SimpleMachines / SMF2.1

Sources/LogInOut.php

Braces +154 added lines, -121 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Ask them for their login information. (shows a page for the user to type
@@ -29,8 +30,9 @@ 
 	global $txt, $context, $scripturl, $user_info;
 
 	// You are already logged in, go take a tour of the boards
-	if (!empty($user_info['id']))
-		redirectexit();
+	if (!empty($user_info['id'])) {
+			redirectexit();
+	}
 
 	// We need to load the Login template/language file.
 	loadLanguage('Login');
@@ -57,10 +59,11 @@ 
 	);
 
 	// Set the login URL - will be used when the login process is done (but careful not to send us to an attachment).
-	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
-		$_SESSION['login_url'] = $_SESSION['old_url'];
-	elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false)
-		unset($_SESSION['login_url']);
+	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	} elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false) {
+			unset($_SESSION['login_url']);
+	}
 
 	// Create a one time token.
 	createToken('login');
@@ -83,8 +86,9 @@ 
 	global $cookiename, $modSettings, $context, $sourcedir, $maintenance;
 
 	// Check to ensure we're forcing SSL for authentication
-	if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-		fatal_lang_error('login_ssl_required');
+	if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+			fatal_lang_error('login_ssl_required');
+	}
 
 	// Load cookie authentication stuff.
 	require_once($sourcedir . '/Subs-Auth.php');
@@ -98,23 +102,26 @@ 
 	if (isset($_GET['sa']) && $_GET['sa'] == 'salt' && !$user_info['is_guest'])
 	{
 		// First check for 2.1 json-format cookie in $_COOKIE
-		if (isset($_COOKIE[$cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_COOKIE[$cookiename]) === 1)
-			list (,, $timeout) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
+		if (isset($_COOKIE[$cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_COOKIE[$cookiename]) === 1) {
+					list (,, $timeout) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
+		}
 
 		// Try checking for 2.1 json-format cookie in $_SESSION
-		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_SESSION['login_' . $cookiename]) === 1)
-			list (,, $timeout) = $smcFunc['json_decode']($_SESSION['login_' . $cookiename]);
+		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+~', $_SESSION['login_' . $cookiename]) === 1) {
+					list (,, $timeout) = $smcFunc['json_decode']($_SESSION['login_' . $cookiename]);
+		}
 
 		// Next, try checking for 2.0 serialized string cookie in $_COOKIE
-		elseif (isset($_COOKIE[$cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_COOKIE[$cookiename]) === 1)
-			list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
+		elseif (isset($_COOKIE[$cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_COOKIE[$cookiename]) === 1) {
+					list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
+		}
 
 		// Last, see if you need to fall back on checking for 2.0 serialized string cookie in $_SESSION
-		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_SESSION['login_' . $cookiename]) === 1)
-			list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
-
-		else
-			trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
+		elseif (isset($_SESSION['login_' . $cookiename]) && preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;~', $_SESSION['login_' . $cookiename]) === 1) {
+					list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
+		} else {
+					trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
+		}
 
 		$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
 		updateMemberData($user_info['id'], array('password_salt' => $user_settings['password_salt']));
@@ -134,24 +141,23 @@ 
 	elseif (isset($_GET['sa']) && $_GET['sa'] == 'check')
 	{
 		// Strike!  You're outta there!
-		if ($_GET['member'] != $user_info['id'])
-			fatal_lang_error('login_cookie_error', false);
+		if ($_GET['member'] != $user_info['id']) {
+					fatal_lang_error('login_cookie_error', false);
+		}
 
 		$user_info['can_mod'] = allowedTo('access_mod_center') || (!$user_info['is_guest'] && ($user_info['mod_cache']['gq'] != '0=1' || $user_info['mod_cache']['bq'] != '0=1' || ($modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']))));
 
 		// Some whitelisting for login_url...
-		if (empty($_SESSION['login_url']))
-			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
+		if (empty($_SESSION['login_url'])) {
+					redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
+		} elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
 		{
 			unset ($_SESSION['login_url']);
 			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		}
-		elseif (!empty($user_settings['tfa_secret']))
+		} elseif (!empty($user_settings['tfa_secret']))
 		{
 			redirectexit('action=logintfa');
-		}
-		else
+		} else
 		{
 			// Best not to clutter the session data too much...
 			$temp = $_SESSION['login_url'];
@@ -162,8 +168,9 @@ 
 	}
 
 	// Beyond this point you are assumed to be a guest trying to login.
-	if (!$user_info['is_guest'])
-		redirectexit();
+	if (!$user_info['is_guest']) {
+			redirectexit();
+	}
 
 	// Are you guessing with a script?
 	checkSession();
@@ -171,18 +178,21 @@ 
 	spamProtection('login');
 
 	// Set the login_url if it's not already set (but careful not to send us to an attachment).
-	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false))
-		$_SESSION['login_url'] = $_SESSION['old_url'];
+	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false)) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	}
 
 	// Been guessing a lot, haven't we?
-	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3)
-		fatal_lang_error('login_threshold_fail', 'login');
+	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3) {
+			fatal_lang_error('login_threshold_fail', 'login');
+	}
 
 	// Set up the cookie length.  (if it's invalid, just fall through and use the default.)
-	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1))
-		$modSettings['cookieTime'] = 3153600;
-	elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600))
-		$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1)) {
+			$modSettings['cookieTime'] = 3153600;
+	} elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600)) {
+			$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	}
 
 	loadLanguage('Login');
 	// Load the template stuff.
@@ -302,8 +312,9 @@ 
 			$other_passwords[] = crypt(md5($_POST['passwrd']), md5($_POST['passwrd']));
 
 			// Snitz style - SHA-256.  Technically, this is a downgrade, but most PHP configurations don't support sha256 anyway.
-			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256'))
-				$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256')) {
+							$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			}
 
 			// phpBB3 users new hashing.  We now support it as well ;).
 			$other_passwords[] = phpBB3_password_check($_POST['passwrd'], $user_settings['passwd']);
@@ -323,27 +334,29 @@ 
 			// Some common md5 ones.
 			$other_passwords[] = md5($user_settings['password_salt'] . $_POST['passwrd']);
 			$other_passwords[] = md5($_POST['passwrd'] . $user_settings['password_salt']);
-		}
-		elseif (strlen($user_settings['passwd']) == 40)
+		} elseif (strlen($user_settings['passwd']) == 40)
 		{
 			// Maybe they are using a hash from before the password fix.
 			// This is also valid for SMF 1.1 to 2.0 style of hashing, changed to bcrypt in SMF 2.1
 			$other_passwords[] = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));
 
 			// BurningBoard3 style of hashing.
-			if (!empty($modSettings['enable_password_conversion']))
-				$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			if (!empty($modSettings['enable_password_conversion'])) {
+							$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			}
 
 			// Perhaps we converted to UTF-8 and have a valid password being hashed differently.
 			if ($context['character_set'] == 'UTF-8' && !empty($modSettings['previousCharacterSet']) && $modSettings['previousCharacterSet'] != 'utf8')
 			{
 				// Try iconv first, for no particular reason.
-				if (function_exists('iconv'))
-					$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				if (function_exists('iconv')) {
+									$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				}
 
 				// Say it aint so, iconv failed!
-				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding'))
-					$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding')) {
+									$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				}
 			}
 		}
 
@@ -373,8 +386,9 @@ 
 			$_SESSION['failed_login'] = isset($_SESSION['failed_login']) ? ($_SESSION['failed_login'] + 1) : 1;
 
 			// Hmm... don't remember it, do you?  Here, try the password reminder ;).
-			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold'])
-				redirectexit('action=reminder');
+			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold']) {
+							redirectexit('action=reminder');
+			}
 			// We'll give you another chance...
 			else
 			{
@@ -385,8 +399,7 @@ 
 				return;
 			}
 		}
-	}
-	elseif (!empty($user_settings['passwd_flood']))
+	} elseif (!empty($user_settings['passwd_flood']))
 	{
 		// Let's be sure they weren't a little hacker.
 		validatePasswordFlood($user_settings['id_member'], $user_settings['member_name'], $user_settings['passwd_flood'], true);
@@ -403,8 +416,9 @@ 
 	}
 
 	// Check their activation status.
-	if (!checkActivation())
-		return;
+	if (!checkActivation()) {
+			return;
+	}
 
 	DoLogin();
 }
@@ -416,8 +430,9 @@ 
 {
 	global $sourcedir, $txt, $context, $user_info, $modSettings, $scripturl;
 
-	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode']))
-		fatal_lang_error('no_access', false);
+	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode'])) {
+			fatal_lang_error('no_access', false);
+	}
 
 	loadLanguage('Profile');
 	require_once($sourcedir . '/Class-TOTP.php');
@@ -425,8 +440,9 @@ 
 	$member = $context['tfa_member'];
 
 	// Prevent replay attacks by limiting at least 2 minutes before they can log in again via 2FA
-	if (time() - $member['last_login'] < 120)
-		fatal_lang_error('tfa_wait', false);
+	if (time() - $member['last_login'] < 120) {
+			fatal_lang_error('tfa_wait', false);
+	}
 
 	$totp = new \TOTP\Auth($member['tfa_secret']);
 	$totp->setRange(1);
@@ -440,8 +456,9 @@ 
 	if (!empty($_POST['tfa_code']) && empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$code = $_POST['tfa_code'];
 
@@ -451,20 +468,19 @@ 
 
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']));
 			redirectexit();
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
 			$context['tfa_error'] = true;
 			$context['tfa_value'] = $_POST['tfa_code'];
 		}
-	}
-	elseif (!empty($_POST['tfa_backup']))
+	} elseif (!empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$backup = $_POST['tfa_backup'];
 
@@ -478,8 +494,7 @@ 
 			));
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']));
 			redirectexit('action=profile;area=tfasetup;backup');
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
@@ -502,8 +517,9 @@ 
 {
 	global $context, $txt, $scripturl, $user_settings, $modSettings;
 
-	if (!isset($context['login_errors']))
-		$context['login_errors'] = array();
+	if (!isset($context['login_errors'])) {
+			$context['login_errors'] = array();
+	}
 
 	// What is the true activation status of this account?
 	$activation_status = $user_settings['is_activated'] > 10 ? $user_settings['is_activated'] - 10 : $user_settings['is_activated'];
@@ -515,8 +531,9 @@ 
 		return false;
 	}
 	// Awaiting approval still?
-	elseif ($activation_status == 3)
-		fatal_lang_error('still_awaiting_approval', 'user');
+	elseif ($activation_status == 3) {
+			fatal_lang_error('still_awaiting_approval', 'user');
+	}
 	// Awaiting deletion, changed their mind?
 	elseif ($activation_status == 4)
 	{
@@ -524,8 +541,7 @@ 
 		{
 			updateMemberData($user_settings['id_member'], array('is_activated' => 1));
 			updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 0 ? $modSettings['unapprovedMembers'] - 1 : 0)));
-		}
-		else
+		} else
 		{
 			$context['disable_login_hashing'] = true;
 			$context['login_errors'][] = $txt['awaiting_delete_account'];
@@ -565,8 +581,9 @@ 
 	setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
 
 	// Reset the login threshold.
-	if (isset($_SESSION['failed_login']))
-		unset($_SESSION['failed_login']);
+	if (isset($_SESSION['failed_login'])) {
+			unset($_SESSION['failed_login']);
+	}
 
 	$user_info['is_guest'] = false;
 	$user_settings['additional_groups'] = explode(',', $user_settings['additional_groups']);
@@ -588,16 +605,18 @@ 
 			'id_member' => $user_info['id'],
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) == 1)
-		$_SESSION['first_login'] = true;
-	else
-		unset($_SESSION['first_login']);
+	if ($smcFunc['db_num_rows']($request) == 1) {
+			$_SESSION['first_login'] = true;
+	} else {
+			unset($_SESSION['first_login']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	// You've logged in, haven't you?
 	$update = array('member_ip' => $user_info['ip'], 'member_ip2' => $_SERVER['BAN_CHECK_IP']);
-	if (empty($user_settings['tfa_secret']))
-		$update['last_login'] = time();
+	if (empty($user_settings['tfa_secret'])) {
+			$update['last_login'] = time();
+	}
 	updateMemberData($user_info['id'], $update);
 
 	// Get rid of the online entry for that old guest....
@@ -611,8 +630,8 @@ 
 	$_SESSION['log_time'] = 0;
 
 	// Log this entry, only if we have it enabled.
-	if (!empty($modSettings['loginHistoryDays']))
-		$smcFunc['db_insert']('insert',
+	if (!empty($modSettings['loginHistoryDays'])) {
+			$smcFunc['db_insert']('insert',
 			'{db_prefix}member_logins',
 			array(
 				'id_member' => 'int', 'time' => 'int', 'ip' => 'inet', 'ip2' => 'inet',
@@ -624,13 +643,15 @@ 
 				'id_member', 'time'
 			)
 		);
+	}
 
 	// Just log you back out if it's in maintenance mode and you AREN'T an admin.
-	if (empty($maintenance) || allowedTo('admin_forum'))
-		redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
-	else
-		redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
-}
+	if (empty($maintenance) || allowedTo('admin_forum')) {
+			redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
+	} else {
+			redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
+	}
+	}
 
 /**
  * Logs the current user out of their account.
@@ -646,13 +667,15 @@ 
 	global $sourcedir, $user_info, $user_settings, $context, $smcFunc, $cookiename, $modSettings;
 
 	// Make sure they aren't being auto-logged out.
-	if (!$internal)
-		checkSession('get');
+	if (!$internal) {
+			checkSession('get');
+	}
 
 	require_once($sourcedir . '/Subs-Auth.php');
 
-	if (isset($_SESSION['pack_ftp']))
-		$_SESSION['pack_ftp'] = null;
+	if (isset($_SESSION['pack_ftp'])) {
+			$_SESSION['pack_ftp'] = null;
+	}
 
 	// It won't be first login anymore.
 	unset($_SESSION['first_login']);
@@ -680,8 +703,9 @@ 
 
 	// And some other housekeeping while we're at it.
 	$salt = substr(md5(mt_rand()), 0, 4);
-	if (!empty($user_info['id']))
-		updateMemberData($user_info['id'], array('password_salt' => $salt));
+	if (!empty($user_info['id'])) {
+			updateMemberData($user_info['id'], array('password_salt' => $salt));
+	}
 
 	if (!empty($modSettings['tfa_mode']) && !empty($user_info['id']) && !empty($_COOKIE[$cookiename . '_tfa']))
 	{
@@ -694,14 +718,13 @@ 
 	// Off to the merry board index we go!
 	if ($redirect)
 	{
-		if (empty($_SESSION['logout_url']))
-			redirectexit('', $context['server']['needs_login_fix']);
-		elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
+		if (empty($_SESSION['logout_url'])) {
+					redirectexit('', $context['server']['needs_login_fix']);
+		} elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
 		{
 			unset ($_SESSION['logout_url']);
 			redirectexit();
-		}
-		else
+		} else
 		{
 			$temp = $_SESSION['logout_url'];
 			unset($_SESSION['logout_url']);
@@ -734,8 +757,9 @@ 
 function phpBB3_password_check($passwd, $passwd_hash)
 {
 	// Too long or too short?
-	if (strlen($passwd_hash) != 34)
-		return;
+	if (strlen($passwd_hash) != 34) {
+			return;
+	}
 
 	// Range of characters allowed.
 	$range = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
@@ -746,8 +770,9 @@ 
 	$salt = substr($passwd_hash, 4, 8);
 
 	$hash = md5($salt . $passwd, true);
-	for (; $count != 0; --$count)
-		$hash = md5($hash . $passwd, true);
+	for (; $count != 0; --$count) {
+			$hash = md5($hash . $passwd, true);
+	}
 
 	$output = substr($passwd_hash, 0, 12);
 	$i = 0;
@@ -756,21 +781,25 @@ 
 		$value = ord($hash[$i++]);
 		$output .= $range[$value & 0x3f];
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 8;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 8;
+		}
 
 		$output .= $range[($value >> 6) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 16;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 16;
+		}
 
 		$output .= $range[($value >> 12) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
 		$output .= $range[($value >> 18) & 0x3f];
 	}
@@ -802,8 +831,9 @@ 
 		require_once($sourcedir . '/Subs-Auth.php');
 		setLoginCookie(-3600, 0);
 
-		if (isset($_SESSION['login_' . $cookiename]))
-			unset($_SESSION['login_' . $cookiename]);
+		if (isset($_SESSION['login_' . $cookiename])) {
+					unset($_SESSION['login_' . $cookiename]);
+		}
 	}
 
 	// We need a member!
@@ -817,8 +847,9 @@ 
 	}
 
 	// Right, have we got a flood value?
-	if ($password_flood_value !== false)
-		@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	if ($password_flood_value !== false) {
+			@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	}
 
 	// Timestamp or number of tries invalid?
 	if (empty($number_tries) || empty($time_stamp))
@@ -834,15 +865,17 @@ 
 		$number_tries = $time_stamp < time() - 20 ? 2 : $number_tries;
 
 		// They are trying too fast, make them wait longer
-		if ($time_stamp < time() - 10)
-			$time_stamp = time();
+		if ($time_stamp < time() - 10) {
+					$time_stamp = time();
+		}
 	}
 
 	$number_tries++;
 
 	// Broken the law?
-	if ($number_tries > 5)
-		fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	if ($number_tries > 5) {
+			fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	}
 
 	// Otherwise set the members data. If they correct on their first attempt then we actually clear it, otherwise we set it!
 	updateMemberData($id_member, array('passwd_flood' => $was_correct && $number_tries == 1 ? '' : $time_stamp . '|' . $number_tries));

Smileys/alienine/index.php

Braces +3 added lines, -2 removed lines

@@ -1,9 +1,10 @@
 <?php
 
 // Try to handle it with the upper level index.php. (it should know what to do.)
-if (file_exists(dirname(dirname(__FILE__)) . '/index.php'))
+if (file_exists(dirname(dirname(__FILE__)) . '/index.php')) {
 	include (dirname(dirname(__FILE__)) . '/index.php');
-else
+} else {
 	exit;
+}
 
 ?>
\ No newline at end of file

Sources/Themes.php

Braces +346 added lines, -271 removed lines

@@ -30,8 +30,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Subaction handler - manages the action and delegates control to the proper
@@ -103,12 +104,12 @@ 
 	cache_put_data('minimized_css', null);
 
 	// Follow the sa or just go to administration.
-	if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']]))
-		call_helper($subActions[$_GET['sa']]);
-
-	else
-		call_helper($subActions['admin']);
-}
+	if (isset($_GET['sa']) && !empty($subActions[$_GET['sa']])) {
+			call_helper($subActions[$_GET['sa']]);
+	} else {
+			call_helper($subActions['admin']);
+	}
+	}
 
 /**
  * This function allows administration of themes and their settings,
@@ -130,15 +131,16 @@ 
 		checkSession();
 		validateToken('admin-tm');
 
-		if (isset($_POST['options']['known_themes']))
-			foreach ($_POST['options']['known_themes'] as $key => $id)
+		if (isset($_POST['options']['known_themes'])) {
+					foreach ($_POST['options']['known_themes'] as $key => $id)
 				$_POST['options']['known_themes'][$key] = (int) $id;
+		} else {
+					fatal_lang_error('themes_none_selectable', false);
+		}
 
-		else
-			fatal_lang_error('themes_none_selectable', false);
-
-		if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes']))
-			fatal_lang_error('themes_default_selectable', false);
+		if (!in_array($_POST['options']['theme_guests'], $_POST['options']['known_themes'])) {
+					fatal_lang_error('themes_default_selectable', false);
+		}
 
 		// Commit the new settings.
 		updateSettings(array(
@@ -146,8 +148,9 @@ 
 			'theme_guests' => $_POST['options']['theme_guests'],
 			'knownThemes' => implode(',', $_POST['options']['known_themes']),
 		));
-		if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes']))
-			updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
+		if ((int) $_POST['theme_reset'] == 0 || in_array($_POST['theme_reset'], $_POST['options']['known_themes'])) {
+					updateMemberData(null, array('id_theme' => (int) $_POST['theme_reset']));
+		}
 
 		redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=admin');
 	}
@@ -166,8 +169,9 @@ 
 	// Look for a non existent theme directory. (ie theme87.)
 	$theme_dir = $boarddir . '/Themes/theme';
 	$i = 1;
-	while (file_exists($theme_dir . $i))
-		$i++;
+	while (file_exists($theme_dir . $i)) {
+			$i++;
+	}
 
 	$context['new_theme_name'] = 'theme' . $i;
 
@@ -189,8 +193,9 @@ 
 	loadLanguage('Admin');
 	isAllowedTo('admin_forum');
 
-	if (isset($_REQUEST['th']))
-		return SetThemeSettings();
+	if (isset($_REQUEST['th'])) {
+			return SetThemeSettings();
+	}
 
 	if (isset($_POST['save']))
 	{
@@ -274,12 +279,13 @@ 
 		$context['themes'] = array();
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if (!isset($context['themes'][$row['id_theme']]))
-				$context['themes'][$row['id_theme']] = array(
+			if (!isset($context['themes'][$row['id_theme']])) {
+							$context['themes'][$row['id_theme']] = array(
 					'id' => $row['id_theme'],
 					'num_default_options' => 0,
 					'num_members' => 0,
 				);
+			}
 			$context['themes'][$row['id_theme']][$row['variable']] = $row['value'];
 		}
 		$smcFunc['db_free_result']($request);
@@ -293,8 +299,9 @@ 
 				'guest_member' => -1,
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$context['themes'][$row['id_theme']]['num_default_options'] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// Need to make sure we don't do custom fields.
@@ -305,8 +312,9 @@ 
 			)
 		);
 		$customFields = array();
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$customFields[] = $row['col_name'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$customFields[] = $row['col_name'];
+		}
 		$smcFunc['db_free_result']($request);
 		$customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
 
@@ -321,14 +329,16 @@ 
 				'custom_fields' => empty($customFields) ? array() : $customFields,
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$context['themes'][$row['id_theme']]['num_members'] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$context['themes'][$row['id_theme']]['num_members'] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		// There has to be a Settings template!
-		foreach ($context['themes'] as $k => $v)
-			if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
+		foreach ($context['themes'] as $k => $v) {
+					if (empty($v['theme_dir']) || (!file_exists($v['theme_dir'] . '/Settings.template.php') && empty($v['num_members'])))
 				unset($context['themes'][$k]);
+		}
 
 		loadTemplate('Themes');
 		$context['sub_template'] = 'reset_list';
@@ -343,16 +353,19 @@ 
 		checkSession();
 		validateToken('admin-sto');
 
-		if (empty($_POST['options']))
-			$_POST['options'] = array();
-		if (empty($_POST['default_options']))
-			$_POST['default_options'] = array();
+		if (empty($_POST['options'])) {
+					$_POST['options'] = array();
+		}
+		if (empty($_POST['default_options'])) {
+					$_POST['default_options'] = array();
+		}
 
 		// Set up the sql query.
 		$setValues = array();
 
-		foreach ($_POST['options'] as $opt => $val)
-			$setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
+		foreach ($_POST['options'] as $opt => $val) {
+					$setValues[] = array(-1, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
+		}
 
 		$old_settings = array();
 		foreach ($_POST['default_options'] as $opt => $val)
@@ -366,8 +379,8 @@ 
 		if (!empty($setValues))
 		{
 			// Are there options in non-default themes set that should be cleared?
-			if (!empty($old_settings))
-				$smcFunc['db_query']('', '
+			if (!empty($old_settings)) {
+							$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
 					WHERE id_theme != {int:default_theme}
 						AND id_member = {int:guest_member}
@@ -378,6 +391,7 @@ 
 						'old_settings' => $old_settings,
 					)
 				);
+			}
 
 			$smcFunc['db_insert']('replace',
 				'{db_prefix}themes',
@@ -391,8 +405,7 @@ 
 		cache_put_data('theme_settings-1', null, 90);
 
 		redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
-	}
-	elseif (isset($_POST['submit']) && $_POST['who'] == 1)
+	} elseif (isset($_POST['submit']) && $_POST['who'] == 1)
 	{
 		checkSession();
 		validateToken('admin-sto');
@@ -405,9 +418,9 @@ 
 		$old_settings = array();
 		foreach ($_POST['default_options'] as $opt => $val)
 		{
-			if ($_POST['default_options_master'][$opt] == 0)
-				continue;
-			elseif ($_POST['default_options_master'][$opt] == 1)
+			if ($_POST['default_options_master'][$opt] == 0) {
+							continue;
+			} elseif ($_POST['default_options_master'][$opt] == 1)
 			{
 				// Delete then insert for ease of database compatibility!
 				$smcFunc['db_query']('substring', '
@@ -433,8 +446,7 @@ 
 				);
 
 				$old_settings[] = $opt;
-			}
-			elseif ($_POST['default_options_master'][$opt] == 2)
+			} elseif ($_POST['default_options_master'][$opt] == 2)
 			{
 				$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
@@ -449,8 +461,8 @@ 
 		}
 
 		// Delete options from other themes.
-		if (!empty($old_settings))
-			$smcFunc['db_query']('', '
+		if (!empty($old_settings)) {
+					$smcFunc['db_query']('', '
 				DELETE FROM {db_prefix}themes
 				WHERE id_theme != {int:default_theme}
 					AND id_member > {int:no_member}
@@ -461,12 +473,13 @@ 
 					'old_settings' => $old_settings,
 				)
 			);
+		}
 
 		foreach ($_POST['options'] as $opt => $val)
 		{
-			if ($_POST['options_master'][$opt] == 0)
-				continue;
-			elseif ($_POST['options_master'][$opt] == 1)
+			if ($_POST['options_master'][$opt] == 0) {
+							continue;
+			} elseif ($_POST['options_master'][$opt] == 1)
 			{
 				// Delete then insert for ease of database compatibility - again!
 				$smcFunc['db_query']('substring', '
@@ -491,8 +504,7 @@ 
 						'value' => (is_array($val) ? implode(',', $val) : $val),
 					)
 				);
-			}
-			elseif ($_POST['options_master'][$opt] == 2)
+			} elseif ($_POST['options_master'][$opt] == 2)
 			{
 				$smcFunc['db_query']('', '
 					DELETE FROM {db_prefix}themes
@@ -509,8 +521,7 @@ 
 		}
 
 		redirectexit('action=admin;area=theme;' . $context['session_var'] . '=' . $context['session_id'] . ';sa=reset');
-	}
-	elseif (!empty($_GET['who']) && $_GET['who'] == 2)
+	} elseif (!empty($_GET['who']) && $_GET['who'] == 2)
 	{
 		checkSession('get');
 		validateToken('admin-stor', 'request');
@@ -525,8 +536,9 @@ 
 				)
 			);
 			$customFields = array();
-			while ($row = $smcFunc['db_fetch_assoc']($request))
-				$customFields[] = $row['col_name'];
+			while ($row = $smcFunc['db_fetch_assoc']($request)) {
+							$customFields[] = $row['col_name'];
+			}
 			$smcFunc['db_free_result']($request);
 		}
 		$customFieldsQuery = empty($customFields) ? '' : ('AND variable NOT IN ({array_string:custom_fields})');
@@ -581,13 +593,13 @@ 
 			)
 		);
 		$context['theme_options'] = array();
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$context['theme_options'][$row['variable']] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$context['theme_options'][$row['variable']] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 
 		$context['theme_options_reset'] = false;
-	}
-	else
+	} else
 	{
 		$context['theme_options'] = array();
 		$context['theme_options_reset'] = true;
@@ -596,30 +608,32 @@ 
 	foreach ($context['options'] as $i => $setting)
 	{
 		// Just skip separators
-		if (!is_array($setting))
-			continue;
+		if (!is_array($setting)) {
+					continue;
+		}
 
 		// Is this disabled?
 		if ($setting['id'] == 'calendar_start_day' && empty($modSettings['cal_enabled']))
 		{
 			unset($context['options'][$i]);
 			continue;
-		}
-		elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
+		} elseif (($setting['id'] == 'topics_per_page' || $setting['id'] == 'messages_per_page') && !empty($modSettings['disableCustomPerPage']))
 		{
 			unset($context['options'][$i]);
 			continue;
 		}
 
-		if (!isset($setting['type']) || $setting['type'] == 'bool')
-			$context['options'][$i]['type'] = 'checkbox';
-		elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
-			$context['options'][$i]['type'] = 'number';
-		elseif ($setting['type'] == 'string')
-			$context['options'][$i]['type'] = 'text';
+		if (!isset($setting['type']) || $setting['type'] == 'bool') {
+					$context['options'][$i]['type'] = 'checkbox';
+		} elseif ($setting['type'] == 'int' || $setting['type'] == 'integer') {
+					$context['options'][$i]['type'] = 'number';
+		} elseif ($setting['type'] == 'string') {
+					$context['options'][$i]['type'] = 'text';
+		}
 
-		if (isset($setting['options']))
-			$context['options'][$i]['type'] = 'list';
+		if (isset($setting['options'])) {
+					$context['options'][$i]['type'] = 'list';
+		}
 
 		$context['options'][$i]['value'] = !isset($context['theme_options'][$setting['id']]) ? '' : $context['theme_options'][$setting['id']];
 	}
@@ -644,8 +658,9 @@ 
 {
 	global $txt, $context, $settings, $modSettings, $smcFunc;
 
-	if (empty($_GET['th']) && empty($_GET['id']))
-		return ThemeAdmin();
+	if (empty($_GET['th']) && empty($_GET['id'])) {
+			return ThemeAdmin();
+	}
 
 	$_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
 
@@ -656,8 +671,9 @@ 
 	isAllowedTo('admin_forum');
 
 	// Validate inputs/user.
-	if (empty($_GET['th']))
-		fatal_lang_error('no_theme', false);
+	if (empty($_GET['th'])) {
+			fatal_lang_error('no_theme', false);
+	}
 
 	// Fetch the smiley sets...
 	$sets = explode(',', 'none,' . $modSettings['smiley_sets_known']);
@@ -665,8 +681,9 @@ 
 	$context['smiley_sets'] = array(
 		'' => $txt['smileys_no_default']
 	);
-	foreach ($sets as $i => $set)
-		$context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
+	foreach ($sets as $i => $set) {
+			$context['smiley_sets'][$set] = $smcFunc['htmlspecialchars']($set_names[$i]);
+	}
 
 	$old_id = $settings['theme_id'];
 	$old_settings = $settings;
@@ -691,8 +708,9 @@ 
 	if (file_exists($settings['theme_dir'] . '/index.template.php'))
 	{
 		$file_contents = implode('', file($settings['theme_dir'] . '/index.template.php'));
-		if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches))
-				eval('global $settings;' . $matches[0]);
+		if (preg_match('~\$settings\[\'theme_variants\'\]\s*=(.+?);~', $file_contents, $matches)) {
+						eval('global $settings;' . $matches[0]);
+		}
 	}
 
 	// Let mods hook into the theme settings.
@@ -704,37 +722,45 @@ 
 		checkSession();
 		validateToken('admin-sts');
 
-		if (empty($_POST['options']))
-			$_POST['options'] = array();
-		if (empty($_POST['default_options']))
-			$_POST['default_options'] = array();
+		if (empty($_POST['options'])) {
+					$_POST['options'] = array();
+		}
+		if (empty($_POST['default_options'])) {
+					$_POST['default_options'] = array();
+		}
 
 		// Make sure items are cast correctly.
 		foreach ($context['theme_settings'] as $item)
 		{
 			// Disregard this item if this is just a separator.
-			if (!is_array($item))
-				continue;
+			if (!is_array($item)) {
+							continue;
+			}
 
 			foreach (array('options', 'default_options') as $option)
 			{
-				if (!isset($_POST[$option][$item['id']]))
-					continue;
+				if (!isset($_POST[$option][$item['id']])) {
+									continue;
+				}
 				// Checkbox.
-				elseif (empty($item['type']))
-					$_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
+				elseif (empty($item['type'])) {
+									$_POST[$option][$item['id']] = $_POST[$option][$item['id']] ? 1 : 0;
+				}
 				// Number
-				elseif ($item['type'] == 'number')
-					$_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
+				elseif ($item['type'] == 'number') {
+									$_POST[$option][$item['id']] = (int) $_POST[$option][$item['id']];
+				}
 			}
 		}
 
 		// Set up the sql query.
 		$inserts = array();
-		foreach ($_POST['options'] as $opt => $val)
-			$inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
-		foreach ($_POST['default_options'] as $opt => $val)
-			$inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
+		foreach ($_POST['options'] as $opt => $val) {
+					$inserts[] = array(0, $_GET['th'], $opt, is_array($val) ? implode(',', $val) : $val);
+		}
+		foreach ($_POST['default_options'] as $opt => $val) {
+					$inserts[] = array(0, 1, $opt, is_array($val) ? implode(',', $val) : $val);
+		}
 		// If we're actually inserting something..
 		if (!empty($inserts))
 		{
@@ -760,8 +786,9 @@ 
 
 	foreach ($settings as $setting => $dummy)
 	{
-		if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs')))
-			$settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
+		if (!in_array($setting, array('theme_url', 'theme_dir', 'images_url', 'template_dirs'))) {
+					$settings[$setting] = htmlspecialchars__recursive($settings[$setting]);
+		}
 	}
 
 	$context['settings'] = $context['theme_settings'];
@@ -770,18 +797,21 @@ 
 	foreach ($context['settings'] as $i => $setting)
 	{
 		// Separators are dummies, so leave them alone.
-		if (!is_array($setting))
-			continue;
+		if (!is_array($setting)) {
+					continue;
+		}
 
-		if (!isset($setting['type']) || $setting['type'] == 'bool')
-			$context['settings'][$i]['type'] = 'checkbox';
-		elseif ($setting['type'] == 'int' || $setting['type'] == 'integer')
-			$context['settings'][$i]['type'] = 'number';
-		elseif ($setting['type'] == 'string')
-			$context['settings'][$i]['type'] = 'text';
+		if (!isset($setting['type']) || $setting['type'] == 'bool') {
+					$context['settings'][$i]['type'] = 'checkbox';
+		} elseif ($setting['type'] == 'int' || $setting['type'] == 'integer') {
+					$context['settings'][$i]['type'] = 'number';
+		} elseif ($setting['type'] == 'string') {
+					$context['settings'][$i]['type'] = 'text';
+		}
 
-		if (isset($setting['options']))
-			$context['settings'][$i]['type'] = 'list';
+		if (isset($setting['options'])) {
+					$context['settings'][$i]['type'] = 'list';
+		}
 
 		$context['settings'][$i]['value'] = !isset($settings[$setting['id']]) ? '' : $settings[$setting['id']];
 	}
@@ -834,8 +864,9 @@ 
 	$themeID = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
 
 	// You can't delete the default theme!
-	if ($themeID == 1)
-		fatal_lang_error('no_access', false);
+	if ($themeID == 1) {
+			fatal_lang_error('no_access', false);
+	}
 
 	$theme_info = get_single_theme($themeID);
 
@@ -843,8 +874,9 @@ 
 	remove_theme($themeID);
 
 	// And remove all its files and folders too.
-	if (!empty($theme_info) && !empty($theme_info['theme_dir']))
-		remove_dir($theme_info['theme_dir']);
+	if (!empty($theme_info) && !empty($theme_info['theme_dir'])) {
+			remove_dir($theme_info['theme_dir']);
+	}
 
 	// Go back to the list page.
 	redirectexit('action=admin;area=theme;sa=list;' . $context['session_var'] . '=' . $context['session_id'] . ';done=removing');
@@ -869,12 +901,14 @@ 
 	$enableThemes = explode(',', $modSettings['enableThemes']);
 
 	// Are we disabling it?
-	if (isset($_GET['disabled']))
-		$enableThemes = array_diff($enableThemes, array($themeID));
+	if (isset($_GET['disabled'])) {
+			$enableThemes = array_diff($enableThemes, array($themeID));
+	}
 
 	// Nope? then enable it!
-	else
-		$enableThemes[] = (string) $themeID;
+	else {
+			$enableThemes[] = (string) $themeID;
+	}
 
 	// Update the setting.
 	$enableThemes = strtr(implode(',', $enableThemes), array(',,' => ','));
@@ -909,18 +943,21 @@ 
 
 	$_SESSION['id_theme'] = 0;
 
-	if (isset($_GET['id']))
-		$_GET['th'] = $_GET['id'];
+	if (isset($_GET['id'])) {
+			$_GET['th'] = $_GET['id'];
+	}
 
 	// Saving a variant cause JS doesn't work - pretend it did ;)
 	if (isset($_POST['save']))
 	{
 		// Which theme?
-		foreach ($_POST['save'] as $k => $v)
-			$_GET['th'] = (int) $k;
+		foreach ($_POST['save'] as $k => $v) {
+					$_GET['th'] = (int) $k;
+		}
 
-		if (isset($_POST['vrt'][$k]))
-			$_GET['vrt'] = $_POST['vrt'][$k];
+		if (isset($_POST['vrt'][$k])) {
+					$_GET['vrt'] = $_POST['vrt'][$k];
+		}
 	}
 
 	// Have we made a decision, or are we just browsing?
@@ -1009,10 +1046,10 @@ 
 				);
 				cache_put_data('theme_settings-' . $_GET['th'] . ':' . (int) $_REQUEST['u'], null, 90);
 
-				if ($user_info['id'] == $_REQUEST['u'])
-					$_SESSION['id_variant'] = 0;
-			}
-			elseif ($_GET['th'] == 0)
+				if ($user_info['id'] == $_REQUEST['u']) {
+									$_SESSION['id_variant'] = 0;
+				}
+			} elseif ($_GET['th'] == 0)
 			{
 				// Remove any custom variants.
 				$smcFunc['db_query']('', '
@@ -1093,12 +1130,13 @@ 
 		);
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if (!isset($context['available_themes'][$row['id_theme']]))
-				$context['available_themes'][$row['id_theme']] = array(
+			if (!isset($context['available_themes'][$row['id_theme']])) {
+							$context['available_themes'][$row['id_theme']] = array(
 					'id' => $row['id_theme'],
 					'selected' => $context['current_theme'] == $row['id_theme'],
 					'num_users' => 0
 				);
+			}
 			$context['available_themes'][$row['id_theme']][$row['variable']] = $row['value'];
 		}
 		$smcFunc['db_free_result']($request);
@@ -1111,9 +1149,9 @@ 
 			'num_users' => 0
 		);
 		$guest_theme = 0;
+	} else {
+			$guest_theme = $modSettings['theme_guests'];
 	}
-	else
-		$guest_theme = $modSettings['theme_guests'];
 
 	$request = $smcFunc['db_query']('', '
 		SELECT id_theme, COUNT(*) AS the_count
@@ -1126,15 +1164,17 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// Figure out which theme it is they are REALLY using.
-		if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',', $modSettings['knownThemes'])))
-			$row['id_theme'] = $guest_theme;
-		elseif (empty($modSettings['theme_allow']))
-			$row['id_theme'] = $guest_theme;
+		if (!empty($modSettings['knownThemes']) && !in_array($row['id_theme'], explode(',', $modSettings['knownThemes']))) {
+					$row['id_theme'] = $guest_theme;
+		} elseif (empty($modSettings['theme_allow'])) {
+					$row['id_theme'] = $guest_theme;
+		}
 
-		if (isset($context['available_themes'][$row['id_theme']]))
-			$context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
-		else
-			$context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
+		if (isset($context['available_themes'][$row['id_theme']])) {
+					$context['available_themes'][$row['id_theme']]['num_users'] += $row['the_count'];
+		} else {
+					$context['available_themes'][$guest_theme]['num_users'] += $row['the_count'];
+		}
 	}
 	$smcFunc['db_free_result']($request);
 
@@ -1153,8 +1193,9 @@ 
 				'id_member' => isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? array(-1, $context['current_member']) : array(-1),
 			)
 		);
-		while ($row = $smcFunc['db_fetch_assoc']($request))
-			$variant_preferences[$row['id_theme']] = $row['value'];
+		while ($row = $smcFunc['db_fetch_assoc']($request)) {
+					$variant_preferences[$row['id_theme']] = $row['value'];
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
@@ -1165,17 +1206,18 @@ 
 	foreach ($context['available_themes'] as $id_theme => $theme_data)
 	{
 		// Don't try to load the forum or board default theme's data... it doesn't have any!
-		if ($id_theme == 0)
-			continue;
+		if ($id_theme == 0) {
+					continue;
+		}
 
 		// The thumbnail needs the correct path.
 		$settings['images_url'] = &$theme_data['images_url'];
 
-		if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php'))
-			include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
-		elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php'))
-			include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
-		else
+		if (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php')) {
+					include($theme_data['theme_dir'] . '/languages/Settings.' . $user_info['language'] . '.php');
+		} elseif (file_exists($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php')) {
+					include($theme_data['theme_dir'] . '/languages/Settings.' . $language . '.php');
+		} else
 		{
 			$txt['theme_thumbnail_href'] = $theme_data['images_url'] . '/thumbnail.png';
 			$txt['theme_description'] = '';
@@ -1200,15 +1242,17 @@ 
 					loadLanguage('Settings');
 
 					$context['available_themes'][$id_theme]['variants'] = array();
-					foreach ($settings['theme_variants'] as $variant)
-						$context['available_themes'][$id_theme]['variants'][$variant] = array(
+					foreach ($settings['theme_variants'] as $variant) {
+											$context['available_themes'][$id_theme]['variants'][$variant] = array(
 							'label' => isset($txt['variant_' . $variant]) ? $txt['variant_' . $variant] : $variant,
 							'thumbnail' => !file_exists($theme_data['theme_dir'] . '/images/thumbnail.png') || file_exists($theme_data['theme_dir'] . '/images/thumbnail_' . $variant . '.png') ? $theme_data['images_url'] . '/thumbnail_' . $variant . '.png' : ($theme_data['images_url'] . '/thumbnail.png'),
 						);
+					}
 
 					$context['available_themes'][$id_theme]['selected_variant'] = isset($_GET['vrt']) ? $_GET['vrt'] : (!empty($variant_preferences[$id_theme]) ? $variant_preferences[$id_theme] : (!empty($settings['default_variant']) ? $settings['default_variant'] : $settings['theme_variants'][0]));
-					if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail']))
-						$context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
+					if (!isset($context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'])) {
+											$context['available_themes'][$id_theme]['selected_variant'] = $settings['theme_variants'][0];
+					}
 
 					$context['available_themes'][$id_theme]['thumbnail_href'] = $context['available_themes'][$id_theme]['variants'][$context['available_themes'][$id_theme]['selected_variant']]['thumbnail'];
 					// Allow themes to override the text.
@@ -1224,8 +1268,9 @@ 
 	// As long as we're not doing the default theme...
 	if (!isset($_REQUEST['u']) || $_REQUEST['u'] >= 0)
 	{
-		if ($guest_theme != 0)
-			$context['available_themes'][0] = $context['available_themes'][$guest_theme];
+		if ($guest_theme != 0) {
+					$context['available_themes'][0] = $context['available_themes'][$guest_theme];
+		}
 
 		$context['available_themes'][0]['id'] = 0;
 		$context['available_themes'][0]['name'] = $txt['theme_forum_default'];
@@ -1274,14 +1319,16 @@ 
 		$action = $smcFunc['htmlspecialchars'](trim($_GET['do']));
 
 		// Got any info from the specific form?
-		if (!isset($_POST['save_' . $action]))
-			fatal_lang_error('theme_install_no_action', false);
+		if (!isset($_POST['save_' . $action])) {
+					fatal_lang_error('theme_install_no_action', false);
+		}
 
 		validateToken('admin-t-' . $action);
 
 		// Hopefully the themes directory is writable, or we might have a problem.
-		if (!is_writable($themedir))
-			fatal_lang_error('theme_install_write_error', 'critical');
+		if (!is_writable($themedir)) {
+					fatal_lang_error('theme_install_write_error', 'critical');
+		}
 
 		// Call the function and handle the result.
 		$result = $subActions[$action]();
@@ -1296,9 +1343,10 @@ 
 	}
 
 	// Nope, show a nice error.
-	else
-		fatal_lang_error('theme_install_no_action', false);
-}
+	else {
+			fatal_lang_error('theme_install_no_action', false);
+	}
+	}
 
 /**
  * Installs a theme from a theme package.
@@ -1314,8 +1362,9 @@ 
 	$dirtemp = $themedir . '/temp';
 
 	// Make sure the temp dir doesn't already exist
-	if (file_exists($dirtemp))
-		remove_dir($dirtemp);
+	if (file_exists($dirtemp)) {
+			remove_dir($dirtemp);
+	}
 
 	// Create the temp dir.
 	mkdir($dirtemp, 0777);
@@ -1327,17 +1376,20 @@ 
 		smf_chmod($dirtemp, '0755');
 
 		// How about now?
-		if (!is_writable($dirtemp))
-			fatal_lang_error('theme_install_write_error', 'critical');
+		if (!is_writable($dirtemp)) {
+					fatal_lang_error('theme_install_write_error', 'critical');
+		}
 	}
 
 	// This happens when the admin session is gone and the user has to login again.
-	if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz']))
-		redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
+	if (!isset($_FILES) || !isset($_FILES['theme_gz']) || empty($_FILES['theme_gz'])) {
+			redirectexit('action=admin;area=theme;sa=admin;' . $context['session_var'] . '=' . $context['session_id']);
+	}
 
 	// Another error check layer, something went wrong with the upload.
-	if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0)
-		fatal_lang_error('theme_install_error_file_' . $_FILES['theme_gz']['error'], false);
+	if (isset($_FILES['theme_gz']['error']) && $_FILES['theme_gz']['error'] != 0) {
+			fatal_lang_error('theme_install_error_file_' . $_FILES['theme_gz']['error'], false);
+	}
 
 	// Get the theme's name.
 	$name = pathinfo($_FILES['theme_gz']['name'], PATHINFO_FILENAME);
@@ -1368,11 +1420,10 @@ 
 
 		// return all the info.
 		return $context['to_install'];
+	} else {
+			fatal_lang_error('theme_install_error_title', false);
+	}
 	}
-
-	else
-		fatal_lang_error('theme_install_error_title', false);
-}
 
 /**
  * Makes a copy from the default theme, assigns a name for it and installs it.
@@ -1386,15 +1437,17 @@ 
 	global $forum_version;
 
 	// There's gotta be something to work with.
-	if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy']))
-		fatal_lang_error('theme_install_error_title', false);
+	if (!isset($_REQUEST['copy']) || empty($_REQUEST['copy'])) {
+			fatal_lang_error('theme_install_error_title', false);
+	}
 
 	// Get a cleaner version.
 	$name = preg_replace('~[^A-Za-z0-9_\- ]~', '', $_REQUEST['copy']);
 
 	// Is there a theme already named like this?
-	if (file_exists($themedir . '/' . $name))
-		fatal_lang_error('theme_install_already_dir', false);
+	if (file_exists($themedir . '/' . $name)) {
+			fatal_lang_error('theme_install_already_dir', false);
+	}
 
 	// This is a brand new theme so set all possible values.
 	$context['to_install'] = array(
@@ -1414,8 +1467,9 @@ 
 
 	// Buy some time.
 	@set_time_limit(600);
-	if (function_exists('apache_reset_timeout'))
-		@apache_reset_timeout();
+	if (function_exists('apache_reset_timeout')) {
+			@apache_reset_timeout();
+	}
 
 	// Create subdirectories for css and javascript files.
 	mkdir($context['to_install']['theme_dir'] . '/css', 0777);
@@ -1451,12 +1505,13 @@ 
 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
-		if ($row['variable'] == 'theme_templates')
-			$theme_templates = $row['value'];
-		elseif ($row['variable'] == 'theme_layers')
-			$theme_layers = $row['value'];
-		else
-			continue;
+		if ($row['variable'] == 'theme_templates') {
+					$theme_templates = $row['value'];
+		} elseif ($row['variable'] == 'theme_layers') {
+					$theme_layers = $row['value'];
+		} else {
+					continue;
+		}
 	}
 
 	$smcFunc['db_free_result']($request);
@@ -1515,12 +1570,14 @@ 
 	global $themedir, $themeurl, $context;
 
 	// Cannot use the theme dir as a theme dir.
-	if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir))
-		fatal_lang_error('theme_install_invalid_dir', false);
+	if (!isset($_REQUEST['theme_dir']) || empty($_REQUEST['theme_dir']) || rtrim(realpath($_REQUEST['theme_dir']), '/\\') == realpath($themedir)) {
+			fatal_lang_error('theme_install_invalid_dir', false);
+	}
 
 	// Check is there is "something" on the dir.
-	elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml'))
-		fatal_lang_error('theme_install_error', false);
+	elseif (!is_dir($_REQUEST['theme_dir']) || !file_exists($_REQUEST['theme_dir'] . '/theme_info.xml')) {
+			fatal_lang_error('theme_install_error', false);
+	}
 
 	$name = basename($_REQUEST['theme_dir']);
 	$name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $name);
@@ -1564,24 +1621,27 @@ 
 	}
 
 	// Any special layers?
-	if (isset($settings['catch_action']['layers']))
-		$context['template_layers'] = $settings['catch_action']['layers'];
+	if (isset($settings['catch_action']['layers'])) {
+			$context['template_layers'] = $settings['catch_action']['layers'];
+	}
 
 	// Any function to call?
 	if (isset($settings['catch_action']['function']))
 	{
 		$hook = $settings['catch_action']['function'];
 
-		if (!isset($settings['catch_action']['filename']))
-			$settings['catch_action']['filename'] = '';
+		if (!isset($settings['catch_action']['filename'])) {
+					$settings['catch_action']['filename'] = '';
+		}
 
 		add_integration_function('integrate_wrap_action', $hook, false, $settings['catch_action']['filename'], false);
 		call_integration_hook('integrate_wrap_action');
 	}
 	// And finally, the main sub template ;).
-	if (isset($settings['catch_action']['sub_template']))
-		$context['sub_template'] = $settings['catch_action']['sub_template'];
-}
+	if (isset($settings['catch_action']['sub_template'])) {
+			$context['sub_template'] = $settings['catch_action']['sub_template'];
+	}
+	}
 
 /**
  * Set an option via javascript.
@@ -1600,12 +1660,14 @@ 
 	checkSession('get');
 
 	// This good-for-nothing pixel is being used to keep the session alive.
-	if (empty($_GET['var']) || !isset($_GET['val']))
-		redirectexit($settings['images_url'] . '/blank.png');
+	if (empty($_GET['var']) || !isset($_GET['val'])) {
+			redirectexit($settings['images_url'] . '/blank.png');
+	}
 
 	// Sorry, guests can't go any further than this.
-	if ($user_info['is_guest'] || $user_info['id'] == 0)
-		obExit(false);
+	if ($user_info['is_guest'] || $user_info['id'] == 0) {
+			obExit(false);
+	}
 
 	$reservedVars = array(
 		'actual_theme_url',
@@ -1628,8 +1690,9 @@ 
 	);
 
 	// Can't change reserved vars.
-	if (in_array(strtolower($_GET['var']), $reservedVars))
-		redirectexit($settings['images_url'] . '/blank.png');
+	if (in_array(strtolower($_GET['var']), $reservedVars)) {
+			redirectexit($settings['images_url'] . '/blank.png');
+	}
 
 	// Use a specific theme?
 	if (isset($_GET['th']) || isset($_GET['id']))
@@ -1645,8 +1708,9 @@ 
 	{
 		$options['admin_preferences'] = !empty($options['admin_preferences']) ? $smcFunc['json_decode']($options['admin_preferences'], true) : array();
 		// New thingy...
-		if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5)
-			$options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
+		if (isset($_GET['admin_key']) && strlen($_GET['admin_key']) < 5) {
+					$options['admin_preferences'][$_GET['admin_key']] = $_GET['val'];
+		}
 
 		// Change the value to be something nice,
 		$_GET['val'] = $smcFunc['json_encode']($options['admin_preferences']);
@@ -1676,8 +1740,9 @@ 
 	global $context, $scripturl, $boarddir, $smcFunc, $txt;
 
 	// @todo Should this be removed?
-	if (isset($_REQUEST['preview']))
-		die('die() with fire');
+	if (isset($_REQUEST['preview'])) {
+			die('die() with fire');
+	}
 
 	isAllowedTo('admin_forum');
 	loadTemplate('Themes');
@@ -1691,11 +1756,11 @@ 
 		foreach ($context['themes'] as $key => $theme)
 		{
 			// There has to be a Settings template!
-			if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css'))
-				unset($context['themes'][$key]);
-
-			else
-				$context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
+			if (!file_exists($theme['theme_dir'] . '/index.template.php') && !file_exists($theme['theme_dir'] . '/css/index.css')) {
+							unset($context['themes'][$key]);
+			} else {
+							$context['themes'][$key]['can_edit_style'] = file_exists($theme['theme_dir'] . '/css/index.css');
+			}
 		}
 
 		$context['sub_template'] = 'edit_list';
@@ -1710,22 +1775,24 @@ 
 	$context['theme_id'] = $currentTheme['id'];
 	$context['browse_title'] = sprintf($txt['themeadmin_browsing_theme'], $currentTheme['name']);
 
-	if (!file_exists($currentTheme['theme_dir'] . '/index.template.php') && !file_exists($currentTheme['theme_dir'] . '/css/index.css'))
-		fatal_lang_error('theme_edit_missing', false);
+	if (!file_exists($currentTheme['theme_dir'] . '/index.template.php') && !file_exists($currentTheme['theme_dir'] . '/css/index.css')) {
+			fatal_lang_error('theme_edit_missing', false);
+	}
 
 	if (!isset($_REQUEST['filename']))
 	{
 		if (isset($_GET['directory']))
 		{
-			if (substr($_GET['directory'], 0, 1) == '.')
-				$_GET['directory'] = '';
-			else
+			if (substr($_GET['directory'], 0, 1) == '.') {
+							$_GET['directory'] = '';
+			} else
 			{
 				$_GET['directory'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_GET['directory']);
 
 				$temp = realpath($currentTheme['theme_dir'] . '/' . $_GET['directory']);
-				if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir']))
-					$_GET['directory'] = '';
+				if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir'])) {
+									$_GET['directory'] = '';
+				}
 			}
 		}
 
@@ -1744,37 +1811,39 @@ 
 				'href' => $scripturl . '?action=admin;area=theme;th=' . $_GET['th'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=edit;directory=' . $temp,
 				'size' => '',
 			));
+		} else {
+					$context['theme_files'] = get_file_listing($currentTheme['theme_dir'], '');
 		}
-		else
-			$context['theme_files'] = get_file_listing($currentTheme['theme_dir'], '');
 
 		$context['sub_template'] = 'edit_browse';
 
 		return;
-	}
-	else
+	} else
 	{
-		if (substr($_REQUEST['filename'], 0, 1) == '.')
-			$_REQUEST['filename'] = '';
-		else
+		if (substr($_REQUEST['filename'], 0, 1) == '.') {
+					$_REQUEST['filename'] = '';
+		} else
 		{
 			$_REQUEST['filename'] = preg_replace(array('~^[\./\\:\0\n\r]+~', '~[\\\\]~', '~/[\./]+~'), array('', '/', '/'), $_REQUEST['filename']);
 
 			$temp = realpath($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
-			if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir']))
-				$_REQUEST['filename'] = '';
+			if (empty($temp) || substr($temp, 0, strlen(realpath($currentTheme['theme_dir']))) != realpath($currentTheme['theme_dir'])) {
+							$_REQUEST['filename'] = '';
+			}
 		}
 
-		if (empty($_REQUEST['filename']))
-			fatal_lang_error('theme_edit_missing', false);
+		if (empty($_REQUEST['filename'])) {
+					fatal_lang_error('theme_edit_missing', false);
+		}
 	}
 
 	if (isset($_POST['save']))
 	{
 		if (checkSession('post', '', false) == '' && validateToken('admin-te-' . md5($_GET['th'] . '-' . $_REQUEST['filename']), 'post', false) == true)
 		{
-			if (is_array($_POST['entire_file']))
-				$_POST['entire_file'] = implode("\n", $_POST['entire_file']);
+			if (is_array($_POST['entire_file'])) {
+							$_POST['entire_file'] = implode("\n", $_POST['entire_file']);
+			}
 
 			$_POST['entire_file'] = rtrim(strtr($_POST['entire_file'], array("\r" => '', '   ' => "\t")));
 
@@ -1786,10 +1855,11 @@ 
 				fclose($fp);
 
 				$error = @file_get_contents($currentTheme['theme_url'] . '/tmp_' . session_id() . '.php');
-				if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0)
-					$error_file = $currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php';
-				else
-					unlink($currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php');
+				if (preg_match('~ <b>(\d+)</b><br( /)?' . '>$~i', $error) != 0) {
+									$error_file = $currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php';
+				} else {
+									unlink($currentTheme['theme_dir'] . '/tmp_' . session_id() . '.php');
+				}
 			}
 
 			if (!isset($error_file))
@@ -1810,10 +1880,11 @@ 
 			$context['sub_template'] = 'edit_file';
 
 			// Recycle the submitted data.
-			if (is_array($_POST['entire_file']))
-				$context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
-			else
-				$context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
+			if (is_array($_POST['entire_file'])) {
+							$context['entire_file'] = $smcFunc['htmlspecialchars'](implode("\n", $_POST['entire_file']));
+			} else {
+							$context['entire_file'] = $smcFunc['htmlspecialchars']($_POST['entire_file']);
+			}
 
 			$context['edit_filename'] = $smcFunc['htmlspecialchars']($_POST['filename']);
 
@@ -1836,17 +1907,17 @@ 
 		$context['sub_template'] = 'edit_style';
 
 		$context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(file_get_contents($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']), array("\t" => '   ')));
-	}
-	elseif (substr($_REQUEST['filename'], -13) == '.template.php')
+	} elseif (substr($_REQUEST['filename'], -13) == '.template.php')
 	{
 		$context['sub_template'] = 'edit_template';
 
-		if (!isset($error_file))
-			$file_data = file($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
-		else
+		if (!isset($error_file)) {
+					$file_data = file($currentTheme['theme_dir'] . '/' . $_REQUEST['filename']);
+		} else
 		{
-			if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0)
-				$context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
+			if (preg_match('~(<b>.+?</b>:.+?<b>).+?(</b>.+?<b>\d+</b>)<br( /)?' . '>$~i', $error, $match) != 0) {
+							$context['parse_error'] = $match[1] . $_REQUEST['filename'] . $match[2];
+			}
 			$file_data = file($error_file);
 			unlink($error_file);
 		}
@@ -1860,8 +1931,9 @@ 
 				// Try to format the functions a little nicer...
 				$context['file_parts'][$j]['data'] = trim($context['file_parts'][$j]['data']) . "\n";
 
-				if (empty($context['file_parts'][$j]['lines']))
-					unset($context['file_parts'][$j]);
+				if (empty($context['file_parts'][$j]['lines'])) {
+									unset($context['file_parts'][$j]);
+				}
 				$context['file_parts'][++$j] = array('lines' => 0, 'line' => $i + 1, 'data' => '');
 			}
 
@@ -1870,8 +1942,7 @@ 
 		}
 
 		$context['entire_file'] = $smcFunc['htmlspecialchars'](strtr(implode('', $file_data), array("\t" => '   ')));
-	}
-	else
+	} else
 	{
 		$context['sub_template'] = 'edit_file';
 
@@ -1897,8 +1968,9 @@ 
 
 	$_GET['th'] = isset($_GET['th']) ? (int) $_GET['th'] : (int) $_GET['id'];
 
-	if (empty($_GET['th']))
-		fatal_lang_error('theme_install_invalid_id');
+	if (empty($_GET['th'])) {
+			fatal_lang_error('theme_install_invalid_id');
+	}
 
 	// Get the theme info.
 	$theme = get_single_theme($_GET['th']);
@@ -1906,25 +1978,24 @@ 
 
 	if (isset($_REQUEST['template']) && preg_match('~[\./\\\\:\0]~', $_REQUEST['template']) == 0)
 	{
-		if (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php'))
-			$filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
-
-		else
-			fatal_lang_error('no_access', false);
+		if (file_exists($settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php')) {
+					$filename = $settings['default_theme_dir'] . '/' . $_REQUEST['template'] . '.template.php';
+		} else {
+					fatal_lang_error('no_access', false);
+		}
 
 		$fp = fopen($theme['theme_dir'] . '/' . $_REQUEST['template'] . '.template.php', 'w');
 		fwrite($fp, file_get_contents($filename));
 		fclose($fp);
 
 		redirectexit('action=admin;area=theme;th=' . $context['theme_id'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';sa=copy');
-	}
-	elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
+	} elseif (isset($_REQUEST['lang_file']) && preg_match('~^[^\./\\\\:\0]\.[^\./\\\\:\0]$~', $_REQUEST['lang_file']) != 0)
 	{
-		if (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php'))
-			$filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
-
-		else
-			fatal_lang_error('no_access', false);
+		if (file_exists($settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php')) {
+					$filename = $settings['default_theme_dir'] . '/languages/' . $_REQUEST['template'] . '.php';
+		} else {
+					fatal_lang_error('no_access', false);
+		}
 
 		$fp = fopen($theme['theme_dir'] . '/languages/' . $_REQUEST['lang_file'] . '.php', 'w');
 		fwrite($fp, file_get_contents($filename));
@@ -1939,16 +2010,18 @@ 
 	$dir = dir($settings['default_theme_dir']);
 	while ($entry = $dir->read())
 	{
-		if (substr($entry, -13) == '.template.php')
-			$templates[] = substr($entry, 0, -13);
+		if (substr($entry, -13) == '.template.php') {
+					$templates[] = substr($entry, 0, -13);
+		}
 	}
 	$dir->close();
 
 	$dir = dir($settings['default_theme_dir'] . '/languages');
 	while ($entry = $dir->read())
 	{
-		if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches))
-			$lang_files[] = $matches[1];
+		if (preg_match('~^([^\.]+\.[^\.]+)\.php$~', $entry, $matches)) {
+					$lang_files[] = $matches[1];
+		}
 	}
 	$dir->close();
 
@@ -1956,21 +2029,23 @@ 
 	natcasesort($lang_files);
 
 	$context['available_templates'] = array();
-	foreach ($templates as $template)
-		$context['available_templates'][$template] = array(
+	foreach ($templates as $template) {
+			$context['available_templates'][$template] = array(
 			'filename' => $template . '.template.php',
 			'value' => $template,
 			'already_exists' => false,
 			'can_copy' => is_writable($theme['theme_dir']),
 		);
+	}
 	$context['available_language_files'] = array();
-	foreach ($lang_files as $file)
-		$context['available_language_files'][$file] = array(
+	foreach ($lang_files as $file) {
+			$context['available_language_files'][$file] = array(
 			'filename' => $file . '.php',
 			'value' => $file,
 			'already_exists' => false,
 			'can_copy' => file_exists($theme['theme_dir'] . '/languages') ? is_writable($theme['theme_dir'] . '/languages') : is_writable($theme['theme_dir']),
 		);
+	}
 
 	$dir = dir($theme['theme_dir']);
 	while ($entry = $dir->read())

Sources/ManageMembers.php

Braces +163 added lines, -122 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * The main entrance point for the Manage Members screen.
@@ -62,16 +63,18 @@ 
 	$context['activation_numbers'] = array();
 	$context['awaiting_activation'] = 0;
 	$context['awaiting_approval'] = 0;
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$context['activation_numbers'][$row['is_activated']] = $row['total_members'];
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$context['activation_numbers'][$row['is_activated']] = $row['total_members'];
+	}
 	$smcFunc['db_free_result']($request);
 
 	foreach ($context['activation_numbers'] as $activation_type => $total_members)
 	{
-		if (in_array($activation_type, array(0, 2)))
-			$context['awaiting_activation'] += $total_members;
-		elseif (in_array($activation_type, array(3, 4, 5)))
-			$context['awaiting_approval'] += $total_members;
+		if (in_array($activation_type, array(0, 2))) {
+					$context['awaiting_activation'] += $total_members;
+		} elseif (in_array($activation_type, array(3, 4, 5))) {
+					$context['awaiting_approval'] += $total_members;
+		}
 	}
 
 	// For the page header... do we show activation?
@@ -124,8 +127,9 @@ 
 	}
 	if (!$context['show_approve'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'approve'))
 	{
-		if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
-			$context['tabs']['search']['is_last'] = true;
+		if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate')) {
+					$context['tabs']['search']['is_last'] = true;
+		}
 		unset($context['tabs']['approve']);
 	}
 
@@ -157,8 +161,9 @@ 
 		foreach ($_POST['delete'] as $key => $value)
 		{
 			// Don't delete yourself, idiot.
-			if ($value != $user_info['id'])
-				$delete[$key] = (int) $value;
+			if ($value != $user_info['id']) {
+							$delete[$key] = (int) $value;
+			}
 		}
 
 		if (!empty($delete))
@@ -194,17 +199,18 @@ 
 		);
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if ($row['min_posts'] == -1)
-				$context['membergroups'][] = array(
+			if ($row['min_posts'] == -1) {
+							$context['membergroups'][] = array(
 					'id' => $row['id_group'],
 					'name' => $row['group_name'],
 					'can_be_additional' => true
 				);
-			else
-				$context['postgroups'][] = array(
+			} else {
+							$context['postgroups'][] = array(
 					'id' => $row['id_group'],
 					'name' => $row['group_name']
 				);
+			}
 		}
 		$smcFunc['db_free_result']($request);
 
@@ -276,14 +282,15 @@ 
 		call_integration_hook('integrate_view_members_params', array(&$params));
 
 		$search_params = array();
-		if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST['types']))
-			$search_params = $smcFunc['json_decode'](base64_decode($_REQUEST['params']), true);
-		elseif (!empty($_POST))
+		if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST['types'])) {
+					$search_params = $smcFunc['json_decode'](base64_decode($_REQUEST['params']), true);
+		} elseif (!empty($_POST))
 		{
 			$search_params['types'] = $_POST['types'];
-			foreach ($params as $param_name => $param_info)
-				if (isset($_POST[$param_name]))
+			foreach ($params as $param_name => $param_info) {
+							if (isset($_POST[$param_name]))
 					$search_params[$param_name] = $_POST[$param_name];
+			}
 		}
 
 		$search_url_params = isset($search_params) ? base64_encode($smcFunc['json_encode']($search_params)) : null;
@@ -296,34 +303,38 @@ 
 		foreach ($params as $param_name => $param_info)
 		{
 			// Not filled in?
-			if (!isset($search_params[$param_name]) || $search_params[$param_name] === '')
-				continue;
+			if (!isset($search_params[$param_name]) || $search_params[$param_name] === '') {
+							continue;
+			}
 
 			// Make sure numeric values are really numeric.
-			if (in_array($param_info['type'], array('int', 'age')))
-				$search_params[$param_name] = (int) $search_params[$param_name];
+			if (in_array($param_info['type'], array('int', 'age'))) {
+							$search_params[$param_name] = (int) $search_params[$param_name];
+			}
 			// Date values have to match the specified format.
 			elseif ($param_info['type'] == 'date')
 			{
 				// Check if this date format is valid.
-				if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $search_params[$param_name]) == 0)
-					continue;
+				if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $search_params[$param_name]) == 0) {
+									continue;
+				}
 
 				$search_params[$param_name] = strtotime($search_params[$param_name]);
-			}
-			elseif ($param_info['type'] == 'inet')
+			} elseif ($param_info['type'] == 'inet')
 			{
 				$search_params[$param_name] = ip2range($search_params[$param_name]);
-				if (empty($search_params[$param_name]))
-					continue;
+				if (empty($search_params[$param_name])) {
+									continue;
+				}
 			}
 
 			// Those values that are in some kind of range (<, <=, =, >=, >).
 			if (!empty($param_info['range']))
 			{
 				// Default to '=', just in case...
-				if (empty($range_trans[$search_params['types'][$param_name]]))
-					$search_params['types'][$param_name] = '=';
+				if (empty($range_trans[$search_params['types'][$param_name]])) {
+									$search_params['types'][$param_name] = '=';
+				}
 
 				// Handle special case 'age'.
 				if ($param_info['type'] == 'age')
@@ -351,16 +362,17 @@ 
 				elseif ($param_info['type'] == 'date' && $search_params['types'][$param_name] == '=')
 				{
 					$query_parts[] = $param_info['db_fields'][0] . ' > ' . $search_params[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($search_params[$param_name] + 86400);
+				} else {
+									$query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$search_params['types'][$param_name]] . ' ' . $search_params[$param_name];
 				}
-				else
-					$query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$search_params['types'][$param_name]] . ' ' . $search_params[$param_name];
 			}
 			// Checkboxes.
 			elseif ($param_info['type'] == 'checkbox')
 			{
 				// Each checkbox or no checkbox at all is checked -> ignore.
-				if (!is_array($search_params[$param_name]) || count($search_params[$param_name]) == 0 || count($search_params[$param_name]) == count($param_info['values']))
-					continue;
+				if (!is_array($search_params[$param_name]) || count($search_params[$param_name]) == 0 || count($search_params[$param_name]) == count($param_info['values'])) {
+									continue;
+				}
 
 				$query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
 				$where_params[$param_name . '_check'] = $search_params[$param_name];
@@ -372,24 +384,23 @@ 
 				{
 					$query_parts[] = '(' . $param_info['db_fields'][0] . ' = {inet:' . $param_name . '})';
 					$where_params[$param_name] = $search_params[$param_name][0];
-				}
-				elseif (count($search_params[$param_name]) === 2)
+				} elseif (count($search_params[$param_name]) === 2)
 				{
 					$query_parts[] = '(' . $param_info['db_fields'][0] . ' <= {inet:' . $param_name . '_high} and ' . $param_info['db_fields'][0] . ' >= {inet:' . $param_name . '_low})';
 					$where_params[$param_name.'_low'] = $search_params[$param_name]['low'];
 					$where_params[$param_name.'_high'] = $search_params[$param_name]['high'];
 				}
 				
-			}
-			elseif ($param_info['type'] != 'groups')
+			} elseif ($param_info['type'] != 'groups')
 			{
 				// Replace the wildcard characters ('*' and '?') into MySQL ones.
 				$parameter = strtolower(strtr($smcFunc['htmlspecialchars']($search_params[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
 
-				if ($smcFunc['db_case_sensitive'])
-					$query_parts[] = '(LOWER(' . implode(') LIKE {string:' . $param_name . '_normal} OR LOWER(', $param_info['db_fields']) . ') LIKE {string:' . $param_name . '_normal})';
-				else
-					$query_parts[] = '(' . implode(' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
+				if ($smcFunc['db_case_sensitive']) {
+									$query_parts[] = '(LOWER(' . implode(') LIKE {string:' . $param_name . '_normal} OR LOWER(', $param_info['db_fields']) . ') LIKE {string:' . $param_name . '_normal})';
+				} else {
+									$query_parts[] = '(' . implode(' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
+				}
 				$where_params[$param_name . '_normal'] = '%' . $parameter . '%';
 			}
 		}
@@ -405,16 +416,18 @@ 
 		}
 
 		// Additional membergroups (these are only relevant if not all primary groups where selected!).
-		if (!empty($search_params['membergroups'][2]) && (empty($search_params['membergroups'][1]) || count($context['membergroups']) != count($search_params['membergroups'][1])))
-			foreach ($search_params['membergroups'][2] as $mg)
+		if (!empty($search_params['membergroups'][2]) && (empty($search_params['membergroups'][1]) || count($context['membergroups']) != count($search_params['membergroups'][1]))) {
+					foreach ($search_params['membergroups'][2] as $mg)
 			{
 				$mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups) != 0';
+		}
 				$where_params['add_group_' . $mg] = $mg;
 			}
 
 		// Combine the one or two membergroup parts into one query part linked with an OR.
-		if (!empty($mg_query_parts))
-			$query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
+		if (!empty($mg_query_parts)) {
+					$query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
+		}
 
 		// Get all selected post count related membergroups.
 		if (!empty($search_params['postgroups']) && count($search_params['postgroups']) != count($context['postgroups']))
@@ -426,9 +439,9 @@ 
 		// Construct the where part of the query.
 		$where = empty($query_parts) ? '1=1' : implode('
 			AND ', $query_parts);
+	} else {
+			$search_url_params = null;
 	}
-	else
-		$search_url_params = null;
 
 	// Construct the additional URL part with the query info in it.
 	$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_url_params : '';
@@ -551,28 +564,32 @@ 
 					'function' => function($rowData) use ($txt)
 					{
 						// Calculate number of days since last online.
-						if (empty($rowData['last_login']))
-							$difference = $txt['never'];
-						else
+						if (empty($rowData['last_login'])) {
+													$difference = $txt['never'];
+						} else
 						{
 							$num_days_difference = jeffsdatediff($rowData['last_login']);
 
 							// Today.
-							if (empty($num_days_difference))
-								$difference = $txt['viewmembers_today'];
+							if (empty($num_days_difference)) {
+															$difference = $txt['viewmembers_today'];
+							}
 
 							// Yesterday.
-							elseif ($num_days_difference == 1)
-								$difference = sprintf('1 %1$s', $txt['viewmembers_day_ago']);
+							elseif ($num_days_difference == 1) {
+															$difference = sprintf('1 %1$s', $txt['viewmembers_day_ago']);
+							}
 
 							// X days ago.
-							else
-								$difference = sprintf('%1$d %2$s', $num_days_difference, $txt['viewmembers_days_ago']);
+							else {
+															$difference = sprintf('%1$d %2$s', $num_days_difference, $txt['viewmembers_days_ago']);
+							}
 						}
 
 						// Show it in italics if they're not activated...
-						if ($rowData['is_activated'] % 10 != 1)
-							$difference = sprintf('<em title="%1$s">%2$s</em>', $txt['not_activated'], $difference);
+						if ($rowData['is_activated'] % 10 != 1) {
+													$difference = sprintf('<em title="%1$s">%2$s</em>', $txt['not_activated'], $difference);
+						}
 
 						return $difference;
 					},
@@ -624,8 +641,9 @@ 
 	);
 
 	// Without enough permissions, don't show 'delete members' checkboxes.
-	if (!allowedTo('profile_remove_any'))
-		unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);
+	if (!allowedTo('profile_remove_any')) {
+			unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);
+	}
 
 	require_once($sourcedir . '/Subs-List.php');
 	createList($listOptions);
@@ -668,17 +686,18 @@ 
 	);
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
-		if ($row['min_posts'] == -1)
-			$context['membergroups'][] = array(
+		if ($row['min_posts'] == -1) {
+					$context['membergroups'][] = array(
 				'id' => $row['id_group'],
 				'name' => $row['group_name'],
 				'can_be_additional' => true
 			);
-		else
-			$context['postgroups'][] = array(
+		} else {
+					$context['postgroups'][] = array(
 				'id' => $row['id_group'],
 				'name' => $row['group_name']
 			);
+		}
 	}
 	$smcFunc['db_free_result']($request);
 
@@ -705,8 +724,9 @@ 
 	$context['page_title'] = $txt['admin_members'];
 	$context['sub_template'] = 'admin_browse';
 	$context['browse_type'] = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
-	if (isset($context['tabs'][$context['browse_type']]))
-		$context['tabs'][$context['browse_type']]['is_selected'] = true;
+	if (isset($context['tabs'][$context['browse_type']])) {
+			$context['tabs'][$context['browse_type']]['is_selected'] = true;
+	}
 
 	// Allowed filters are those we can have, in theory.
 	$context['allowed_filters'] = $context['browse_type'] == 'approve' ? array(3, 4, 5) : array(0, 2);
@@ -717,18 +737,20 @@ 
 	foreach ($context['activation_numbers'] as $type => $amount)
 	{
 		// We have some of these...
-		if (in_array($type, $context['allowed_filters']) && $amount > 0)
-			$context['available_filters'][] = array(
+		if (in_array($type, $context['allowed_filters']) && $amount > 0) {
+					$context['available_filters'][] = array(
 				'type' => $type,
 				'amount' => $amount,
 				'desc' => isset($txt['admin_browse_filter_type_' . $type]) ? $txt['admin_browse_filter_type_' . $type] : '?',
 				'selected' => $type == $context['current_filter']
 			);
+		}
 	}
 
 	// If the filter was not sent, set it to whatever has people in it!
-	if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount']))
-		$context['current_filter'] = $context['available_filters'][0]['type'];
+	if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount'])) {
+			$context['current_filter'] = $context['available_filters'][0]['type'];
+	}
 
 	// This little variable is used to determine if we should flag where we are looking.
 	$context['show_filter'] = ($context['current_filter'] != 0 && $context['current_filter'] != 3) || count($context['available_filters']) > 1;
@@ -743,44 +765,47 @@ 
 	);
 
 	// Are we showing duplicate information?
-	if (isset($_GET['showdupes']))
-		$_SESSION['showdupes'] = (int) $_GET['showdupes'];
+	if (isset($_GET['showdupes'])) {
+			$_SESSION['showdupes'] = (int) $_GET['showdupes'];
+	}
 	$context['show_duplicates'] = !empty($_SESSION['showdupes']);
 
 	// Determine which actions we should allow on this page.
 	if ($context['browse_type'] == 'approve')
 	{
 		// If we are approving deleted accounts we have a slightly different list... actually a mirror ;)
-		if ($context['current_filter'] == 4)
-			$context['allowed_actions'] = array(
+		if ($context['current_filter'] == 4) {
+					$context['allowed_actions'] = array(
 				'reject' => $txt['admin_browse_w_approve_deletion'],
 				'ok' => $txt['admin_browse_w_reject'],
 			);
-		else
-			$context['allowed_actions'] = array(
+		} else {
+					$context['allowed_actions'] = array(
 				'ok' => $txt['admin_browse_w_approve'],
 				'okemail' => $txt['admin_browse_w_approve'] . ' ' . $txt['admin_browse_w_email'],
 				'require_activation' => $txt['admin_browse_w_approve_require_activate'],
 				'reject' => $txt['admin_browse_w_reject'],
 				'rejectemail' => $txt['admin_browse_w_reject'] . ' ' . $txt['admin_browse_w_email'],
 			);
-	}
-	elseif ($context['browse_type'] == 'activate')
-		$context['allowed_actions'] = array(
+		}
+	} elseif ($context['browse_type'] == 'activate') {
+			$context['allowed_actions'] = array(
 			'ok' => $txt['admin_browse_w_activate'],
 			'okemail' => $txt['admin_browse_w_activate'] . ' ' . $txt['admin_browse_w_email'],
 			'delete' => $txt['admin_browse_w_delete'],
 			'deleteemail' => $txt['admin_browse_w_delete'] . ' ' . $txt['admin_browse_w_email'],
 			'remind' => $txt['admin_browse_w_remind'] . ' ' . $txt['admin_browse_w_email'],
 		);
+	}
 
 	// Create an option list for actions allowed to be done with selected members.
 	$allowed_actions = '
 			<option selected value="">' . $txt['admin_browse_with_selected'] . ':</option>
 			<option value="" disabled>-----------------------------</option>';
-	foreach ($context['allowed_actions'] as $key => $desc)
-		$allowed_actions .= '
+	foreach ($context['allowed_actions'] as $key => $desc) {
+			$allowed_actions .= '
 			<option value="' . $key . '">' . $desc . '</option>';
+	}
 
 	// Setup the Javascript function for selecting an action for the list.
 	$javascript = '
@@ -792,15 +817,16 @@ 
 			var message = "";';
 
 	// We have special messages for approving deletion of accounts - it's surprisingly logical - honest.
-	if ($context['current_filter'] == 4)
-		$javascript .= '
+	if ($context['current_filter'] == 4) {
+			$javascript .= '
 			if (document.forms.postForm.todo.value.indexOf("reject") != -1)
 				message = "' . $txt['admin_browse_w_delete'] . '";
 			else
 				message = "' . $txt['admin_browse_w_reject'] . '";';
+	}
 	// Otherwise a nice standard message.
-	else
-		$javascript .= '
+	else {
+			$javascript .= '
 			if (document.forms.postForm.todo.value.indexOf("delete") != -1)
 				message = "' . $txt['admin_browse_w_delete'] . '";
 			else if (document.forms.postForm.todo.value.indexOf("reject") != -1)
@@ -809,6 +835,7 @@ 
 				message = "' . $txt['admin_browse_w_remind'] . '";
 			else
 				message = "' . ($context['browse_type'] == 'approve' ? $txt['admin_browse_w_approve'] : $txt['admin_browse_w_activate']) . '";';
+	}
 	$javascript .= '
 			if (confirm(message + " ' . $txt['admin_browse_warn'] . '"))
 				document.forms.postForm.submit();
@@ -941,10 +968,11 @@ 
 						$member_links = array();
 						foreach ($rowData['duplicate_members'] as $member)
 						{
-							if ($member['id'])
-								$member_links[] = '<a href="' . $scripturl . '?action=profile;u=' . $member['id'] . '" ' . (!empty($member['is_banned']) ? 'class="red"' : '') . '>' . $member['name'] . '</a>';
-							else
-								$member_links[] = $member['name'] . ' (' . $txt['guest'] . ')';
+							if ($member['id']) {
+															$member_links[] = '<a href="' . $scripturl . '?action=profile;u=' . $member['id'] . '" ' . (!empty($member['is_banned']) ? 'class="red"' : '') . '>' . $member['name'] . '</a>';
+							} else {
+															$member_links[] = $member['name'] . ' (' . $txt['guest'] . ')';
+							}
 						}
 						return implode(', ', $member_links);
 					},
@@ -993,14 +1021,16 @@ 
 	);
 
 	// Pick what column to actually include if we're showing duplicates.
-	if ($context['show_duplicates'])
-		unset($listOptions['columns']['email']);
-	else
-		unset($listOptions['columns']['duplicates']);
+	if ($context['show_duplicates']) {
+			unset($listOptions['columns']['email']);
+	} else {
+			unset($listOptions['columns']['duplicates']);
+	}
 
 	// Only show hostname on duplicates as it takes a lot of time.
-	if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup']))
-		unset($listOptions['columns']['hostname']);
+	if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup'])) {
+			unset($listOptions['columns']['hostname']);
+	}
 
 	// Is there any need to show filters?
 	if (isset($context['available_filters']) && count($context['available_filters']) > 1)
@@ -1008,9 +1038,10 @@ 
 		$filterOptions = '
 			<strong>' . $txt['admin_browse_filter_by'] . ':</strong>
 			<select name="filter" onchange="this.form.submit();">';
-		foreach ($context['available_filters'] as $filter)
-			$filterOptions .= '
+		foreach ($context['available_filters'] as $filter) {
+					$filterOptions .= '
 				<option value="' . $filter['type'] . '"' . ($filter['selected'] ? ' selected' : '') . '>' . $filter['desc'] . ' - ' . $filter['amount'] . ' ' . ($filter['amount'] == 1 ? $txt['user'] : $txt['users']) . '</option>';
+		}
 		$filterOptions .= '
 			</select>
 			<noscript><input type="submit" value="' . $txt['go'] . '" name="filter" class="button"></noscript>';
@@ -1022,12 +1053,13 @@ 
 	}
 
 	// What about if we only have one filter, but it's not the "standard" filter - show them what they are looking at.
-	if (!empty($context['show_filter']) && !empty($context['available_filters']))
-		$listOptions['additional_rows'][] = array(
+	if (!empty($context['show_filter']) && !empty($context['available_filters'])) {
+			$listOptions['additional_rows'][] = array(
 			'position' => 'above_column_headers',
 			'value' => '<strong>' . $txt['admin_browse_filter_show'] . ':</strong> ' . $context['available_filters'][0]['desc'],
 			'class' => 'smalltext floatright',
 		);
+	}
 
 	// Now that we have all the options, create the list.
 	require_once($sourcedir . '/Subs-List.php');
@@ -1057,12 +1089,14 @@ 
 	$current_filter = (int) $_REQUEST['orig_filter'];
 
 	// If we are applying a filter do just that - then redirect.
-	if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter'])
-		redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
+	if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter']) {
+			redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
+	}
 
 	// Nothing to do?
-	if (!isset($_POST['todoAction']) && !isset($_POST['time_passed']))
-		redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
+	if (!isset($_POST['todoAction']) && !isset($_POST['time_passed'])) {
+			redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
+	}
 
 	// Are we dealing with members who have been waiting for > set amount of time?
 	if (isset($_POST['time_passed']))
@@ -1075,8 +1109,9 @@ 
 	else
 	{
 		$members = array();
-		foreach ($_POST['todoAction'] as $id)
-			$members[] = (int) $id;
+		foreach ($_POST['todoAction'] as $id) {
+					$members[] = (int) $id;
+		}
 		$condition = '
 			AND id_member IN ({array_int:members})';
 	}
@@ -1097,8 +1132,9 @@ 
 	$member_count = $smcFunc['db_num_rows']($request);
 
 	// If no results then just return!
-	if ($member_count == 0)
-		redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
+	if ($member_count == 0) {
+			redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
+	}
 
 	$member_info = array();
 	$members = array();
@@ -1137,8 +1173,9 @@ 
 		// Do we have to let the integration code know about the activations?
 		if (!empty($modSettings['integrate_activate']))
 		{
-			foreach ($member_info as $member)
-				call_integration_hook('integrate_activate', array($member['username']));
+			foreach ($member_info as $member) {
+							call_integration_hook('integrate_activate', array($member['username']));
+			}
 		}
 
 		// Check for email.
@@ -1268,20 +1305,23 @@ 
 		$log_action = $_POST['todo'] == 'remind' ? 'remind_member' : 'approve_member';
 
 		require_once($sourcedir . '/Logging.php');
-		foreach ($member_info as $member)
-			logAction($log_action, array('member' => $member['id']), 'admin');
+		foreach ($member_info as $member) {
+					logAction($log_action, array('member' => $member['id']), 'admin');
+		}
 	}
 
 	// Although updateStats *may* catch this, best to do it manually just in case (Doesn't always sort out unapprovedMembers).
-	if (in_array($current_filter, array(3, 4, 5)))
-		updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));
+	if (in_array($current_filter, array(3, 4, 5))) {
+			updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));
+	}
 
 	// Update the member's stats. (but, we know the member didn't change their name.)
 	updateStats('member', false);
 
 	// If they haven't been deleted, update the post group statistics on them...
-	if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind')))
-		updateStats('postgroups', $members);
+	if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind'))) {
+			updateStats('postgroups', $members);
+	}
 
 	redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
 }
@@ -1306,10 +1346,11 @@ 
 	$dis = time() - $old;
 
 	// Before midnight?
-	if ($dis < $sinceMidnight)
-		return 0;
-	else
-		$dis -= $sinceMidnight;
+	if ($dis < $sinceMidnight) {
+			return 0;
+	} else {
+			$dis -= $sinceMidnight;
+	}
 
 	// Divide out the seconds in a day to get the number of days.
 	return ceil($dis / (24 * 60 * 60));

Packages/index.php

Braces +2 added lines, -1 removed lines

@@ -12,7 +12,8 @@
 	header('location: ' . $boardurl);
 }
 // Can't find it... just forget it.
-else
+else {
 	exit;
+}
 
 ?>
\ No newline at end of file

cron.php

Braces +36 added lines, -28 removed lines

@@ -41,37 +41,43 @@ 
 define('TIME_START', microtime(true));
 
 // Just being safe...
-foreach (array('db_character_set', 'cachedir') as $variable)
+foreach (array('db_character_set', 'cachedir') as $variable) {
 	if (isset($GLOBALS[$variable]))
 		unset($GLOBALS[$variable]);
+}
 
 // Get the forum's settings for database and file paths.
 require_once(dirname(__FILE__) . '/Settings.php');
 
 // Make absolutely sure the cache directory is defined.
-if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache'))
+if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache')) {
 	$cachedir = $boarddir . '/cache';
+}
 
 // Don't do john didley if the forum's been shut down competely.
-if ($maintenance == 2)
+if ($maintenance == 2) {
 	die($mmessage);
+}
 
 // Fix for using the current directory as a path.
-if (substr($sourcedir, 0, 1) == '.' && substr($sourcedir, 1, 1) != '.')
+if (substr($sourcedir, 0, 1) == '.' && substr($sourcedir, 1, 1) != '.') {
 	$sourcedir = dirname(__FILE__) . substr($sourcedir, 1);
+}
 
 // Have we already turned this off? If so, exist gracefully.
-if (file_exists($cachedir . '/cron.lock'))
+if (file_exists($cachedir . '/cron.lock')) {
 	obExit_cron();
+}
 
 // Before we go any further, if this is not a CLI request, we need to do some checking.
 if (!FROM_CLI)
 {
 	// We will clean up $_GET shortly. But we want to this ASAP.
 	$ts = isset($_GET['ts']) ? (int) $_GET['ts'] : 0;
-	if ($ts <= 0 || $ts % 15 != 0 || time() - $ts < 0 || time() - $ts > 20)
-		obExit_cron();
-}
+	if ($ts <= 0 || $ts % 15 != 0 || time() - $ts < 0 || time() - $ts > 20) {
+			obExit_cron();
+	}
+	}
 
 // Load the most important includes. In general, a background should be loading its own dependencies.
 require_once($sourcedir . '/Errors.php');
@@ -123,8 +129,9 @@ 
 	global $smcFunc;
 
 	// Check we haven't run over our time limit.
-	if (microtime(true) - TIME_START > MAX_CRON_TIME)
-		return false;
+	if (microtime(true) - TIME_START > MAX_CRON_TIME) {
+			return false;
+	}
 
 	// Try to find a task. Specifically, try to find one that hasn't been claimed previously, or failing that,
 	// a task that was claimed but failed for whatever reason and failed long enough ago. We should not care
@@ -159,14 +166,12 @@ 
 			// Update the time and go back.
 			$row['claimed_time'] = time();
 			return $row;
-		}
-		else
+		} else
 		{
 			// Uh oh, we just missed it. Try to claim another one, and let it fall through if there aren't any.
 			return fetch_task();
 		}
-	}
-	else
+	} else
 	{
 		// No dice. Clean up and go home.
 		$smcFunc['db_free_result']($request);
@@ -187,8 +192,9 @@ 
 	if (!empty($task_details['task_file']))
 	{
 		$include = strtr(trim($task_details['task_file']), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir));
-		if (file_exists($include))
-			require_once($include);
+		if (file_exists($include)) {
+					require_once($include);
+		}
 	}
 
 	if (empty($task_details['task_class']))
@@ -204,8 +210,7 @@ 
 		$details = empty($task_details['task_data']) ? array() : $smcFunc['json_decode']($task_details['task_data'], true);
 		$bgtask = new $task_details['task_class']($details);
 		return $bgtask->execute();
-	}
-	else
+	} else
 	{
 		log_error('Invalid background task specified: (class: ' . $task_details['task_class'] . ', ' . (empty($task_details['task_file']) ? ' no file' : ' to load ' . $task_details['task_file']) . ')');
 		return true; // So we clear it from the queue.
@@ -224,8 +229,9 @@ 
 	$scripturl = $boardurl . '/index.php';
 
 	// These keys shouldn't be set...ever.
-	if (isset($_REQUEST['GLOBALS']) || isset($_COOKIE['GLOBALS']))
-		die('Invalid request variable.');
+	if (isset($_REQUEST['GLOBALS']) || isset($_COOKIE['GLOBALS'])) {
+			die('Invalid request variable.');
+	}
 
 	// Save some memory.. (since we don't use these anyway.)
 	unset($GLOBALS['HTTP_POST_VARS'], $GLOBALS['HTTP_POST_VARS']);
@@ -246,26 +252,28 @@ 
 	global $modSettings;
 
 	// Ignore errors if we're ignoring them or they are strict notices from PHP 5
-	if (error_reporting() == 0)
-		return;
+	if (error_reporting() == 0) {
+			return;
+	}
 
 	$error_type = 'cron';
 
 	log_error($error_level . ': ' . $error_string, $error_type, $file, $line);
 
 	// If this is an E_ERROR or E_USER_ERROR.... die.  Violently so.
-	if ($error_level % 255 == E_ERROR)
-		die('No direct access...');
-}
+	if ($error_level % 255 == E_ERROR) {
+			die('No direct access...');
+	}
+	}
 
 /**
  * The exit function
  */
 function obExit_cron()
 {
-	if (FROM_CLI)
-		die(0);
-	else
+	if (FROM_CLI) {
+			die(0);
+	} else
 	{
 		header('content-type: image/gif');
 		die("\x47\x49\x46\x38\x39\x61\x01\x00\x01\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x21\xF9\x04\x01\x00\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B");

Sources/ShowAttachments.php

Braces +59 added lines, -52 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Downloads an avatar or attachment based on $_GET['attach'], and increments the download count.
@@ -40,11 +41,11 @@ 
 
 	if (!empty($modSettings['enableCompressedOutput']) && !headers_sent() && ob_get_length() == 0)
 	{
-		if (@ini_get('zlib.output_compression') == '1' || @ini_get('output_handler') == 'ob_gzhandler')
-			$modSettings['enableCompressedOutput'] = 0;
-
-		else
-			ob_start('ob_gzhandler');
+		if (@ini_get('zlib.output_compression') == '1' || @ini_get('output_handler') == 'ob_gzhandler') {
+					$modSettings['enableCompressedOutput'] = 0;
+		} else {
+					ob_start('ob_gzhandler');
+		}
 	}
 
 	if (empty($modSettings['enableCompressedOutput']))
@@ -76,8 +77,9 @@ 
 	}
 
 	// Use cache when possible.
-	if (($cache = cache_get_data('attachment_lookup_id-' . $attachId)) != null)
-		list($file, $thumbFile) = $cache;
+	if (($cache = cache_get_data('attachment_lookup_id-' . $attachId)) != null) {
+			list($file, $thumbFile) = $cache;
+	}
 
 	// Get the info from the DB.
 	if (empty($file) || empty($thumbFile) && !empty($file['id_thumb']))
@@ -85,10 +87,9 @@ 
 		// Do we have a hook wanting to use our attachment system? We use $attachRequest to prevent accidental usage of $request.
 		$attachRequest = null;
 		call_integration_hook('integrate_download_request', array(&$attachRequest));
-		if (!is_null($attachRequest) && $smcFunc['db_is_resource']($attachRequest))
-			$request = $attachRequest;
-
-		else
+		if (!is_null($attachRequest) && $smcFunc['db_is_resource']($attachRequest)) {
+					$request = $attachRequest;
+		} else
 		{
 			// Make sure this attachment is on this board and load its info while we are at it.
 			$request = $smcFunc['db_query']('', '
@@ -181,13 +182,15 @@ 
 		}
 
 		// Cache it.
-		if (!empty($file) || !empty($thumbFile))
-			cache_put_data('attachment_lookup_id-' . $file['id_attach'], array($file, $thumbFile), mt_rand(850, 900));
+		if (!empty($file) || !empty($thumbFile)) {
+					cache_put_data('attachment_lookup_id-' . $file['id_attach'], array($file, $thumbFile), mt_rand(850, 900));
+		}
 	}
 
 	// Replace the normal file with its thumbnail if it has one!
-	if (!empty($showThumb) && !empty($thumbFile))
-		$file = $thumbFile;
+	if (!empty($showThumb) && !empty($thumbFile)) {
+			$file = $thumbFile;
+	}
 
 	// No point in a nicer message, because this is supposed to be an attachment anyway...
 	if (!file_exists($file['filePath']))
@@ -237,8 +240,8 @@ 
 	}
 
 	// Update the download counter (unless it's a thumbnail or resuming an incomplete download).
-	if ($file['attachment_type'] != 3 && empty($showThumb) && $range === 0)
-		$smcFunc['db_query']('', '
+	if ($file['attachment_type'] != 3 && empty($showThumb) && $range === 0) {
+			$smcFunc['db_query']('', '
 			UPDATE {db_prefix}attachments
 			SET downloads = downloads + 1
 			WHERE id_attach = {int:id_attach}',
@@ -246,12 +249,14 @@ 
 				'id_attach' => $attachId,
 			)
 		);
+	}
 
 	// Send the attachment headers.
 	header('pragma: ');
 
-	if (!isBrowser('gecko'))
-		header('content-transfer-encoding: binary');
+	if (!isBrowser('gecko')) {
+			header('content-transfer-encoding: binary');
+	}
 
 	header('expires: ' . gmdate('D, d M Y H:i:s', time() + 525600 * 60) . ' GMT');
 	header('last-modified: ' . gmdate('D, d M Y H:i:s', filemtime($file['filePath'])) . ' GMT');
@@ -260,18 +265,19 @@ 
 	header('etag: ' . $eTag);
 
 	// Make sure the mime type warrants an inline display.
-	if (isset($_REQUEST['image']) && !empty($file['mime_type']) && strpos($file['mime_type'], 'image/') !== 0)
-		unset($_REQUEST['image']);
+	if (isset($_REQUEST['image']) && !empty($file['mime_type']) && strpos($file['mime_type'], 'image/') !== 0) {
+			unset($_REQUEST['image']);
+	}
 
 	// Does this have a mime type?
-	elseif (!empty($file['mime_type']) && (isset($_REQUEST['image']) || !in_array($file['fileext'], array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff'))))
-		header('content-type: ' . strtr($file['mime_type'], array('image/bmp' => 'image/x-ms-bmp')));
-
-	else
+	elseif (!empty($file['mime_type']) && (isset($_REQUEST['image']) || !in_array($file['fileext'], array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff')))) {
+			header('content-type: ' . strtr($file['mime_type'], array('image/bmp' => 'image/x-ms-bmp')));
+	} else
 	{
 		header('content-type: ' . (isBrowser('ie') || isBrowser('opera') ? 'application/octetstream' : 'application/octet-stream'));
-		if (isset($_REQUEST['image']))
-			unset($_REQUEST['image']);
+		if (isset($_REQUEST['image'])) {
+					unset($_REQUEST['image']);
+		}
 	}
 
 	// Convert the file to UTF-8, cuz most browsers dig that.
@@ -279,24 +285,22 @@ 
 	$disposition = !isset($_REQUEST['image']) ? 'attachment' : 'inline';
 
 	// Different browsers like different standards...
-	if (isBrowser('firefox'))
-		header('content-disposition: ' . $disposition . '; filename*=UTF-8\'\'' . rawurlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name)));
-
-	elseif (isBrowser('opera'))
-		header('content-disposition: ' . $disposition . '; filename="' . preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name) . '"');
-
-	elseif (isBrowser('ie'))
-		header('content-disposition: ' . $disposition . '; filename="' . urlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name)) . '"');
-
-	else
-		header('content-disposition: ' . $disposition . '; filename="' . $utf8name . '"');
+	if (isBrowser('firefox')) {
+			header('content-disposition: ' . $disposition . '; filename*=UTF-8\'\'' . rawurlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name)));
+	} elseif (isBrowser('opera')) {
+			header('content-disposition: ' . $disposition . '; filename="' . preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name) . '"');
+	} elseif (isBrowser('ie')) {
+			header('content-disposition: ' . $disposition . '; filename="' . urlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name)) . '"');
+	} else {
+			header('content-disposition: ' . $disposition . '; filename="' . $utf8name . '"');
+	}
 
 	// If this has an "image extension" - but isn't actually an image - then ensure it isn't cached cause of silly IE.
-	if (!isset($_REQUEST['image']) && in_array($file['fileext'], array('gif', 'jpg', 'bmp', 'png', 'jpeg', 'tiff')))
-		header('cache-control: no-cache');
-
-	else
-		header('cache-control: max-age=' . (525600 * 60) . ', private');
+	if (!isset($_REQUEST['image']) && in_array($file['fileext'], array('gif', 'jpg', 'bmp', 'png', 'jpeg', 'tiff'))) {
+			header('cache-control: no-cache');
+	} else {
+			header('cache-control: max-age=' . (525600 * 60) . ', private');
+	}
 
 	// Multipart and resuming support
 	if (isset($_SERVER['HTTP_RANGE']))
@@ -304,9 +308,9 @@ 
 		header("HTTP/1.1 206 Partial Content");
 		header("content-length: $new_length");
 		header("content-range: bytes $range-$range_end/$size");
+	} else {
+			header("content-length: " . $size);
 	}
-	else
-		header("content-length: " . $size);
 
 
 	// Try to buy some time...
@@ -315,8 +319,9 @@ 
 	// For multipart/resumable downloads, send the requested chunk(s) of the file
 	if (isset($_SERVER['HTTP_RANGE']))
 	{
-		while (@ob_get_level() > 0)
-			@ob_end_clean();
+		while (@ob_get_level() > 0) {
+					@ob_end_clean();
+		}
 
 		// 40 kilobytes is a good-ish amount
 		$chunksize = 40 * 1024;
@@ -340,8 +345,9 @@ 
 	elseif ($size > 4194304)
 	{
 		// Forcibly end any output buffering going on.
-		while (@ob_get_level() > 0)
-			@ob_end_clean();
+		while (@ob_get_level() > 0) {
+					@ob_end_clean();
+		}
 
 		$fp = fopen($file['filePath'], 'rb');
 		while (!feof($fp))
@@ -353,8 +359,9 @@ 
 	}
 
 	// On some of the less-bright hosts, readfile() is disabled.  It's just a faster, more byte safe, version of what's in the if.
-	elseif (@readfile($file['filePath']) === null)
-		echo file_get_contents($file['filePath']);
+	elseif (@readfile($file['filePath']) === null) {
+			echo file_get_contents($file['filePath']);
+	}
 
 	die();
 }

Sources/Subscriptions-PayPal.php

Braces +83 added lines, -61 removed lines

@@ -14,8 +14,9 @@ 
 // This won't be dedicated without this - this must exist in each gateway!
 // SMF Payment Gateway: paypal
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Class for returning available form data for this gateway
@@ -118,8 +119,7 @@ 
 		{
 			$return_data['hidden']['p3'] = 1;
 			$return_data['hidden']['t3'] = strtoupper(substr($period, 0, 1));
-		}
-		else
+		} else
 		{
 			preg_match('~(\d*)(\w)~', $sub_data['real_length'], $match);
 			$unit = $match[1];
@@ -130,14 +130,15 @@ 
 		}
 
 		// If it's repeatable do some javascript to respect this idea.
-		if (!empty($sub_data['repeatable']))
-			$return_data['javascript'] = '
+		if (!empty($sub_data['repeatable'])) {
+					$return_data['javascript'] = '
 				document.write(\'<label for="do_paypal_recur"><input type="checkbox" name="do_paypal_recur" id="do_paypal_recur" checked onclick="switchPaypalRecur();">' . $txt['paid_make_recurring'] . '</label><br>\');
 
 				function switchPaypalRecur()
 				{
 					document.getElementById("paypal_cmd").value = document.getElementById("do_paypal_recur").checked ? "_xclick-subscriptions" : "_xclick";
 				}';
+		}
 
 		return $return_data;
 	}
@@ -160,20 +161,24 @@ 
 		global $modSettings;
 
 		// Has the user set up an email address?
-		if ((empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_email'])) || (!empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_sandbox_email'])))
-			return false;
+		if ((empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_email'])) || (!empty($modSettings['paidsubs_test']) && empty($modSettings['paypal_sandbox_email']))) {
+					return false;
+		}
 		// Check the correct transaction types are even here.
-		if ((!isset($_POST['txn_type']) && !isset($_POST['payment_status'])) || (!isset($_POST['business']) && !isset($_POST['receiver_email'])))
-			return false;
+		if ((!isset($_POST['txn_type']) && !isset($_POST['payment_status'])) || (!isset($_POST['business']) && !isset($_POST['receiver_email']))) {
+					return false;
+		}
 		// Correct email address?
-		if (!isset($_POST['business']))
-			$_POST['business'] = $_POST['receiver_email'];
+		if (!isset($_POST['business'])) {
+					$_POST['business'] = $_POST['receiver_email'];
+		}
 
 		// Are we testing?
-		if (empty($modSettings['paidsubs_test']) && strtolower($modSettings['paypal_sandbox_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails'])))))
-			return false;
-		elseif (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', $modSettings['paypal_additional_emails']))))
-			return false;
+		if (empty($modSettings['paidsubs_test']) && strtolower($modSettings['paypal_sandbox_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails']))))) {
+					return false;
+		} elseif (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', $modSettings['paypal_additional_emails'])))) {
+					return false;
+		}
 		return true;
 	}
 
@@ -192,15 +197,17 @@ 
 		global $modSettings, $txt;
 
 		// Put this to some default value.
-		if (!isset($_POST['txn_type']))
-			$_POST['txn_type'] = '';
+		if (!isset($_POST['txn_type'])) {
+					$_POST['txn_type'] = '';
+		}
 
 		// Build the request string - starting with the minimum requirement.
 		$requestString = 'cmd=_notify-validate';
 
 		// Now my dear, add all the posted bits in the order we got them
-		foreach ($_POST as $k => $v)
-			$requestString .= '&' . $k . '=' . urlencode($v);
+		foreach ($_POST as $k => $v) {
+					$requestString .= '&' . $k . '=' . urlencode($v);
+		}
 
 		// Can we use curl?
 		if (function_exists('curl_init') && $curl = curl_init((!empty($modSettings['paidsubs_test']) ? 'https://www.sandbox.' : 'https://www.') . 'paypal.com/cgi-bin/webscr'))
@@ -240,14 +247,16 @@ 
 			$header .= 'connection: close' . "\r\n\r\n";
 
 			// Open the connection.
-			if (!empty($modSettings['paidsubs_test']))
-				$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
-			else
-				$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
+			if (!empty($modSettings['paidsubs_test'])) {
+							$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
+			} else {
+							$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
+			}
 
 			// Did it work?
-			if (!$fp)
-				generateSubscriptionError($txt['paypal_could_not_connect']);
+			if (!$fp) {
+							generateSubscriptionError($txt['paypal_could_not_connect']);
+			}
 
 			// Put the data to the port.
 			fputs($fp, $header . $requestString);
@@ -256,8 +265,9 @@ 
 			while (!feof($fp))
 			{
 				$this->return_data = fgets($fp, 1024);
-				if (strcmp(trim($this->return_data), 'VERIFIED') === 0)
-					break;
+				if (strcmp(trim($this->return_data), 'VERIFIED') === 0) {
+									break;
+				}
 			}
 
 			// Clean up.
@@ -265,28 +275,34 @@ 
 		}
 
 		// If this isn't verified then give up...
-		if (strcmp(trim($this->return_data), 'VERIFIED') !== 0)
-			exit;
+		if (strcmp(trim($this->return_data), 'VERIFIED') !== 0) {
+					exit;
+		}
 
 		// Check that this is intended for us.
-		if (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails'])))))
-			exit;
+		if (strtolower($modSettings['paypal_email']) != strtolower($_POST['business']) && (empty($modSettings['paypal_additional_emails']) || !in_array(strtolower($_POST['business']), explode(',', strtolower($modSettings['paypal_additional_emails']))))) {
+					exit;
+		}
 
 		// Is this a subscription - and if so is it a secondary payment that we need to process?
 		// If so, make sure we get it in the expected format. Seems PayPal sometimes sends it without urlencoding.
-		if (!empty($_POST['item_number']) && strpos($_POST['item_number'], ' ') !== false)
-			$_POST['item_number'] = str_replace(' ', '+', $_POST['item_number']);
-		if ($this->isSubscription() && (empty($_POST['item_number']) || strpos($_POST['item_number'], '+') === false))
-			// Calculate the subscription it relates to!
+		if (!empty($_POST['item_number']) && strpos($_POST['item_number'], ' ') !== false) {
+					$_POST['item_number'] = str_replace(' ', '+', $_POST['item_number']);
+		}
+		if ($this->isSubscription() && (empty($_POST['item_number']) || strpos($_POST['item_number'], '+') === false)) {
+					// Calculate the subscription it relates to!
 			$this->_findSubscription();
+		}
 
 		// Verify the currency!
-		if (strtolower($_POST['mc_currency']) !== strtolower($modSettings['paid_currency_code']))
-			exit;
+		if (strtolower($_POST['mc_currency']) !== strtolower($modSettings['paid_currency_code'])) {
+					exit;
+		}
 
 		// Can't exist if it doesn't contain anything.
-		if (empty($_POST['item_number']))
-			exit;
+		if (empty($_POST['item_number'])) {
+					exit;
+		}
 
 		// Return the id_sub and id_member
 		return explode('+', $_POST['item_number']);
@@ -299,10 +315,11 @@ 
 	 */
 	public function isRefund()
 	{
-		if ($_POST['payment_status'] === 'Refunded' || $_POST['payment_status'] === 'Reversed' || $_POST['txn_type'] === 'Refunded' || ($_POST['txn_type'] === 'reversal' && $_POST['payment_status'] === 'Completed'))
-			return true;
-		else
-			return false;
+		if ($_POST['payment_status'] === 'Refunded' || $_POST['payment_status'] === 'Reversed' || $_POST['txn_type'] === 'Refunded' || ($_POST['txn_type'] === 'reversal' && $_POST['payment_status'] === 'Completed')) {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -312,10 +329,11 @@ 
 	 */
 	public function isSubscription()
 	{
-		if (substr($_POST['txn_type'], 0, 14) === 'subscr_payment' && $_POST['payment_status'] === 'Completed')
-			return true;
-		else
-			return false;
+		if (substr($_POST['txn_type'], 0, 14) === 'subscr_payment' && $_POST['payment_status'] === 'Completed') {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -325,10 +343,11 @@ 
 	 */
 	public function isPayment()
 	{
-		if ($_POST['payment_status'] === 'Completed' && $_POST['txn_type'] === 'web_accept')
-			return true;
-		else
-			return false;
+		if ($_POST['payment_status'] === 'Completed' && $_POST['txn_type'] === 'web_accept') {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -341,10 +360,11 @@ 
 		// subscr_cancel is sent when the user cancels, subscr_eot is sent when the subscription reaches final payment
 		// Neither require us to *do* anything as per performCancel().
 		// subscr_eot, if sent, indicates an end of payments term.
-		if (substr($_POST['txn_type'], 0, 13) === 'subscr_cancel' || substr($_POST['txn_type'], 0, 10) === 'subscr_eot')
-			return true;
-		else
-			return false;
+		if (substr($_POST['txn_type'], 0, 13) === 'subscr_cancel' || substr($_POST['txn_type'], 0, 10) === 'subscr_eot') {
+					return true;
+		} else {
+					return false;
+		}
 	}
 
 	/**
@@ -408,8 +428,9 @@ 
 		global $smcFunc;
 
 		// Assume we have this?
-		if (empty($_POST['subscr_id']))
-			return false;
+		if (empty($_POST['subscr_id'])) {
+					return false;
+		}
 
 		// Do we have this in the database?
 		$request = $smcFunc['db_query']('', '
@@ -438,11 +459,12 @@ 
 						'payer_email' => $_POST['payer_email'],
 					)
 				);
-				if ($smcFunc['db_num_rows']($request) === 0)
-					return false;
+				if ($smcFunc['db_num_rows']($request) === 0) {
+									return false;
+				}
+			} else {
+							return false;
 			}
-			else
-				return false;
 		}
 		list ($member_id, $subscription_id) = $smcFunc['db_fetch_row']($request);
 		$_POST['item_number'] = $member_id . '+' . $subscription_id;

Sources/News.php

Braces +226 added lines, -185 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Outputs xml data representing recent information or a profile.
@@ -37,8 +38,9 @@ 
 	global $query_this_board, $smcFunc, $forum_version, $settings;
 
 	// If it's not enabled, die.
-	if (empty($modSettings['xmlnews_enable']))
-		obExit(false);
+	if (empty($modSettings['xmlnews_enable'])) {
+			obExit(false);
+	}
 
 	loadLanguage('Stats');
 
@@ -64,8 +66,9 @@ 
 	if (!empty($_REQUEST['c']) && empty($board))
 	{
 		$_REQUEST['c'] = explode(',', $_REQUEST['c']);
-		foreach ($_REQUEST['c'] as $i => $c)
-			$_REQUEST['c'][$i] = (int) $c;
+		foreach ($_REQUEST['c'] as $i => $c) {
+					$_REQUEST['c'][$i] = (int) $c;
+		}
 
 		if (count($_REQUEST['c']) == 1)
 		{
@@ -101,18 +104,20 @@ 
 		}
 		$smcFunc['db_free_result']($request);
 
-		if (!empty($boards))
-			$query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
+		if (!empty($boards)) {
+					$query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
+		}
 
 		// Try to limit the number of messages we look through.
-		if ($total_cat_posts > 100 && $total_cat_posts > $modSettings['totalMessages'] / 15)
-			$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 400 - $_GET['limit'] * 5);
-	}
-	elseif (!empty($_REQUEST['boards']))
+		if ($total_cat_posts > 100 && $total_cat_posts > $modSettings['totalMessages'] / 15) {
+					$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 400 - $_GET['limit'] * 5);
+		}
+	} elseif (!empty($_REQUEST['boards']))
 	{
 		$_REQUEST['boards'] = explode(',', $_REQUEST['boards']);
-		foreach ($_REQUEST['boards'] as $i => $b)
-			$_REQUEST['boards'][$i] = (int) $b;
+		foreach ($_REQUEST['boards'] as $i => $b) {
+					$_REQUEST['boards'][$i] = (int) $b;
+		}
 
 		$request = $smcFunc['db_query']('', '
 			SELECT b.id_board, b.num_posts, b.name
@@ -128,29 +133,32 @@ 
 
 		// Either the board specified doesn't exist or you have no access.
 		$num_boards = $smcFunc['db_num_rows']($request);
-		if ($num_boards == 0)
-			fatal_lang_error('no_board');
+		if ($num_boards == 0) {
+					fatal_lang_error('no_board');
+		}
 
 		$total_posts = 0;
 		$boards = array();
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
-			if ($num_boards == 1)
-				$feed_meta['title'] = ' - ' . strip_tags($row['name']);
+			if ($num_boards == 1) {
+							$feed_meta['title'] = ' - ' . strip_tags($row['name']);
+			}
 
 			$boards[] = $row['id_board'];
 			$total_posts += $row['num_posts'];
 		}
 		$smcFunc['db_free_result']($request);
 
-		if (!empty($boards))
-			$query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
+		if (!empty($boards)) {
+					$query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
+		}
 
 		// The more boards, the more we're going to look through...
-		if ($total_posts > 100 && $total_posts > $modSettings['totalMessages'] / 12)
-			$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 500 - $_GET['limit'] * 5);
-	}
-	elseif (!empty($board))
+		if ($total_posts > 100 && $total_posts > $modSettings['totalMessages'] / 12) {
+					$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 500 - $_GET['limit'] * 5);
+		}
+	} elseif (!empty($board))
 	{
 		$request = $smcFunc['db_query']('', '
 			SELECT num_posts
@@ -170,10 +178,10 @@ 
 		$query_this_board = 'b.id_board = ' . $board;
 
 		// Try to look through just a few messages, if at all possible.
-		if ($total_posts > 80 && $total_posts > $modSettings['totalMessages'] / 10)
-			$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 600 - $_GET['limit'] * 5);
-	}
-	else
+		if ($total_posts > 80 && $total_posts > $modSettings['totalMessages'] / 10) {
+					$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 600 - $_GET['limit'] * 5);
+		}
+	} else
 	{
 		$query_this_board = '{query_see_board}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
 			AND b.id_board != ' . $modSettings['recycle_board'] : '');
@@ -196,30 +204,35 @@ 
 	// Easy adding of sub actions
  	call_integration_hook('integrate_xmlfeeds', array(&$subActions));
 
-	if (empty($_GET['sa']) || !isset($subActions[$_GET['sa']]))
-		$_GET['sa'] = 'recent';
+	if (empty($_GET['sa']) || !isset($subActions[$_GET['sa']])) {
+			$_GET['sa'] = 'recent';
+	}
 
 	// We only want some information, not all of it.
 	$cachekey = array($xml_format, $_GET['action'], $_GET['limit'], $_GET['sa']);
-	foreach (array('board', 'boards', 'c') as $var)
-		if (isset($_REQUEST[$var]))
+	foreach (array('board', 'boards', 'c') as $var) {
+			if (isset($_REQUEST[$var]))
 			$cachekey[] = $_REQUEST[$var];
+	}
 	$cachekey = md5($smcFunc['json_encode']($cachekey) . (!empty($query_this_board) ? $query_this_board : ''));
 	$cache_t = microtime();
 
 	// Get the associative array representing the xml.
-	if (!empty($modSettings['cache_enable']) && (!$user_info['is_guest'] || $modSettings['cache_enable'] >= 3))
-		$xml_data = cache_get_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, 240);
+	if (!empty($modSettings['cache_enable']) && (!$user_info['is_guest'] || $modSettings['cache_enable'] >= 3)) {
+			$xml_data = cache_get_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, 240);
+	}
 	if (empty($xml_data))
 	{
 		$call = call_helper($subActions[$_GET['sa']][0], true);
 
-		if (!empty($call))
-			$xml_data = call_user_func($call, $xml_format);
+		if (!empty($call)) {
+					$xml_data = call_user_func($call, $xml_format);
+		}
 
 		if (!empty($modSettings['cache_enable']) && (($user_info['is_guest'] && $modSettings['cache_enable'] >= 3)
-		|| (!$user_info['is_guest'] && (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.2))))
-			cache_put_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, $xml_data, 240);
+		|| (!$user_info['is_guest'] && (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.2)))) {
+					cache_put_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, $xml_data, 240);
+		}
 	}
 
 	$feed_meta['title'] = $smcFunc['htmlspecialchars'](strip_tags($context['forum_name'])) . (isset($feed_meta['title']) ? $feed_meta['title'] : '');
@@ -259,43 +272,49 @@ 
 	call_integration_hook('integrate_xml_data', array(&$xml_data, &$feed_meta, &$namespaces, &$extraFeedTags, &$forceCdataKeys, &$nsKeys, $xml_format, $_GET['sa']));
 
 	// These can't be empty
-	foreach (array('title', 'desc', 'source') as $mkey)
-		$feed_meta[$mkey] = !empty($feed_meta[$mkey]) ? $feed_meta[$mkey] : $orig_feed_meta[$mkey];
+	foreach (array('title', 'desc', 'source') as $mkey) {
+			$feed_meta[$mkey] = !empty($feed_meta[$mkey]) ? $feed_meta[$mkey] : $orig_feed_meta[$mkey];
+	}
 
 	// Sanitize basic feed metadata values
-	foreach ($feed_meta as $mkey => $mvalue)
-		$feed_meta[$mkey] = cdata_parse(strip_tags(fix_possible_url($feed_meta[$mkey])));
+	foreach ($feed_meta as $mkey => $mvalue) {
+			$feed_meta[$mkey] = cdata_parse(strip_tags(fix_possible_url($feed_meta[$mkey])));
+	}
 
 	$ns_string = '';
 	if (!empty($namespaces[$xml_format]))
 	{
-		foreach ($namespaces[$xml_format] as $nsprefix => $nsurl)
-			$ns_string .= ' xmlns' . ($nsprefix !== '' ? ':' : '') . $nsprefix . '="' . $nsurl . '"';
+		foreach ($namespaces[$xml_format] as $nsprefix => $nsurl) {
+					$ns_string .= ' xmlns' . ($nsprefix !== '' ? ':' : '') . $nsprefix . '="' . $nsurl . '"';
+		}
 	}
 
 	$extraFeedTags_string = '';
 	if (!empty($extraFeedTags[$xml_format]))
 	{
 		$indent = "\t" . ($xml_format !== 'atom' ? "\t" : '');
-		foreach ($extraFeedTags[$xml_format] as $extraTag)
-			$extraFeedTags_string .= "\n" . $indent . $extraTag;
+		foreach ($extraFeedTags[$xml_format] as $extraTag) {
+					$extraFeedTags_string .= "\n" . $indent . $extraTag;
+		}
 	}
 
 	// This is an xml file....
 	ob_end_clean();
-	if (!empty($modSettings['enableCompressedOutput']))
-		@ob_start('ob_gzhandler');
-	else
-		ob_start();
+	if (!empty($modSettings['enableCompressedOutput'])) {
+			@ob_start('ob_gzhandler');
+	} else {
+			ob_start();
+	}
 
-	if ($xml_format == 'smf' || isset($_REQUEST['debug']))
-		header('content-type: text/xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
-	elseif ($xml_format == 'rss' || $xml_format == 'rss2')
-		header('content-type: application/rss+xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
-	elseif ($xml_format == 'atom')
-		header('content-type: application/atom+xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
-	elseif ($xml_format == 'rdf')
-		header('content-type: ' . (isBrowser('ie') ? 'text/xml' : 'application/rdf+xml') . '; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
+	if ($xml_format == 'smf' || isset($_REQUEST['debug'])) {
+			header('content-type: text/xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
+	} elseif ($xml_format == 'rss' || $xml_format == 'rss2') {
+			header('content-type: application/rss+xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
+	} elseif ($xml_format == 'atom') {
+			header('content-type: application/atom+xml; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
+	} elseif ($xml_format == 'rdf') {
+			header('content-type: ' . (isBrowser('ie') ? 'text/xml' : 'application/rdf+xml') . '; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set']));
+	}
 
 	// First, output the xml header.
 	echo '<?xml version="1.0" encoding="', $context['character_set'], '"?' . '>';
@@ -303,10 +322,11 @@ 
 	// Are we outputting an rss feed or one with more information?
 	if ($xml_format == 'rss' || $xml_format == 'rss2')
 	{
-		if ($xml_format == 'rss2')
-			foreach ($_REQUEST as $var => $val)
+		if ($xml_format == 'rss2') {
+					foreach ($_REQUEST as $var => $val)
 				if (in_array($var, array('action', 'sa', 'type', 'board', 'boards', 'c', 'u', 'limit')))
 					$url_parts[] = $var . '=' . (is_array($val) ? implode(',', $val) : $val);
+		}
 
 		// Start with an RSS 2.0 header.
 		echo '
@@ -327,9 +347,10 @@ 
 		<language>' . $feed_meta['language'] . '</language>' : '';
 
 		// RSS2 calls for this.
-		if ($xml_format == 'rss2')
-			echo '
+		if ($xml_format == 'rss2') {
+					echo '
 		<atom:link rel="self" type="application/rss+xml" href="', $scripturl, !empty($url_parts) ? '?' . implode(';', $url_parts) : '', '" />';
+		}
 
 		echo $extraFeedTags_string;
 
@@ -340,12 +361,12 @@ 
 		echo '
 	</channel>
 </rss>';
-	}
-	elseif ($xml_format == 'atom')
+	} elseif ($xml_format == 'atom')
 	{
-		foreach ($_REQUEST as $var => $val)
-			if (in_array($var, array('action', 'sa', 'type', 'board', 'boards', 'c', 'u', 'limit')))
+		foreach ($_REQUEST as $var => $val) {
+					if (in_array($var, array('action', 'sa', 'type', 'board', 'boards', 'c', 'u', 'limit')))
 				$url_parts[] = $var . '=' . (is_array($val) ? implode(',', $val) : $val);
+		}
 
 		echo '
 <feed', $ns_string, !empty($feed_meta['language']) ? ' xml:lang="' . $feed_meta['language'] . '"' : '', '>
@@ -371,8 +392,7 @@ 
 
 		echo '
 </feed>';
-	}
-	elseif ($xml_format == 'rdf')
+	} elseif ($xml_format == 'rdf')
 	{
 		echo '
 <rdf:RDF', $ns_string, '>
@@ -437,13 +457,15 @@ 
 {
 	global $modSettings, $context, $scripturl;
 
-	if (substr($val, 0, strlen($scripturl)) != $scripturl)
-		return $val;
+	if (substr($val, 0, strlen($scripturl)) != $scripturl) {
+			return $val;
+	}
 
 	call_integration_hook('integrate_fix_url', array(&$val));
 
-	if (empty($modSettings['queryless_urls']) || ($context['server']['is_cgi'] && ini_get('cgi.fix_pathinfo') == 0 && @get_cfg_var('cgi.fix_pathinfo') == 0) || (!$context['server']['is_apache'] && !$context['server']['is_lighttpd']))
-		return $val;
+	if (empty($modSettings['queryless_urls']) || ($context['server']['is_cgi'] && ini_get('cgi.fix_pathinfo') == 0 && @get_cfg_var('cgi.fix_pathinfo') == 0) || (!$context['server']['is_apache'] && !$context['server']['is_lighttpd'])) {
+			return $val;
+	}
 
 	$val = preg_replace_callback('~\b' . preg_quote($scripturl, '~') . '\?((?:board|topic)=[^#"]+)(#[^"]*)?$~', function($m) use ($scripturl)
 		{
@@ -466,8 +488,9 @@ 
 	global $smcFunc;
 
 	// Do we even need to do this?
-	if (strpbrk($data, '<>&') == false && $force !== true)
-		return $data;
+	if (strpbrk($data, '<>&') == false && $force !== true) {
+			return $data;
+	}
 
 	$cdata = '<![CDATA[';
 
@@ -477,49 +500,55 @@ 
 			$smcFunc['strpos']($data, '&', $pos),
 			$smcFunc['strpos']($data, ']', $pos),
 		);
-		if ($ns != '')
-			$positions[] = $smcFunc['strpos']($data, '<', $pos);
+		if ($ns != '') {
+					$positions[] = $smcFunc['strpos']($data, '<', $pos);
+		}
 		foreach ($positions as $k => $dummy)
 		{
-			if ($dummy === false)
-				unset($positions[$k]);
+			if ($dummy === false) {
+							unset($positions[$k]);
+			}
 		}
 
 		$old = $pos;
 		$pos = empty($positions) ? $n : min($positions);
 
-		if ($pos - $old > 0)
-			$cdata .= $smcFunc['substr']($data, $old, $pos - $old);
-		if ($pos >= $n)
-			break;
+		if ($pos - $old > 0) {
+					$cdata .= $smcFunc['substr']($data, $old, $pos - $old);
+		}
+		if ($pos >= $n) {
+					break;
+		}
 
 		if ($smcFunc['substr']($data, $pos, 1) == '<')
 		{
 			$pos2 = $smcFunc['strpos']($data, '>', $pos);
-			if ($pos2 === false)
-				$pos2 = $n;
-			if ($smcFunc['substr']($data, $pos + 1, 1) == '/')
-				$cdata .= ']]></' . $ns . ':' . $smcFunc['substr']($data, $pos + 2, $pos2 - $pos - 1) . '<![CDATA[';
-			else
-				$cdata .= ']]><' . $ns . ':' . $smcFunc['substr']($data, $pos + 1, $pos2 - $pos) . '<![CDATA[';
+			if ($pos2 === false) {
+							$pos2 = $n;
+			}
+			if ($smcFunc['substr']($data, $pos + 1, 1) == '/') {
+							$cdata .= ']]></' . $ns . ':' . $smcFunc['substr']($data, $pos + 2, $pos2 - $pos - 1) . '<![CDATA[';
+			} else {
+							$cdata .= ']]><' . $ns . ':' . $smcFunc['substr']($data, $pos + 1, $pos2 - $pos) . '<![CDATA[';
+			}
 			$pos = $pos2 + 1;
-		}
-		elseif ($smcFunc['substr']($data, $pos, 1) == ']')
+		} elseif ($smcFunc['substr']($data, $pos, 1) == ']')
 		{
 			$cdata .= ']]>&#093;<![CDATA[';
 			$pos++;
-		}
-		elseif ($smcFunc['substr']($data, $pos, 1) == '&')
+		} elseif ($smcFunc['substr']($data, $pos, 1) == '&')
 		{
 			$pos2 = $smcFunc['strpos']($data, ';', $pos);
-			if ($pos2 === false)
-				$pos2 = $n;
+			if ($pos2 === false) {
+							$pos2 = $n;
+			}
 			$ent = $smcFunc['substr']($data, $pos + 1, $pos2 - $pos - 1);
 
-			if ($smcFunc['substr']($data, $pos + 1, 1) == '#')
-				$cdata .= ']]>' . $smcFunc['substr']($data, $pos, $pos2 - $pos + 1) . '<![CDATA[';
-			elseif (in_array($ent, array('amp', 'lt', 'gt', 'quot')))
-				$cdata .= ']]>' . $smcFunc['substr']($data, $pos, $pos2 - $pos + 1) . '<![CDATA[';
+			if ($smcFunc['substr']($data, $pos + 1, 1) == '#') {
+							$cdata .= ']]>' . $smcFunc['substr']($data, $pos, $pos2 - $pos + 1) . '<![CDATA[';
+			} elseif (in_array($ent, array('amp', 'lt', 'gt', 'quot'))) {
+							$cdata .= ']]>' . $smcFunc['substr']($data, $pos, $pos2 - $pos + 1) . '<![CDATA[';
+			}
 
 			$pos = $pos2 + 1;
 		}
@@ -559,8 +588,9 @@ 
 		'gender',
 		'blurb',
 	);
-	if ($xml_format != 'atom')
-		$keysToCdata[] = 'category';
+	if ($xml_format != 'atom') {
+			$keysToCdata[] = 'category';
+	}
 
 	if (!empty($forceCdataKeys))
 	{
@@ -577,8 +607,9 @@ 
 		$attrs = isset($element['attributes']) ? $element['attributes'] : null;
 
 		// Skip it, it's been set to null.
-		if ($key === null || ($val === null && $attrs === null))
-			continue;
+		if ($key === null || ($val === null && $attrs === null)) {
+					continue;
+		}
 
 		$forceCdata = in_array($key, $forceCdataKeys);
 		$ns = !empty($nsKeys[$key]) ? $nsKeys[$key] : '';
@@ -591,16 +622,16 @@ 
 
 		if (!empty($attrs))
 		{
-			foreach ($attrs as $attr_key => $attr_value)
-				echo ' ', $attr_key, '="', fix_possible_url($attr_value), '"';
+			foreach ($attrs as $attr_key => $attr_value) {
+							echo ' ', $attr_key, '="', fix_possible_url($attr_value), '"';
+			}
 		}
 
 		// If it's empty, simply output an empty element.
 		if (empty($val))
 		{
 			echo ' />';
-		}
-		else
+		} else
 		{
 			echo '>';
 
@@ -612,11 +643,13 @@ 
 				echo "\n", str_repeat("\t", $i);
 			}
 			// A string with returns in it.... show this as a multiline element.
-			elseif (strpos($val, "\n") !== false)
-				echo "\n", in_array($key, $keysToCdata) ? cdata_parse(fix_possible_url($val), $ns, $forceCdata) : fix_possible_url($val), "\n", str_repeat("\t", $i);
+			elseif (strpos($val, "\n") !== false) {
+							echo "\n", in_array($key, $keysToCdata) ? cdata_parse(fix_possible_url($val), $ns, $forceCdata) : fix_possible_url($val), "\n", str_repeat("\t", $i);
+			}
 			// A simple string.
-			else
-				echo in_array($key, $keysToCdata) ? cdata_parse(fix_possible_url($val), $ns, $forceCdata) : fix_possible_url($val);
+			else {
+							echo in_array($key, $keysToCdata) ? cdata_parse(fix_possible_url($val), $ns, $forceCdata) : fix_possible_url($val);
+			}
 
 			// Ending tag.
 			echo '</', $key, '>';
@@ -636,8 +669,9 @@ 
 {
 	global $scripturl, $smcFunc;
 
-	if (!allowedTo('view_mlist'))
-		return array();
+	if (!allowedTo('view_mlist')) {
+			return array();
+	}
 
 	// Find the most recent members.
 	$request = $smcFunc['db_query']('', '
@@ -656,8 +690,8 @@ 
 		$guid = 'tag:' . parse_url($scripturl, PHP_URL_HOST) . ',' . gmdate('Y-m-d', $row['date_registered']) . ':member=' . $row['id_member'];
 
 		// Make the data look rss-ish.
-		if ($xml_format == 'rss' || $xml_format == 'rss2')
-			$data[] = array(
+		if ($xml_format == 'rss' || $xml_format == 'rss2') {
+					$data[] = array(
 				'tag' => 'item',
 				'content' => array(
 					array(
@@ -685,8 +719,8 @@ 
 					),
 				),
 			);
-		elseif ($xml_format == 'rdf')
-			$data[] = array(
+		} elseif ($xml_format == 'rdf') {
+					$data[] = array(
 				'tag' => 'item',
 				'attributes' => array('rdf:about' => $scripturl . '?action=profile;u=' . $row['id_member']),
 				'content' => array(
@@ -704,8 +738,8 @@ 
 					),
 				),
 			);
-		elseif ($xml_format == 'atom')
-			$data[] = array(
+		} elseif ($xml_format == 'atom') {
+					$data[] = array(
 				'tag' => 'entry',
 				'content' => array(
 					array(
@@ -734,9 +768,10 @@ 
 					),
 				),
 			);
+		}
 		// More logical format for the data, but harder to apply.
-		else
-			$data[] = array(
+		else {
+					$data[] = array(
 				'tag' => 'member',
 				'content' => array(
 					array(
@@ -757,6 +792,7 @@ 
 					),
 				),
 			);
+		}
 	}
 	$smcFunc['db_free_result']($request);
 
@@ -817,22 +853,24 @@ 
 		if ($loops < 2 && $smcFunc['db_num_rows']($request) < $_GET['limit'])
 		{
 			$smcFunc['db_free_result']($request);
-			if (empty($_REQUEST['boards']) && empty($board))
-				unset($context['optimize_msg']['lowest']);
-			else
-				$context['optimize_msg']['lowest'] = 'm.id_msg >= t.id_first_msg';
+			if (empty($_REQUEST['boards']) && empty($board)) {
+							unset($context['optimize_msg']['lowest']);
+			} else {
+							$context['optimize_msg']['lowest'] = 'm.id_msg >= t.id_first_msg';
+			}
 			$context['optimize_msg']['highest'] = 'm.id_msg <= t.id_last_msg';
 			$loops++;
+		} else {
+					$done = true;
 		}
-		else
-			$done = true;
 	}
 	$data = array();
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// Limit the length of the message, if the option is set.
-		if (!empty($modSettings['xmlnews_maxlen']) && $smcFunc['strlen'](str_replace('<br>', "\n", $row['body'])) > $modSettings['xmlnews_maxlen'])
-			$row['body'] = strtr($smcFunc['substr'](str_replace('<br>', "\n", $row['body']), 0, $modSettings['xmlnews_maxlen'] - 3), array("\n" => '<br>')) . '...';
+		if (!empty($modSettings['xmlnews_maxlen']) && $smcFunc['strlen'](str_replace('<br>', "\n", $row['body'])) > $modSettings['xmlnews_maxlen']) {
+					$row['body'] = strtr($smcFunc['substr'](str_replace('<br>', "\n", $row['body']), 0, $modSettings['xmlnews_maxlen'] - 3), array("\n" => '<br>')) . '...';
+		}
 
 		$row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
 
@@ -859,8 +897,9 @@ 
 			while ($attach = $smcFunc['db_fetch_assoc']($attach_request))
 			{
 				// Include approved attachments only
-				if ($attach['approved'])
-					$loaded_attachments['attachment_' . $attach['id_attach']] = $attach;
+				if ($attach['approved']) {
+									$loaded_attachments['attachment_' . $attach['id_attach']] = $attach;
+				}
 			}
 			$smcFunc['db_free_result']($attach_request);
 
@@ -868,16 +907,17 @@ 
 			if (!empty($loaded_attachments))
 			{
 				uasort($loaded_attachments, function($a, $b) {
-					if ($a['filesize'] == $b['filesize'])
-					        return 0;
+					if ($a['filesize'] == $b['filesize']) {
+										        return 0;
+					}
 					return ($a['filesize'] < $b['filesize']) ? -1 : 1;
 				});
+			} else {
+							$loaded_attachments = null;
 			}
-			else
-				$loaded_attachments = null;
+		} else {
+					$loaded_attachments = null;
 		}
-		else
-			$loaded_attachments = null;
 
 		// Create a GUID for this topic using the tag URI scheme
 		$guid = 'tag:' . parse_url($scripturl, PHP_URL_HOST) . ',' . gmdate('Y-m-d', $row['poster_time']) . ':topic=' . $row['id_topic'];
@@ -894,9 +934,9 @@ 
 					'length' => $attachment['filesize'],
 					'type' => $attachment['mime_type'],
 				);
+			} else {
+							$enclosure = null;
 			}
-			else
-				$enclosure = null;
 
 			$data[] = array(
 				'tag' => 'item',
@@ -942,8 +982,7 @@ 
 					),
 				),
 			);
-		}
-		elseif ($xml_format == 'rdf')
+		} elseif ($xml_format == 'rdf')
 		{
 			$data[] = array(
 				'tag' => 'item',
@@ -967,8 +1006,7 @@ 
 					),
 				),
 			);
-		}
-		elseif ($xml_format == 'atom')
+		} elseif ($xml_format == 'atom')
 		{
 			// Only one attachment allowed
 			if (!empty($loaded_attachments))
@@ -980,9 +1018,9 @@ 
 					'length' => $attachment['filesize'],
 					'type' => $attachment['mime_type'],
 				);
+			} else {
+							$enclosure = null;
 			}
-			else
-				$enclosure = null;
 
 			$data[] = array(
 				'tag' => 'entry',
@@ -1082,9 +1120,9 @@ 
 						)
 					);
 				}
+			} else {
+							$attachments = null;
 			}
-			else
-				$attachments = null;
 
 			$data[] = array(
 				'tag' => 'article',
@@ -1202,22 +1240,25 @@ 
 		if ($loops < 2 && $smcFunc['db_num_rows']($request) < $_GET['limit'])
 		{
 			$smcFunc['db_free_result']($request);
-			if (empty($_REQUEST['boards']) && empty($board))
-				unset($context['optimize_msg']['lowest']);
-			else
-				$context['optimize_msg']['lowest'] = $loops ? 'm.id_msg >= t.id_first_msg' : 'm.id_msg >= (t.id_last_msg - t.id_first_msg) / 2';
+			if (empty($_REQUEST['boards']) && empty($board)) {
+							unset($context['optimize_msg']['lowest']);
+			} else {
+							$context['optimize_msg']['lowest'] = $loops ? 'm.id_msg >= t.id_first_msg' : 'm.id_msg >= (t.id_last_msg - t.id_first_msg) / 2';
+			}
 			$loops++;
+		} else {
+					$done = true;
 		}
-		else
-			$done = true;
 	}
 	$messages = array();
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$messages[] = $row['id_msg'];
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$messages[] = $row['id_msg'];
+	}
 	$smcFunc['db_free_result']($request);
 
-	if (empty($messages))
-		return array();
+	if (empty($messages)) {
+			return array();
+	}
 
 	// Find the most recent posts this user can see.
 	$request = $smcFunc['db_query']('', '
@@ -1247,8 +1288,9 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// Limit the length of the message, if the option is set.
-		if (!empty($modSettings['xmlnews_maxlen']) && $smcFunc['strlen'](str_replace('<br>', "\n", $row['body'])) > $modSettings['xmlnews_maxlen'])
-			$row['body'] = strtr($smcFunc['substr'](str_replace('<br>', "\n", $row['body']), 0, $modSettings['xmlnews_maxlen'] - 3), array("\n" => '<br>')) . '...';
+		if (!empty($modSettings['xmlnews_maxlen']) && $smcFunc['strlen'](str_replace('<br>', "\n", $row['body'])) > $modSettings['xmlnews_maxlen']) {
+					$row['body'] = strtr($smcFunc['substr'](str_replace('<br>', "\n", $row['body']), 0, $modSettings['xmlnews_maxlen'] - 3), array("\n" => '<br>')) . '...';
+		}
 
 		$row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
 
@@ -1275,8 +1317,9 @@ 
 			while ($attach = $smcFunc['db_fetch_assoc']($attach_request))
 			{
 				// Include approved attachments only
-				if ($attach['approved'])
-					$loaded_attachments['attachment_' . $attach['id_attach']] = $attach;
+				if ($attach['approved']) {
+									$loaded_attachments['attachment_' . $attach['id_attach']] = $attach;
+				}
 			}
 			$smcFunc['db_free_result']($attach_request);
 
@@ -1284,16 +1327,17 @@ 
 			if (!empty($loaded_attachments))
 			{
 				uasort($loaded_attachments, function($a, $b) {
-					if ($a['filesize'] == $b['filesize'])
-					        return 0;
+					if ($a['filesize'] == $b['filesize']) {
+										        return 0;
+					}
 					return ($a['filesize'] < $b['filesize']) ? -1 : 1;
 				});
+			} else {
+							$loaded_attachments = null;
 			}
-			else
-				$loaded_attachments = null;
+		} else {
+					$loaded_attachments = null;
 		}
-		else
-			$loaded_attachments = null;
 
 		// Create a GUID for this post using the tag URI scheme
 		$guid = 'tag:' . parse_url($scripturl, PHP_URL_HOST) . ',' . gmdate('Y-m-d', $row['poster_time']) . ':msg=' . $row['id_msg'];
@@ -1310,9 +1354,9 @@ 
 					'length' => $attachment['filesize'],
 					'type' => $attachment['mime_type'],
 				);
+			} else {
+							$enclosure = null;
 			}
-			else
-				$enclosure = null;
 
 			$data[] = array(
 				'tag' => 'item',
@@ -1358,8 +1402,7 @@ 
 					),
 				),
 			);
-		}
-		elseif ($xml_format == 'rdf')
+		} elseif ($xml_format == 'rdf')
 		{
 			$data[] = array(
 				'tag' => 'item',
@@ -1383,8 +1426,7 @@ 
 					),
 				),
 			);
-		}
-		elseif ($xml_format == 'atom')
+		} elseif ($xml_format == 'atom')
 		{
 			// Only one attachment allowed
 			if (!empty($loaded_attachments))
@@ -1396,9 +1438,9 @@ 
 					'length' => $attachment['filesize'],
 					'type' => $attachment['mime_type'],
 				);
+			} else {
+							$enclosure = null;
 			}
-			else
-				$enclosure = null;
 
 			$data[] = array(
 				'tag' => 'entry',
@@ -1498,9 +1540,9 @@ 
 						)
 					);
 				}
+			} else {
+							$attachments = null;
 			}
-			else
-				$attachments = null;
 
 			$data[] = array(
 				'tag' => 'recent-post',
@@ -1619,14 +1661,16 @@ 
 	global $scripturl, $memberContext, $user_profile, $user_info;
 
 	// You must input a valid user....
-	if (empty($_GET['u']) || !loadMemberData((int) $_GET['u']))
-		return array();
+	if (empty($_GET['u']) || !loadMemberData((int) $_GET['u'])) {
+			return array();
+	}
 
 	// Make sure the id is a number and not "I like trying to hack the database".
 	$_GET['u'] = (int) $_GET['u'];
 	// Load the member's contextual information!
-	if (!loadMemberContext($_GET['u']) || !allowedTo('profile_view'))
-		return array();
+	if (!loadMemberContext($_GET['u']) || !allowedTo('profile_view')) {
+			return array();
+	}
 
 	// Okay, I admit it, I'm lazy.  Stupid $_GET['u'] is long and hard to type.
 	$profile = &$memberContext[$_GET['u']];
@@ -1668,8 +1712,7 @@ 
 				),
 			)
 		);
-	}
-	elseif ($xml_format == 'rdf')
+	} elseif ($xml_format == 'rdf')
 	{
 		$data[] = array(
 			'tag' => 'item',
@@ -1693,8 +1736,7 @@ 
 				),
 			)
 		);
-	}
-	elseif ($xml_format == 'atom')
+	} elseif ($xml_format == 'atom')
 	{
 		$data[] = array(
 			'tag' => 'entry',
@@ -1747,8 +1789,7 @@ 
 				),
 			)
 		);
-	}
-	else
+	} else
 	{
 		$data = array(
 			array(