1

Topic: Is this safe?

Hello!
I've written extension for my forum that creates some kind of "group leaders", who can add other users to their groups. I've been basing on "Moderator group assignment" by Yonash ( http://punbb.informer.com/forums/topic/ … ssignment/ ). And I wonder if this is safe.

Could someone please analyse my manifest?

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE extension SYSTEM "ext-1.0.dtd">

<extension engine="1.0">
    <id>kt_group_leader</id>
    <title>KT Group leader</title>
    <version>2.61</version>
    <description>Adds group leader who can add users to his group.</description>
    <author>Kushi Themes</author>
    <minversion>1.4</minversion>
    <maxtestedon>1.4.2</maxtestedon>
    <install><![CDATA[
        if (!$forum_db->field_exists('users', 'group_leader'))
            $forum_db->add_field('users', 'group_leader', 'TINYINT(1)', false, 0);

    ]]></install>

    <uninstall><![CDATA[
        $forum_db->drop_field('users', 'group_leader');
    ]]></uninstall>

    <hooks>
        <hook id="pf_qr_get_user_info"><![CDATA[
            //mark mod as admin if changing group and have permission to do this
            if (isset($_POST['update_group_membership']) && $forum_user['group_leader'] == '1')
            {
                $forum_user['g_id'] = FORUM_ADMIN;
                $temp_mod_as_admin = true;
            }
            else
                $temp_mod_as_admin = false;
        ]]>
        </hook>
        <hook id="pf_change_group_form_submitted"><![CDATA[
            if ($temp_mod_as_admin && $forum_user['id'] == $id && $user['g_id'] == FORUM_ADMIN)
                message($lang_common['No permission']);
        ]]>
        </hook>
        <hook id="pf_view_details_user_info_end"><![CDATA[
        if (($user['g_id'] == $forum_config['o_default_user_group'] || $user['g_id'] == $forum_user['g_id']) && $forum_user['id'] != $id && $forum_user['group_leader'] == '1')
        {
            // Setup form
            $forum_page['group_count'] = $forum_page['item_count'] = $forum_page['fld_count'] = 0;
            $forum_page['form_action'] = forum_link($forum_url['profile_admin'], $id);

            $forum_page['hidden_fields'] = array(
                'form_sent'        => '<input type="hidden" name="form_sent" value="1" />',
                'csrf_token'    => '<input type="hidden" name="csrf_token" value="'.generate_form_token($forum_page['form_action']).'" />'
        );
        ?>    <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo $forum_page['form_action'] ?>">
        <div class="hidden">
            <?php echo implode("\n\t\t\t\t", $forum_page['hidden_fields'])."\n" ?>
        </div>
                    <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
                        <div class="sf-box select">
                            <label for="fld<?php echo ++$forum_page['fld_count'] ?>"><span><?php echo $lang_profile['User group'] ?></span></label><br />
                            <span class="fld-input"><select id="fld<?php echo $forum_page['fld_count'] ?>" name="group_id">
        <?php
            $query = array(
                'SELECT'    => 'g.g_id, g.g_title',
                'FROM'        => 'groups AS g',
                'WHERE'        => 'g.g_id!='.FORUM_GUEST.'',
                'ORDER BY'    => 'g.g_title'
            );
            if (file_exists($ext_info['path'].'/lang/'.$forum_user['language'].'/kt_group_leader.php'))
                    include $ext_info['path'].'/lang/'.$forum_user['language'].'/kt_group_leader.php';
            else
                    include $ext_info['path'].'/lang/English/kt_group_leader.php';
            $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
            while ($cur_group = $forum_db->fetch_assoc($result))
            {
                if($cur_group['g_id'] == $forum_user['g_id'] || $cur_group['g_id'] == $forum_config['o_default_user_group']){
                    if ($cur_group['g_id'] == $user['g_id'] || ($cur_group['g_id'] == $forum_config['o_default_user_group'] && $user['g_id'] == ''))
                        echo "\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.forum_htmlencode($cur_group['g_title']).'</option>'."\n";
                    else
                        echo "\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.forum_htmlencode($cur_group['g_title']).'</option>'."\n";
                }
            }
        ?>
                            </select></span>
                        </div>
                    </div>
                    <div class="sf-set button-set set<?php echo ++$forum_page['item_count'] ?>">
                        <div class="sf-box text">
                            <span class="submit"><input type="submit" name="update_group_membership" value="<?php echo $lang_profile['Update groups'] ?>" /></span>
                        </div>
                    </div>
            </form>
        <?php
        }
        ]]>
        </hook>
        <hook id="pf_change_details_new_section_validation"><![CDATA[
            $form['group_leader'] = (!isset($_POST['form']['group_leader']) || $_POST['form']['group_leader'] != '1') ? '0' : '1';
        ]]></hook>
        <hook id="pf_change_details_admin_pre_user_management"><![CDATA[
            if (file_exists($ext_info['path'].'/lang/'.$forum_user['language'].'/kt_group_leader.php'))
                    include $ext_info['path'].'/lang/'.$forum_user['language'].'/kt_group_leader.php';
            else
                    include $ext_info['path'].'/lang/English/kt_group_leader.php';
            
            if ($forum_user['g_id'] == FORUM_ADMIN && $user['g_id'] != FORUM_ADMIN && $user['g_id'] != $forum_config['o_default_user_group']):
            ?>
        <fieldset class="mf-set set<?php echo ++$forum_page['item_count'] ?>">
                    <legend><span><?php echo $kt_group_leader['Leader']?></span></legend>
                    <div class="mf-box" style="float: left;">
                        <div class="mf-item">
                            <span class="fld-input"><input type="checkbox" id="fld<?php echo ++$forum_page['fld_count'] ?>" name="form[group_leader]" value="1"<?php if ($user['group_leader'] == '1') echo 'checked="checked"' ?> /></span>
                            <label for="fld<?php echo $forum_page['fld_count'] ?>"><?php echo $kt_group_leader['Leader label'] ?></label>
                        </div>
                    </div>
                    <input type="submit" name="update" value="<?php echo $kt_group_leader['Submit group leader'] ?>" style="float: left;margin-left: .5em;margin-top: .2em;">
        </fieldset>
        <?php endif;
        ]]></hook>
        <hook id="vt_qr_get_posts, ul_qr_get_users"><![CDATA[
            $query['SELECT'] .= ', u.group_leader';
        ]]></hook>
        <hook id="vt_row_pre_post_ident_merge"><![CDATA[
            if (file_exists($ext_info['path'].'/lang/'.$forum_user['language'].'/kt_group_leader.php'))
                include $ext_info['path'].'/lang/'.$forum_user['language'].'/kt_group_leader.php';
            else
                include $ext_info['path'].'/lang/English/kt_group_leader.php';
            if ($cur_post['poster_id'] > 1 && $cur_post['group_leader'] == '1')
                $forum_page['post_ident']['byline'] = '<span class="post-byline">'.sprintf((($cur_post['id'] == $cur_topic['first_post_id']) ? $lang_topic['Topic byline'] : $lang_topic['Reply byline']), (($forum_user['g_view_users'] == '1') ? '<a title="'.sprintf($lang_topic['Go to profile'], forum_htmlencode($cur_post['username'])).' ( '.$kt_group_leader['Leader'].' )" href="'.forum_link($forum_url['user'], $cur_post['poster_id']).'">'.forum_htmlencode($cur_post['username']).'</a><img src="'.$ext_info['path'].'/bullet.png" style="margin-bottom: -3px;"/>' : '<strong>'.forum_htmlencode($cur_post['username']).'</strong>')).'</span>';
        ]]></hook>
        <hook id="pf_change_details_about_output_start, pf_view_details_output_start"><![CDATA[
            if ($user['group_leader'] == '1'){
                $forum_page['user_ident']['username'] = '<li class="username'.(($user['realname'] =='') ? ' fn nickname' : ' nickname').'"><strong>'.forum_htmlencode($user['username']).'</strong><img src="'.$ext_info['path'].'/bullet.png" style="margin-bottom: -3px;"/></li>';
            }
        ]]></hook>
        <hook id="ul_results_row_pre_data_output"><![CDATA[
            if ($user_data['group_leader'] == '1'){
                $forum_page['table_row']['username'] = '<td class="tc'.count($forum_page['table_row']).'"><a href="'.forum_link($forum_url['user'], $user_data['id']).'">'.forum_htmlencode($user_data['username']).'</a><img src="'.$ext_info['path'].'/bullet.png" style="margin-bottom: -3px;" /></td>';
            }
        ]]></hook>
        
    </hooks>
</extension>
If any of my dropbox link fails with 404 error, change dl.dropbox.com/u/56038890/punbb/*.zip in address to 82283017.

Currently working on rPlus - responsive theme for developers to create their own themes basing on this one.