1

(6 replies, posted in Feature requests)

another vote for the alt text to be $smilie_text[].
I'd much rather see

:)

than "smile" when I copy/paste something, or read it with lynx, or whatever.  It makes the behavior with "images off" in your browser be consistent with turning "smilies off" in punbb.

Maybe it's more appropriate to use the title attribute for the name of the smilie.

in admin_user.php, the line:

$conditions[] = 'u.group_id='.$user_group.' OR membergroupids LIKE \'%,'.$user_group.',%\' OR membergroupids LIKE \''.$user_group.',%\' OR membergroupids LIKE \'%,'.$user_group.'\'';

should be:

$conditions[] = 'u.group_id='.$db->escape($user_group).' OR membergroupids=\''.$db->escape($user_group).'\' OR membergroupids LIKE \'%,'.$db->escape($user_group).',%\' OR membergroupids LIKE \''.$db->escape($user_group).',%\' OR membergroupids LIKE \'%,'.$db->escape($user_group).'\'';

I added an additional OR clause to it, so it will find users who are only in a single additional group (no commas in the membergroupids field).
The $db->escape() calls are added to bring it in line with the latest punbb version (SQL injection vulnerability).

also in profile.php, the line:

print_r($add_groups);

looks like debugging info that was left in by mistake.

Here's a bug I found:
in profile.php, you should change

$new_add_group = (isset($_POST['add_group_id']) ? $_POST['add_group_id'] : null);

to

$new_add_group = (isset($_POST['add_group_id']) ? array_map('intval', $_POST['add_group_id']) : null);

to prevent the possibility of SQL injection.

yeah, that's pretty much essential for me.  I also needed somethat that wasn't blog/news oriented like most CMS's.

I think I've finally found a good CMS!
http://lucidcms.net/
It's small and fast, and it works well.  In other words, it's a good match for punBB.
I've started an integration.  Making it use the punBB user table was too easy.  I'm still working out the login scheme.

ctn|chrisw wrote:

is it working for you? and if so, can you post the full modifyed file?

Yes, I have a working system with punbb 1.2.2 and coppermine 1.3.2

My login method is a little weird, though.  I have a separate password-protected directory on the server, which contains a script that uses the REMOTE_USER variable to set the punbb login cookie.  I'm thinking about releasing this as a mod.

So, you can probably ignore the changes I made to to udb_login_page and udb_logout_page.

ignore the stuff about styles too.

<?php
// ------------------------------------------------------------------------- //
// Coppermine Photo Gallery 1.3.2                                            //
// ------------------------------------------------------------------------- //
// Copyright (C) 2002-2004 Gregory DEMAR                                     //
// http://www.chezgreg.net/coppermine/                                       //
// ------------------------------------------------------------------------- //
// Updated by the Coppermine Dev Team                                        //
// (http://coppermine.sf.net/team/)                                          //
// see /docs/credits.html for details                                        //
// ------------------------------------------------------------------------- //
// This program is free software; you can redistribute it and/or modify      //
// it under the terms of the GNU General Public License as published by      //
// the Free Software Foundation; either version 2 of the License, or         //
// (at your option) any later version.                                       //
// ------------------------------------------------------------------------- //
// CVS version: $Id: punbb.inc.php,v 1.2 2004/08/15 00:44:06 nibbler999 Exp $
// ------------------------------------------------------------------------- //
// PunBB 1.2 Integration for Coppermine                                    //
// ------------------------------------------------------------------------- //
// Modify the values below according to your Board installation              //
// ------------------------------------------------------------------------- //

// URL of your punbb
$path = 'http://www.css.washington.edu/forums';

// local path to your punbb config file
require_once('/usr/local/webspace/punbb/punbb-1.2.2/upload/config.php');

// punbb mod == cpg Admin ?
define('MOD_IS_ADMIN', TRUE);

// ------------------------------------------------------------------------- //
// Nothing to edit below this line
// ------------------------------------------------------------------------- //

// automatic configuration
define('PUNBB_DB_NAME', $db_name); // The name of the database used by the board
define('PUNBB_DB_HOST', $db_host); // The name of the database server
define('PUNBB_DB_USERNAME', $db_username); // The username to use to connect to the database
define('PUNBB_DB_PASSWORD', $db_password); // The password to use to connect to the database
define('PUNBB_TABLE_PREFIX', $db_prefix); // The prefix used for the DB tables
define('PUNBB_WEB_PATH', $path); // The prefix used for the DB tables
define('PUNBB_USER_TABLE', 'users'); // The members table
define('PUNBB_GROUPS_TABLE', 'groups'); // guess :P
define('PUNBB_COOKIE_SEED', $cookie_seed); // Seed for md5 hash

// Group definitions
define('PUNBB_ADMIN_GROUP', 1);
define('PUNBB_MOD_GROUP', 2);
define('PUNBB_GUEST_GROUP', 3);

function udb_authenticate()
{
    global $USER_DATA, $CONFIG, $cookie_name, $UDB_DB_LINK_ID, $UDB_DB_NAME_PREFIX;
 
    // For error checking
    $CONFIG['TABLE_USERS'] = '**ERROR**';
    
    function unescape($str)
    {
        return (get_magic_quotes_gpc() == 1) ? stripslashes($str) : $str;
    }

    // Retrieve cookie stored login information
    
    // default user info
    $USER_DATA['user_id'] = 0;
    $USER_DATA['group_id'] = PUNBB_GUEST_GROUP;
    $USER_DATA['user_name'] = 'Guest';
    $USER_DATA['style'] = 'Oxygen';
        
    $cookie['id'] = 0;

    if (isset($_COOKIE[$cookie_name]))
    {    
        list($cookie['id'], $cookie['password_hash']) = unserialize(unescape($_COOKIE[$cookie_name]));

        if ($cookie['id'] > 1)
        {
            $result = db_query("SELECT id AS user_id, username AS user_name, group_id, g_title AS group_name, password, style FROM ". $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE ." INNER JOIN " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_GROUPS_TABLE . " ON group_id = g_id WHERE id='" . $cookie['id']. "' AND MD5(CONCAT('".addslashes(PUNBB_COOKIE_SEED)."', password)) = '" . addslashes($cookie['password_hash']) . "'",$UDB_DB_LINK_ID);
            $USER_DATA = mysql_fetch_assoc($result);
        }
    } 

    $USER_DATA['groups'] = array();

    // Define the basic groups
    $USER_DATA['groups'][0] = $USER_DATA['group_id'];



    if ($USER_DATA['group_id'] == PUNBB_GUEST_GROUP) {
        define('USER_ID', 0);
    } else {
        define('USER_ID', (int)$USER_DATA['user_id']);
    }

    $user_group_set = '(' . implode(',', $USER_DATA['groups']) . ')';

    // Default group data
    $USER_DATA['group_quota'] = 1;
    $USER_DATA['can_rate_pictures'] = 0;
    $USER_DATA['can_send_ecards'] = 0;
    $USER_DATA['can_post_comments'] = 0;
    $USER_DATA['can_upload_pictures'] = 0;
    $USER_DATA['can_create_albums'] = 0;
    $USER_DATA['pub_upl_need_approval'] = 1;
    $USER_DATA['priv_upl_need_approval'] = 1;
    $USER_DATA['upload_form_config'] = 0;
    $USER_DATA['num_file_upload'] = 0; 
    $USER_DATA['num_URI_upload'] = 0;
    $USER_DATA['custom_user_upload'] = 0;

    $USER_DATA = array_merge($USER_DATA, cpgGetUserData($USER_DATA['groups'][0], $USER_DATA['groups'], PUNBB_GUEST_GROUP));
    
    $USER_DATA['has_admin_access'] = (($USER_DATA['groups'][0] == PUNBB_ADMIN_GROUP) || (($USER_DATA['groups'][0] == PUNBB_MOD_GROUP) && MOD_IS_ADMIN)) ? 1 : 0;
    $USER_DATA['can_see_all_albums'] = $USER_DATA['has_admin_access'];
    
    define('USER_NAME', $USER_DATA['user_name']);
    define('USER_GROUP', $USER_DATA['group_name']);
    define('USER_GROUP_SET', $user_group_set);
    define('USER_IS_ADMIN', $USER_DATA['has_admin_access']);
    define('USER_CAN_SEND_ECARDS', (int)$USER_DATA['can_send_ecards']);
    define('USER_CAN_RATE_PICTURES', (int)$USER_DATA['can_rate_pictures']);
    define('USER_CAN_POST_COMMENTS', (int)$USER_DATA['can_post_comments']);
    define('USER_CAN_UPLOAD_PICTURES', (int)$USER_DATA['can_upload_pictures']);
    define('USER_CAN_CREATE_ALBUMS', (int)$USER_DATA['can_create_albums']);
    define('USER_UPLOAD_FORM', (int)$USER_DATA['upload_form_config']);
    define('CUSTOMIZE_UPLOAD_FORM', (int)$USER_DATA['custom_user_upload']);
    define('NUM_FILE_BOXES', (int)$USER_DATA['num_file_upload']);
    define('NUM_URI_BOXES', (int)$USER_DATA['num_URI_upload']);
    define('USER_STYLE', $USER_DATA['style']);
}

// Retrieve the name of a user
function udb_get_user_name($uid)
{
    global $CONFIG, $UDB_DB_LINK_ID, $UDB_DB_NAME_PREFIX;

    $sql = "SELECT username as user_name FROM " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE . " WHERE id = '$uid'";

    $result = db_query($sql, $UDB_DB_LINK_ID);

    if (mysql_num_rows($result)) {
        $row = mysql_fetch_array($result);
        mysql_free_result($result);
        return $row['user_name'];
    } else {
        return '';
    }
}
// Retrieve the id of a user (Added to fix banning w/ bb integration - Nibbler)
function udb_get_user_id($username)
{
    global $CONFIG, $UDB_DB_LINK_ID, $UDB_DB_NAME_PREFIX;

    $username = addslashes($username);

    $sql = "SELECT id AS user_id FROM " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE . " WHERE username = '$username'";

    $result = db_query($sql, $UDB_DB_LINK_ID);

    if (mysql_num_rows($result)) {
        $row = mysql_fetch_array($result);
        mysql_free_result($result);
        return $row['user_id'];
    } else {
        return '';
    }
}

// Redirect
function udb_redirect($target)
{
    header('Location: '. PUNBB_WEB_PATH . $target);
    exit;
}

// Register
function udb_register_page()
{
    $target = '/register.php';
    udb_redirect($target);
}
// Login
function udb_login_page()
{
    $referer = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : 'index.php';
    $target = 'https://www.css.washington.edu/login/?redirect_url='.$referer;

    header('Location: ' . $target);
    exit;
}
// Logout
function udb_logout_page()
{
    $referer = $_SERVER['HTTP_REFERER'] ? $_SERVER['HTTP_REFERER'] : 'index.php';
    $target = '/login.php?action=out&id='.USER_ID.'&redirect_url='.$referer;

    udb_redirect($target);
}
// Edit users
function udb_edit_users()
{
    $target = '/userlist.php';
    udb_redirect($target);
}
// Get user information
function udb_get_user_infos($uid)
{
    global $UDB_DB_NAME_PREFIX, $UDB_DB_LINK_ID, $lang_register_php;

    $sql = "SELECT username AS user_name, email AS user_email, registered AS user_regdate, location AS user_location, url AS user_website FROM " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE . " WHERE id = '$uid'";
    $result = db_query($sql, $UDB_DB_LINK_ID);
    if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__);

    $user_data = mysql_fetch_array($result);
    $user_data['group_name'] = '';
    mysql_free_result($result);

    return $user_data;
}

// Edit user profile
function udb_edit_profile($uid)
{
    $target = "/profile.php?id=$uid";
    udb_redirect($target);
}

// Query used to list users
function udb_list_users_query(&$user_count)
{
    global $CONFIG, $FORBIDDEN_SET, $UDB_DB_LINK_ID;

    if ($FORBIDDEN_SET != "") $forbidden = "AND $FORBIDDEN_SET";
    $sql = "SELECT (category - " . FIRST_USER_CAT . ") as user_id," . "        '???' as user_name," . "        COUNT(DISTINCT a.aid) as alb_count," . "        COUNT(DISTINCT pid) as pic_count," . "        MAX(pid) as thumb_pid " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.aid = a.aid " . "WHERE approved = 'YES' AND category > " . FIRST_USER_CAT . " $forbidden GROUP BY category " . "ORDER BY category ";
    $result = db_query($sql, $UDB_DB_LINK_ID);

    $user_count = mysql_num_rows($result);

    return $result;
}

function udb_list_users_retrieve_data($result, $lower_limit, $count)
{
    global $CONFIG, $UDB_DB_NAME_PREFIX, $UDB_DB_LINK_ID;

    mysql_data_seek($result, $lower_limit);

    $rowset = array();
    $i = 0;
    $user_id_set = '';

    while (($row = mysql_fetch_array($result)) && ($i++ < $count)) {
        $user_id_set .= $row['user_id'] . ',';
        $rowset[] = $row;
    }
    mysql_free_result($result);

    $user_id_set = '(' . substr($user_id_set, 0, -1) . ')';
    $sql = "SELECT id AS user_id, username AS user_name FROM " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE . " WHERE id IN $user_id_set";
    $result = db_query($sql, $UDB_DB_LINK_ID);
    while ($row = mysql_fetch_array($result)) {
        $name[$row['user_id']] = $row['user_name'];
    }
    for($i = 0; $i < count($rowset); $i++) {
        $rowset[$i]['user_name'] = empty($name[$rowset[$i]['user_id']]) ? '???' : $name[$rowset[$i]['user_id']];
    }

    return $rowset;
}

// Group table synchronisation
function udb_synchronize_groups()
{
    global $CONFIG ;

    $result = db_query("SELECT g_id, g_title FROM " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_GROUPS_TABLE);
    while ($row = mysql_fetch_array($result))
        $PUNBB_groups[$row['g_id']] = $row['g_title'];

    $result = db_query("SELECT group_id, group_name FROM {$CONFIG['TABLE_USERGROUPS']} WHERE 1");
    while ($row = mysql_fetch_array($result)) {
        $cpg_groups[$row['group_id']] = $row['group_name'];
    }
    mysql_free_result($result);
    // Scan Coppermine groups that need to be deleted
    foreach($cpg_groups as $c_group_id => $c_group_name) {
        if ((!isset($PUNBB_groups[$c_group_id]))) {
            db_query("DELETE FROM {$CONFIG['TABLE_USERGROUPS']} WHERE group_id = '" . $c_group_id . "' LIMIT 1");
            unset($cpg_groups[$c_group_id]);
        }
    }
    // Scan punBB groups that need to be created inside Coppermine table
    foreach($PUNBB_groups as $i_group_id => $i_group_name) {
        if ((!isset($cpg_groups[$i_group_id]))) {
            db_query("INSERT INTO {$CONFIG['TABLE_USERGROUPS']} (group_id, group_name) VALUES ('$i_group_id', '" . addslashes($i_group_name) . "')");
            $cpg_groups[$i_group_id] = $i_group_name;
        }
    }
    // Update Group names
    foreach($PUNBB_groups as $i_group_id => $i_group_name) {
        if ($cpg_groups[$i_group_id] != $i_group_name) {
            db_query("UPDATE {$CONFIG['TABLE_USERGROUPS']} SET group_name = '" . addslashes($i_group_name) . "' WHERE group_id = '$i_group_id' LIMIT 1");
        }
    }
}
// Retrieve the album list used in gallery admin mode
function udb_get_admin_album_list()
{
    global $CONFIG, $UDB_DB_NAME_PREFIX, $UDB_DB_LINK_ID, $FORBIDDEN_SET;

    if (UDB_CAN_JOIN_TABLES) {
        $sql = "SELECT aid, CONCAT('(', username, ') ', a.title) AS cpg_title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE . " AS u ON category = (" . FIRST_USER_CAT . " + id) " . "ORDER BY cpg_title";
        return $sql;
    } else {
        $sql = "SELECT aid, IF(category > " . FIRST_USER_CAT . ", CONCAT('* ', title), CONCAT(' ', title)) AS cpg_title " . "FROM {$CONFIG['TABLE_ALBUMS']} " . "ORDER BY cpg_title";
        return $sql;
    }
}

function udb_util_filloptions()
{
    global $albumtbl, $picturetbl, $categorytbl, $lang_util_php, $CONFIG, $UDB_DB_NAME_PREFIX, $UDB_DB_LINK_ID;

    $usertbl = $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_USER_TABLE;

    if (UDB_CAN_JOIN_TABLES) {

        $query = "SELECT aid, category, IF(username IS NOT NULL, CONCAT('(', username, ') ', a.title), CONCAT(' - ', a.title)) AS title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "LEFT JOIN $usertbl AS u ON category = (" . FIRST_USER_CAT . " + id) " . "ORDER BY category, title";
        $result = db_query($query, $UDB_DB_LINK_ID);
        // $num=mysql_numrows($result);
        echo '<select size="1" name="albumid">';

        while ($row = mysql_fetch_array($result)) {
            $sql = "SELECT name FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = " . $row["category"];
            $result2 = db_query($sql);
            $row2 = mysql_fetch_array($result2);

            print "<option value=\"" . $row["aid"] . "\">" . $row2["name"] . $row["title"] . "</option>\n";
        }

        print '</select> (3)';
        print '    <input type="submit" value="'.$lang_util_php['submit_form'].'" class="submit" /> (4)';
        print '</form>';

    } else {

        // Query for list of public albums

        $public_albums = db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < " . FIRST_USER_CAT . " ORDER BY title");

        if (mysql_num_rows($public_albums)) {
            $public_result = db_fetch_rowset($public_albums);
        } else {
            $public_result = array();
        }

        // Initialize $merged_array
        $merged_array = array();

        // Count the number of albums returned.
        $end = count($public_result);

        // Cylce through the User albums.
        for($i=0;$i<$end;$i++) {

            //Create a new array sow we may sort the final results.
            $merged_array[$i]['id'] = $public_result[$i]['aid'];
            $merged_array[$i]['album_name'] = $public_result[$i]['title'];

            // Query the database to get the category name.
            $vQuery = "SELECT name, parent FROM " . $CONFIG['TABLE_CATEGORIES'] . " WHERE cid='" . $public_result[$i]['category'] . "'";
            $vRes = mysql_query($vQuery);
            $vRes = mysql_fetch_array($vRes);
            if (isset($merged_array[$i]['username_category'])) {
                $merged_array[$i]['username_category'] = (($vRes['name']) ? '(' . $vRes['name'] . ') ' : '').$merged_array[$i]['username_category'];
            } else {
                $merged_array[$i]['username_category'] = (($vRes['name']) ? '(' . $vRes['name'] . ') ' : '');
            }

        }

        // We transpose and divide the matrix into columns to prepare it for use in array_multisort().
        foreach ($merged_array as $key => $row) {
           $aid[$key] = $row['id'];
           $title[$key] = $row['album_name'];
           $album_lineage[$key] = $row['username_category'];
        }

        // We sort all columns in descending order and plug in $album_menu at the end so it is sorted by the common key.
        array_multisort($album_lineage, SORT_ASC, $title, SORT_ASC, $aid, SORT_ASC, $merged_array);

        // Query for list of user albums

        $user_albums = db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE category >= " . FIRST_USER_CAT . " ORDER BY aid");
        if (mysql_num_rows($user_albums)) {
            $user_albums_list = db_fetch_rowset($user_albums);
        } else {
            $user_albums_list = array();
        }

        // Query for list of user IDs and names

        $user_album_ids_and_names = db_query("SELECT (id + ".FIRST_USER_CAT.") as id, CONCAT('(', username, ') ') as name FROM $usertbl ORDER BY name ASC",$UDB_DB_LINK_ID);

        if (mysql_num_rows($user_album_ids_and_names)) {
            $user_album_ids_and_names_list = db_fetch_rowset($user_album_ids_and_names);
        } else {
            $user_album_ids_and_names_list = array();
        }

        // Glue what we've got together.

        // Initialize $udb_i as a counter.
        if (count($merged_array)) {
            $udb_i = count($merged_array);
        } else {
            $udb_i = 0;
        }

        //Begin a set of nested loops to merge the various query results.
        foreach ($user_albums_list as $aq) {
            foreach ($user_album_ids_and_names_list as $uq) {
                if ($aq['category'] == $uq['id']) {
                    $merged_array[$udb_i]['id']= $aq['category'];
                    $merged_array[$udb_i]['album_name']= $aq['title'];
                    $merged_array[$udb_i]['username_category']= $uq['name'];
                    $udb_i++;
                }
            }
        }

        // The user albums and public albums have been merged into one list. Print the dropdown.
        echo '<select size="1" name="albumid">';

        foreach ($merged_array as $menu_item) {

            echo "<option value=\"" . $menu_item['id'] . "\">" . (isset($menu_item['username_category']) ? $menu_item['username_category'] : '') . $menu_item['album_name'] . "</option>\n";

        }

        // Close list, etc.
        print '</select> (3)';
        print '    <input type="submit" value="'.$lang_util_php['submit_form'].'" class="submit" /> (4)';
        print '</form>';

    }

}

// ------------------------------------------------------------------------- //

// Define wheter we can join tables or not in SQL queries (same host & same db or user)
define('UDB_CAN_JOIN_TABLES', (PUNBB_DB_HOST == $CONFIG['dbserver'] && (PUNBB_DB_NAME == $CONFIG['dbname'] || PUNBB_DB_USERNAME == $CONFIG['dbuser'])));
// Connect to SMF Database if necessary
$UDB_DB_LINK_ID = 0;
$UDB_DB_NAME_PREFIX = PUNBB_DB_NAME ? '`' . PUNBB_DB_NAME . '`.' : '';
if (!UDB_CAN_JOIN_TABLES) {
    $UDB_DB_LINK_ID = @mysql_connect(PUNBB_DB_HOST, PUNBB_DB_USERNAME, PUNBB_DB_PASSWORD);
    
    if (!$UDB_DB_LINK_ID) die("<b>Coppermine critical error</b>:<br />Unable to connect to PunBB database !<br /><br />MySQL said: <b>" . mysql_error() . "</b>");
    mysql_select_db (PUNBB_DB_NAME, $UDB_DB_LINK_ID);
}
?>
Nibbler(cpg) wrote:

How about......now ?

Try me

(Use save as)

Thanks for this, Nibbler.  I found a couple of glitches:

It seems like the Group definitions are wrong: PUNBB_MOD_GROUP should be 2.  PUNBB_MEMBERS_GROUP should probably be removed, since there isn't anything special about it.  You can have as many "members" groups as you want in punbb.

// Group definitions
define('PUNBB_ADMIN_GROUP', 1);
define('PUNBB_MOD_GROUP', 2);
define('PUNBB_GUEST_GROUP', 3);

In udb_synchronize_groups, The groups should be read from the database (since the names can be changed, and you can have as many as you want):

//    $PUNBB_groups = array(
//        PUNBB_GUEST_GROUP => 'Guests',
//        PUNBB_MEMBERS_GROUP => 'Members',
//        PUNBB_ADMIN_GROUP => 'Administrators',
//        PUNBB_MOD_GROUP => 'Moderators'
//        );

    $result = db_query("SELECT g_id, g_title FROM " . $UDB_DB_NAME_PREFIX . PUNBB_TABLE_PREFIX . PUNBB_GROUPS_TABLE);
    while ($row = mysql_fetch_array($result))
        $PUNBB_groups[$row['g_id']] = $row['g_title'];

My installation doesn't use passwords, so I'm not sure, but I think you might not be checking them correctly.  The password set in the cookie should be md5($cookie_seed.$password_hash) so you need something like this at the top of the file:

define('PUNBB_COOKIE_SEED', $cookie_seed); // Seed for md5 hash

and this goes in the WHERE clause in udb_authenticate():

... AND MD5(CONCAT('".addslashes(PUNBB_COOKIE_SEED)."', password)) = '" . addslashes($cookie['password_hash']) . "'"

9

(7 replies, posted in PunBB 1.2 bug reports)

Thanks.  I fixed it temporarily by making it:

$action = isset($_GET['action']) ? $_GET['action'] : null;

if ($pun_user['g_read_board'] == '0' && !($action == 'change_pass' || $action == 'change_email'))
    message($lang_common['No view']);

(The "$action = ..." line is moved up from below)

10

(7 replies, posted in PunBB 1.2 bug reports)

You should be able to prevent guests or whoever from viewing the profiles of your users, but the code in place to implement this:

if ($pun_user['g_read_board'] == '0' && !isset($_GET['key']))
    message($lang_common['No view']);

is easily circumvented by simply setting the "key" parameter (to anything).