diff -urN punbb-1.2.6/upload/admin_groups.php punbb-1.2.7/upload/admin_groups.php --- punbb-1.2.6/upload/admin_groups.php Thu Jul 7 19:31:54 2005 +++ punbb-1.2.7/upload/admin_groups.php Fri Sep 2 16:04:40 2005 @@ -243,11 +243,11 @@ } else { - $result = $db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\' AND g_id!='.$_POST['group_id']) or error('Unable to check group title collision', __FILE__, __LINE__, $db->error()); + $result = $db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\' AND g_id!='.intval($_POST['group_id'])) or error('Unable to check group title collision', __FILE__, __LINE__, $db->error()); if ($db->num_rows($result)) message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.'); - $db->query('UPDATE '.$db->prefix.'groups SET g_title=\''.$db->escape($title).'\', g_user_title='.$user_title.', g_read_board='.$read_board.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood.' WHERE g_id='.$_POST['group_id']) or error('Unable to update group', __FILE__, __LINE__, $db->error()); + $db->query('UPDATE '.$db->prefix.'groups SET g_title=\''.$db->escape($title).'\', g_user_title='.$user_title.', g_read_board='.$read_board.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood.' WHERE g_id='.intval($_POST['group_id'])) or error('Unable to update group', __FILE__, __LINE__, $db->error()); } // Regenerate the quickjump cache diff -urN punbb-1.2.6/upload/admin_index.php punbb-1.2.7/upload/admin_index.php --- punbb-1.2.6/upload/admin_index.php Sun Mar 20 20:13:24 2005 +++ punbb-1.2.7/upload/admin_index.php Fri Sep 2 16:03:18 2005 @@ -86,7 +86,7 @@ $load_averages = @explode(' ', $load_averages); $server_load = isset($load_averages[2]) ? $load_averages[0].' '.$load_averages[1].' '.$load_averages[2] : 'Not available'; } -else if (preg_match('/averages?: ([0-9\.]+),[\s]+([0-9\.]+),[\s]+([0-9\.]+)/i', @exec('uptime'), $load_averages)) +else if (!in_array(PHP_OS, array('WINNT', 'WIN32')) && preg_match('/averages?: ([0-9\.]+),[\s]+([0-9\.]+),[\s]+([0-9\.]+)/i', @exec('uptime'), $load_averages)) $server_load = $load_averages[1].' '.$load_averages[2].' '.$load_averages[3]; else $server_load = 'Not available'; diff -urN punbb-1.2.6/upload/admin_options.php punbb-1.2.7/upload/admin_options.php --- punbb-1.2.6/upload/admin_options.php Thu Jul 7 19:31:54 2005 +++ punbb-1.2.7/upload/admin_options.php Wed Jul 27 23:24:24 2005 @@ -117,7 +117,7 @@ while (list($key, $input) = @each($form)) { // Only update values that have changed - if (isset($pun_config['o_'.$key]) && $pun_config['o_'.$key] != $input) + if (array_key_exists('o_'.$key, $pun_config) && $pun_config['o_'.$key] != $input) { if ($input != '' || is_int($input)) $value = '\''.$db->escape($input).'\''; diff -urN punbb-1.2.6/upload/admin_permissions.php punbb-1.2.7/upload/admin_permissions.php --- punbb-1.2.6/upload/admin_permissions.php Thu Jul 7 19:31:54 2005 +++ punbb-1.2.7/upload/admin_permissions.php Fri Sep 2 01:36:10 2005 @@ -39,23 +39,13 @@ { confirm_referrer('admin_permissions.php'); - $form = array_map('trim', $_POST['form']); - - $form['sig_length'] = intval($form['sig_length']); - $form['sig_lines'] = intval($form['sig_lines']); + $form = array_map('intval', $_POST['form']); while (list($key, $input) = @each($form)) { // Only update values that have changed - if (isset($pun_config['p_'.$key]) && $pun_config['p_'.$key] != $input) - { - if ($input != '' || is_int($input)) - $value = '\''.$db->escape($input).'\''; - else - $value = 'NULL'; - - $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$value.' WHERE conf_name=\'p_'.$key.'\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error()); - } + if (array_key_exists('p_'.$key, $pun_config) && $pun_config['p_'.$key] != $input) + $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$input.' WHERE conf_name=\'p_'.$db->escape($key).'\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error()); } // Regenerate the config cache diff -urN punbb-1.2.6/upload/admin_users.php punbb-1.2.7/upload/admin_users.php --- punbb-1.2.6/upload/admin_users.php Thu Jul 7 19:31:54 2005 +++ punbb-1.2.7/upload/admin_users.php Fri Sep 2 16:04:40 2005 @@ -217,6 +217,7 @@ // trim() all elements in $form $form = array_map('trim', $form); + $conditions = array(); $posts_greater = trim($_POST['posts_greater']); $posts_less = trim($_POST['posts_less']); @@ -268,7 +269,7 @@ if ($user_group != 'all') $conditions[] = 'u.group_id='.$db->escape($user_group); - if (!isset($conditions)) + if (empty($conditions)) message('You didn\'t enter any search terms.'); diff -urN punbb-1.2.6/upload/edit.php punbb-1.2.7/upload/edit.php --- punbb-1.2.6/upload/edit.php Tue Jan 11 21:41:14 2005 +++ punbb-1.2.7/upload/edit.php Fri Sep 2 16:05:30 2005 @@ -175,7 +175,7 @@ else if (isset($_POST['preview'])) { require_once PUN_ROOT.'include/parser.php'; - $message = parse_message(trim($_POST['req_message']), $hide_smilies); + $preview_message = parse_message($message, $hide_smilies); ?>