);
	259:
255: $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());	260: $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
256: if ($db->num_rows($result))	261: if ($db->num_rows($result))
257: message($lang_misc['Already subscribed']);	262: message($lang_misc['Already subscribed']);

punbb-1.2.12/upload/moderate.php	punbb-1.2.17/upload/moderate.php
35: message($lang_common['No permission']);	35: message($lang_common['No permission']);
36:	36:
37: // Is get_host an IP address or a post ID?	37: // Is get_host an IP address or a post ID?
38: if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_GET['get_host']))	38: if (@preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $_GET['get_host']))
39: $ip = $_GET['get_host'];	39: $ip = $_GET['get_host'];
40: else	40: else
41: {	41: {
98: {	98: {
99: confirm_referrer('moderate.php');	99: confirm_referrer('moderate.php');
100:	100:
101: if (preg_match('/[^0-9,]/', $posts))	101: if (@preg_match('/[^0-9,]/', $posts))
	102: message($lang_common['Bad request']);
	103:
	104: // Verify that the post IDs are valid
	105: $result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
	106:
	107: if ($db->num_rows($result) != substr_count($posts, ',') + 1)
102: message($lang_common['Bad request']);	108: message($lang_common['Bad request']);
103:	109:
104: // Delete the posts	110: // Delete the posts
281: {	287: {
282: confirm_referrer('moderate.php');	288: confirm_referrer('moderate.php');
283:	289:
284: if (preg_match('/[^0-9,]/', $_POST['topics']))	290: if (@preg_match('/[^0-9,]/', $_POST['topics']))
285: message($lang_common['Bad request']);	291: message($lang_common['Bad request']);
286:	292:
287: $topics = explode(',', $_POST['topics']);	293: $topics = explode(',', $_POST['topics']);
289: if (empty($topics) \|\| $move_to_forum < 1)	295: if (empty($topics) \|\| $move_to_forum < 1)
290: message($lang_common['Bad request']);	296: message($lang_common['Bad request']);
291:	297:
	298: // Verify that the topic IDs are valid
	299: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.implode(',',$topics).') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
	300:
	301: if ($db->num_rows($result) != count($topics))
	302: message($lang_common['Bad request']);
	303:
292: // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from)	304: // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from)
293: $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());	305: $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());
294:	306:
400: {	412: {
401: confirm_referrer('moderate.php');	413: confirm_referrer('moderate.php');
402:	414:
403: if (preg_match('/[^0-9,]/', $topics))	415: if (@preg_match('/[^0-9,]/', $topics))
404: message($lang_common['Bad request']);	416: message($lang_common['Bad request']);
405:	417:
406: require PUN_ROOT.'include/search_idx.php';	418: require PUN_ROOT.'include/search_idx.php';
407:	419:
	420: // Verify that the topic IDs are valid
	421: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.$topics.') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
	422:
	423: if ($db->num_rows($result) != substr_count($topics, ',') + 1)
	424: message($lang_common['Bad request']);
	425:
408: // Delete the topics and any redirect topics	426: // Delete the topics and any redirect topics
409: $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());	427: $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());
410:	428:
472: if (empty($topics))	490: if (empty($topics))
473: message($lang_misc['No topics selected']);	491: message($lang_misc['No topics selected']);
474:	492:
475: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).')') or error('Unable to close topics', __FILE__, __LINE__, $db->error());	493: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).') AND forum_id='.$fid) or error('Unable to close topics', __FILE__, __LINE__, $db->error());
476:	494:
477: $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect'];	495: $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect'];
478: redirect('moderate.php?fid='.$fid, $redirect_msg);	496: redirect('moderate.php?fid='.$fid, $redirect_msg);
486: if ($topic_id < 1)	504: if ($topic_id < 1)
487: message($lang_common['Bad request']);	505: message($lang_common['Bad request']);
488:	506:
489: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id) or error('Unable to close topic', __FILE__, __LINE__, $db->error());	507: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id.' AND forum_id='.$fid) or error('Unable to close topic', __FILE__, __LINE__, $db->error());
490:	508:
491: $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect'];	509: $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect'];
492: redirect('viewtopic.php?id='.$topic_id, $redirect_msg);	510: redirect('viewtopic.php?id='.$topic_id, $redirect_msg);
503: if ($stick < 1)	521: if ($stick < 1)
504: message($lang_common['Bad request']);	522: message($lang_common['Bad request']);
505:	523:
506: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());	524: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick.' AND forum_id='.$fid) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());
507:	525:
508: redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']);	526: redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']);
509: }	527: }
518: if ($unstick < 1)	536: if ($unstick < 1)
519: message($lang_common['Bad request']);	537: message($lang_common['Bad request']);
520:	538:
521: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());	539: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick.' AND forum_id='.$fid) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());
522:	540:
523: redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']);	541: redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']);
524: }	542: }

punbb-1.2.12/upload/post.php	punbb-1.2.17/upload/post.php
128: $errors[] = $lang_register['Username censor'];	128: $errors[] = $lang_register['Username censor'];
129:	129:
130: // Check that the username (or a too similar username) is not already registered	130: // Check that the username (or a too similar username) is not already registered
131: $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE username=\''.$db->escape($username).'\' OR username=\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());	131: $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE (username=\''.$db->escape($username).'\' OR username=\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\') AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
132: if ($db->num_rows($result))	132: if ($db->num_rows($result))
133: {	133: {
134: $busy = $db->result($result);	134: $busy = $db->result($result);

punbb-1.2.12/upload/profile.php	punbb-1.2.17/upload/profile.php
87:	87:
88: if (isset($_POST['form_sent']))	88: if (isset($_POST['form_sent']))
89: {	89: {
	90: if ($pun_user['g_id'] < PUN_GUEST)
	91: confirm_referrer('profile.php');
	92:
90: $old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : '';	93: $old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : '';
91: $new_password1 = trim($_POST['req_new_password1']);	94: $new_password1 = trim($_POST['req_new_password1']);
92: $new_password2 = trim($_POST['req_new_password2']);	95: $new_password2 = trim($_POST['req_new_password2']);
190: $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());	193: $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
191: list($new_email, $new_email_key) = $db->fetch_row($result);	194: list($new_email, $new_email_key) = $db->fetch_row($result);
192:	195:
193: if ($key != $new_email_key)	196: if ($key == '' \|\| $key != $new_email_key)
194: message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');	197: message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
195: else	198: else
196: {	199: {
752: }	755: }
753:	756:
754: // Add http:// if the URL doesn't contain it already	757: // Add http:// if the URL doesn't contain it already
755: if ($form['url'] != '' && !stristr($form['url'], 'http://'))	758: if ($form['url'] != '' && strpos(strtolower($form['url']), 'http://') !== 0)
756: $form['url'] = 'http://'.$form['url'];	759: $form['url'] = 'http://'.$form['url'];
757:	760:
758: break;	761: break;
763: $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo'));	766: $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo'));
764:	767:
765: // If the ICQ UIN contains anything other than digits it's invalid	768: // If the ICQ UIN contains anything other than digits it's invalid
766: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq']))	769: if ($form['icq'] != '' && @preg_match('/[^0-9]/', $form['icq']))
767: message($lang_prof_reg['Bad ICQ']);	770: message($lang_prof_reg['Bad ICQ']);
768:	771:
769: break;	772: break;

punbb-1.2.12/upload/register.php	punbb-1.2.17/upload/register.php
173: $dupe_list[] = $cur_dupe['username'];	173: $dupe_list[] = $cur_dupe['username'];
174: }	174: }
175:	175:
176: $timezone = intval($_POST['timezone']);	176: // Make sure we got a valid language string
177: $language = isset($_POST['language']) ? $_POST['language'] : $pun_config['o_default_lang'];	177: if (isset($_POST['language']))
	178: {
	179: $language = preg_replace('#[\.\\\/]#', '', $_POST['language']);
	180: if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
	181: message($lang_common['Bad request']);
	182: }
	183: else
	184: $language = $pun_config['o_default_lang'];
	185:
	186: $timezone = round($_POST['timezone'], 1);
178: $save_pass = (!isset($_POST['save_pass']) \|\| $_POST['save_pass'] != '1') ? '0' : '1';	187: $save_pass = (!isset($_POST['save_pass']) \|\| $_POST['save_pass'] != '1') ? '0' : '1';
179:	188:
180: $email_setting = intval($_POST['email_setting']);	189: $email_setting = intval($_POST['email_setting']);

punbb-1.2.12/upload/search.php	punbb-1.2.17/upload/search.php
122: $keyword_results = $author_results = array();	122: $keyword_results = $author_results = array();
123:	123:
124: // Search a specific forum?	124: // Search a specific forum?
125: $forum_sql = ($forum != -1) ? ' AND t.forum_id = '.$forum : '';	125: $forum_sql = ($forum != -1 \|\| ($forum == -1 && $pun_config['o_search_all_forums'] == '0' && $pun_user['g_id'] >= PUN_GUEST)) ? ' AND t.forum_id = '.$forum : '';
126:	126:
127: if (!empty($author) \|\| !empty($keywords))	127: if (!empty($author) \|\| !empty($keywords))
128: {	128: {
160: {	160: {
161: $num_chars = pun_strlen($word);	161: $num_chars = pun_strlen($word);
162:	162:
163: if ($num_chars < 3 \|\| $num_chars > 20 \|\| in_array($word, $stopwords))	163: if ($word !== 'or' && ($num_chars < 3 \|\| $num_chars > 20 \|\| in_array($word, $stopwords)))
164: unset($keywords_array[$i]);	164: unset($keywords_array[$i]);
165: }	165: }
166:	166:
170:	170:
171: $word_count = 0;	171: $word_count = 0;
172: $match_type = 'and';	172: $match_type = 'and';
	173: $result_list = array();
173: @reset($keywords_array);	174: @reset($keywords_array);
174: while (list(, $cur_word) = @each($keywords_array))	175: while (list(, $cur_word) = @each($keywords_array))
175: {	176: {
198: }	199: }
199: else	200: else
200: {	201: {
201: $cur_word = str_replace('*', '%', $cur_word);	202: $cur_word = $db->escape(str_replace('*', '%', $cur_word));
202: $sql = 'SELECT m.post_id FROM '.$db->prefix.'search_words AS w INNER JOIN '.$db->prefix.'search_matches AS m ON m.word_id = w.id WHERE w.word LIKE \''.$cur_word.'\''.$search_in_cond;	203: $sql = 'SELECT m.post_id FROM '.$db->prefix.'search_words AS w INNER JOIN '.$db->prefix.'search_matches AS m ON m.word_id = w.id WHERE w.word LIKE \''.$cur_word.'\''.$search_in_cond;
203: }	204: }
204:	205:
325: if ($pun_user['is_guest'])	326: if ($pun_user['is_guest'])
326: message($lang_common['No permission']);	327: message($lang_common['No permission']);
327:	328:
328: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit']) or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());	329: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit'].' AND t.moved_to IS NULL') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
329: $num_hits = $db->num_rows($result);	330: $num_hits = $db->num_rows($result);
330:	331:
331: if (!$num_hits)	332: if (!$num_hits)
334: // If it's a search for todays posts	335: // If it's a search for todays posts
335: else if ($action == 'show_24h')	336: else if ($action == 'show_24h')
336: {	337: {
337: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.(time() - 86400)) or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());	338: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.(time() - 86400).' AND t.moved_to IS NULL') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
338: $num_hits = $db->num_rows($result);	339: $num_hits = $db->num_rows($result);
339:	340:
340: if (!$num_hits)	341: if (!$num_hits)
429: // Fetch results to display	430: // Fetch results to display
430: if ($search_results != '')	431: if ($search_results != '')
431: {	432: {
432: $group_by_sql = '';
433: switch ($sort_by)	433: switch ($sort_by)
434: {	434: {
435: case 1:	435: case 1:
449: break;	449: break;
450:	450:
451: default:	451: default:
452: {
453: $sort_by_sql = ($show_as == 'topics') ? 't.posted' : 'p.posted';	452: $sort_by_sql = ($show_as == 'topics') ? 't.posted' : 'p.posted';
454:
455: if ($show_as == 'topics')
456: $group_by_sql = ', t.posted';
457:
458: break;	453: break;
459: }
460: }	454: }
461:	455:
462: if ($show_as == 'posts')	456: if ($show_as == 'posts')
465: $sql = 'SELECT p.id AS pid, p.poster AS pposter, p.posted AS pposted, p.poster_id, '.$substr_sql.'(p.message, 1, 1000) AS message, t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE p.id IN('.$search_results.') ORDER BY '.$sort_by_sql;	459: $sql = 'SELECT p.id AS pid, p.poster AS pposter, p.posted AS pposted, p.poster_id, '.$substr_sql.'(p.message, 1, 1000) AS message, t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE p.id IN('.$search_results.') ORDER BY '.$sort_by_sql;
466: }	460: }
467: else	461: else
468: $sql = 'SELECT t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE t.id IN('.$search_results.') GROUP BY t.id, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id'.$group_by_sql.' ORDER BY '.$sort_by_sql;	462: $sql = 'SELECT t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id FROM '.$db->prefix.'topics AS t WHERE t.id IN('.$search_results.') ORDER BY '.$sort_by_sql;
469:	463:
470:	464:
471: // Determine the topic or post offset (based on $_GET['p'])	465: // Determine the topic or post offset (based on $_GET['p'])

punbb-1.2.12/upload/style/imports/base.css	punbb-1.2.17/upload/style/imports/base.css
43:	43:
44: DIV>DIV>DIV.postfootleft, DIV>DIV>DIV.postfootright {PADDING-TOP: 1px; MARGIN-TOP: -1px}	44: DIV>DIV>DIV.postfootleft, DIV>DIV>DIV.postfootright {PADDING-TOP: 1px; MARGIN-TOP: -1px}
45:	45:
46: /* 3.2 This is only visible to IE Windows and cures various bugs. Do not alter comments */	46: /* 3.2 This is only visible to IE6 Windows and cures various bugs. Do not alter comments */
47:	47:
48: /* Begin IEWin Fix \*/	48: /* Begin IE6Win Fix \*/
49: * HTML .inbox, * HTML .inform, * HTML .pun, * HTML .intd, * HTML .tclcon {HEIGHT: 1px}	49: * HTML .inbox, * HTML .inform, * HTML .pun, * HTML .intd, * HTML .tclcon {HEIGHT: 1px}
50: * HTML .inbox DIV.postmsg {WIDTH: 98%}	50: * HTML .inbox DIV.postmsg {WIDTH: 98%}
51: /* End of IEWin Fix */	51: /* End of IE6Win Fix */
	52:
	53: /* 3.3 This is the equivelant of 3.2 but for IE7. It is visible to other browsers
	54: but does no harm */
	55:
	56: /Begin IE7Win Fix /
	57: .pun, .pun .inbox, .pun .inform, .pun .intd, .pun .tclcon {min-height: 1px}
	58: /* End of IE7Win Fix */
52:	59:
53: /****************************************************************/	60: /****************************************************************/
54: /* 4. HIDDEN ELEMENTS */	61: /* 4. HIDDEN ELEMENTS */
168: DIV.postleft, DIV.postfootleft {	175: DIV.postleft, DIV.postfootleft {
169: FLOAT:left;	176: FLOAT:left;
170: WIDTH: 18em;	177: WIDTH: 18em;
171: OVERFLOW: hidden	178: OVERFLOW: hidden;
	179: POSITION: relative;
172: }	180: }
173:	181:
174: DIV.postright, DIV.postfootright {	182: DIV.postright, DIV.postfootright {

punbb-1.2.12/upload/userlist.php	punbb-1.2.17/upload/userlist.php
41: // Determine if we are allowed to view post counts	41: // Determine if we are allowed to view post counts
42: $show_post_count = ($pun_config['o_show_post_count'] == '1' \|\| $pun_user['g_id'] < PUN_GUEST) ? true : false;	42: $show_post_count = ($pun_config['o_show_post_count'] == '1' \|\| $pun_user['g_id'] < PUN_GUEST) ? true : false;
43:	43:
44: $username = (isset($_GET['username']) && $pun_user['g_search_users'] == '1') ? $_GET['username'] : '';	44: $username = (isset($_GET['username']) && $pun_user['g_search_users'] == '1') ? pun_trim($_GET['username']) : '';
45: $show_group = (!isset($_GET['show_group']) \|\| intval($_GET['show_group']) < -1 && intval($_GET['show_group']) > 2) ? -1 : intval($_GET['show_group']);	45: $show_group = (!isset($_GET['show_group']) \|\| intval($_GET['show_group']) < -1 && intval($_GET['show_group']) > 2) ? -1 : intval($_GET['show_group']);
46: $sort_by = (!isset($_GET['sort_by']) \|\| $_GET['sort_by'] != 'username' && $_GET['sort_by'] != 'registered' && ($_GET['sort_by'] != 'num_posts' \|\| !$show_post_count)) ? 'username' : $_GET['sort_by'];	46: $sort_by = (!isset($_GET['sort_by']) \|\| $_GET['sort_by'] != 'username' && $_GET['sort_by'] != 'registered' && ($_GET['sort_by'] != 'num_posts' \|\| !$show_post_count)) ? 'username' : $_GET['sort_by'];
47: $sort_dir = (!isset($_GET['sort_dir']) \|\| $_GET['sort_dir'] != 'ASC' && $_GET['sort_dir'] != 'DESC') ? 'ASC' : strtoupper($_GET['sort_dir']);	47: $sort_dir = (!isset($_GET['sort_dir']) \|\| $_GET['sort_dir'] != 'ASC' && $_GET['sort_dir'] != 'DESC') ? 'ASC' : strtoupper($_GET['sort_dir']);

hdiff - version: 2.1.0 (modified)

punbb-1.2.12/upload/admin_users.php	punbb-1.2.17/upload/admin_users.php
111: {	111: {
112: $ip = $_GET['show_users'];	112: $ip = $_GET['show_users'];
113:	113:
114: if (!preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip))	114: if (!@preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip))
115: message('The supplied IP address is not correctly formatted.');	115: message('The supplied IP address is not correctly formatted.');
116:	116:
117:	117:
257: $like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';	257: $like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';
258: while (list($key, $input) = @each($form))	258: while (list($key, $input) = @each($form))
259: {	259: {
260: if ($input != '')	260: if ($input != '' && in_array($key, array('username', 'email', 'title', 'realname', 'url', 'jabber', 'icq', 'msn', 'aim', 'yahoo', 'location', 'signature', 'admin_note')))
261: $conditions[] = 'u.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';	261: $conditions[] = 'u.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';
262: }	262: }
263:	263:
267: $conditions[] = 'u.num_posts<'.$posts_less;	267: $conditions[] = 'u.num_posts<'.$posts_less;
268:	268:
269: if ($user_group != 'all')	269: if ($user_group != 'all')
270: $conditions[] = 'u.group_id='.$db->escape($user_group);	270: $conditions[] = 'u.group_id='.intval($user_group);
271:	271:
272: if (empty($conditions))	272: if (empty($conditions))
273: message('You didn\'t enter any search terms.');	273: message('You didn\'t enter any search terms.');