[Xfce4-commits] <forum:master> Upgrade to fluxbb 1.5.5
Nick Schermer
noreply at xfce.org
Sun Nov 24 12:48:01 CET 2013
Updating branch refs/heads/master
to 8a970c1e1f119b496cadf877bf24aaa61d3a07e3 (commit)
from a7e01e6f12d73e57363e6ebf6dc9572659ed11b7 (commit)
commit 8a970c1e1f119b496cadf877bf24aaa61d3a07e3
Author: Nick Schermer <nick at xfce.org>
Date: Sun Nov 24 12:47:38 2013 +0100
Upgrade to fluxbb 1.5.5
admin_bans.php | 8 ++++----
admin_categories.php | 4 ++--
admin_forums.php | 48 +++++++++++++++++++++++++++++++++------------
admin_groups.php | 8 ++++----
admin_loader.php | 4 ++--
admin_options.php | 12 ++++++------
admin_users.php | 2 +-
db_update.php | 7 ++++---
include/cache.php | 1 -
include/common.php | 2 +-
include/email.php | 18 +++++++++++------
include/functions.php | 27 ++++++++++++++++++-------
include/parser.php | 31 ++++++++++++++++++-----------
install.php | 2 +-
lang/English/help.php | 2 +-
lang/English/install.php | 1 -
lang/English/update.php | 2 +-
misc.php | 43 ++++++++++++++++++++--------------------
moderate.php | 49 +++++++++++++++++++++++-----------------------
post.php | 4 ++--
profile.php | 8 ++++----
register.php | 17 +++++++++-------
search.php | 8 ++++----
style/Air.css | 3 +--
style/Cobalt.css | 1 -
style/Earth.css | 3 +--
style/Fire.css | 3 +--
style/Lithium.css | 1 -
style/Mercury.css | 1 -
style/Oxygen.css | 1 -
style/Radium.css | 1 -
style/Sulfur.css | 1 -
style/Technetium.css | 1 -
33 files changed, 183 insertions(+), 141 deletions(-)
diff --git a/admin_bans.php b/admin_bans.php
index 21e09e0..fa3c0ed 100644
--- a/admin_bans.php
+++ b/admin_bans.php
@@ -30,7 +30,7 @@ if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban']))
{
$user_id = intval($_GET['add_ban']);
if ($user_id < 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
@@ -84,13 +84,13 @@ if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban']))
{
$ban_id = intval($_GET['edit_ban']);
if ($ban_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result);
else
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600;
$ban_expire = ($ban_expire != '') ? gmdate('Y-m-d', $ban_expire + $diff) : '';
@@ -308,7 +308,7 @@ else if (isset($_GET['del_ban']))
$ban_id = intval($_GET['del_ban']);
if ($ban_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to delete ban', __FILE__, __LINE__, $db->error());
diff --git a/admin_categories.php b/admin_categories.php
index e1ca62e..dee5bd7 100644
--- a/admin_categories.php
+++ b/admin_categories.php
@@ -41,7 +41,7 @@ else if (isset($_POST['del_cat']) || isset($_POST['del_cat_comply']))
$cat_to_delete = intval($_POST['cat_to_delete']);
if ($cat_to_delete < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if (isset($_POST['del_cat_comply'])) // Delete a category with all forums and posts
{
@@ -128,7 +128,7 @@ else if (isset($_POST['update'])) // Change position and name of the categories
$categories = $_POST['cat'];
if (empty($categories))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
foreach ($categories as $cat_id => $cur_cat)
{
diff --git a/admin_forums.php b/admin_forums.php
index ad96234..60924e6 100644
--- a/admin_forums.php
+++ b/admin_forums.php
@@ -27,7 +27,7 @@ if (isset($_POST['add_forum']))
$add_to_cat = intval($_POST['add_to_cat']);
if ($add_to_cat < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('INSERT INTO '.$db->prefix.'forums (forum_name, cat_id) VALUES(\''.$db->escape($lang_admin_forums['New forum']).'\', '.$add_to_cat.')') or error('Unable to create forum', __FILE__, __LINE__, $db->error());
@@ -47,7 +47,7 @@ else if (isset($_GET['del_forum']))
$forum_id = intval($_GET['del_forum']);
if ($forum_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if (isset($_POST['del_forum_comply'])) // Delete a forum with all posts
{
@@ -147,7 +147,7 @@ else if (isset($_GET['edit_forum']))
{
$forum_id = intval($_GET['edit_forum']);
if ($forum_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Update group permissions for $forum_id
if (isset($_POST['save']))
@@ -165,7 +165,7 @@ else if (isset($_GET['edit_forum']))
message($lang_admin_forums['Must enter name message']);
if ($cat_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$forum_desc = ($forum_desc != '') ? '\''.$db->escape($forum_desc).'\'' : 'NULL';
$redirect_url = ($redirect_url != '') ? '\''.$db->escape($redirect_url).'\'' : 'NULL';
@@ -225,7 +225,7 @@ else if (isset($_GET['edit_forum']))
// Fetch forum info
$result = $db->query('SELECT id, forum_name, forum_desc, redirect_url, num_topics, sort_by, cat_id FROM '.$db->prefix.'forums WHERE id='.$forum_id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_forum = $db->fetch_assoc($result);
@@ -371,6 +371,14 @@ generate_admin_menu('forums');
<h2><span><?php echo $lang_admin_forums['Add forum head'] ?></span></h2>
<div class="box">
<form method="post" action="admin_forums.php?action=adddel">
+<?php
+
+$result = $db->query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error());
+
+if ($db->num_rows($result) > 0)
+{
+
+?>
<div class="inform">
<fieldset>
<legend><?php echo $lang_admin_forums['Create new subhead'] ?></legend>
@@ -382,14 +390,8 @@ generate_admin_menu('forums');
<select name="add_to_cat" tabindex="1">
<?php
- $result = $db->query('SELECT id, cat_name FROM '.$db->prefix.'categories ORDER BY disp_position') or error('Unable to fetch category list', __FILE__, __LINE__, $db->error());
- if ($db->num_rows($result) > 0)
- {
- while ($cur_cat = $db->fetch_assoc($result))
- echo "\t\t\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_cat['id'].'">'.pun_htmlspecialchars($cur_cat['cat_name']).'</option>'."\n";
- }
- else
- echo "\t\t\t\t\t\t\t\t\t\t\t".'<option value="0" disabled="disabled">'.$lang_admin_forums['No categories exist'].'</option>'."\n";
+ while ($cur_cat = $db->fetch_assoc($result))
+ echo "\t\t\t\t\t\t\t\t\t\t\t".'<option value="'.$cur_cat['id'].'">'.pun_htmlspecialchars($cur_cat['cat_name']).'</option>'."\n";
?>
</select>
@@ -400,6 +402,26 @@ generate_admin_menu('forums');
</div>
</fieldset>
</div>
+<?php
+
+}
+else
+{
+
+?>
+ <div class="inform">
+ <fieldset>
+ <legend><?php echo $lang_admin_common['None'] ?></legend>
+ <div class="infldset">
+ <p><?php echo $lang_admin_forums['No categories exist'] ?></p>
+ </div>
+ </fieldset>
+ </div>
+<?php
+
+}
+
+?>
</form>
</div>
<?php
diff --git a/admin_groups.php b/admin_groups.php
index 83f4637..e2c4584 100644
--- a/admin_groups.php
+++ b/admin_groups.php
@@ -41,7 +41,7 @@ if (isset($_POST['add_group']) || isset($_GET['edit_group']))
{
$group_id = intval($_GET['edit_group']);
if ($group_id < 1 || !isset($groups[$group_id]))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$group = $groups[$group_id];
@@ -383,11 +383,11 @@ else if (isset($_POST['set_default_group']))
// Make sure it's not the admin or guest groups
if ($group_id == PUN_ADMIN || $group_id == PUN_GUEST)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Make sure it's not a moderator group
if ($groups[$group_id]['g_moderator'] != 0)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('UPDATE '.$db->prefix.'config SET conf_value='.$group_id.' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
@@ -408,7 +408,7 @@ else if (isset($_GET['del_group']))
$group_id = isset($_POST['group_to_delete']) ? intval($_POST['group_to_delete']) : intval($_GET['del_group']);
if ($group_id < 5)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Make sure we don't remove the default group
if ($group_id == $pun_config['o_default_user_group'])
diff --git a/admin_loader.php b/admin_loader.php
index 36801dd..a505e26 100644
--- a/admin_loader.php
+++ b/admin_loader.php
@@ -20,7 +20,7 @@ if (!$pun_user['is_admmod'])
// The plugin to load should be supplied via GET
$plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
if (!preg_match('%^AM?P_(\w*?)\.php$%i', $plugin))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// AP_ == Admins only, AMP_ == admins and moderators
$prefix = substr($plugin, 0, strpos($plugin, '_'));
@@ -35,7 +35,7 @@ if (!file_exists(PUN_ROOT.'plugins/'.$plugin))
if (!isset($_SERVER['REQUEST_URI']))
$_SERVER['REQUEST_URI'] = (isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : '').'?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '');
-$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Admin'], str_replace('_', ' ', substr($plugin, strpos($plugin, '_') + 1, -4)));
+$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], str_replace('_', ' ', substr($plugin, strpos($plugin, '_') + 1, -4)));
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
diff --git a/admin_options.php b/admin_options.php
index e3a7894..217389d 100644
--- a/admin_options.php
+++ b/admin_options.php
@@ -104,11 +104,11 @@ if (isset($_POST['form_sent']))
$languages = forum_list_langs();
if (!in_array($form['default_lang'], $languages))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$styles = forum_list_styles();
if (!in_array($form['default_style'], $styles))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($form['time_format'] == '')
$form['time_format'] = 'H:i:s';
@@ -183,16 +183,16 @@ if (isset($_POST['form_sent']))
$form['disp_posts_default'] = 75;
if ($form['feed_type'] < 0 || $form['feed_type'] > 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($form['feed_ttl'] < 0)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($form['report_method'] < 0 || $form['report_method'] > 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($form['default_email_setting'] < 0 || $form['default_email_setting'] > 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($form['timeout_online'] >= $form['timeout_visit'])
message($lang_admin_options['Timeout error message']);
diff --git a/admin_users.php b/admin_users.php
index 29703c8..06d338e 100644
--- a/admin_users.php
+++ b/admin_users.php
@@ -25,7 +25,7 @@ if (isset($_GET['ip_stats']))
{
$ip_stats = intval($_GET['ip_stats']);
if ($ip_stats < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Fetch ip count
$result = $db->query('SELECT poster_ip, MAX(posted) AS last_used FROM '.$db->prefix.'posts WHERE poster_id='.$ip_stats.' GROUP BY poster_ip') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
diff --git a/db_update.php b/db_update.php
index 9626a0e..9d03a84 100644
--- a/db_update.php
+++ b/db_update.php
@@ -7,7 +7,7 @@
*/
// The FluxBB version this script updates to
-define('UPDATE_TO', '1.5.4');
+define('UPDATE_TO', '1.5.5');
define('UPDATE_TO_DB_REVISION', 20);
define('UPDATE_TO_SI_REVISION', 2);
@@ -266,9 +266,9 @@ function convert_to_utf8(&$str, $old_charset)
if ($old_charset != 'UTF-8' && !seems_utf8($str))
{
if (function_exists('iconv'))
- $str = iconv($old_charset == 'ISO-8859-1' ? 'WINDOWS-1252' : 'ISO-8859-1', 'UTF-8', $str);
+ $str = iconv(!empty($old_charset) ? $old_charset : 'ISO-8859-1', 'UTF-8', $str);
else if (function_exists('mb_convert_encoding'))
- $str = mb_convert_encoding($str, 'UTF-8', $old_charset == 'ISO-8859-1' ? 'WINDOWS-1252' : 'ISO-8859-1');
+ $str = mb_convert_encoding($str, 'UTF-8', !empty($old_charset) ? $old_charset : 'ISO-8859-1');
else if ($old_charset == 'ISO-8859-1')
$str = utf8_encode($str);
}
@@ -1282,6 +1282,7 @@ switch ($stage)
convert_to_utf8($cur_item['forum_name'], $old_charset);
convert_to_utf8($cur_item['forum_desc'], $old_charset);
+ convert_to_utf8($cur_item['last_poster'], $old_charset);
if (!empty($moderators_utf8))
$cur_item['moderators'] = serialize($moderators_utf8);
diff --git a/include/cache.php b/include/cache.php
index 244095f..cb21264 100644
--- a/include/cache.php
+++ b/include/cache.php
@@ -73,7 +73,6 @@ function generate_quickjump_cache($group_id = false)
{
// A group_id was not supplied, so we generate the quick jump cache for all groups
$result = $db->query('SELECT g_id, g_read_board FROM '.$db->prefix.'groups') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
- $num_groups = $db->num_rows($result);
while ($row = $db->fetch_row($result))
$groups[$row[0]] = $row[1];
diff --git a/include/common.php b/include/common.php
index ded5be3..1579222 100644
--- a/include/common.php
+++ b/include/common.php
@@ -10,7 +10,7 @@ if (!defined('PUN_ROOT'))
exit('The constant PUN_ROOT must be defined and point to a valid FluxBB installation root directory.');
// Define the version and database revision that this code was written for
-define('FORUM_VERSION', '1.5.4');
+define('FORUM_VERSION', '1.5.5');
define('FORUM_DB_REVISION', 20);
define('FORUM_SI_REVISION', 2);
diff --git a/include/email.php b/include/email.php
index 88c62a8..96d5ede 100644
--- a/include/email.php
+++ b/include/email.php
@@ -10,6 +10,10 @@
if (!defined('PUN'))
exit;
+// Define line breaks in mail headers; possible values can be PHP_EOL, "\r\n", "\n" or "\r"
+if (!defined('FORUM_EOL'))
+ define('FORUM_EOL', PHP_EOL);
+
require PUN_ROOT.'include/utf8/utils/ascii.php';
//
@@ -229,14 +233,14 @@ function pun_mail($to, $subject, $message, $reply_to_email = '', $reply_to_name
$from = '"'.encode_mail_text($from_name).'" <'.$from_email.'>';
$subject = encode_mail_text($subject);
- $headers = 'From: '.$from."\r\n".'Date: '.gmdate('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset=utf-8'."\r\n".'X-Mailer: FluxBB Mailer';
+ $headers = 'From: '.$from.FORUM_EOL.'Date: '.gmdate('r').FORUM_EOL.'MIME-Version: 1.0'.FORUM_EOL.'Content-transfer-encoding: 8bit'.FORUM_EOL.'Content-type: text/plain; charset=utf-8'.FORUM_EOL.'X-Mailer: FluxBB Mailer';
// If we specified a reply-to email, we deal with it here
if (!empty($reply_to_email))
{
$reply_to = '"'.encode_mail_text($reply_to_name).'" <'.$reply_to_email.'>';
- $headers .= "\r\n".'Reply-To: '.$reply_to;
+ $headers .= FORUM_EOL.'Reply-To: '.$reply_to;
}
// Make sure all linebreaks are LF in message (and strip out any NULL bytes)
@@ -283,6 +287,7 @@ function server_parse($socket, $expected_response)
function smtp_mail($to, $subject, $message, $headers = '')
{
global $pun_config;
+ static $local_host;
$recipients = explode(',', $to);
@@ -307,7 +312,7 @@ function smtp_mail($to, $subject, $message, $headers = '')
server_parse($socket, '220');
- if ($pun_config['o_smtp_user'] != '' && $pun_config['o_smtp_pass'] != '')
+ if (!isset($local_host))
{
// Here we try to determine the *real* hostname (reverse DNS entry preferably)
$local_host = php_uname('n');
@@ -317,11 +322,12 @@ function smtp_mail($to, $subject, $message, $headers = '')
{
// Able to resolve IP back to name
if (($local_name = @gethostbyaddr($local_addr)) !== $local_addr)
- {
$local_host = $local_name;
- }
}
+ }
+ if ($pun_config['o_smtp_user'] != '' && $pun_config['o_smtp_pass'] != '')
+ {
fwrite($socket, 'EHLO '.$local_host."\r\n");
server_parse($socket, '250');
@@ -336,7 +342,7 @@ function smtp_mail($to, $subject, $message, $headers = '')
}
else
{
- fwrite($socket, 'HELO '.$smtp_host."\r\n");
+ fwrite($socket, 'HELO '.$local_host."\r\n");
server_parse($socket, '250');
}
diff --git a/include/functions.php b/include/functions.php
index e6cec48..3f6282c 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -6,7 +6,6 @@
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
*/
-include PUN_ROOT.'include/srand.php';
//
@@ -454,6 +453,9 @@ function check_username($username, $exclude_id = null)
{
global $db, $pun_config, $errors, $lang_prof_reg, $lang_register, $lang_common, $pun_bans;
+ // Include UTF-8 function
+ require PUN_ROOT.'include/utf8/strcasecmp.php';
+
// Convert multiple whitespace characters into one (to prevent people from registering with indistinguishable usernames)
$username = preg_replace('%\s+%s', ' ', $username);
@@ -462,7 +464,7 @@ function check_username($username, $exclude_id = null)
$errors[] = $lang_prof_reg['Username too short'];
else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters
$errors[] = $lang_prof_reg['Username too long'];
- else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest']))
+ else if (!strcasecmp($username, 'Guest') || !utf8_strcasecmp($username, $lang_common['Guest']))
$errors[] = $lang_prof_reg['Username guest'];
else if (preg_match('%[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}%', $username) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $username))
$errors[] = $lang_prof_reg['Username IP'];
@@ -476,7 +478,7 @@ function check_username($username, $exclude_id = null)
$errors[] = $lang_register['Username censor'];
// Check that the username (or a too similar username) is not already registered
- $query = ($exclude_id) ? ' AND id!='.$exclude_id : '';
+ $query = (!is_null($exclude_id)) ? ' AND id!='.$exclude_id : '';
$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE (UPPER(username)=UPPER(\''.$db->escape($username).'\') OR UPPER(username)=UPPER(\''.$db->escape(ucp_preg_replace('%[^\p{L}\p{N}]%u', '', $username)).'\')) AND id>1'.$query) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
@@ -857,14 +859,14 @@ function get_title($user)
$ban_list = array();
foreach ($pun_bans as $cur_ban)
- $ban_list[] = strtolower($cur_ban['username']);
+ $ban_list[] = utf8_strtolower($cur_ban['username']);
}
// If the user has a custom title
if ($user['title'] != '')
$user_title = pun_htmlspecialchars($user['title']);
// If the user is banned
- else if (in_array(strtolower($user['username']), $ban_list))
+ else if (in_array(utf8_strtolower($user['username']), $ban_list))
$user_title = $lang_common['Banned'];
// If the user group has a default user title
else if ($user['g_user_title'] != '')
@@ -1034,12 +1036,23 @@ function forum_number_format($number, $decimals = 0)
//
function random_key($len, $readable = false, $hash = false)
{
+ if (!function_exists('secure_random_bytes'))
+ include PUN_ROOT.'include/srand.php';
+
$key = secure_random_bytes($len);
if ($hash)
- $key = substr(bin2hex($key), 0, $len);
+ return substr(bin2hex($key), 0, $len);
else if ($readable)
- $key = substr(base64_encode($key), 0, $len);
+ {
+ $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+
+ $result = '';
+ for ($i = 0; $i < $len; ++$i)
+ $result .= substr($chars, (ord($key[$i]) % strlen($chars)), 1);
+
+ return $result;
+ }
return $key;
}
diff --git a/include/parser.php b/include/parser.php
index 226e7dd..bcc9181 100644
--- a/include/parser.php
+++ b/include/parser.php
@@ -823,14 +823,14 @@ function do_bbcode($text, $is_signature = false)
$replace_callback[] = 'handle_url_tag($matches[1], $matches[2])';
$replace[] = '<a href="mailto:$1">$1</a>';
$replace[] = '<a href="mailto:$1">$2</a>';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?id=.$matches[1]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?id=.$matches[1],$matches[2]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?pid=.$matches[1].#p.$matches[1]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?pid=.$matches[1].#p.$matches[1],$matches[2]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewforum.php?id=.$matches[1]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewforum.php?id=.$matches[1],$matches[2]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/profile.php?id=.$matches[1]\')';
- $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/profile.php?id=.$matches[1],$matches[2]\')';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?id=\'.$matches[1])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?id=\'.$matches[1], $matches[2])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?pid=\'.$matches[1].\'#p\'.$matches[1])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewtopic.php?pid=\'.$matches[1].\'#p\'.$matches[1], $matches[2])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewforum.php?id=\'.$matches[1])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/viewforum.php?id=\'.$matches[1], $matches[2])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/profile.php?id=\'.$matches[1])';
+ $replace_callback[] = 'handle_url_tag(\''.get_base_url(true).'/profile.php?id=\'.$matches[1], $matches[2])';
// This thing takes a while! :)
$text = preg_replace($pattern, $replace, $text);
@@ -849,19 +849,28 @@ function do_bbcode($text, $is_signature = false)
function do_clickable($text)
{
$text = ' '.$text;
- $text = ucp_preg_replace_callback('%(?<=[\s\]\)])(<)?(\[)?(\()?([\'"]?)(https?|ftp|news){1}://([\p{L}\p{N}\-]+\.([\p{L}\p{N}\-]+\.)*[\p{L}\p{N}]+(:[0-9]+)?(/(?:[^\s\[]*[^\s.,?!\[;:-])?)?)\4(?(3)(\)))(?(2)(\]))(?(1)(>))(?![^\s]*\[/(?:url|img)\])%ui', 'stripslashes($matches[1].$matches[2].$matches[3].$matches[4]).handle_url_tag($matches[5]."://".$matches[6], $matches[5]."://".$matches[6], true).stripslashes($matches[4].$matches[10].$matches[11].$matches[12])', $text);
- $text = ucp_preg_replace_callback('%(?<=[\s\]\)])(<)?(\[)?(\()?([\'"]?)(www|ftp)\.(([\p{L}\p{N}\-]+\.)+[\p{L}\p{N}]+(:[0-9]+)?(/(?:[^\s\[]*[^\s.,?!\[;:-])?)?)\4(?(3)(\)))(?(2)(\]))(?(1)(>))(?![^\s]*\[/(?:url|img)\])%ui','stripslashes($matches[1].$matches[2].$matches[3].$matches[4]).handle_url_tag($matches[5].".".$matches[6], $matches[5].".".$matches[6], true).stripslashes($matches[4].$matches[10].$matches[11].$matches[12])', $text);
+ $text = ucp_preg_replace_callback('%(?<=[\s\]\)])(<)?(\[)?(\()?([\'"]?)(https?|ftp|news){1}://([\p{L}\p{N}\-]+\.([\p{L}\p{N}\-]+\.)*[\p{L}\p{N}]+(:[0-9]+)?(/(?:[^\s\[]*[^\s.,?!\[;:-])?)?)\4(?(3)(\)))(?(2)(\]))(?(1)(>))(?![^\s]*\[/(?:url|img)\])%ui', 'stripslashes($matches[1].$matches[2].$matches[3].$matches[4]).handle_url_tag($matches[5]."://".$matches[6], $matches[5]."://".$matches[6], true).stripslashes($matches[4].forum_array_key($matches, 10).forum_array_key($matches, 11).forum_array_key($matches, 12))', $text);
+ $text = ucp_preg_replace_callback('%(?<=[\s\]\)])(<)?(\[)?(\()?([\'"]?)(www|ftp)\.(([\p{L}\p{N}\-]+\.)+[\p{L}\p{N}]+(:[0-9]+)?(/(?:[^\s\[]*[^\s.,?!\[;:-])?)?)\4(?(3)(\)))(?(2)(\]))(?(1)(>))(?![^\s]*\[/(?:url|img)\])%ui','stripslashes($matches[1].$matches[2].$matches[3].$matches[4]).handle_url_tag($matches[5].".".$matches[6], $matches[5].".".$matches[6], true).stripslashes($matches[4].forum_array_key($matches, 10).forum_array_key($matches, 11).forum_array_key($matches, 12))', $text);
return substr($text, 1);
}
//
+// Return an array key, if it exists, otherwise return an empty string
+//
+function forum_array_key($arr, $key)
+{
+ return isset($arr[$key]) ? $arr[$key] : '';
+}
+
+
+//
// Convert a series of smilies to images
//
function do_smilies($text)
{
- global $pun_config, $smilies;
+ global $smilies;
$text = ' '.$text.' ';
diff --git a/install.php b/install.php
index 20eb0f3..c2e72de 100644
--- a/install.php
+++ b/install.php
@@ -7,7 +7,7 @@
*/
// The FluxBB version this script installs
-define('FORUM_VERSION', '1.5.4');
+define('FORUM_VERSION', '1.5.5');
define('FORUM_DB_REVISION', 20);
define('FORUM_SI_REVISION', 2);
diff --git a/lang/English/help.php b/lang/English/help.php
index 7b4e533..3d09340 100644
--- a/lang/English/help.php
+++ b/lang/English/help.php
@@ -38,7 +38,7 @@ $lang_help = array(
'Quotes' => 'Quotes',
'Quotes info' => 'If you want to quote someone, you should use the quote tag.',
'Quotes info 2' => 'If you don\'t want to quote anyone in particular, you can use the quote tag without specifying a name.',
-'Quote text' => 'This is the text i want to quote.',
+'Quote text' => 'This is the text I want to quote.',
'produces quote box' => 'produces a quote box like this:',
'quote note' => 'Note: If a username contains the characters [ or ] you can enclose it in quote marks.',
diff --git a/lang/English/install.php b/lang/English/install.php
index b79c4b0..98317c7 100644
--- a/lang/English/install.php
+++ b/lang/English/install.php
@@ -65,7 +65,6 @@ $lang_install = array(
'Info 11' => 'Settings for your board. You can change this later.',
'General information' => 'Enter your board\'s title and description.',
'Board description' => 'Board description (supports HTML)',
-'Info 14' => 'The URL (without trailing slash) of your FluxBB forum (example: http://forum.myhost.com). This must be correct. Please note that the preset value below is just an educated guess by FluxBB.',
'Appearance' => 'Appearance',
'Info 15' => 'Make your forum yours. Choose a language and a style for your board.',
'Default language' => 'Default language',
diff --git a/lang/English/update.php b/lang/English/update.php
index c6073e5..5ac1a9c 100644
--- a/lang/English/update.php
+++ b/lang/English/update.php
@@ -7,7 +7,7 @@ $lang_update = array(
'Update' => 'Update FluxBB',
'Update message' => 'Your FluxBB database is out-of-date and must be upgraded in order to continue. If you are the board administrator, please follow the instructions below to complete the upgrade.',
'Note' => 'Note:',
-'Members message' => 'This process is for board administators only. If you are a member there is nothing to worry about - the forums will be back shortly!',
+'Members message' => 'This process is for board administrators only. If you are a member there is nothing to worry about - the forums will be back shortly!',
'Administrator only' => 'This step is for the board administrator only!',
'Database password info' => 'To perform the database update please enter the database password with which FluxBB was installed. If you cannot remember, this is stored in your \'config.php\' file.',
'Database password note' => 'If you are running SQLite (and hence have no database password) please use the database file name instead. This must exactly match the database file name given in your configuration file.',
diff --git a/misc.php b/misc.php
index 90891ce..4909e61 100644
--- a/misc.php
+++ b/misc.php
@@ -22,7 +22,7 @@ $action = isset($_GET['action']) ? $_GET['action'] : null;
if ($action == 'rules')
{
if ($pun_config['o_rules'] == '0' || ($pun_user['is_guest'] && $pun_user['g_read_board'] == '0' && $pun_config['o_regs_allow'] == '0'))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Load the register.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
@@ -68,7 +68,7 @@ else if ($action == 'markforumread')
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($fid < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$tracked_topics = get_tracked_topics();
$tracked_topics['forums'][$fid] = time();
@@ -85,11 +85,11 @@ else if (isset($_GET['email']))
$recipient_id = intval($_GET['email']);
if ($recipient_id < 2)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);
@@ -109,7 +109,8 @@ else if (isset($_GET['email']))
message($lang_misc['No email subject']);
else if ($message == '')
message($lang_misc['No email message']);
- else if (pun_strlen($message) > PUN_MAX_POSTSIZE)
+ // Here we use strlen() not pun_strlen() as we want to limit the post to PUN_MAX_POSTSIZE bytes, not characters
+ else if (strlen($message) > PUN_MAX_POSTSIZE)
message($lang_misc['Too long email message']);
if ($pun_user['last_email_sent'] != '' && (time() - $pun_user['last_email_sent']) < $pun_user['g_email_flood'] && (time() - $pun_user['last_email_sent']) >= 0)
@@ -207,11 +208,11 @@ else if (isset($_GET['email']))
else if (isset($_GET['report']))
{
if ($pun_user['is_guest'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$post_id = intval($_GET['report']);
if ($post_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if (isset($_POST['form_sent']))
{
@@ -228,14 +229,14 @@ else if (isset($_GET['report']))
// Get the topic ID
$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$topic_id = $db->result($result);
// Get the subject and forum ID
$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
list($subject, $forum_id) = $db->fetch_row($result);
@@ -278,7 +279,7 @@ else if (isset($_GET['report']))
// Fetch some info about the post, the topic and the forum
$result = $db->query('SELECT f.id AS fid, f.forum_name, t.id AS tid, t.subject FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$cur_post = $db->fetch_assoc($result);
@@ -329,22 +330,22 @@ else if (isset($_GET['report']))
else if ($action == 'subscribe')
{
if ($pun_user['is_guest'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($topic_id < 1 && $forum_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($topic_id)
{
if ($pun_config['o_topic_subscriptions'] != '1')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Make sure the user can view the topic
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
@@ -358,12 +359,12 @@ else if ($action == 'subscribe')
if ($forum_id)
{
if ($pun_config['o_forum_subscriptions'] != '1')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
// Make sure the user can view the forum
$result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$forum_id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
@@ -379,17 +380,17 @@ else if ($action == 'subscribe')
else if ($action == 'unsubscribe')
{
if ($pun_user['is_guest'])
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($topic_id < 1 && $forum_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
if ($topic_id)
{
if ($pun_config['o_topic_subscriptions'] != '1')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
@@ -403,7 +404,7 @@ else if ($action == 'unsubscribe')
if ($forum_id)
{
if ($pun_config['o_forum_subscriptions'] != '1')
- message($lang_common['No permission']);
+ message($lang_common['No permission'], false, '403 Forbidden');
$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
@@ -417,4 +418,4 @@ else if ($action == 'unsubscribe')
else
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
diff --git a/moderate.php b/moderate.php
index 9c7b3cc..8464a26 100644
--- a/moderate.php
+++ b/moderate.php
@@ -24,7 +24,7 @@ if (isset($_GET['get_host']))
{
$get_host = intval($_GET['get_host']);
if ($get_host < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE id='.$get_host) or error('Unable to fetch post IP address', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
@@ -87,14 +87,14 @@ if (isset($_GET['tid']))
confirm_referrer('moderate.php');
if (@preg_match('%[^0-9,]%', $posts))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Verify that the post IDs are valid
$admins_sql = ($pun_user['g_id'] != PUN_ADMIN) ? ' AND poster_id NOT IN('.implode(',', get_admin_ids()).')' : '';
$result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid.$admins_sql) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != substr_count($posts, ',') + 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Delete the posts
$db->query('DELETE FROM '.$db->prefix.'posts WHERE id IN('.$posts.')') or error('Unable to delete posts', __FILE__, __LINE__, $db->error());
@@ -155,11 +155,11 @@ if (isset($_GET['tid']))
confirm_referrer('moderate.php');
if (@preg_match('%[^0-9,]%', $posts))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$move_to_forum = isset($_POST['move_to_forum']) ? intval($_POST['move_to_forum']) : 0;
if ($move_to_forum < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// How many posts did we just split off?
$num_posts_splitted = substr_count($posts, ',') + 1;
@@ -167,12 +167,12 @@ if (isset($_GET['tid']))
// Verify that the post IDs are valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'posts WHERE id IN('.$posts.') AND topic_id='.$tid) or error('Unable to check posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != $num_posts_splitted)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Verify that the move to forum ID is valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.group_id='.$pun_user['g_id'].' AND fp.forum_id='.$move_to_forum.') WHERE f.redirect_url IS NULL AND (fp.post_topics IS NULL OR fp.post_topics=1)') or error('Unable to fetch forum permissions', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Load the post.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
@@ -425,23 +425,23 @@ if (isset($_REQUEST['move_topics']) || isset($_POST['move_topics_to']))
confirm_referrer('moderate.php');
if (@preg_match('%[^0-9,]%', $_POST['topics']))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$topics = explode(',', $_POST['topics']);
$move_to_forum = isset($_POST['move_to_forum']) ? intval($_POST['move_to_forum']) : 0;
if (empty($topics) || $move_to_forum < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Verify that the topic IDs are valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.implode(',',$topics).') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != count($topics))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Verify that the move to forum ID is valid
$result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.group_id='.$pun_user['g_id'].' AND fp.forum_id='.$move_to_forum.') WHERE f.redirect_url IS NULL AND (fp.post_topics IS NULL OR fp.post_topics=1)') or error('Unable to fetch forum permissions', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Delete any redirect topics if there are any (only if we moved/copied the topic back to where it was once moved from)
$db->query('DELETE FROM '.$db->prefix.'topics WHERE forum_id='.$move_to_forum.' AND moved_to IN('.implode(',',$topics).')') or error('Unable to delete redirect topics', __FILE__, __LINE__, $db->error());
@@ -483,7 +483,7 @@ if (isset($_REQUEST['move_topics']) || isset($_POST['move_topics_to']))
{
$topics = intval($_GET['move_topics']);
if ($topics < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$action = 'single';
}
@@ -553,7 +553,7 @@ else if (isset($_POST['merge_topics']) || isset($_POST['merge_topics_comply']))
confirm_referrer('moderate.php');
if (@preg_match('%[^0-9,]%', $_POST['topics']))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$topics = explode(',', $_POST['topics']);
if (count($topics) < 2)
@@ -562,7 +562,7 @@ else if (isset($_POST['merge_topics']) || isset($_POST['merge_topics_comply']))
// Verify that the topic IDs are valid (redirect links will point to the merged topic after the merge)
$result = $db->query('SELECT id FROM '.$db->prefix.'topics WHERE id IN('.implode(',', $topics).') AND forum_id='.$fid.' ORDER BY id ASC') or error('Unable to check topics', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != count($topics))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// The topic that we are merging into is the one with the smallest ID
$merge_to_tid = $db->result($result);
@@ -580,14 +580,13 @@ else if (isset($_POST['merge_topics']) || isset($_POST['merge_topics_comply']))
$db->query('UPDATE '.$db->prefix.'posts SET topic_id='.$merge_to_tid.' WHERE topic_id IN('.implode(',', $topics).')') or error('Unable to merge the posts into the topic', __FILE__, __LINE__, $db->error());
// Update any subscriptions
- $result = $db->query('SELECT user_id FROM '.$db->prefix.'topic_subscriptions WHERE topic_id IN ('.implode(',', $topics).')') or error('Unable to fetch subscriptions of merged topics', __FILE__, __LINE__, $db->error());
+ $result = $db->query('SELECT DISTINCT user_id FROM '.$db->prefix.'topic_subscriptions WHERE topic_id IN('.implode(',', $topics).')') or error('Unable to fetch subscriptions of merged topics', __FILE__, __LINE__, $db->error());
$subscribed_users = array();
- while ($cur_user_id = $db->result($result))
- $subscribed_users[] = $cur_user_id;
- $subscribed_users = array_unique($subscribed_users);
+ while ($row = $db->fetch_row($result))
+ $subscribed_users[] = $row[0];
- $db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE topic_id IN ('.implode(',', $topics).')') or error('Unable to delete subscriptions of merged topics', __FILE__, __LINE__, $db->error());
+ $db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE topic_id IN('.implode(',', $topics).')') or error('Unable to delete subscriptions of merged topics', __FILE__, __LINE__, $db->error());
foreach ($subscribed_users as $cur_user_id)
$db->query('INSERT INTO '.$db->prefix.'topic_subscriptions (topic_id, user_id) VALUES ('.$merge_to_tid.', '.$cur_user_id.')') or error('Unable to re-enter subscriptions for merge topic', __FILE__, __LINE__, $db->error());
@@ -657,7 +656,7 @@ else if (isset($_POST['delete_topics']) || isset($_POST['delete_topics_comply'])
confirm_referrer('moderate.php');
if (@preg_match('%[^0-9,]%', $topics))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
require PUN_ROOT.'include/search_idx.php';
@@ -665,7 +664,7 @@ else if (isset($_POST['delete_topics']) || isset($_POST['delete_topics_comply'])
$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics WHERE id IN('.$topics.') AND forum_id='.$fid) or error('Unable to check topics', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result) != substr_count($topics, ',') + 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Verify that the posts are not by admins
if ($pun_user['g_id'] != PUN_ADMIN)
@@ -755,7 +754,7 @@ else if (isset($_REQUEST['open']) || isset($_REQUEST['close']))
$topic_id = ($action) ? intval($_GET['close']) : intval($_GET['open']);
if ($topic_id < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('UPDATE '.$db->prefix.'topics SET closed='.$action.' WHERE id='.$topic_id.' AND forum_id='.$fid) or error('Unable to close topic', __FILE__, __LINE__, $db->error());
@@ -772,7 +771,7 @@ else if (isset($_GET['stick']))
$stick = intval($_GET['stick']);
if ($stick < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('UPDATE '.$db->prefix.'topics SET sticky=\'1\' WHERE id='.$stick.' AND forum_id='.$fid) or error('Unable to stick topic', __FILE__, __LINE__, $db->error());
@@ -787,7 +786,7 @@ else if (isset($_GET['unstick']))
$unstick = intval($_GET['unstick']);
if ($unstick < 1)
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('UPDATE '.$db->prefix.'topics SET sticky=\'0\' WHERE id='.$unstick.' AND forum_id='.$fid) or error('Unable to unstick topic', __FILE__, __LINE__, $db->error());
@@ -809,7 +808,7 @@ $cur_forum = $db->fetch_assoc($result);
// Is this a redirect forum? In that case, abort!
if ($cur_forum['redirect_url'] != '')
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
switch ($cur_forum['sort_by'])
{
diff --git a/post.php b/post.php
index fba254a..6f433df 100644
--- a/post.php
+++ b/post.php
@@ -33,7 +33,7 @@ $is_subscribed = $tid && $cur_posting['is_subscribed'];
// Is someone trying to post into a redirect forum?
if ($cur_posting['redirect_url'] != '')
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = ($cur_posting['moderators'] != '') ? unserialize($cur_posting['moderators']) : array();
@@ -523,7 +523,7 @@ else if ($fid)
$form = '<form id="post" method="post" action="post.php?action=post&fid='.$fid.'" onsubmit="return process_form(this)">';
}
else
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $action);
diff --git a/profile.php b/profile.php
index fda07a1..679163d 100644
--- a/profile.php
+++ b/profile.php
@@ -924,7 +924,7 @@ else if (isset($_POST['form_sent']))
}
default:
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
}
@@ -938,7 +938,7 @@ else if (isset($_POST['form_sent']))
}
if (empty($temp))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$db->query('UPDATE '.$db->prefix.'users SET '.implode(',', $temp).' WHERE id='.$id) or error('Unable to update profile', __FILE__, __LINE__, $db->error());
@@ -1495,7 +1495,7 @@ else
else if ($section == 'personality')
{
if ($pun_config['o_avatars'] == '0' && $pun_config['o_signatures'] == '0')
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$user_avatar = generate_gravatar_markup($user['email'], 80);
$avatar_field = '<span><a href="http://gravatar.com">Change Gravatar</a></span>';
@@ -1829,7 +1829,7 @@ else
}
else
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
?>
<div class="clearer"></div>
diff --git a/register.php b/register.php
index 306f5f6..9d5ef78 100644
--- a/register.php
+++ b/register.php
@@ -137,7 +137,7 @@ if (isset($_POST['form_sent']))
{
$language = preg_replace('%[\.\\\/]%', '', $_POST['language']);
if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
}
else
$language = $pun_config['o_default_lang'];
@@ -163,6 +163,15 @@ if (isset($_POST['form_sent']))
$db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, timezone, dst, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$db->escape($email1).'\', '.$email_setting.', '.$timezone.' , '.$dst.', \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.$db->escape(get_remote_address()).'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error());
$new_uid = $db->insert_id();
+ if ($pun_config['o_regs_verify'] == '0')
+ {
+ // Regenerate the users info cache
+ if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
+ require PUN_ROOT.'include/cache.php';
+
+ generate_users_info_cache();
+ }
+
// If the mailing list isn't empty, we may need to send out some alerts
if ($pun_config['o_mailing_list'] != '')
{
@@ -247,12 +256,6 @@ if (isset($_POST['form_sent']))
message($lang_register['Reg email'].' <a href="mailto:'.pun_htmlspecialchars($pun_config['o_admin_email']).'">'.pun_htmlspecialchars($pun_config['o_admin_email']).'</a>.', true);
}
- // Regenerate the users info cache
- if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
- require PUN_ROOT.'include/cache.php';
-
- generate_users_info_cache();
-
pun_setcookie($new_uid, $password_hash, time() + $pun_config['o_timeout_visit']);
redirect('index.php', $lang_register['Reg complete']);
diff --git a/search.php b/search.php
index acfabc5..4ec74ca 100644
--- a/search.php
+++ b/search.php
@@ -84,10 +84,10 @@ if (isset($_GET['action']) || isset($_GET['search_id']))
else if ($action == 'show_replies')
{
if ($pun_user['is_guest'])
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
}
else if ($action != 'show_new' && $action != 'show_unanswered')
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// If a valid search_id was supplied we attempt to fetch the search results from the db
@@ -379,7 +379,7 @@ if (isset($_GET['action']) || isset($_GET['search_id']))
else if ($action == 'show_subscriptions')
{
if ($pun_user['is_guest'])
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
$result = $db->query('SELECT t.id FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'topic_subscriptions AS s ON (t.id=s.topic_id AND s.user_id='.$user_id.') LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) ORDER BY t.last_post DESC') or error('Unable to fetch topic list', __FILE__, __LINE__, $db->error());
$num_hits = $db->num_rows($result);
@@ -407,7 +407,7 @@ if (isset($_GET['action']) || isset($_GET['search_id']))
$db->free_result($result);
}
else
- message($lang_common['Bad request']);
+ message($lang_common['Bad request'], false, '404 Not Found');
// Prune "old" search results
diff --git a/style/Air.css b/style/Air.css
index 504698c..0c0c163 100644
--- a/style/Air.css
+++ b/style/Air.css
@@ -673,7 +673,6 @@ html, body, .pun table, .pun div, .pun form, .pun p, .pun h1, .pun h2, .pun h3,
}
.pun .blocktable .tclcon {
- height: 1%;
min-height: 1px;
overflow: hidden;
padding: 0 11px 0 12px;
@@ -964,7 +963,7 @@ MAIN POSTS
}
.pun .codebox pre {
- overflow: hidden;
+ overflow: auto;
width: 100%;
direction: ltr;
text-align: left;
diff --git a/style/Cobalt.css b/style/Cobalt.css
index c473fd8..6b57ca2 100644
--- a/style/Cobalt.css
+++ b/style/Cobalt.css
@@ -516,7 +516,6 @@ html, body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
diff --git a/style/Earth.css b/style/Earth.css
index e80a52d..f520ea9 100644
--- a/style/Earth.css
+++ b/style/Earth.css
@@ -672,7 +672,6 @@ html, body, .pun table, .pun div, .pun form, .pun p, .pun h1, .pun h2, .pun h3,
}
.pun .blocktable .tclcon {
- height: 1%;
min-height: 1px;
overflow: hidden;
padding: 0 11px 0 12px;
@@ -963,7 +962,7 @@ MAIN POSTS
}
.pun .codebox pre {
- overflow: hidden;
+ overflow: auto;
width: 100%;
direction: ltr;
text-align: left;
diff --git a/style/Fire.css b/style/Fire.css
index 1a1a0e1..702363d 100644
--- a/style/Fire.css
+++ b/style/Fire.css
@@ -672,7 +672,6 @@ html, body, .pun table, .pun div, .pun form, .pun p, .pun h1, .pun h2, .pun h3,
}
.pun .blocktable .tclcon {
- height: 1%;
min-height: 1px;
overflow: hidden;
padding: 0 11px 0 12px;
@@ -963,7 +962,7 @@ MAIN POSTS
}
.pun .codebox pre {
- overflow: hidden;
+ overflow: auto;
width: 100%;
direction: ltr;
text-align: left;
diff --git a/style/Lithium.css b/style/Lithium.css
index d3c4c6e..c1f9799 100644
--- a/style/Lithium.css
+++ b/style/Lithium.css
@@ -516,7 +516,6 @@ html, body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
diff --git a/style/Mercury.css b/style/Mercury.css
index c63e668..dcd8e3f 100644
--- a/style/Mercury.css
+++ b/style/Mercury.css
@@ -516,7 +516,6 @@ html, body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
diff --git a/style/Oxygen.css b/style/Oxygen.css
index 51a8d17..e388450 100644
--- a/style/Oxygen.css
+++ b/style/Oxygen.css
@@ -517,7 +517,6 @@ html, body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
diff --git a/style/Radium.css b/style/Radium.css
index 4c74e28..2b068b3 100644
--- a/style/Radium.css
+++ b/style/Radium.css
@@ -516,7 +516,6 @@ html, body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
diff --git a/style/Sulfur.css b/style/Sulfur.css
index 88d0fbe..48cf58b 100644
--- a/style/Sulfur.css
+++ b/style/Sulfur.css
@@ -516,7 +516,6 @@ html, body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
diff --git a/style/Technetium.css b/style/Technetium.css
index 8416e18..396102e 100644
--- a/style/Technetium.css
+++ b/style/Technetium.css
@@ -582,7 +582,6 @@ body {
.pun .blocktable .tclcon {
padding: 0 11px 0 12px;
overflow: hidden;
- height: 1%;
min-height: 1px;
position: relative;
}
More information about the Xfce4-commits
mailing list