diff -urN punbb-1.2.11/upload/admin_bans.php punbb-1.2.17/upload/admin_bans.php
--- punbb-1.2.11/upload/admin_bans.php 2006-02-28 20:24:52.000000000 +0100
+++ punbb-1.2.17/upload/admin_bans.php 2006-10-14 18:40:28.000000000 +0200
@@ -192,6 +192,8 @@
if ($ban_user == '' && $ban_ip == '' && $ban_email == '')
message('You must enter either a username, an IP address or an e-mail address (at least).');
+ else if (strtolower($ban_user) == 'guest')
+ message('The guest user cannot be banned.');
// Validate IP/IP range (it's overkill, I know)
if ($ban_ip != '')
diff -urN punbb-1.2.11/upload/admin_categories.php punbb-1.2.17/upload/admin_categories.php
--- punbb-1.2.11/upload/admin_categories.php 2006-02-28 20:24:53.000000000 +0100
+++ punbb-1.2.17/upload/admin_categories.php 2007-04-10 23:37:34.000000000 +0200
@@ -118,7 +118,7 @@
@@ -151,7 +151,7 @@
if ($cat_name[$i] == '')
message('You must enter a category name.');
- if (!preg_match('#^\d+$#', $cat_order[$i]))
+ if (!@preg_match('#^\d+$#', $cat_order[$i]))
message('Position must be an integer value.');
list($cat_id, $position) = $db->fetch_row($result);
diff -urN punbb-1.2.11/upload/admin_forums.php punbb-1.2.17/upload/admin_forums.php
--- punbb-1.2.11/upload/admin_forums.php 2006-02-28 20:24:52.000000000 +0100
+++ punbb-1.2.17/upload/admin_forums.php 2008-01-15 00:23:25.000000000 +0100
@@ -137,10 +137,10 @@
while (list($forum_id, $disp_position) = @each($_POST['position']))
{
- if (!preg_match('#^\d+$#', $disp_position))
+ if (!@preg_match('#^\d+$#', $disp_position))
message('Position must be a positive integer value.');
- $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.$forum_id) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
+ $db->query('UPDATE '.$db->prefix.'forums SET disp_position='.$disp_position.' WHERE id='.intval($forum_id)) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
// Regenerate the quickjump cache
@@ -186,9 +186,9 @@
$result = $db->query('SELECT g_id, g_read_board, g_post_replies, g_post_topics FROM '.$db->prefix.'groups WHERE g_id!='.PUN_ADMIN) or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
while ($cur_group = $db->fetch_assoc($result))
{
- $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? $_POST['read_forum_new'][$cur_group['g_id']] : '0' : $_POST['read_forum_old'][$cur_group['g_id']];
- $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? $_POST['post_replies_new'][$cur_group['g_id']] : '0';
- $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? $_POST['post_topics_new'][$cur_group['g_id']] : '0';
+ $read_forum_new = ($cur_group['g_read_board'] == '1') ? isset($_POST['read_forum_new'][$cur_group['g_id']]) ? '1' : '0' : intval($_POST['read_forum_old'][$cur_group['g_id']]);
+ $post_replies_new = isset($_POST['post_replies_new'][$cur_group['g_id']]) ? '1' : '0';
+ $post_topics_new = isset($_POST['post_topics_new'][$cur_group['g_id']]) ? '1' : '0';
// Check if the new settings differ from the old
if ($read_forum_new != $_POST['read_forum_old'][$cur_group['g_id']] || $post_replies_new != $_POST['post_replies_old'][$cur_group['g_id']] || $post_topics_new != $_POST['post_topics_old'][$cur_group['g_id']])
@@ -385,8 +385,13 @@
query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error());
- while ($cur_cat = $db->fetch_assoc($result))
- echo "\t\t\t\t\t\t\t\t\t".''."\n";
+ if ($db->num_rows($result) > 0)
+ {
+ while ($cur_cat = $db->fetch_assoc($result))
+ echo "\t\t\t\t\t\t\t\t\t".''."\n";
+ }
+ else
+ echo "\t\t\t\t\t\t\t\t\t".''."\n";
?>
@@ -399,7 +404,15 @@
+query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.disp_position FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
+
+if ($db->num_rows($result) > 0)
+{
+?>
Edit forums
+
diff -urN punbb-1.2.11/upload/admin_groups.php punbb-1.2.17/upload/admin_groups.php
--- punbb-1.2.11/upload/admin_groups.php 2006-02-28 20:24:54.000000000 +0100
+++ punbb-1.2.17/upload/admin_groups.php 2006-10-14 18:41:53.000000000 +0200
@@ -264,7 +264,7 @@
confirm_referrer('admin_groups.php');
$group_id = intval($_POST['default_group']);
- if ($group_id < 1)
+ if ($group_id < 4)
message($lang_common['Bad request']);
$db->query('UPDATE '.$db->prefix.'config SET conf_value='.$group_id.' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
diff -urN punbb-1.2.11/upload/admin_loader.php punbb-1.2.17/upload/admin_loader.php
--- punbb-1.2.11/upload/admin_loader.php 2006-02-28 20:24:52.000000000 +0100
+++ punbb-1.2.17/upload/admin_loader.php 2007-04-10 23:37:34.000000000 +0200
@@ -37,7 +37,7 @@
// The plugin to load should be supplied via GET
$plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
-if (!preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))
+if (!@preg_match('/^AM?P_(\w*?)\.php$/i', $plugin))
message($lang_common['Bad request']);
// AP_ == Admins only, AMP_ == admins and moderators
diff -urN punbb-1.2.11/upload/admin_maintenance.php punbb-1.2.17/upload/admin_maintenance.php
--- punbb-1.2.11/upload/admin_maintenance.php 2006-02-28 20:24:53.000000000 +0100
+++ punbb-1.2.17/upload/admin_maintenance.php 2008-01-19 16:16:24.000000000 +0100
@@ -52,7 +52,7 @@
// This is the only potentially "dangerous" thing we can do here, so we check the referer
confirm_referrer('admin_maintenance.php');
- $truncate_sql = ($db_type != 'sqlite') ? 'TRUNCATE TABLE ' : 'DELETE FROM ';
+ $truncate_sql = ($db_type != 'sqlite' && $db_type != 'pgsql') ? 'TRUNCATE TABLE ' : 'DELETE FROM ';
$db->query($truncate_sql.$db->prefix.'search_matches') or error('Unable to empty search index match table', __FILE__, __LINE__, $db->error());
$db->query($truncate_sql.$db->prefix.'search_words') or error('Unable to empty search index words table', __FILE__, __LINE__, $db->error());
@@ -65,12 +65,10 @@
break;
case 'pgsql';
- $result = $db->query('SELECT setval(\'search_words_id_seq\', 1, false)') or error('Unable to update sequence', __FILE__, __LINE__, $db->error());
+ $result = $db->query('SELECT setval(\''.$db->prefix.'search_words_id_seq\', 1, false)') or error('Unable to update sequence', __FILE__, __LINE__, $db->error());
}
}
- $end_at = $start_at + $per_page;
-
?>
@@ -95,7 +93,7 @@
require PUN_ROOT.'include/search_idx.php';
// Fetch posts to process
- $result = $db->query('SELECT DISTINCT t.id, p.id, p.message FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'posts AS p ON t.id=p.topic_id WHERE t.id>='.$start_at.' AND t.id<'.$end_at.' ORDER BY t.id') or error('Unable to fetch topic/post info', __FILE__, __LINE__, $db->error());
+ $result = $db->query('SELECT DISTINCT t.id, p.id, p.message FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'posts AS p ON t.id=p.topic_id WHERE t.id>='.$start_at.' ORDER BY t.id LIMIT '.$per_page) or error('Unable to fetch topic/post info', __FILE__, __LINE__, $db->error());
$cur_topic = 0;
while ($cur_post = $db->fetch_row($result))
@@ -118,9 +116,9 @@
}
// Check if there is more work to do
- $result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE id>'.$end_at) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
+ $result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE id>'.$cur_topic.' ORDER BY id ASC LIMIT 1') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
- $query_str = ($db->num_rows($result)) ? '?i_per_page='.$per_page.'&i_start_at='.$end_at : '';
+ $query_str = ($db->num_rows($result)) ? '?i_per_page='.$per_page.'&i_start_at='.$db->result($result) : '';
$db->end_transaction();
$db->close();
diff -urN punbb-1.2.11/upload/admin_options.php punbb-1.2.17/upload/admin_options.php
--- punbb-1.2.11/upload/admin_options.php 2006-02-28 20:24:52.000000000 +0100
+++ punbb-1.2.17/upload/admin_options.php 2007-04-11 13:35:44.000000000 +0200
@@ -37,15 +37,18 @@
if (isset($_POST['form_sent']))
{
- // Lazy referer check (in case base_url isn't correct)
- if (!isset($_SERVER['HTTP_REFERER']) || !preg_match('#/admin_options\.php#i', $_SERVER['HTTP_REFERER']))
- message($lang_common['Bad referrer']);
+ // Custom referrer check (so we can output a custom error message)
+ if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/admin_options.php', '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
+ message('Bad HTTP_REFERER. If you have moved these forums from one location to another or switched domains, you need to update the Base URL manually in the database (look for o_base_url in the config table) and then clear the cache by deleting all .php files in the /cache directory.');
$form = array_map('trim', $_POST['form']);
if ($form['board_title'] == '')
message('You must enter a board title.');
+ // Clean default_lang
+ $form['default_lang'] = preg_replace('#[\.\\\/]#', '', $form['default_lang']);
+
require PUN_ROOT.'include/email.php';
$form['admin_email'] = strtolower($form['admin_email']);
@@ -63,6 +66,9 @@
if (substr($form['base_url'], -1) == '/')
$form['base_url'] = substr($form['base_url'], 0, -1);
+ // Clean avatars_dir
+ $form['avatars_dir'] = str_replace("\0", '', $form['avatars_dir']);
+
// Make sure avatars_dir doesn't end with a slash
if (substr($form['avatars_dir'], -1) == '/')
$form['avatars_dir'] = substr($form['avatars_dir'], 0, -1);
diff -urN punbb-1.2.11/upload/admin_prune.php punbb-1.2.17/upload/admin_prune.php
--- punbb-1.2.11/upload/admin_prune.php 2006-02-28 20:24:52.000000000 +0100
+++ punbb-1.2.17/upload/admin_prune.php 2007-04-10 23:37:34.000000000 +0200
@@ -84,7 +84,7 @@
$prune_days = $_POST['req_prune_days'];
- if (!preg_match('#^\d+$#', $prune_days))
+ if (!@preg_match('#^\d+$#', $prune_days))
message('Days to prune must be a positive integer.');
$prune_date = time() - ($prune_days*86400);
diff -urN punbb-1.2.11/upload/admin_ranks.php punbb-1.2.17/upload/admin_ranks.php
--- punbb-1.2.11/upload/admin_ranks.php 2006-02-28 20:24:53.000000000 +0100
+++ punbb-1.2.17/upload/admin_ranks.php 2007-04-10 23:37:34.000000000 +0200
@@ -46,7 +46,7 @@
if ($rank == '')
message('You must enter a rank title.');
- if (!preg_match('#^\d+$#', $min_posts))
+ if (!@preg_match('#^\d+$#', $min_posts))
message('Minimum posts must be a positive integer value.');
// Make sure there isn't already a rank with the same min_posts value
@@ -77,11 +77,11 @@
if ($rank == '')
message('You must enter a rank title.');
- if (!preg_match('#^\d+$#', $min_posts))
+ if (!@preg_match('#^\d+$#', $min_posts))
message('Minimum posts must be a positive integer value.');
// Make sure there isn't already a rank with the same min_posts value
- $result = $db->query('SELECT 1 FROM '.$db->prefix.'ranks WHERE id!='.$id.' && min_posts='.$min_posts) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());
+ $result = $db->query('SELECT 1 FROM '.$db->prefix.'ranks WHERE id!='.$id.' AND min_posts='.$min_posts) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
message('There is already a rank with a minimun posts value of '.$min_posts.'.');
diff -urN punbb-1.2.11/upload/admin_users.php punbb-1.2.17/upload/admin_users.php
--- punbb-1.2.11/upload/admin_users.php 2006-02-28 20:24:53.000000000 +0100
+++ punbb-1.2.17/upload/admin_users.php 2007-04-10 23:37:34.000000000 +0200
@@ -111,7 +111,7 @@
{
$ip = $_GET['show_users'];
- if (!preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip))
+ if (!@preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $ip))
message('The supplied IP address is not correctly formatted.');
@@ -257,7 +257,7 @@
$like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';
while (list($key, $input) = @each($form))
{
- if ($input != '')
+ if ($input != '' && in_array($key, array('username', 'email', 'title', 'realname', 'url', 'jabber', 'icq', 'msn', 'aim', 'yahoo', 'location', 'signature', 'admin_note')))
$conditions[] = 'u.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';
}
@@ -267,7 +267,7 @@
$conditions[] = 'u.num_posts<'.$posts_less;
if ($user_group != 'all')
- $conditions[] = 'u.group_id='.$db->escape($user_group);
+ $conditions[] = 'u.group_id='.intval($user_group);
if (empty($conditions))
message('You didn\'t enter any search terms.');
diff -urN punbb-1.2.11/upload/edit.php punbb-1.2.17/upload/edit.php
--- punbb-1.2.11/upload/edit.php 2006-02-28 20:24:53.000000000 +0100
+++ punbb-1.2.17/upload/edit.php 2008-01-14 12:57:40.000000000 +0100
@@ -197,7 +197,7 @@
?>