punbb-1.2.9/upload/admin_forums.php |
punbb-1.2.17/upload/admin_forums.php |
137: | 137: |
138: while (list($forum_id, $disp_position) = @each($_POST['position'])) | 138: while (list($forum_id, $disp_position) = @each($_POST['position'])) |
139: { | 139: { |
140: if (!preg_match('#^\d+$#', $disp_position)) | 140: if (!@preg_match('#^\d+$#', $disp_position)) |
141: message('Position must be a positive integer value.'); | 141: message('Position must be a positive integer value.'); |
142: | 142: |
143: $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.$forum_id) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); | 143: $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.intval($forum_id)) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); |
144: } | 144: } |
145: | 145: |
146: // Regenerate the quickjump cache | 146: // Regenerate the quickjump cache |
186: $result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error()); | 186: $result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error()); |
187: while ($cur_group = $db->fetch_assoc($result)) | 187: while ($cur_group = $db->fetch_assoc($result)) |
188: { | 188: { |
189: $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? $_POST['read_forum_new'][$cur_group['g_id']] : '0' : $_POST['read_forum_old'][$cur_group['g_id']]; | 189: $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? '1' : '0' : intval($_POST['read_forum_old'][$cur_group['g_id']]); |
190: $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? $_POST['post_replies_new'][$cur_group['g_id']] : '0'; | 190: $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? '1' : '0'; |
191: $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? $_POST['post_topics_new'][$cur_group['g_id']] : '0'; | 191: $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? '1' : '0'; |
192: | 192: |
193: // Check if the new settings differ from the old | 193: // Check if the new settings differ from the old |
194: if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] || $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] || $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']]) | 194: if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] || $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] || $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']]) |
385: <?php | 385: <?php |
386: | 386: |
387: $result = $db->query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error()); | 387: $result = $db->query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error()); |
388: while ($cur_cat = $db->fetch_assoc($result)) | 388: if ($db->num_rows($result) > 0) |
389: echo "\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_cat['id'].'">'.pun_htmlspecialchars($cur_cat['cat_name']).'</option>'."\n"; | 389: { |
| 390: while ($cur_cat = $db->fetch_assoc($result)) |
| 391: echo "\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_cat['id'].'">'.pun_htmlspecialchars($cur_cat['cat_name']).'</option>'."\n"; |
| 392: } |
| 393: else |
| 394: echo "\t\t\t\t\t\t\t\t\t".'<option value="0" disabled="disabled">No categories exist</option>'."\n"; |
390: | 395: |
391: ?> | 396: ?> |
392: </select> | 397: </select> |
399: </div> | 404: </div> |
400: </form> | 405: </form> |
401: </div> | 406: </div> |
| 407: <?php |
| 408: |
| 409: // Display all the categories and forums |
| 410: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.disp_position FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); |
| 411: |
| 412: if ($db->num_rows($result) > 0) |
| 413: { |
402: | 414: |
| 415: ?> |
403: <h2 class="block2"><span>Edit forums</span></h2> | 416: <h2 class="block2"><span>Edit forums</span></h2> |
404: <div class="box"> | 417: <div class="box"> |
405: <form id="edforum" method="post" action="admin_forums.php?action=edit"> | 418: <form id="edforum" method="post" action="admin_forums.php?action=edit"> |
408: | 421: |
409: $tabindex_count = 4; | 422: $tabindex_count = 4; |
410: | 423: |
411: // Display all the categories and forums | |
412: $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.disp_position FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); | |
413: | |
414: $cur_category = 0; | 424: $cur_category = 0; |
415: while ($cur_forum = $db->fetch_assoc($result)) | 425: while ($cur_forum = $db->fetch_assoc($result)) |
416: { | 426: { |
449: <p class="submitend"><input type="submit" name="update_positions" value="Update positions" tabindex="<?php echo $tabindex_count ?>" /></p> | 459: <p class="submitend"><input type="submit" name="update_positions" value="Update positions" tabindex="<?php echo $tabindex_count ?>" /></p> |
450: </form> | 460: </form> |
451: </div> | 461: </div> |
| 462: <?php |
| 463: |
| 464: } |
| 465: |
| 466: ?> |
452: </div> | 467: </div> |
453: <div class="clearer"></div> | 468: <div class="clearer"></div> |
454: </div> | 469: </div> |
punbb-1.2.9/upload/include/functions.php |
punbb-1.2.17/upload/include/functions.php |
27: // | 27: // |
28: function check_cookie(&$pun_user) | 28: function check_cookie(&$pun_user) |
29: { | 29: { |
30: global $db, $pun_config, $cookie_name, $cookie_seed; | 30: global $db, $db_type, $pun_config, $cookie_name, $cookie_seed; |
31: | 31: |
32: $now = time(); | 32: $now = time(); |
33: $expire = $now + 31536000; // The cookie expires after a year | 33: $expire = $now + 31536000; // The cookie expires after a year |
48: // If user authorisation failed | 48: // If user authorisation failed |
49: if (!isset($pun_user['id']) || md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash']) | 49: if (!isset($pun_user['id']) || md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash']) |
50: { | 50: { |
51: pun_setcookie(0, random_pass(8), $expire); | 51: pun_setcookie(1, md5(uniqid(rand(), true)), $expire); |
52: set_default_user(); | 52: set_default_user(); |
53: | 53: |
54: return; | 54: return; |
75: { | 75: { |
76: // Update the online list | 76: // Update the online list |
77: if (!$pun_user['logged']) | 77: if (!$pun_user['logged']) |
78: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$now.')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); | 78: { |
| 79: $pun_user['logged'] = $now; |
| 80: |
| 81: // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table |
| 82: switch ($db_type) |
| 83: { |
| 84: case 'mysql': |
| 85: case 'mysqli': |
| 86: $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
| 87: break; |
| 88: |
| 89: default: |
| 90: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
| 91: break; |
| 92: } |
| 93: } |
79: else | 94: else |
80: { | 95: { |
81: // Special case: We've timed out, but no other user has browsed the forums since we timed out | 96: // Special case: We've timed out, but no other user has browsed the forums since we timed out |
102: // | 117: // |
103: function set_default_user() | 118: function set_default_user() |
104: { | 119: { |
105: global $db, $pun_user, $pun_config; | 120: global $db, $db_type, $pun_user, $pun_config; |
106: | 121: |
107: $remote_addr = get_remote_address(); | 122: $remote_addr = get_remote_address(); |
108: | 123: |
115: | 130: |
116: // Update online list | 131: // Update online list |
117: if (!$pun_user['logged']) | 132: if (!$pun_user['logged']) |
118: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.time().')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); | 133: { |
| 134: $pun_user['logged'] = time(); |
| 135: |
| 136: // With MySQL/MySQLi, REPLACE INTO avoids a user having two rows in the online table |
| 137: switch ($db_type) |
| 138: { |
| 139: case 'mysql': |
| 140: case 'mysqli': |
| 141: $db->query('REPLACE INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
| 142: break; |
| 143: |
| 144: default: |
| 145: $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.$pun_user['logged'].')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error()); |
| 146: break; |
| 147: } |
| 148: } |
119: else | 149: else |
120: $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error()); | 150: $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error()); |
121: | 151: |
138: // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6) | 168: // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6) |
139: // @header('P3P: CP="CUR ADM"'); | 169: // @header('P3P: CP="CUR ADM"'); |
140: | 170: |
141: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure); | 171: if (version_compare(PHP_VERSION, '5.2.0', '>=')) |
| 172: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure, true); |
| 173: else |
| 174: setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path.'; HttpOnly', $cookie_domain, $cookie_secure); |
142: } | 175: } |
143: | 176: |
144: | 177: |
262: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; | 295: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; |
263: | 296: |
264: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>'; | 297: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>'; |
265: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>'; | 298: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'&csrf_token='.sha1($pun_user['id'].sha1(get_remote_address())).'">'.$lang_common['Logout'].'</a>'; |
266: } | 299: } |
267: else | 300: else |
268: { | 301: { |
269: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; | 302: $links[] = '<li id="navsearch"><a href="search.php">'.$lang_common['Search'].'</a>'; |
270: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>'; | 303: $links[] = '<li id="navprofile"><a href="profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>'; |
271: $links[] = '<li id="navadmin"><a href="admin_index.php">'.$lang_common['Admin'].'</a>'; | 304: $links[] = '<li id="navadmin"><a href="admin_index.php">'.$lang_common['Admin'].'</a>'; |
272: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>'; | 305: $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'&csrf_token='.sha1($pun_user['id'].sha1(get_remote_address())).'">'.$lang_common['Logout'].'</a>'; |
273: } | 306: } |
274: } | 307: } |
275: | 308: |
319: | 352: |
320: | 353: |
321: // | 354: // |
322: // Update posts, topics, last_post, last_post_id and last_poster for a forum (redirect topics are not included) | 355: // Update posts, topics, last_post, last_post_id and last_poster for a forum |
323: // | 356: // |
324: function update_forum($forum_id) | 357: function update_forum($forum_id) |
325: { | 358: { |
326: global $db; | 359: global $db; |
327: | 360: |
328: $result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE moved_to IS NULL AND forum_id='.$forum_id) or error('Unable to fetch forum topic count', __FILE__, __LINE__, $db->error()); | 361: $result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id) or error('Unable to fetch forum topic count', __FILE__, __LINE__, $db->error()); |
329: list($num_topics, $num_posts) = $db->fetch_row($result); | 362: list($num_topics, $num_posts) = $db->fetch_row($result); |
330: | 363: |
331: $num_posts = $num_posts + $num_topics; // $num_posts is only the sum of all replies (we have to add the topic posts) | 364: $num_posts = $num_posts + $num_topics; // $num_posts is only the sum of all replies (we have to add the topic posts) |
338: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); | 371: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); |
339: } | 372: } |
340: else // There are no topics | 373: else // There are no topics |
341: $db->query('UPDATE '.$db->prefix.'forums SET num_topics=0, num_posts=0, last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); | 374: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); |
342: } | 375: } |
343: | 376: |
344: | 377: |
681: // | 714: // |
682: function get_remote_address() | 715: function get_remote_address() |
683: { | 716: { |
684: $remote_address = $_SERVER['REMOTE_ADDR']; | 717: return $_SERVER['REMOTE_ADDR']; |
685: | |
686: // If HTTP_X_FORWARDED_FOR is set, we try to grab the first non-LAN IP | |
687: if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) | |
688: { | |
689: if (preg_match_all('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_SERVER['HTTP_X_FORWARDED_FOR'], $address_list)) | |
690: { | |
691: $lan_ips = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.((1[6-9])|(2[0-9])|(3[0-1]))\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/'); | |
692: $address_list = preg_replace($lan_ips, null, $address_list[0]); | |
693: | |
694: while (list(, $cur_address) = each($address_list)) | |
695: { | |
696: if ($cur_address) | |
697: { | |
698: $remote_address = $cur_address; | |
699: break; | |
700: } | |
701: } | |
702: } | |
703: } | |
704: | |
705: return $remote_address; | |
706: } | 718: } |
707: | 719: |
708: | 720: |
770: $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl')); | 782: $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl')); |
771: | 783: |
772: | 784: |
| 785: // START SUBST - <pun_include "*"> |
| 786: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?|inc|html?|txt)">#', $tpl_maint, $cur_include)) |
| 787: { |
| 788: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2])) |
| 789: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template maintenance.tpl. There is no such file in folder /include/user/'); |
| 790: |
| 791: ob_start(); |
| 792: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]; |
| 793: $tpl_temp = ob_get_contents(); |
| 794: $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint); |
| 795: ob_end_clean(); |
| 796: } |
| 797: // END SUBST - <pun_include "*"> |
| 798: |
| 799: |
773: // START SUBST - <pun_content_direction> | 800: // START SUBST - <pun_content_direction> |
774: $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint); | 801: $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint); |
775: // END SUBST - <pun_content_direction> | 802: // END SUBST - <pun_content_direction> |
808: $db->end_transaction(); | 835: $db->end_transaction(); |
809: | 836: |
810: | 837: |
811: // START SUBST - <pun_include "*"> | |
812: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_maint, $cur_include)) | |
813: { | |
814: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1])) | |
815: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template maintenance.tpl. There is no such file in folder /include/user/'); | |
816: | |
817: ob_start(); | |
818: include PUN_ROOT.'include/user/'.$cur_include[1]; | |
819: $tpl_temp = ob_get_contents(); | |
820: $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint); | |
821: ob_end_clean(); | |
822: } | |
823: // END SUBST - <pun_include "*"> | |
824: | |
825: | |
826: // Close the db connection (and free up any result data) | 838: // Close the db connection (and free up any result data) |
827: $db->close(); | 839: $db->close(); |
828: | 840: |
837: { | 849: { |
838: global $db, $pun_config, $lang_common, $pun_user; | 850: global $db, $pun_config, $lang_common, $pun_user; |
839: | 851: |
840: if ($destination_url == '') | 852: // Prefix with o_base_url (unless there's already a valid URI) |
841: $destination_url = 'index.php'; | 853: if (strpos($destination_url, 'http://') !== 0 && strpos($destination_url, 'https://') !== 0 && strpos($destination_url, '/') !== 0) |
| 854: $destination_url = $pun_config['o_base_url'].'/'.$destination_url; |
| 855: |
| 856: // Do a little spring cleaning |
| 857: $destination_url = preg_replace('/([\r\n])|(%0[ad])|(;[\s]*data[\s]*:)/i', '', $destination_url); |
842: | 858: |
843: // If the delay is 0 seconds, we might as well skip the redirect all together | 859: // If the delay is 0 seconds, we might as well skip the redirect all together |
844: if ($pun_config['o_redirect_delay'] == '0') | 860: if ($pun_config['o_redirect_delay'] == '0') |
849: $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl')); | 865: $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl')); |
850: | 866: |
851: | 867: |
| 868: // START SUBST - <pun_include "*"> |
| 869: while (preg_match('#<pun_include "([^/\\\\]*?)\.(php[45]?|inc|html?|txt)">#', $tpl_redir, $cur_include)) |
| 870: { |
| 871: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2])) |
| 872: error('Unable to process user include '.htmlspecialchars($cur_include[0]).' from template redirect.tpl. There is no such file in folder /include/user/'); |
| 873: |
| 874: ob_start(); |
| 875: include PUN_ROOT.'include/user/'.$cur_include[1].'.'.$cur_include[2]; |
| 876: $tpl_temp = ob_get_contents(); |
| 877: $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir); |
| 878: ob_end_clean(); |
| 879: } |
| 880: // END SUBST - <pun_include "*"> |
| 881: |
| 882: |
852: // START SUBST - <pun_content_direction> | 883: // START SUBST - <pun_content_direction> |
853: $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir); | 884: $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir); |
854: // END SUBST - <pun_content_direction> | 885: // END SUBST - <pun_content_direction> |
901: // END SUBST - <pun_footer> | 932: // END SUBST - <pun_footer> |
902: | 933: |
903: | 934: |
904: // START SUBST - <pun_include "*"> | |
905: while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_redir, $cur_include)) | |
906: { | |
907: if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1])) | |
908: error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template redirect.tpl. There is no such file in folder /include/user/'); | |
909: | |
910: ob_start(); | |
911: include PUN_ROOT.'include/user/'.$cur_include[1]; | |
912: $tpl_temp = ob_get_contents(); | |
913: $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir); | |
914: ob_end_clean(); | |
915: } | |
916: // END SUBST - <pun_include "*"> | |
917: | |
918: | |
919: // Close the db connection (and free up any result data) | 935: // Close the db connection (and free up any result data) |
920: $db->close(); | 936: $db->close(); |
921: | 937: |
943: | 959: |
944: ?> | 960: ?> |
945: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | 961: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> |
946: <html dir="ltr"> | 962: <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> |
947: <head> | 963: <head> |
948: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> | 964: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> |
949: <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title> | 965: <title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title> |
1052: // | 1068: // |
1053: // Unset any variables instantiated as a result of register_globals being enabled | 1069: // Unset any variables instantiated as a result of register_globals being enabled |
1054: // | 1070: // |
1055: function unregister_globals() | 1071: function unregister_globals() |
1056: { | 1072: { |
1057: // Prevent script.php?GLOBALS[foo]=bar | 1073: $register_globals = @ini_get('register_globals'); |
1058: if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) | 1074: if ($register_globals === "" || $register_globals === "0" || strtolower($register_globals) === "off") |
1059: exit('I\'ll have a steak sandwich and... a steak sandwich.'); | 1075: return; |
1060: | 1076: |
1061: // Variables that shouldn't be unset | 1077: // Prevent script.php?GLOBALS[foo]=bar |
1062: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES'); | 1078: if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) |
| 1079: exit('I\'ll have a steak sandwich and... a steak sandwich.'); |
| 1080: |
| 1081: // Variables that shouldn't be unset |
| 1082: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES'); |
1063: | 1083: |
1064: // Remove elements in $GLOBALS that are present in any of the superglobals | 1084: // Remove elements in $GLOBALS that are present in any of the superglobals |
1065: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()); | 1085: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()); |
1066: foreach ($input as $k => $v) | 1086: foreach ($input as $k => $v) |
1067: { | 1087: { |
1068: if (!in_array($k, $no_unset) && isset($GLOBALS[$k])) | 1088: if (!in_array($k, $no_unset) && isset($GLOBALS[$k])) |
1069: unset($GLOBALS[$k]); | 1089: { |
1070: } | 1090: unset($GLOBALS[$k]); |
| 1091: unset($GLOBALS[$k]); // Double unset to circumvent the zend_hash_del_key_or_index hole in PHP <4.4.3 and <5.1.4 |
| 1092: } |
| 1093: } |
1071: } | 1094: } |
1072: | 1095: |
1073: | 1096: |
punbb-1.2.9/upload/install.php |
punbb-1.2.17/upload/install.php |
24: | 24: |
25: | 25: |
26: // The PunBB version this script installs | 26: // The PunBB version this script installs |
27: $punbb_version = '1.2.9'; | 27: $punbb_version = '1.2.17'; |
28: | 28: |
29: | 29: |
30: define('PUN_ROOT', './'); | 30: define('PUN_ROOT', './'); |
757: poster_id INT(10) UNSIGNED NOT NULL DEFAULT 1, | 757: poster_id INT(10) UNSIGNED NOT NULL DEFAULT 1, |
758: poster_ip VARCHAR(15), | 758: poster_ip VARCHAR(15), |
759: poster_email VARCHAR(50), | 759: poster_email VARCHAR(50), |
760: message TEXT NOT NULL DEFAULT '', | 760: message TEXT, |
761: hide_smilies TINYINT(1) NOT NULL DEFAULT 0, | 761: hide_smilies TINYINT(1) NOT NULL DEFAULT 0, |
762: posted INT(10) UNSIGNED NOT NULL DEFAULT 0, | 762: posted INT(10) UNSIGNED NOT NULL DEFAULT 0, |
763: edited INT(10) UNSIGNED, | 763: edited INT(10) UNSIGNED, |
774: poster_id INT NOT NULL DEFAULT 1, | 774: poster_id INT NOT NULL DEFAULT 1, |
775: poster_ip VARCHAR(15), | 775: poster_ip VARCHAR(15), |
776: poster_email VARCHAR(50), | 776: poster_email VARCHAR(50), |
777: message TEXT NOT NULL DEFAULT '', | 777: message TEXT, |
778: hide_smilies SMALLINT NOT NULL DEFAULT 0, | 778: hide_smilies SMALLINT NOT NULL DEFAULT 0, |
779: posted INT NOT NULL DEFAULT 0, | 779: posted INT NOT NULL DEFAULT 0, |
780: edited INT, | 780: edited INT, |
791: poster_id INTEGER NOT NULL DEFAULT 1, | 791: poster_id INTEGER NOT NULL DEFAULT 1, |
792: poster_ip VARCHAR(15), | 792: poster_ip VARCHAR(15), |
793: poster_email VARCHAR(50), | 793: poster_email VARCHAR(50), |
794: message TEXT NOT NULL DEFAULT '', | 794: message TEXT, |
795: hide_smilies INTEGER NOT NULL DEFAULT 0, | 795: hide_smilies INTEGER NOT NULL DEFAULT 0, |
796: posted INTEGER NOT NULL DEFAULT 0, | 796: posted INTEGER NOT NULL DEFAULT 0, |
797: edited INTEGER, | 797: edited INTEGER, |
852: forum_id INT(10) UNSIGNED NOT NULL DEFAULT 0, | 852: forum_id INT(10) UNSIGNED NOT NULL DEFAULT 0, |
853: reported_by INT(10) UNSIGNED NOT NULL DEFAULT 0, | 853: reported_by INT(10) UNSIGNED NOT NULL DEFAULT 0, |
854: created INT(10) UNSIGNED NOT NULL DEFAULT 0, | 854: created INT(10) UNSIGNED NOT NULL DEFAULT 0, |
855: message TEXT NOT NULL DEFAULT '', | 855: message TEXT, |
856: zapped INT(10) UNSIGNED, | 856: zapped INT(10) UNSIGNED, |
857: zapped_by INT(10) UNSIGNED, | 857: zapped_by INT(10) UNSIGNED, |
858: PRIMARY KEY (id) | 858: PRIMARY KEY (id) |
867: forum_id INT NOT NULL DEFAULT 0, | 867: forum_id INT NOT NULL DEFAULT 0, |
868: reported_by INT NOT NULL DEFAULT 0, | 868: reported_by INT NOT NULL DEFAULT 0, |
869: created INT NOT NULL DEFAULT 0, | 869: created INT NOT NULL DEFAULT 0, |
870: message TEXT NOT NULL DEFAULT '', | 870: message TEXT, |
871: zapped INT, | 871: zapped INT, |
872: zapped_by INT, | 872: zapped_by INT, |
873: PRIMARY KEY (id) | 873: PRIMARY KEY (id) |
882: forum_id INTEGER NOT NULL DEFAULT 0, | 882: forum_id INTEGER NOT NULL DEFAULT 0, |
883: reported_by INTEGER NOT NULL DEFAULT 0, | 883: reported_by INTEGER NOT NULL DEFAULT 0, |
884: created INTEGER NOT NULL DEFAULT 0, | 884: created INTEGER NOT NULL DEFAULT 0, |
885: message TEXT NOT NULL DEFAULT '', | 885: message TEXT, |
886: zapped INTEGER, | 886: zapped INTEGER, |
887: zapped_by INTEGER, | 887: zapped_by INTEGER, |
888: PRIMARY KEY (id) | 888: PRIMARY KEY (id) |
901: $sql = 'CREATE TABLE '.$db_prefix."search_cache ( | 901: $sql = 'CREATE TABLE '.$db_prefix."search_cache ( |
902: id INT(10) UNSIGNED NOT NULL DEFAULT 0, | 902: id INT(10) UNSIGNED NOT NULL DEFAULT 0, |
903: ident VARCHAR(200) NOT NULL DEFAULT '', | 903: ident VARCHAR(200) NOT NULL DEFAULT '', |
904: search_data TEXT NOT NULL DEFAULT '', | 904: search_data TEXT, |
905: PRIMARY KEY (id) | 905: PRIMARY KEY (id) |
906: ) TYPE=MyISAM;"; | 906: ) TYPE=MyISAM;"; |
907: break; | 907: break; |
910: $sql = 'CREATE TABLE '.$db_prefix."search_cache ( | 910: $sql = 'CREATE TABLE '.$db_prefix."search_cache ( |
911: id INT NOT NULL DEFAULT 0, | 911: id INT NOT NULL DEFAULT 0, |
912: ident VARCHAR(200) NOT NULL DEFAULT '', | 912: ident VARCHAR(200) NOT NULL DEFAULT '', |
913: search_data TEXT NOT NULL DEFAULT '', | 913: search_data TEXT, |
914: PRIMARY KEY (id) | 914: PRIMARY KEY (id) |
915: )"; | 915: )"; |
916: break; | 916: break; |
919: $sql = 'CREATE TABLE '.$db_prefix."search_cache ( | 919: $sql = 'CREATE TABLE '.$db_prefix."search_cache ( |
920: id INTEGER NOT NULL DEFAULT 0, | 920: id INTEGER NOT NULL DEFAULT 0, |
921: ident VARCHAR(200) NOT NULL DEFAULT '', | 921: ident VARCHAR(200) NOT NULL DEFAULT '', |
922: search_data TEXT NOT NULL DEFAULT '', | 922: search_data TEXT, |
923: PRIMARY KEY (id) | 923: PRIMARY KEY (id) |
924: )"; | 924: )"; |
925: break; | 925: break; |
1234: case 'mysql': | 1234: case 'mysql': |
1235: case 'mysqli': | 1235: case 'mysqli': |
1236: // We use MySQL's ALTER TABLE ... ADD INDEX syntax instead of CREATE INDEX to avoid problems with users lacking the INDEX privilege | 1236: // We use MySQL's ALTER TABLE ... ADD INDEX syntax instead of CREATE INDEX to avoid problems with users lacking the INDEX privilege |
| 1237: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD UNIQUE INDEX '.$db_prefix.'online_user_id_ident_idx(user_id,ident)'; |
1237: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD INDEX '.$db_prefix.'online_user_id_idx(user_id)'; | 1238: $queries[] = 'ALTER TABLE '.$db_prefix.'online ADD INDEX '.$db_prefix.'online_user_id_idx(user_id)'; |
1238: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_topic_id_idx(topic_id)'; | 1239: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_topic_id_idx(topic_id)'; |
1239: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_multi_idx(poster_id, topic_id)'; | 1240: $queries[] = 'ALTER TABLE '.$db_prefix.'posts ADD INDEX '.$db_prefix.'posts_multi_idx(poster_id, topic_id)'; |
1400: | 1401: |
1401: | 1402: |
1402: /// Display config.php and give further instructions | 1403: /// Display config.php and give further instructions |
1403: $config = '<?php'."\n\n".'$db_type = \''.$db_type."';\n".'$db_host = \''.$db_host."';\n".'$db_name = \''.$db_name."';\n".'$db_username = \''.$db_username."';\n".'$db_password = \''.$db_password."';\n".'$db_prefix = \''.$db_prefix."';\n".'$p_connect = false;'."\n\n".'$cookie_name = '."'punbb_cookie';\n".'$cookie_domain = '."'';\n".'$cookie_path = '."'/';\n".'$cookie_secure = 0;'."\n".'$cookie_seed = \''.substr(md5(time()), -8)."';\n\ndefine('PUN', 1);"; | 1404: $config = '<?php'."\n\n".'$db_type = \''.$db_type."';\n".'$db_host = \''.$db_host."';\n".'$db_name = \''.$db_name."';\n".'$db_username = \''.$db_username."';\n".'$db_password = \''.$db_password."';\n".'$db_prefix = \''.$db_prefix."';\n".'$p_connect = false;'."\n\n".'$cookie_name = '."'punbb_cookie';\n".'$cookie_domain = '."'';\n".'$cookie_path = '."'/';\n".'$cookie_secure = 0;'."\n".'$cookie_seed = \''.substr(sha1(uniqid(rand(), true)), 0, 16)."';\n\ndefine('PUN', 1);"; |
1404: | 1405: |
1405: | 1406: |
1406: ?> | 1407: ?> |
punbb-1.2.9/upload/moderate.php |
punbb-1.2.17/upload/moderate.php |
35: message($lang_common['No permission']); | 35: message($lang_common['No permission']); |
36: | 36: |
37: // Is get_host an IP address or a post ID? | 37: // Is get_host an IP address or a post ID? |
38: if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_GET['get_host'])) | 38: if (@preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $_GET['get_host'])) |
39: $ip = $_GET['get_host']; | 39: $ip = $_GET['get_host']; |
40: else | 40: else |
41: { | 41: { |
98: { | 98: { |
99: confirm_referrer('moderate.php'); | 99: confirm_referrer('moderate.php'); |
100: | 100: |
101: if (preg_match('/[^0-9,]/', $posts)) | 101: if (@preg_match('/[^0-9,]/', $posts)) |
| 102: message($lang_common['Bad request']); |
| 103: |
| 104: // Verify that the post IDs are valid |
| 105: $result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error()); |
| 106: |
| 107: if ($db->num_rows($result) != substr_count($posts, ',') + 1) |
102: message($lang_common['Bad request']); | 108: message($lang_common['Bad request']); |
103: | 109: |
104: // Delete the posts | 110: // Delete the posts |
281: { | 287: { |
282: confirm_referrer('moderate.php'); | 288: confirm_referrer('moderate.php'); |
283: | 289: |
284: if (preg_match('/[^0-9,]/', $_POST['topics'])) | 290: if (@preg_match('/[^0-9,]/', $_POST['topics'])) |
285: message($lang_common['Bad request']); | 291: message($lang_common['Bad request']); |
286: | 292: |
287: $topics = explode(',', $_POST['topics']); | 293: $topics = explode(',', $_POST['topics']); |
289: if (empty($topics) || $move_to_forum < 1) | 295: if (empty($topics) || $move_to_forum < 1) |
290: message($lang_common['Bad request']); | 296: message($lang_common['Bad request']); |
291: | 297: |
| 298: // Verify that the topic IDs are valid |
| 299: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.implode(',',$topics).') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error()); |
| 300: |
| 301: if ($db->num_rows($result) != count($topics)) |
| 302: message($lang_common['Bad request']); |
| 303: |
292: // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from) | 304: // Delete any redirect topics if there are any (only if we moved/copied the topic back to where it where it was once moved from) |
293: $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error()); | 305: $db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error()); |
294: | 306: |
400: { | 412: { |
401: confirm_referrer('moderate.php'); | 413: confirm_referrer('moderate.php'); |
402: | 414: |
403: if (preg_match('/[^0-9,]/', $topics)) | 415: if (@preg_match('/[^0-9,]/', $topics)) |
404: message($lang_common['Bad request']); | 416: message($lang_common['Bad request']); |
405: | 417: |
406: require PUN_ROOT.'include/search_idx.php'; | 418: require PUN_ROOT.'include/search_idx.php'; |
407: | 419: |
| 420: // Verify that the topic IDs are valid |
| 421: $result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.$topics.') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error()); |
| 422: |
| 423: if ($db->num_rows($result) != substr_count($topics, ',') + 1) |
| 424: message($lang_common['Bad request']); |
| 425: |
408: // Delete the topics and any redirect topics | 426: // Delete the topics and any redirect topics |
409: $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error()); | 427: $db->query('DELETE FROM '.$db->prefix.'topics WHERE id IN('.$topics.') OR moved_to IN('.$topics.')') or error('Unable to delete topic', __FILE__, __LINE__, $db->error()); |
410: | 428: |
472: if (empty($topics)) | 490: if (empty($topics)) |
473: message($lang_misc['No topics selected']); | 491: message($lang_misc['No topics selected']); |
474: | 492: |
475: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).')') or error('Unable to close topics', __FILE__, __LINE__, $db->error()); | 493: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id IN('.implode(',', $topics).') AND forum_id='.$fid) or error('Unable to close topics', __FILE__, __LINE__, $db->error()); |
476: | 494: |
477: $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect']; | 495: $redirect_msg = ($action) ? $lang_misc['Close topics redirect'] : $lang_misc['Open topics redirect']; |
478: redirect('moderate.php?fid='.$fid, $redirect_msg); | 496: redirect('moderate.php?fid='.$fid, $redirect_msg); |
486: if ($topic_id < 1) | 504: if ($topic_id < 1) |
487: message($lang_common['Bad request']); | 505: message($lang_common['Bad request']); |
488: | 506: |
489: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id) or error('Unable to close topic', __FILE__, __LINE__, $db->error()); | 507: $db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id.' AND forum_id='.$fid) or error('Unable to close topic', __FILE__, __LINE__, $db->error()); |
490: | 508: |
491: $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect']; | 509: $redirect_msg = ($action) ? $lang_misc['Close topic redirect'] : $lang_misc['Open topic redirect']; |
492: redirect('viewtopic.php?id='.$topic_id, $redirect_msg); | 510: redirect('viewtopic.php?id='.$topic_id, $redirect_msg); |
503: if ($stick < 1) | 521: if ($stick < 1) |
504: message($lang_common['Bad request']); | 522: message($lang_common['Bad request']); |
505: | 523: |
506: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick) or error('Unable to stick topic', __FILE__, __LINE__, $db->error()); | 524: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick.' AND forum_id='.$fid) or error('Unable to stick topic', __FILE__, __LINE__, $db->error()); |
507: | 525: |
508: redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']); | 526: redirect('viewtopic.php?id='.$stick, $lang_misc['Stick topic redirect']); |
509: } | 527: } |
518: if ($unstick < 1) | 536: if ($unstick < 1) |
519: message($lang_common['Bad request']); | 537: message($lang_common['Bad request']); |
520: | 538: |
521: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error()); | 539: $db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick.' AND forum_id='.$fid) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error()); |
522: | 540: |
523: redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']); | 541: redirect('viewtopic.php?id='.$unstick, $lang_misc['Unstick topic redirect']); |
524: } | 542: } |
punbb-1.2.9/upload/profile.php |
punbb-1.2.17/upload/profile.php |
87: | 87: |
88: if (isset($_POST['form_sent'])) | 88: if (isset($_POST['form_sent'])) |
89: { | 89: { |
| 90: if ($pun_user['g_id'] < PUN_GUEST) |
| 91: confirm_referrer('profile.php'); |
| 92: |
90: $old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : ''; | 93: $old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : ''; |
91: $new_password1 = trim($_POST['req_new_password1']); | 94: $new_password1 = trim($_POST['req_new_password1']); |
92: $new_password2 = trim($_POST['req_new_password2']); | 95: $new_password2 = trim($_POST['req_new_password2']); |
190: $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error()); | 193: $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error()); |
191: list($new_email, $new_email_key) = $db->fetch_row($result); | 194: list($new_email, $new_email_key) = $db->fetch_row($result); |
192: | 195: |
193: if ($key != $new_email_key) | 196: if ($key == '' || $key != $new_email_key) |
194: message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); | 197: message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); |
195: else | 198: else |
196: { | 199: { |
201: } | 204: } |
202: else if (isset($_POST['form_sent'])) | 205: else if (isset($_POST['form_sent'])) |
203: { | 206: { |
| 207: if (pun_hash($_POST['req_password']) !== $pun_user['password']) |
| 208: message($lang_profile['Wrong pass']); |
| 209: |
204: require PUN_ROOT.'include/email.php'; | 210: require PUN_ROOT.'include/email.php'; |
205: | 211: |
206: // Validate the email-address | 212: // Validate the email-address |
264: } | 270: } |
265: | 271: |
266: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; | 272: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; |
267: $required_fields = array('req_new_email' => $lang_profile['New e-mail']); | 273: $required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']); |
268: $focus_element = array('change_email', 'req_new_email'); | 274: $focus_element = array('change_email', 'req_new_email'); |
269: require PUN_ROOT.'header.php'; | 275: require PUN_ROOT.'header.php'; |
270: | 276: |
279: <div class="infldset"> | 285: <div class="infldset"> |
280: <input type="hidden" name="form_sent" value="1" /> | 286: <input type="hidden" name="form_sent" value="1" /> |
281: <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label> | 287: <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label> |
| 288: <label><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" /><br /></label> |
282: <p><?php echo $lang_profile['E-mail instructions'] ?></p> | 289: <p><?php echo $lang_profile['E-mail instructions'] ?></p> |
283: </div> | 290: </div> |
284: </fieldset> | 291: </fieldset> |
362: message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); | 369: message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); |
363: | 370: |
364: // Now check the width/height | 371: // Now check the width/height |
365: list($width, $height, ,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); | 372: list($width, $height, $type,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); |
366: if (empty($width) || empty($height) || $width > $pun_config['o_avatars_width'] || $height > $pun_config['o_avatars_height']) | 373: if (empty($width) || empty($height) || $width > $pun_config['o_avatars_width'] || $height > $pun_config['o_avatars_height']) |
367: { | 374: { |
368: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); | 375: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); |
369: message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.'); | 376: message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.'); |
370: } | 377: } |
| 378: else if ($type == 1 && $uploaded_file['type'] != 'image/gif') // Prevent dodgy uploads |
| 379: { |
| 380: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); |
| 381: message($lang_profile['Bad type']); |
| 382: } |
371: | 383: |
372: // Delete any old avatars and put the new one in place | 384: // Delete any old avatars and put the new one in place |
373: @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]); | 385: @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]); |
743: } | 755: } |
744: | 756: |
745: // Add http:// if the URL doesn't contain it already | 757: // Add http:// if the URL doesn't contain it already |
746: if ($form['url'] != '' && !stristr($form['url'], 'http://')) | 758: if ($form['url'] != '' && strpos(strtolower($form['url']), 'http://') !== 0) |
747: $form['url'] = 'http://'.$form['url']; | 759: $form['url'] = 'http://'.$form['url']; |
748: | 760: |
749: break; | 761: break; |
754: $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo')); | 766: $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo')); |
755: | 767: |
756: // If the ICQ UIN contains anything other than digits it's invalid | 768: // If the ICQ UIN contains anything other than digits it's invalid |
757: if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq'])) | 769: if ($form['icq'] != '' && @preg_match('/[^0-9]/', $form['icq'])) |
758: message($lang_prof_reg['Bad ICQ']); | 770: message($lang_prof_reg['Bad ICQ']); |
759: | 771: |
760: break; | 772: break; |
punbb-1.2.9/upload/search.php |
punbb-1.2.17/upload/search.php |
122: $keyword_results = $author_results = array(); | 122: $keyword_results = $author_results = array(); |
123: | 123: |
124: // Search a specific forum? | 124: // Search a specific forum? |
125: $forum_sql = ($forum != -1) ? ' AND t.forum_id = '.$forum : ''; | 125: $forum_sql = ($forum != -1 || ($forum == -1 && $pun_config['o_search_all_forums'] == '0' && $pun_user['g_id'] >= PUN_GUEST)) ? ' AND t.forum_id = '.$forum : ''; |
126: | 126: |
127: if (!empty($author) || !empty($keywords)) | 127: if (!empty($author) || !empty($keywords)) |
128: { | 128: { |
160: { | 160: { |
161: $num_chars = pun_strlen($word); | 161: $num_chars = pun_strlen($word); |
162: | 162: |
163: if ($num_chars < 3 || $num_chars > 20 || in_array($word, $stopwords)) | 163: if ($word !== 'or' && ($num_chars < 3 || $num_chars > 20 || in_array($word, $stopwords))) |
164: unset($keywords_array[$i]); | 164: unset($keywords_array[$i]); |
165: } | 165: } |
166: | 166: |
170: | 170: |
171: $word_count = 0; | 171: $word_count = 0; |
172: $match_type = 'and'; | 172: $match_type = 'and'; |
| 173: $result_list = array(); |
173: @reset($keywords_array); | 174: @reset($keywords_array); |
174: while (list(, $cur_word) = @each($keywords_array)) | 175: while (list(, $cur_word) = @each($keywords_array)) |
175: { | 176: { |
198: } | 199: } |
199: else | 200: else |
200: { | 201: { |
201: $cur_word = str_replace('*', '%', $cur_word); | 202: $cur_word = $db->escape(str_replace('*', '%', $cur_word)); |
202: $sql = 'SELECT m.post_id FROM '.$db->prefix.'search_words AS w INNER JOIN '.$db->prefix.'search_matches AS m ON m.word_id = w.id WHERE w.word LIKE \''.$cur_word.'\''.$search_in_cond; | 203: $sql = 'SELECT m.post_id FROM '.$db->prefix.'search_words AS w INNER JOIN '.$db->prefix.'search_matches AS m ON m.word_id = w.id WHERE w.word LIKE \''.$cur_word.'\''.$search_in_cond; |
203: } | 204: } |
204: | 205: |
325: if ($pun_user['is_guest']) | 326: if ($pun_user['is_guest']) |
326: message($lang_common['No permission']); | 327: message($lang_common['No permission']); |
327: | 328: |
328: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit']) or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error()); | 329: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.$pun_user['last_visit'].' AND t.moved_to IS NULL') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error()); |
329: $num_hits = $db->num_rows($result); | 330: $num_hits = $db->num_rows($result); |
330: | 331: |
331: if (!$num_hits) | 332: if (!$num_hits) |
334: // If it's a search for todays posts | 335: // If it's a search for todays posts |
335: else if ($action == 'show_24h') | 336: else if ($action == 'show_24h') |
336: { | 337: { |
337: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.(time() - 86400)) or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error()); | 338: $result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.last_post>'.(time() - 86400).' AND t.moved_to IS NULL') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error()); |
338: $num_hits = $db->num_rows($result); | 339: $num_hits = $db->num_rows($result); |
339: | 340: |
340: if (!$num_hits) | 341: if (!$num_hits) |
429: // Fetch results to display | 430: // Fetch results to display |
430: if ($search_results != '') | 431: if ($search_results != '') |
431: { | 432: { |
432: $group_by_sql = ''; | |
433: switch ($sort_by) | 433: switch ($sort_by) |
434: { | 434: { |
435: case 1: | 435: case 1: |
449: break; | 449: break; |
450: | 450: |
451: default: | 451: default: |
452: { | |
453: $sort_by_sql = ($show_as == 'topics') ? 't.posted' : 'p.posted'; | 452: $sort_by_sql = ($show_as == 'topics') ? 't.posted' : 'p.posted'; |
454: | |
455: if ($show_as == 'topics') | |
456: $group_by_sql = ', t.posted'; | |
457: | |
458: break; | 453: break; |
459: } | |
460: } | 454: } |
461: | 455: |
462: if ($show_as == 'posts') | 456: if ($show_as == 'posts') |
465: $sql = 'SELECT p.id AS pid, p.poster AS pposter, p.posted AS pposted, p.poster_id, '.$substr_sql.'(p.message, 1, 1000) AS message, t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE p.id IN('.$search_results.') ORDER BY '.$sort_by_sql; | 459: $sql = 'SELECT p.id AS pid, p.poster AS pposter, p.posted AS pposted, p.poster_id, '.$substr_sql.'(p.message, 1, 1000) AS message, t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE p.id IN('.$search_results.') ORDER BY '.$sort_by_sql; |
466: } | 460: } |
467: else | 461: else |
468: $sql = 'SELECT t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id WHERE t.id IN('.$search_results.') GROUP BY t.id, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id'.$group_by_sql.' ORDER BY '.$sort_by_sql; | 462: $sql = 'SELECT t.id AS tid, t.poster, t.subject, t.last_post, t.last_post_id, t.last_poster, t.num_replies, t.closed, t.forum_id FROM '.$db->prefix.'topics AS t WHERE t.id IN('.$search_results.') ORDER BY '.$sort_by_sql; |
469: | 463: |
470: | 464: |
471: // Determine the topic or post offset (based on $_GET['p']) | 465: // Determine the topic or post offset (based on $_GET['p']) |