PunBB 1.2.9 to 1.2.15 changes

PunBB 1.2.9 to 1.2.15 changes	Legend
	Lines removed
	Lines changed
		Lines added

punbb-1.2.9/upload/admin_bans.php	punbb-1.2.15/upload/admin_bans.php
192:	192:
193: if ($ban_user == '' && $ban_ip == '' && $ban_email == '')	193: if ($ban_user == '' && $ban_ip == '' && $ban_email == '')
194: message('You must enter either a username, an IP address or an e-mail address (at least).');	194: message('You must enter either a username, an IP address or an e-mail address (at least).');
	195: else if (strtolower($ban_user) == 'guest')
	196: message('The guest user cannot be banned.');
195:	197:
196: // Validate IP/IP range (it's overkill, I know)	198: // Validate IP/IP range (it's overkill, I know)
197: if ($ban_ip != '')	199: if ($ban_ip != '')

punbb-1.2.9/upload/admin_categories.php	punbb-1.2.15/upload/admin_categories.php
118: <fieldset>	118: <fieldset>
119: <legend>Confirm delete category</legend>	119: <legend>Confirm delete category</legend>
120: <div class="infldset">	120: <div class="infldset">
121: <p>Are you sure that you want to delete the category "<?php echo $cat_name ?>"?</p>	121: <p>Are you sure that you want to delete the category "<?php echo pun_htmlspecialchars($cat_name) ?>"?</p>
122: <p>WARNING! Deleting a category will delete all forums and posts (if any) in that category!</p>	122: <p>WARNING! Deleting a category will delete all forums and posts (if any) in that category!</p>
123: </div>	123: </div>
124: </fieldset>	124: </fieldset>
151: if ($cat_name[$i] == '')	151: if ($cat_name[$i] == '')
152: message('You must enter a category name.');	152: message('You must enter a category name.');
153:	153:
154: if (!preg_match('#^\d+$#', $cat_order[$i]))	154: if (!@preg_match('#^\d+$#', $cat_order[$i]))
155: message('Position must be an integer value.');	155: message('Position must be an integer value.');
156:	156:
157: list($cat_id, $position) = $db->fetch_row($result);	157: list($cat_id, $position) = $db->fetch_row($result);

punbb-1.2.9/upload/admin_groups.php	punbb-1.2.15/upload/admin_groups.php
264: confirm_referrer('admin_groups.php');	264: confirm_referrer('admin_groups.php');
265:	265:
266: $group_id = intval($_POST['default_group']);	266: $group_id = intval($_POST['default_group']);
267: if ($group_id < 1)	267: if ($group_id < 4)
268: message($lang_common['Bad request']);	268: message($lang_common['Bad request']);
269:	269:
270: $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$group_id.' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());	270: $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$group_id.' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());

punbb-1.2.9/upload/admin_loader.php	punbb-1.2.15/upload/admin_loader.php
37:	37:
38: // The plugin to load should be supplied via GET	38: // The plugin to load should be supplied via GET
39: $plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';	39: $plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
40: if (!preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))	40: if (!@preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))
41: message($lang_common['Bad request']);	41: message($lang_common['Bad request']);
42:	42:
43: // AP_ == Admins only, AMP_ == admins and moderators	43: // AP_ == Admins only, AMP_ == admins and moderators

punbb-1.2.9/upload/admin_maintenance.php	punbb-1.2.15/upload/admin_maintenance.php
52: // This is the only potentially "dangerous" thing we can do here, so we check the referer	52: // This is the only potentially "dangerous" thing we can do here, so we check the referer
53: confirm_referrer('admin_maintenance.php');	53: confirm_referrer('admin_maintenance.php');
54:	54:
55: $truncate_sql = ($db_type != 'sqlite') ? 'TRUNCATE TABLE ' : 'DELETE FROM ';	55: $truncate_sql = ($db_type != 'sqlite' && $db_type != 'pgsql') ? 'TRUNCATE TABLE ' : 'DELETE FROM ';
56: $db->query($truncate_sql.$db->prefix.'search_matches') or error('Unable to empty search index match table', __FILE__, __LINE__, $db->error());	56: $db->query($truncate_sql.$db->prefix.'search_matches') or error('Unable to empty search index match table', __FILE__, __LINE__, $db->error());
57: $db->query($truncate_sql.$db->prefix.'search_words') or error('Unable to empty search index words table', __FILE__, __LINE__, $db->error());	57: $db->query($truncate_sql.$db->prefix.'search_words') or error('Unable to empty search index words table', __FILE__, __LINE__, $db->error());
58:	58:
65: break;	65: break;
66:	66:
67: case 'pgsql';	67: case 'pgsql';
68: $result = $db->query('SELECT setval(\'search_words_id_seq\', 1, false)') or error('Unable to update sequence', __FILE__, __LINE__, $db->error());	68: $result = $db->query('SELECT setval(\''.$db->prefix.'search_words_id_seq\', 1, false)') or error('Unable to update sequence', __FILE__, __LINE__, $db->error());
69: }	69: }
70: }	70: }
71:	71:

punbb-1.2.9/upload/admin_options.php	punbb-1.2.15/upload/admin_options.php
37:	37:
38: if (isset($_POST['form_sent']))	38: if (isset($_POST['form_sent']))
39: {	39: {
40: // Lazy referer check (in case base_url isn't correct)	40: // Custom referrer check (so we can output a custom error message)
41: if (!isset($_SERVER['HTTP_REFERER']) \|\| !preg_match('#/admin_options\.php#i', $_SERVER['HTTP_REFERER']))	41: if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/admin_options.php', '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
42: message($lang_common['Bad referrer']);	42: message('Bad HTTP_REFERER. If you have moved these forums from one location to another or switched domains, you need to update the Base URL manually in the database (look for o_base_url in the config table) and then clear the cache by deleting all .php files in the /cache directory.');
43:	43:
44: $form = array_map('trim', $_POST['form']);	44: $form = array_map('trim', $_POST['form']);
45:	45:
46: if ($form['board_title'] == '')	46: if ($form['board_title'] == '')
47: message('You must enter a board title.');	47: message('You must enter a board title.');
48:	48:
	49: // Clean default_lang
	50: $form['default_lang'] = preg_replace('#[\.\\\/]#', '', $form['default_lang']);
	51:
49: require PUN_ROOT.'include/email.php';	52: require PUN_ROOT.'include/email.php';
50:	53:
51: $form['admin_email'] = strtolower($form['admin_email']);	54: $form['admin_email'] = strtolower($form['admin_email']);
62: // Make sure base_url doesn't end with a slash	65: // Make sure base_url doesn't end with a slash
63: if (substr($form['base_url'], -1) == '/')	66: if (substr($form['base_url'], -1) == '/')
64: $form['base_url'] = substr($form['base_url'], 0, -1);	67: $form['base_url'] = substr($form['base_url'], 0, -1);
	68:
	69: // Clean avatars_dir
	70: $form['avatars_dir'] = str_replace("\0", '', $form['avatars_dir']);
65:	71:
66: // Make sure avatars_dir doesn't end with a slash	72: // Make sure avatars_dir doesn't end with a slash
67: if (substr($form['avatars_dir'], -1) == '/')	73: if (substr($form['avatars_dir'], -1) == '/')

punbb-1.2.9/upload/admin_prune.php	punbb-1.2.15/upload/admin_prune.php
84:	84:
85:	85:
86: $prune_days = $_POST['req_prune_days'];	86: $prune_days = $_POST['req_prune_days'];
87: if (!preg_match('#^\d+$#', $prune_days))	87: if (!@preg_match('#^\d+$#', $prune_days))
88: message('Days to prune must be a positive integer.');	88: message('Days to prune must be a positive integer.');
89:	89:
90: $prune_date = time() - ($prune_days*86400);	90: $prune_date = time() - ($prune_days*86400);

punbb-1.2.9/upload/admin_ranks.php	punbb-1.2.15/upload/admin_ranks.php
46: if ($rank == '')	46: if ($rank == '')
47: message('You must enter a rank title.');	47: message('You must enter a rank title.');
48:	48:
49: if (!preg_match('#^\d+$#', $min_posts))	49: if (!@preg_match('#^\d+$#', $min_posts))
50: message('Minimum posts must be a positive integer value.');	50: message('Minimum posts must be a positive integer value.');
51:	51:
52: // Make sure there isn't already a rank with the same min_posts value	52: // Make sure there isn't already a rank with the same min_posts value
77: if ($rank == '')	77: if ($rank == '')
78: message('You must enter a rank title.');	78: message('You must enter a rank title.');
79:	79:
80: if (!preg_match('#^\d+$#', $min_posts))	80: if (!@preg_match('#^\d+$#', $min_posts))
81: message('Minimum posts must be a positive integer value.');	81: message('Minimum posts must be a positive integer value.');
82:	82:
83: // Make sure there isn't already a rank with the same min_posts value	83: // Make sure there isn't already a rank with the same min_posts value
84: $result = $db->query('SELECT 1 FROM '.$db->prefix.'ranks WHERE id!='.$id.' && min_posts='.$min_posts) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());	84: $result = $db->query('SELECT 1 FROM '.$db->prefix.'ranks WHERE id!='.$id.' AND min_posts='.$min_posts) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());
85: if ($db->num_rows($result))	85: if ($db->num_rows($result))
86: message('There is already a rank with a minimun posts value of '.$min_posts.'.');	86: message('There is already a rank with a minimun posts value of '.$min_posts.'.');
87:	87:

punbb-1.2.9/upload/extern.php	punbb-1.2.15/upload/extern.php
149: if (!isset($lang_common))	149: if (!isset($lang_common))
150: exit('There is no valid language pack \''.$pun_config['o_default_lang'].'\' installed. Please reinstall a language of that name.');	150: exit('There is no valid language pack \''.$pun_config['o_default_lang'].'\' installed. Please reinstall a language of that name.');
151:	151:
	152: // Check if we are to display a maintenance message
	153: if ($pun_config['o_maintenance'] && !defined('PUN_TURN_OFF_MAINT'))
	154: maintenance_message();
	155:
152: if (!isset($_GET['action']))	156: if (!isset($_GET['action']))
153: exit('No parameters supplied. See extern.php for instructions.');	157: exit('No parameters supplied. See extern.php for instructions.');
154:	158:

punbb-1.2.9/upload/footer.php	punbb-1.2.15/upload/footer.php
139: // END SUBST - <pun_footer>	139: // END SUBST - <pun_footer>
140:	140:
141:	141:
142: // START SUBST - <pun_include "*">
143: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_main, $cur_include))
144: {
145: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
146: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template main.tpl. There is no such file in folder /include/user/');
147:
148: ob_start();
149: include PUN_ROOT.'include/user/'.$cur_include[1];
150: $tpl_temp = ob_get_contents();
151: $tpl_main = str_replace($cur_include[0], $tpl_temp, $tpl_main);
152: ob_end_clean();
153: }
154: // END SUBST - <pun_include "*">
155:
156:
157: // Close the db connection (and free up any result data)	142: // Close the db connection (and free up any result data)
158: $db->close();	143: $db->close();
159:	144:

punbb-1.2.9/upload/header.php	punbb-1.2.15/upload/header.php
43: $tpl_main = file_get_contents(PUN_ROOT.'include/template/main.tpl');	43: $tpl_main = file_get_contents(PUN_ROOT.'include/template/main.tpl');
44:	44:
45:	45:
	46: // START SUBST - <pun_include "*">
	47: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?\|inc\|html?\|txt)">#', $tpl_main, $cur_include))
	48: {
	49: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]))
	50: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template main.tpl. There is no such file in folder /include/user/');
	51:
	52: ob_start();
	53: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2];
	54: $tpl_temp = ob_get_contents();
	55: $tpl_main = str_replace($cur_include[0], $tpl_temp, $tpl_main);
	56: ob_end_clean();
	57: }
	58: // END SUBST - <pun_include "*">
	59:
	60:
46: // START SUBST - <pun_content_direction>	61: // START SUBST - <pun_content_direction>
47: $tpl_main = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_main);	62: $tpl_main = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_main);
48: // END SUBST - <pun_content_direction>	63: // END SUBST - <pun_content_direction>
131:	146:
132:	147:
133: // START SUBST - <pun_page>	148: // START SUBST - <pun_page>
134: $tpl_main = str_replace('<pun_page>', basename($_SERVER['PHP_SELF'], '.php'), $tpl_main);	149: $tpl_main = str_replace('<pun_page>', htmlspecialchars(basename($_SERVER['PHP_SELF'], '.php')), $tpl_main);
135: // END SUBST - <pun_title>	150: // END SUBST - <pun_title>
136:	151:
137:	152:

punbb-1.2.9/upload/include/common.php	punbb-1.2.15/upload/include/common.php
32: if (!defined('PUN_ROOT'))	32: if (!defined('PUN_ROOT'))
33: exit('The constant PUN_ROOT must be defined and point to a valid PunBB installation root directory.');	33: exit('The constant PUN_ROOT must be defined and point to a valid PunBB installation root directory.');
34:	34:
	35:
	36: // Load the functions script
	37: require PUN_ROOT.'include/functions.php';
	38:
	39: // Reverse the effect of register_globals
	40: unregister_globals();
	41:
	42:
35: @include PUN_ROOT.'config.php';	43: @include PUN_ROOT.'config.php';
36:	44:
37: // If PUN isn't defined, config.php is missing or corrupt	45: // If PUN isn't defined, config.php is missing or corrupt
75: define('PUN_MOD', 2);	83: define('PUN_MOD', 2);
76: define('PUN_GUEST', 3);	84: define('PUN_GUEST', 3);
77: define('PUN_MEMBER', 4);	85: define('PUN_MEMBER', 4);
78:
79:
80: // Load the functions script
81: require PUN_ROOT.'include/functions.php';
82:
83: // Reverse the effect of register_globals
84: if (@ini_get('register_globals'))
85: unregister_globals();
86:	86:
87:	87:
88: // Load DB abstraction layer and connect	88: // Load DB abstraction layer and connect

punbb-1.2.9/upload/include/dblayer/mysql.php	punbb-1.2.15/upload/include/dblayer/mysql.php
156:	156:
157: function escape($str)	157: function escape($str)
158: {	158: {
159: if (function_exists('mysql_real_escape_string'))	159: if (is_array($str))
	160: return '';
	161: else if (function_exists('mysql_real_escape_string'))
160: return mysql_real_escape_string($str, $this->link_id);	162: return mysql_real_escape_string($str, $this->link_id);
161: else	163: else
162: return mysql_escape_string($str);	164: return mysql_escape_string($str);

punbb-1.2.9/upload/include/dblayer/mysqli.php	punbb-1.2.15/upload/include/dblayer/mysqli.php
159:	159:
160: function escape($str)	160: function escape($str)
161: {	161: {
162: return mysqli_real_escape_string($this->link_id, $str);	162: return is_array($str) ? '' : mysqli_real_escape_string($this->link_id, $str);
163: }	163: }
164:	164:
165:	165:

punbb-1.2.9/upload/include/dblayer/pgsql.php	punbb-1.2.15/upload/include/dblayer/pgsql.php
217:	217:
218: function escape($str)	218: function escape($str)
219: {	219: {
220: return pg_escape_string($str);	220: return is_array($str) ? '' : pg_escape_string($str);
221: }	221: }
222:	222:
223:	223:

punbb-1.2.9/upload/include/dblayer/sqlite.php	punbb-1.2.15/upload/include/dblayer/sqlite.php
219:	219:
220: function escape($str)	220: function escape($str)
221: {	221: {
222: return sqlite_escape_string($str);	222: return is_array($str) ? '' : sqlite_escape_string($str);
223: }	223: }
224:	224:
225:	225:

punbb-1.2.9/upload/include/email.php	punbb-1.2.15/upload/include/email.php
77:	77:
78: $headers = 'From: '.$from."\r\n".'Date: '.date('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset='.$lang_common['lang_encoding']."\r\n".'X-Mailer: PunBB Mailer';	78: $headers = 'From: '.$from."\r\n".'Date: '.date('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset='.$lang_common['lang_encoding']."\r\n".'X-Mailer: PunBB Mailer';
79:	79:
80: // Make sure all linebreaks are CRLF in message	80: // Make sure all linebreaks are CRLF in message (and strip out any NULL bytes)
81: $message = str_replace("\n", "\r\n", pun_linebreaks($message));	81: $message = str_replace(array("\n", "\0"), array("\r\n", ''), pun_linebreaks($message));
82:	82:
83: if ($pun_config['o_smtp_host'] != '')	83: if ($pun_config['o_smtp_host'] != '')
84: smtp_mail($to, $subject, $message, $headers);	84: smtp_mail($to, $subject, $message, $headers);

punbb-1.2.9/upload/include/functions.php	punbb-1.2.15/upload/include/functions.php
27: //	27: //
28: function check_cookie(&$pun_user)	28: function check_cookie(&$pun_user)
29: {	29: {
30: global $db, $pun_config, $cookie_name, $cookie_seed;	30: global $db, $db_type, $pun_config, $cookie_name, $cookie_seed;
31:	31:
32: $now = time();	32: $now = time();
33: $expire = $now + 31536000; // The cookie expires after a year	33: $expire = $now + 31536000; // The cookie expires after a year
75: {	75: {
76: // Update the online list	76: // Update the online list
77: if (!$pun_user['logged'])	77: if (!$pun_user['logged'])
78: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$now.')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());	78: {
	79: $pun_user['logged'] = $now;
	80:
	81: // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table
	82: switch ($db_type)
	83: {
	84: case 'mysql':
	85: case 'mysqli':
	86: $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	87: break;
	88:
	89: default:
	90: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	91: break;
	92: }
	93: }
79: else	94: else
80: {	95: {
81: // Special case: We've timed out, but no other user has browsed the forums since we timed out	96: // Special case: We've timed out, but no other user has browsed the forums since we timed out
102: //	117: //
103: function set_default_user()	118: function set_default_user()
104: {	119: {
105: global $db, $pun_user, $pun_config;	120: global $db, $db_type, $pun_user, $pun_config;
106:	121:
107: $remote_addr = get_remote_address();	122: $remote_addr = get_remote_address();
108:	123:
115:	130:
116: // Update online list	131: // Update online list
117: if (!$pun_user['logged'])	132: if (!$pun_user['logged'])
118: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.time().')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());	133: {
	134: $pun_user['logged'] = time();
	135:
	136: // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table
	137: switch ($db_type)
	138: {
	139: case 'mysql':
	140: case 'mysqli':
	141: $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	142: break;
	143:
	144: default:
	145: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
	146: break;
	147: }
	148: }
119: else	149: else
120: $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());	150: $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());
121:	151:
138: // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6)	168: // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6)
139: // @header('P3P: CP="CUR ADM"');	169: // @header('P3P: CP="CUR ADM"');
140:	170:
141: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure);	171: if (version_compare(PHP_VERSION, '5.2.0', '>='))
	172: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure, true);
	173: else
	174: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path.'; HttpOnly', $cookie_domain, $cookie_secure);
142: }	175: }
143:	176:
144:	177:
681: //	714: //
682: function get_remote_address()	715: function get_remote_address()
683: {	716: {
684: $remote_address = $_SERVER['REMOTE_ADDR'];	717: return $_SERVER['REMOTE_ADDR'];
685:
686: // If HTTP_X_FORWARDED_FOR is set, we try to grab the first non-LAN IP
687: if (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
688: {
689: if (preg_match_all('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_SERVER['HTTP_X_FORWARDED_FOR'], $address_list))
690: {
691: $lan_ips = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\../', '/^172\.((1[6-9])\|(2[0-9])\|(3[0-1]))\../', '/^10\../', '/^224\../', '/^240\..*/');
692: $address_list = preg_replace($lan_ips, null, $address_list[0]);
693:
694: while (list(, $cur_address) = each($address_list))
695: {
696: if ($cur_address)
697: {
698: $remote_address = $cur_address;
699: break;
700: }
701: }
702: }
703: }
704:
705: return $remote_address;
706: }	718: }
707:	719:
708:	720:
770: $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl'));	782: $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl'));
771:	783:
772:	784:
	785: // START SUBST - <pun_include "*">
	786: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?\|inc\|html?\|txt)">#', $tpl_maint, $cur_include))
	787: {
	788: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]))
	789: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template maintenance.tpl. There is no such file in folder /include/user/');
	790:
	791: ob_start();
	792: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2];
	793: $tpl_temp = ob_get_contents();
	794: $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint);
	795: ob_end_clean();
	796: }
	797: // END SUBST - <pun_include "*">
	798:
	799:
773: // START SUBST - <pun_content_direction>	800: // START SUBST - <pun_content_direction>
774: $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint);	801: $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint);
775: // END SUBST - <pun_content_direction>	802: // END SUBST - <pun_content_direction>
808: $db->end_transaction();	835: $db->end_transaction();
809:	836:
810:	837:
811: // START SUBST - <pun_include "*">
812: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_maint, $cur_include))
813: {
814: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
815: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template maintenance.tpl. There is no such file in folder /include/user/');
816:
817: ob_start();
818: include PUN_ROOT.'include/user/'.$cur_include[1];
819: $tpl_temp = ob_get_contents();
820: $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint);
821: ob_end_clean();
822: }
823: // END SUBST - <pun_include "*">
824:
825:
826: // Close the db connection (and free up any result data)	838: // Close the db connection (and free up any result data)
827: $db->close();	839: $db->close();
828:	840:
849: $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl'));	861: $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl'));
850:	862:
851:	863:
	864: // START SUBST - <pun_include "*">
	865: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?\|inc\|html?\|txt)">#', $tpl_redir, $cur_include))
	866: {
	867: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]))
	868: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template redirect.tpl. There is no such file in folder /include/user/');
	869:
	870: ob_start();
	871: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2];
	872: $tpl_temp = ob_get_contents();
	873: $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir);
	874: ob_end_clean();
	875: }
	876: // END SUBST - <pun_include "*">
	877:
	878:
852: // START SUBST - <pun_content_direction>	879: // START SUBST - <pun_content_direction>
853: $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir);	880: $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir);
854: // END SUBST - <pun_content_direction>	881: // END SUBST - <pun_content_direction>
901: // END SUBST - <pun_footer>	928: // END SUBST - <pun_footer>
902:	929:
903:	930:
904: // START SUBST - <pun_include "*">
905: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_redir, $cur_include))
906: {
907: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
908: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template redirect.tpl. There is no such file in folder /include/user/');
909:
910: ob_start();
911: include PUN_ROOT.'include/user/'.$cur_include[1];
912: $tpl_temp = ob_get_contents();
913: $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir);
914: ob_end_clean();
915: }
916: // END SUBST - <pun_include "*">
917:
918:
919: // Close the db connection (and free up any result data)	931: // Close the db connection (and free up any result data)
920: $db->close();	932: $db->close();
921:	933:
943:	955:
944: ?>	956: ?>
945: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	957: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
946: <html dir="ltr">	958: <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
947: <head>	959: <head>
948: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />	960: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
949: <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title>	961: <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title>
1052: //	1064: //
1053: // Unset any variables instantiated as a result of register_globals being enabled	1065: // Unset any variables instantiated as a result of register_globals being enabled
1054: //	1066: //
1055: function unregister_globals()	1067: function unregister_globals()
1056: {	1068: {
1057: // Prevent script.php?GLOBALS[foo]=bar	1069: $register_globals = @ini_get('register_globals');
1058: if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']))	1070: if ($register_globals === "" \|\| $register_globals === "0" \|\| strtolower($register_globals === "off"))
1059: exit('I\'ll have a steak sandwich and... a steak sandwich.');	1071: return;
1060:	1072:
1061: // Variables that shouldn't be unset	1073: // Prevent script.php?GLOBALS[foo]=bar
1062: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');	1074: if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']))
	1075: exit('I\'ll have a steak sandwich and... a steak sandwich.');
	1076:
	1077: // Variables that shouldn't be unset
	1078: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');
1063:	1079:
1064: // Remove elements in $GLOBALS that are present in any of the superglobals	1080: // Remove elements in $GLOBALS that are present in any of the superglobals
1065: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());	1081: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
1066: foreach ($input as $k => $v)	1082: foreach ($input as $k => $v)
1067: {	1083: {
1068: if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))	1084: if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))
1069: unset($GLOBALS[$k]);	1085: {
1070: }	1086: unset($GLOBALS[$k]);
	1087: unset($GLOBALS[$k]); // Double unset to circumvent the zend_hash_del_key_or_index hole in PHP <4.4.3 and <5.1.4
	1088: }
	1089: }
1071: }	1090: }
1072:	1091:
1073:	1092:

punbb-1.2.9/upload/include/parser.php	punbb-1.2.15/upload/include/parser.php
264: {	264: {
265: global $pun_user;	265: global $pun_user;
266:	266:
267: $full_url = str_replace(array(' ', '\'', '`'), array('%20', '', ''), $url);	267: $full_url = str_replace(array(' ', '\'', '`', '"'), array('%20', '', '', ''), $url);
268: if (strpos($url, 'www.') === 0) // If it starts with www, we add http://	268: if (strpos($url, 'www.') === 0) // If it starts with www, we add http://
269: $full_url = 'http://'.$full_url;	269: $full_url = 'http://'.$full_url;
270: else if (strpos($url, 'ftp.') === 0) // Else if it starts with ftp, we add ftp://	270: else if (strpos($url, 'ftp.') === 0) // Else if it starts with ftp, we add ftp://

punbb-1.2.9/upload/include/search_idx.php	punbb-1.2.15/upload/include/search_idx.php
69: {	69: {
70: while (list($i, $word) = @each($words))	70: while (list($i, $word) = @each($words))
71: {	71: {
	72: $words[$i] = trim($word, '.');
72: $num_chars = pun_strlen($word);	73: $num_chars = pun_strlen($word);
73:
74: if (strrpos($word, '.') == ($num_chars-1))
75: $words[$i] = substr($word, 0, -1);
76:	74:
77: if ($num_chars < 3 \|\| $num_chars > 20 \|\| in_array($word, $stopwords))	75: if ($num_chars < 3 \|\| $num_chars > 20 \|\| in_array($word, $stopwords))
78: unset($words[$i]);	76: unset($words[$i]);

punbb-1.2.9/upload/include/template/admin.tpl	punbb-1.2.15/upload/include/template/admin.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.9/upload/include/template/help.tpl	punbb-1.2.15/upload/include/template/help.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.9/upload/include/template/main.tpl	punbb-1.2.15/upload/include/template/main.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.9/upload/include/template/maintenance.tpl	punbb-1.2.15/upload/include/template/maintenance.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.9/upload/include/template/redirect.tpl	punbb-1.2.15/upload/include/template/redirect.tpl
1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">	1: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2:	2:
3: <html dir="<pun_content_direction>">	3: <html xmlns="http://www.w3.org/1999/xhtml" dir="<pun_content_direction>">
4: <head>	4: <head>
5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />	5: <meta http-equiv="Content-Type" content="text/html; charset=<pun_char_encoding>" />
6: <pun_head>	6: <pun_head>

punbb-1.2.9/upload/install.php	punbb-1.2.15/upload/install.php
24:	24:
25:	25:
26: // The PunBB version this script installs	26: // The PunBB version this script installs
27: $punbb_version = '1.2.9';	27: $punbb_version = '1.2.15';
28:	28:
29:	29:
30: define('PUN_ROOT', './');	30: define('PUN_ROOT', './');
757: poster_id INT(10) UNSIGNED NOT NULL DEFAULT 1,	757: poster_id INT(10) UNSIGNED NOT NULL DEFAULT 1,
758: poster_ip VARCHAR(15),	758: poster_ip VARCHAR(15),
759: poster_email VARCHAR(50),	759: poster_email VARCHAR(50),
760: message TEXT NOT NULL DEFAULT '',	760: message TEXT,
761: hide_smilies TINYINT(1) NOT NULL DEFAULT 0,	761: hide_smilies TINYINT(1) NOT NULL DEFAULT 0,
762: posted INT(10) UNSIGNED NOT NULL DEFAULT 0,	762: posted INT(10) UNSIGNED NOT NULL DEFAULT 0,
763: edited INT(10) UNSIGNED,	763: edited INT(10) UNSIGNED,
774: poster_id INT NOT NULL DEFAULT 1,	774: poster_id INT NOT NULL DEFAULT 1,
775: poster_ip VARCHAR(15),	775: poster_ip VARCHAR(15),
776: poster_email VARCHAR(50),	776: poster_email VARCHAR(50),
777: message TEXT NOT NULL DEFAULT '',	777: message TEXT,
778: hide_smilies SMALLINT NOT NULL DEFAULT 0,	778: hide_smilies SMALLINT NOT NULL DEFAULT 0,
779: posted INT NOT NULL DEFAULT 0,	779: posted INT NOT NULL DEFAULT 0,
780: edited INT,	780: edited INT,
791: poster_id INTEGER NOT NULL DEFAULT 1,	791: poster_id INTEGER NOT NULL DEFAULT 1,
792: poster_ip VARCHAR(15),	792: poster_ip VARCHAR(15),
793: poster_email VARCHAR(50),	793: poster_email VARCHAR(50),
794: message TEXT NOT NULL DEFAULT '',	794: message TEXT,
795: hide_smilies INTEGER NOT NULL DEFAULT 0,	795: hide_smilies INTEGER NOT NULL DEFAULT 0,
796: posted INTEGER NOT NULL DEFAULT 0,	796: posted INTEGER NOT NULL DEFAULT 0,
797: edited INTEGER,	797: edited INTEGER,
852: forum_id INT(10) UNSIGNED NOT NULL DEFAULT 0,	852: forum_id INT(10) UNSIGNED NOT NULL DEFAULT 0,
853: reported_by INT(10) UNSIGNED NOT NULL DEFAULT 0,	853: reported_by INT(10) UNSIGNED NOT NULL DEFAULT 0,
854: created INT(10) UNSIGNED NOT NULL DEFAULT 0,	854: created INT(10) UNSIGNED NOT NULL DEFAULT 0,
855: message TEXT NOT NULL DEFAULT '',	855: message TEXT,
856: zapped INT(10) UNSIGNED,	856: zapped INT(10) UNSIGNED,
857: zapped_by INT(10) UNSIGNED,	857: zapped_by INT(10) UNSIGNED,
858: PRIMARY KEY (id)	858: PRIMARY KEY (id)
867: forum_id INT NOT NULL DEFAULT 0,	867: forum_id INT NOT NULL DEFAULT 0,
868: reported_by INT NOT NULL DEFAULT 0,	868: reported_by INT NOT NULL DEFAULT 0,
869: created INT NOT NULL DEFAULT 0,	869: created INT NOT NULL DEFAULT 0,
870: message TEXT NOT NULL DEFAULT '',	870: message TEXT,
871: zapped INT,	871: zapped INT,
872: zapped_by INT,	872: zapped_by INT,
873: PRIMARY KEY (id)	873: PRIMARY KEY (id)
882: forum_id INTEGER NOT NULL DEFAULT 0,	882: forum_id INTEGER NOT NULL DEFAULT 0,
883: reported_by INTEGER NOT NULL DEFAULT 0,	883: reported_by INTEGER NOT NULL DEFAULT 0,
884: created INTEGER NOT NULL DEFAULT 0,	884: created INTEGER NOT NULL DEFAULT 0,
885: message TEXT NOT NULL DEFAULT '',	885: message TEXT,
886: zapped INTEGER,	886: zapped INTEGER,
887: zapped_by INTEGER,	887: zapped_by INTEGER,
888: PRIMARY KEY (id)	888: PRIMARY KEY (id)
901: $sql = 'CREATE TABLE '.$db_prefix."search_cache (	901: $sql = 'CREATE TABLE '.$db_prefix."search_cache (
902: id INT(10) UNSIGNED NOT NULL DEFAULT 0,	902: id INT(10) UNSIGNED NOT NULL DEFAULT 0,
903: ident VARCHAR(200) NOT NULL DEFAULT '',	903: ident VARCHAR(200) NOT NULL DEFAULT '',
904: search_data TEXT NOT NULL DEFAULT '',	904: search_data TEXT,
905: PRIMARY KEY (id)	905: PRIMARY KEY (id)
906: ) TYPE=MyISAM;";	906: ) TYPE=MyISAM;";
907: break;	907: break;
910: $sql = 'CREATE TABLE '.$db_prefix."search_cache (	910: $sql = 'CREATE TABLE '.$db_prefix."search_cache (
911: id INT NOT NULL DEFAULT 0,	911: id INT NOT NULL DEFAULT 0,
912: ident VARCHAR(200) NOT NULL DEFAULT '',	912: ident VARCHAR(200) NOT NULL DEFAULT '',
913: search_data TEXT NOT NULL DEFAULT '',	913: search_data TEXT,
914: PRIMARY KEY (id)	914: PRIMARY KEY (id)
915: )";	915: )";
916: break;	916: break;
919: $sql = 'CREATE TABLE '.$db_prefix."search_cache (	919: $sql = 'CREATE TABLE '.$db_prefix."search_cache (
920: id INTEGER NOT NULL DEFAULT 0,	920: id INTEGER NOT NULL DEFAULT 0,
921: ident VARCHAR(200) NOT NULL DEFAULT '',	921: ident VARCHAR(200) NOT NULL DEFAULT '',
922: search_data TEXT NOT NULL DEFAULT '',	922: search_data TEXT,
923: PRIMARY KEY (id)	923: PRIMARY KEY (id)
924: )";	924: )";
925: break;	925: break;
1234: case 'mysql':	1234: case 'mysql':
1235: case 'mysqli':	1235: case 'mysqli':
1236: // We use MySQL's ALTER TABLE ... ADD INDEX syntax instead of CREATE INDEX to avoid problems with users lacking the INDEX privilege	1236: // We use MySQL's ALTER TABLE ... ADD INDEX syntax instead of CREATE INDEX to avoid problems with users lacking the INDEX privilege
	1237: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD UNIQUE INDEX '.$db_prefix.'online_user_id_ident_idx(user_id,ident)';
1237: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD INDEX '.$db_prefix.'online_user_id_idx(user_id)';	1238: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD INDEX '.$db_prefix.'online_user_id_idx(user_id)';
1238: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_topic_id_idx(topic_id)';	1239: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_topic_id_idx(topic_id)';
1239: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_multi_idx(poster_id, topic_id)';	1240: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_multi_idx(poster_id, topic_id)';

punbb-1.2.9/upload/login.php	punbb-1.2.15/upload/login.php
78: $expire = ($save_pass == '1') ? time() + 31536000 : 0;	78: $expire = ($save_pass == '1') ? time() + 31536000 : 0;
79: pun_setcookie($user_id, $form_password_hash, $expire);	79: pun_setcookie($user_id, $form_password_hash, $expire);
80:	80:
81: redirect($_POST['redirect_url'], $lang_login['Login redirect']);	81: redirect(htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']);
82: }	82: }
83:	83:
84:	84:

punbb-1.2.9/upload/misc.php	punbb-1.2.15/upload/misc.php
120:	120:
121: pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>');	121: pun_mail($recipient_email, $mail_subject, $mail_message, '"'.str_replace('"', '', $pun_user['username']).'" <'.$pun_user['email'].'>');
122:	122:
123: redirect($_POST['redirect_url'], $lang_misc['E-mail sent redirect']);	123: redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['E-mail sent redirect']);
124: }	124: }
125:	125:
126:	126:
127: // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)	127: // Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the e-mail is sent)
128: $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? $_SERVER['HTTP_REFERER'] : 'index.php';	128: $redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($pun_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
129:	129:
130: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);	130: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_misc['Send e-mail to'].' '.pun_htmlspecialchars($recipient);
131: $required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);	131: $required_fields = array('req_subject' => $lang_misc['E-mail subject'], 'req_message' => $lang_misc['E-mail message']);

punbb-1.2.9/upload/moderate.php	punbb-1.2.15/upload/moderate.php
35: message($lang_common['No permission']);	35: message($lang_common['No permission']);
36:	36:
37: // Is get_host an IP address or a post ID?	37: // Is get_host an IP address or a post ID?
38: if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_GET['get_host']))	38: if (@preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_GET['get_host']))
39: $ip = $_GET['get_host'];	39: $ip = $_GET['get_host'];
40: else	40: else
41: {	41: {
98: {	98: {
99: confirm_referrer('moderate.php');	99: confirm_referrer('moderate.php');
100:	100:
101: if (preg_match('/[^0-9,]/', $posts))	101: if (@preg_match('/[^0-9,]/', $posts))
	102: message($lang_common['Bad request']);
	103:
	104: // Verify that the post IDs are valid
	105: $result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
	106:
	107: if ($db->num_rows($result) != substr_count($posts, ',') + 1)
102: message($lang_common['Bad request']);	108: message($lang_common['Bad request']);
103:	109:
104: // Delete the posts	110: // Delete the posts
281: {	287: {
282: confirm_referrer('moderate.php');	288: confirm_referrer('moderate.php');
283:	289:
284: if (preg_match('/[^0-9,]/', $_POST['topics']))	290: if (@preg_match('/[^0-9,]/', $_POST['topics']))
285: message($lang_common['Bad request']);	291: message($lang_common['Bad request']);
286:	292:
287: $topics = explode(',', $_POST['topics']);	293: $topics = explode(',', $_POST['topics']);
289: if (empty($topics) \|\| $move_to_forum < 1)	295: if (empty($topics) \|\| $move_to_forum < 1)
290: message($lang_common['Bad request']);	296: message($lang_common['Bad request']);
291:	297:
	298: // Verify that the topic IDs are valid
	299: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.implode(',',$topics).') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
	300:
	301: if ($db->num_rows($result) != count($topics))
	302: message($lang_common['Bad request']);
	303:
292: // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from)	304: // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from)
293: $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());	305: $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());
294:	306:
400: {	412: {
401: confirm_referrer('moderate.php');	413: confirm_referrer('moderate.php');
402:	414:
403: if (preg_match('/[^0-9,]/', $topics))	415: if (@preg_match('/[^0-9,]/', $topics))
404: message($lang_common['Bad request']);	416: message($lang_common['Bad request']);
405:	417:
406: require PUN_ROOT.'include/search_idx.php';	418: require PUN_ROOT.'include/search_idx.php';
407:	419:
	420: // Verify that the topic IDs are valid
	421: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.$topics.') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
	422:
	423: if ($db->num_rows($result) != substr_count($topics, ',') + 1)
	424: message($lang_common['Bad request']);
	425:
408: // Delete the topics and any redirect topics	426: // Delete the topics and any redirect topics
409: $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());	427: $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error());
410:	428:
472: if (empty($topics))	490: if (empty($topics))
473: message($lang_misc['No topics selected']);	491: message($lang_misc['No topics selected']);
474:	492:
475: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).')') or error('Unable to close topics', __FILE__, __LINE__, $db->error());	493: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).') AND forum_id='.$fid) or error('Unable to close topics', __FILE__, __LINE__, $db->error());
476:	494:
477: $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect'];	495: $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect'];
478: redirect('moderate.php?fid='.$fid, $redirect_msg);	496: redirect('moderate.php?fid='.$fid, $redirect_msg);
486: if ($topic_id < 1)	504: if ($topic_id < 1)
487: message($lang_common['Bad request']);	505: message($lang_common['Bad request']);
488:	506:
489: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id) or error('Unable to close topic', __FILE__, __LINE__, $db->error());	507: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id.' AND forum_id='.$fid) or error('Unable to close topic', __FILE__, __LINE__, $db->error());
490:	508:
491: $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect'];	509: $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect'];
492: redirect('viewtopic.php?id='.$topic_id, $redirect_msg);	510: redirect('viewtopic.php?id='.$topic_id, $redirect_msg);
503: if ($stick < 1)	521: if ($stick < 1)
504: message($lang_common['Bad request']);	522: message($lang_common['Bad request']);
505:	523:
506: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());	524: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick.' AND forum_id='.$fid) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());
507:	525:
508: redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']);	526: redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']);
509: }	527: }
518: if ($unstick < 1)	536: if ($unstick < 1)
519: message($lang_common['Bad request']);	537: message($lang_common['Bad request']);
520:	538:
521: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());	539: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick.' AND forum_id='.$fid) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());
522:	540:
523: redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']);	541: redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']);
524: }	542: }

punbb-1.2.9/upload/post.php	punbb-1.2.15/upload/post.php
128: $errors[] = $lang_register['Username censor'];	128: $errors[] = $lang_register['Username censor'];
129:	129:
130: // Check that the username (or a too similar username) is not already registered	130: // Check that the username (or a too similar username) is not already registered
131: $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE username=\''.$db->escape($username).'\' OR username=\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());	131: $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE (username=\''.$db->escape($username).'\' OR username=\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\') AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
132: if ($db->num_rows($result))	132: if ($db->num_rows($result))
133: {	133: {
134: $busy = $db->result($result);	134: $busy = $db->result($result);
338: if ($qid < 1)	338: if ($qid < 1)
339: message($lang_common['Bad request']);	339: message($lang_common['Bad request']);
340:	340:
341: $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());	341: $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());
342: if (!$db->num_rows($result))	342: if (!$db->num_rows($result))
343: message($lang_common['Bad request']);	343: message($lang_common['Bad request']);
344:	344:

punbb-1.2.9/upload/profile.php	punbb-1.2.15/upload/profile.php
190: $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());	190: $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
191: list($new_email, $new_email_key) = $db->fetch_row($result);	191: list($new_email, $new_email_key) = $db->fetch_row($result);
192:	192:
193: if ($key != $new_email_key)	193: if ($key == '' \|\| $key != $new_email_key)
194: message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');	194: message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
195: else	195: else
196: {	196: {
201: }	201: }
202: else if (isset($_POST['form_sent']))	202: else if (isset($_POST['form_sent']))
203: {	203: {
	204: if (pun_hash($_POST['req_password']) !== $pun_user['password'])
	205: message($lang_profile['Wrong pass']);
	206:
204: require PUN_ROOT.'include/email.php';	207: require PUN_ROOT.'include/email.php';
205:	208:
206: // Validate the email-address	209: // Validate the email-address
264: }	267: }
265:	268:
266: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];	269: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
267: $required_fields = array('req_new_email' => $lang_profile['New e-mail']);	270: $required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']);
268: $focus_element = array('change_email', 'req_new_email');	271: $focus_element = array('change_email', 'req_new_email');
269: require PUN_ROOT.'header.php';	272: require PUN_ROOT.'header.php';
270:	273:
279: <div class="infldset">	282: <div class="infldset">
280: <input type="hidden" name="form_sent" value="1" />	283: <input type="hidden" name="form_sent" value="1" />
281: <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label>	284: <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label>
	285: <label><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" /><br /></label>
282: <p><?php echo $lang_profile['E-mail instructions'] ?></p>	286: <p><?php echo $lang_profile['E-mail instructions'] ?></p>
283: </div>	287: </div>
284: </fieldset>	288: </fieldset>
362: message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');	366: message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
363:	367:
364: // Now check the width/height	368: // Now check the width/height
365: list($width, $height, ,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp');	369: list($width, $height, $type,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
366: if (empty($width) \|\| empty($height) \|\| $width > $pun_config['o_avatars_width'] \|\| $height > $pun_config['o_avatars_height'])	370: if (empty($width) \|\| empty($height) \|\| $width > $pun_config['o_avatars_width'] \|\| $height > $pun_config['o_avatars_height'])
367: {	371: {
368: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');	372: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
369: message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');	373: message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');
370: }	374: }
	375: else if ($type == 1 && $uploaded_file['type'] != 'image/gif') // Prevent dodgy uploads
	376: {
	377: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
	378: message($lang_profile['Bad type']);
	379: }
371:	380:
372: // Delete any old avatars and put the new one in place	381: // Delete any old avatars and put the new one in place
373: @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);	382: @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);
743: }	752: }
744:	753:
745: // Add http:// if the URL doesn't contain it already	754: // Add http:// if the URL doesn't contain it already
746: if ($form['url'] != '' && !stristr($form['url'], 'http://'))	755: if ($form['url'] != '' && strpos(strtolower($form['url']), 'http://') !== 0)
747: $form['url'] = 'http://'.$form['url'];	756: $form['url'] = 'http://'.$form['url'];
748:	757:
749: break;	758: break;
754: $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo'));	763: $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo'));
755:	764:
756: // If the ICQ UIN contains anything other than digits it's invalid	765: // If the ICQ UIN contains anything other than digits it's invalid
757: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq']))	766: if ($form['icq'] != '' && @preg_match('/[^0-9]/', $form['icq']))
758: message($lang_prof_reg['Bad ICQ']);	767: message($lang_prof_reg['Bad ICQ']);
759:	768:
760: break;	769: break;

punbb-1.2.9/upload/register.php	punbb-1.2.15/upload/register.php
79:	79:
80: else if (isset($_POST['form_sent']))	80: else if (isset($_POST['form_sent']))
81: {	81: {
	82: // Check that someone from this IP didn't register a user within the last hour (DoS prevention)
	83: $result = $db->query('SELECT 1 FROM '.$db->prefix.'users WHERE registration_ip=\''.get_remote_address().'\' AND registered>'.(time() - 3600)) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
	84:
	85: if ($db->num_rows($result))
	86: message('A new user was registered with the same IP address as you within the last hour. To prevent registration flooding, at least an hour has to pass between registrations from the same IP. Sorry for the inconvenience.');
	87:
	88:
82: $username = pun_trim($_POST['req_username']);	89: $username = pun_trim($_POST['req_username']);
83: $email1 = strtolower(trim($_POST['req_email1']));	90: $email1 = strtolower(trim($_POST['req_email1']));
84:	91:
166: $dupe_list[] = $cur_dupe['username'];	173: $dupe_list[] = $cur_dupe['username'];
167: }	174: }
168:	175:
169: $timezone = intval($_POST['timezone']);	176: // Make sure we got a valid language string
170: $language = isset($_POST['language']) ? $_POST['language'] : $pun_config['o_default_lang'];	177: if (isset($_POST['language']))
	178: {
	179: $language = preg_replace('#[\.\\\/]#', '', $_POST['language']);
	180: if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
	181: message($lang_common['Bad request']);
	182: }
	183: else
	184: $language = $pun_config['o_default_lang'];
	185:
	186: $timezone = round($_POST['timezone'], 1);
171: $save_pass = (!isset($_POST['save_pass']) \|\| $_POST['save_pass'] != '1') ? '0' : '1';	187: $save_pass = (!isset($_POST['save_pass']) \|\| $_POST['save_pass'] != '1') ? '0' : '1';
172:	188:
173: $email_setting = intval($_POST['email_setting']);	189: $email_setting = intval($_POST['email_setting']);

punbb-1.2.9/upload/search.php	punbb-1.2.15/upload/search.php
122: $keyword_results = $author_results = array();	122: $keyword_results = $author_results = array();
123:	123:
124: // Search a specific forum?	124: // Search a specific forum?
125: $forum_sql = ($forum != -1) ? ' AND t.forum_id = '.$forum : '';	125: $forum_sql = ($forum != -1 \|\| ($forum == -1 && $pun_config['o_search_all_forums'] == '0')) ? ' AND t.forum_id = '.$forum : '';
126:	126:
127: if (!empty($author) \|\| !empty($keywords))	127: if (!empty($author) \|\| !empty($keywords))
128: {	128: {
170:	170:
171: $word_count = 0;	171: $word_count = 0;
172: $match_type = 'and';	172: $match_type = 'and';
	173: $result_list = array();
173: @reset($keywords_array);	174: @reset($keywords_array);
174: while (list(, $cur_word) = @each($keywords_array))	175: while (list(, $cur_word) = @each($keywords_array))
175: {	176: {
325: if ($pun_user['is_guest'])	326: if ($pun_user['is_guest'])
326: message($lang_common['No permission']);	327: message($lang_common['No permission']);
327:	328:
328: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit']) or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());	329: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit'].' AND t.moved_to IS NULL') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
329: $num_hits = $db->num_rows($result);	330: $num_hits = $db->num_rows($result);
330:	331:
331: if (!$num_hits)	332: if (!$num_hits)
334: // If it's a search for todays posts	335: // If it's a search for todays posts
335: else if ($action == 'show_24h')	336: else if ($action == 'show_24h')
336: {	337: {
337: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.(time() - 86400)) or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());	338: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.(time() - 86400).' AND t.moved_to IS NULL') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
338: $num_hits = $db->num_rows($result);	339: $num_hits = $db->num_rows($result);
339:	340:
340: if (!$num_hits)	341: if (!$num_hits)
429: // Fetch results to display	430: // Fetch results to display
430: if ($search_results != '')	431: if ($search_results != '')
431: {	432: {
432: $group_by_sql = '';
433: switch ($sort_by)	433: switch ($sort_by)
434: {	434: {
435: case 1:	435: case 1:
449: break;	449: break;
450:	450:
451: default:	451: default:
452: {
453: $sort_by_sql = ($show_as == 'topics') ? 't.posted' : 'p.posted';	452: $sort_by_sql = ($show_as == 'topics') ? 't.posted' : 'p.posted';
454:
455: if ($show_as == 'topics')
456: $group_by_sql = ', t.posted';
457:
458: break;	453: break;
459: }
460: }	454: }
461:	455:
462: if ($show_as == 'posts')	456: if ($show_as == 'posts')
465: $sql = 'SELECT p.id AS pid, p.poster AS pposter, p.posted AS pposted, p.poster_id, '.$substr_sql.'(p.message, 1, 1000) AS message, t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE p.id IN('.$search_results.') ORDER BY '.$sort_by_sql;	459: $sql = 'SELECT p.id AS pid, p.poster AS pposter, p.posted AS pposted, p.poster_id, '.$substr_sql.'(p.message, 1, 1000) AS message, t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE p.id IN('.$search_results.') ORDER BY '.$sort_by_sql;
466: }	460: }
467: else	461: else
468: $sql = 'SELECT t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE t.id IN('.$search_results.') GROUP BY t.id, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id'.$group_by_sql.' ORDER BY '.$sort_by_sql;	462: $sql = 'SELECT t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id FROM '.$db->prefix.'topics AS t WHERE t.id IN('.$search_results.') ORDER BY '.$sort_by_sql;
469:	463:
470:	464:
471: // Determine the topic or post offset (based on $_GET['p'])	465: // Determine the topic or post offset (based on $_GET['p'])

punbb-1.2.9/upload/style/imports/base.css	punbb-1.2.15/upload/style/imports/base.css
43:	43:
44: DIV>DIV>DIV.postfootleft, DIV>DIV>DIV.postfootright {PADDING-TOP: 1px; MARGIN-TOP: -1px}	44: DIV>DIV>DIV.postfootleft, DIV>DIV>DIV.postfootright {PADDING-TOP: 1px; MARGIN-TOP: -1px}
45:	45:
46: /* 3.2 This is only visible to IE Windows and cures various bugs. Do not alter comments */	46: /* 3.2 This is only visible to IE6 Windows and cures various bugs. Do not alter comments */
47:	47:
48: /* Begin IEWin Fix \*/	48: /* Begin IE6Win Fix \*/
49: * HTML .inbox, * HTML .inform, * HTML .pun, * HTML .intd, * HTML .tclcon {HEIGHT: 1px}	49: * HTML .inbox, * HTML .inform, * HTML .pun, * HTML .intd, * HTML .tclcon {HEIGHT: 1px}
50: * HTML .inbox DIV.postmsg {WIDTH: 98%}	50: * HTML .inbox DIV.postmsg {WIDTH: 98%}
51: /* End of IEWin Fix */	51: /* End of IE6Win Fix */
	52:
	53: /* 3.3 This is the equivelant of 3.2 but for IE7. It is visible to other browsers
	54: but does no harm */
	55:
	56: /Begin IE7Win Fix /
	57: .pun, .pun .inbox, .pun .inform, .pun .intd, .pun .tclcon {min-height: 1px}
	58: /* End of IE7Win Fix */
52:	59:
53: /****************************************************************/	60: /****************************************************************/
54: /* 4. HIDDEN ELEMENTS */	61: /* 4. HIDDEN ELEMENTS */
168: DIV.postleft, DIV.postfootleft {	175: DIV.postleft, DIV.postfootleft {
169: FLOAT:left;	176: FLOAT:left;
170: WIDTH: 18em;	177: WIDTH: 18em;
171: OVERFLOW: hidden	178: OVERFLOW: hidden;
	179: POSITION: relative;
172: }	180: }
173:	181:
174: DIV.postright, DIV.postfootright {	182: DIV.postright, DIV.postfootright {

punbb-1.2.9/upload/userlist.php	punbb-1.2.15/upload/userlist.php
41: // Determine if we are allowed to view post counts	41: // Determine if we are allowed to view post counts
42: $show_post_count = ($pun_config['o_show_post_count'] == '1' \|\| $pun_user['g_id'] < PUN_GUEST) ? true : false;	42: $show_post_count = ($pun_config['o_show_post_count'] == '1' \|\| $pun_user['g_id'] < PUN_GUEST) ? true : false;
43:	43:
44: $username = (isset($_GET['username']) && $pun_user['g_search_users'] == '1') ? $_GET['username'] : '';	44: $username = (isset($_GET['username']) && $pun_user['g_search_users'] == '1') ? pun_trim($_GET['username']) : '';
45: $show_group = (!isset($_GET['show_group']) \|\| intval($_GET['show_group']) < -1 && intval($_GET['show_group']) > 2) ? -1 : intval($_GET['show_group']);	45: $show_group = (!isset($_GET['show_group']) \|\| intval($_GET['show_group']) < -1 && intval($_GET['show_group']) > 2) ? -1 : intval($_GET['show_group']);
46: $sort_by = (!isset($_GET['sort_by']) \|\| $_GET['sort_by'] != 'username' && $_GET['sort_by'] != 'registered' && ($_GET['sort_by'] != 'num_posts' \|\| !$show_post_count)) ? 'username' : $_GET['sort_by'];	46: $sort_by = (!isset($_GET['sort_by']) \|\| $_GET['sort_by'] != 'username' && $_GET['sort_by'] != 'registered' && ($_GET['sort_by'] != 'num_posts' \|\| !$show_post_count)) ? 'username' : $_GET['sort_by'];
47: $sort_dir = (!isset($_GET['sort_dir']) \|\| $_GET['sort_dir'] != 'ASC' && $_GET['sort_dir'] != 'DESC') ? 'ASC' : strtoupper($_GET['sort_dir']);	47: $sort_dir = (!isset($_GET['sort_dir']) \|\| $_GET['sort_dir'] != 'ASC' && $_GET['sort_dir'] != 'DESC') ? 'ASC' : strtoupper($_GET['sort_dir']);
116: $where_sql[] = 'u.group_id='.$show_group;	116: $where_sql[] = 'u.group_id='.$show_group;
117:	117:
118: // Fetch user count	118: // Fetch user count
119: $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'users AS u'.(!empty($where_sql) ? ' WHERE u.id>1 AND '.implode(' AND ', $where_sql) : '')) or error('Unable to fetch user list count', __FILE__, __LINE__, $db->error());	119: $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'users AS u WHERE u.id>1'.(!empty($where_sql) ? ' AND '.implode(' AND ', $where_sql) : '')) or error('Unable to fetch user list count', __FILE__, __LINE__, $db->error());
120: $num_users = $db->result($result);	120: $num_users = $db->result($result);
121:	121:
122:	122:

hdiff - version: 2.1.0 (modified)

punbb-1.2.9/upload/admin_forums.php	punbb-1.2.15/upload/admin_forums.php
137:	137:
138: while (list($forum_id, $disp_position) = @each($_POST['position']))	138: while (list($forum_id, $disp_position) = @each($_POST['position']))
139: {	139: {
140: if (!preg_match('#^\d+$#', $disp_position))	140: if (!@preg_match('#^\d+$#', $disp_position))
141: message('Position must be a positive integer value.');	141: message('Position must be a positive integer value.');
142:	142:
143: $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.$forum_id) or error('Unable to update forum', __FILE__, __LINE__, $db->error());	143: $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.intval($forum_id)) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
144: }	144: }
145:	145:
146: // Regenerate the quickjump cache	146: // Regenerate the quickjump cache
186: $result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());	186: $result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
187: while ($cur_group = $db->fetch_assoc($result))	187: while ($cur_group = $db->fetch_assoc($result))
188: {	188: {
189: $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? $_POST['read_forum_new'][$cur_group['g_id']] : '0' : $_POST['read_forum_old'][$cur_group['g_id']];	189: $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? '1' : '0' : intval($_POST['read_forum_old'][$cur_group['g_id']]);
190: $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? $_POST['post_replies_new'][$cur_group['g_id']] : '0';	190: $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? '1' : '0';
191: $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? $_POST['post_topics_new'][$cur_group['g_id']] : '0';	191: $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? '1' : '0';
192:	192:
193: // Check if the new settings differ from the old	193: // Check if the new settings differ from the old
194: if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] \|\| $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] \|\| $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']])	194: if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] \|\| $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] \|\| $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']])

punbb-1.2.9/upload/admin_users.php	punbb-1.2.15/upload/admin_users.php
111: {	111: {
112: $ip = $_GET['show_users'];	112: $ip = $_GET['show_users'];
113:	113:
114: if (!preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip))	114: if (!@preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip))
115: message('The supplied IP address is not correctly formatted.');	115: message('The supplied IP address is not correctly formatted.');
116:	116:
117:	117:
257: $like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';	257: $like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';
258: while (list($key, $input) = @each($form))	258: while (list($key, $input) = @each($form))
259: {	259: {
260: if ($input != '')	260: if ($input != '' && in_array($key, array('username', 'email', 'title', 'realname', 'url', 'jabber', 'icq', 'msn', 'aim', 'yahoo', 'location', 'signature', 'admin_note')))
261: $conditions[] = 'u.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';	261: $conditions[] = 'u.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';
262: }	262: }
263:	263:
267: $conditions[] = 'u.num_posts<'.$posts_less;	267: $conditions[] = 'u.num_posts<'.$posts_less;
268:	268:
269: if ($user_group != 'all')	269: if ($user_group != 'all')
270: $conditions[] = 'u.group_id='.$db->escape($user_group);	270: $conditions[] = 'u.group_id='.intval($user_group);
271:	271:
272: if (empty($conditions))	272: if (empty($conditions))
273: message('You didn\'t enter any search terms.');	273: message('You didn\'t enter any search terms.');