SimpleMachines / SMF2.1

Sources/Security.php

Braces +258 added lines, -199 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Check if the user is who he/she says he is
@@ -42,12 +43,14 @@ 
 	$refreshTime = isset($_GET['xml']) ? 4200 : 3600;
 
 	// Is the security option off?
-	if (!empty($modSettings['securityDisable' . ($type != 'admin' ? '_' . $type : '')]))
-		return;
+	if (!empty($modSettings['securityDisable' . ($type != 'admin' ? '_' . $type : '')])) {
+			return;
+	}
 
 	// Or are they already logged in?, Moderator or admin session is need for this area
-	if ((!empty($_SESSION[$type . '_time']) && $_SESSION[$type . '_time'] + $refreshTime >= time()) || (!empty($_SESSION['admin_time']) && $_SESSION['admin_time'] + $refreshTime >= time()))
-		return;
+	if ((!empty($_SESSION[$type . '_time']) && $_SESSION[$type . '_time'] + $refreshTime >= time()) || (!empty($_SESSION['admin_time']) && $_SESSION['admin_time'] + $refreshTime >= time())) {
+			return;
+	}
 
 	require_once($sourcedir . '/Subs-Auth.php');
 
@@ -55,8 +58,9 @@ 
 	if (isset($_POST[$type . '_pass']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn())
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && !httpsOn()) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		checkSession();
 
@@ -72,17 +76,19 @@ 
 	}
 
 	// Better be sure to remember the real referer
-	if (empty($_SESSION['request_referer']))
-		$_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
-	elseif (empty($_POST))
-		unset($_SESSION['request_referer']);
+	if (empty($_SESSION['request_referer'])) {
+			$_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
+	} elseif (empty($_POST)) {
+			unset($_SESSION['request_referer']);
+	}
 
 	// Need to type in a password for that, man.
-	if (!isset($_GET['xml']))
-		adminLogin($type);
-	else
-		return 'session_verify_fail';
-}
+	if (!isset($_GET['xml'])) {
+			adminLogin($type);
+	} else {
+			return 'session_verify_fail';
+	}
+	}
 
 /**
  * Require a user who is logged in. (not a guest.)
@@ -96,25 +102,30 @@ 
 	global $user_info, $txt, $context, $scripturl, $modSettings;
 
 	// Luckily, this person isn't a guest.
-	if (!$user_info['is_guest'])
-		return;
+	if (!$user_info['is_guest']) {
+			return;
+	}
 
 	// Log what they were trying to do didn't work)
-	if (!empty($modSettings['who_enabled']))
-		$_GET['error'] = 'guest_login';
+	if (!empty($modSettings['who_enabled'])) {
+			$_GET['error'] = 'guest_login';
+	}
 	writeLog(true);
 
 	// Just die.
-	if (isset($_REQUEST['xml']))
-		obExit(false);
+	if (isset($_REQUEST['xml'])) {
+			obExit(false);
+	}
 
 	// Attempt to detect if they came from dlattach.
-	if (SMF != 'SSI' && empty($context['theme_loaded']))
-		loadTheme();
+	if (SMF != 'SSI' && empty($context['theme_loaded'])) {
+			loadTheme();
+	}
 
 	// Never redirect to an attachment
-	if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false)
-		$_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
+	if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false) {
+			$_SESSION['login_url'] = $_SERVER['REQUEST_URL'];
+	}
 
 	// Load the Login template and language file.
 	loadLanguage('Login');
@@ -124,8 +135,7 @@ 
 	{
 		$_SESSION['login_url'] = $scripturl . '?' . $_SERVER['QUERY_STRING'];
 		redirectexit('action=login');
-	}
-	else
+	} else
 	{
 		loadTemplate('Login');
 		$context['sub_template'] = 'kick_guest';
@@ -155,8 +165,9 @@ 
 	global $sourcedir, $cookiename, $user_settings, $smcFunc;
 
 	// You cannot be banned if you are an admin - doesn't help if you log out.
-	if ($user_info['is_admin'])
-		return;
+	if ($user_info['is_admin']) {
+			return;
+	}
 
 	// Only check the ban every so often. (to reduce load.)
 	if ($forceCheck || !isset($_SESSION['ban']) || empty($modSettings['banLastUpdated']) || ($_SESSION['ban']['last_checked'] < $modSettings['banLastUpdated']) || $_SESSION['ban']['id_member'] != $user_info['id'] || $_SESSION['ban']['ip'] != $user_info['ip'] || $_SESSION['ban']['ip2'] != $user_info['ip2'] || (isset($user_info['email'], $_SESSION['ban']['email']) && $_SESSION['ban']['email'] != $user_info['email']))
@@ -177,8 +188,9 @@ 
 		// Check both IP addresses.
 		foreach (array('ip', 'ip2') as $ip_number)
 		{
-			if ($ip_number == 'ip2' && $user_info['ip2'] == $user_info['ip'])
-				continue;
+			if ($ip_number == 'ip2' && $user_info['ip2'] == $user_info['ip']) {
+							continue;
+			}
 			$ban_query[] = ' {inet:' . $ip_number . '} BETWEEN bi.ip_low and bi.ip_high';
 			$ban_query_vars[$ip_number] = $user_info[$ip_number];
 			// IP was valid, maybe there's also a hostname...
@@ -228,24 +240,28 @@ 
 			// Store every type of ban that applies to you in your session.
 			while ($row = $smcFunc['db_fetch_assoc']($request))
 			{
-				foreach ($restrictions as $restriction)
-					if (!empty($row[$restriction]))
+				foreach ($restrictions as $restriction) {
+									if (!empty($row[$restriction]))
 					{
 						$_SESSION['ban'][$restriction]['reason'] = $row['reason'];
+				}
 						$_SESSION['ban'][$restriction]['ids'][] = $row['id_ban'];
-						if (!isset($_SESSION['ban']['expire_time']) || ($_SESSION['ban']['expire_time'] != 0 && ($row['expire_time'] == 0 || $row['expire_time'] > $_SESSION['ban']['expire_time'])))
-							$_SESSION['ban']['expire_time'] = $row['expire_time'];
+						if (!isset($_SESSION['ban']['expire_time']) || ($_SESSION['ban']['expire_time'] != 0 && ($row['expire_time'] == 0 || $row['expire_time'] > $_SESSION['ban']['expire_time']))) {
+													$_SESSION['ban']['expire_time'] = $row['expire_time'];
+						}
 
-						if (!$user_info['is_guest'] && $restriction == 'cannot_access' && ($row['id_member'] == $user_info['id'] || $row['email_address'] == $user_info['email']))
-							$flag_is_activated = true;
+						if (!$user_info['is_guest'] && $restriction == 'cannot_access' && ($row['id_member'] == $user_info['id'] || $row['email_address'] == $user_info['email'])) {
+													$flag_is_activated = true;
+						}
 					}
 			}
 			$smcFunc['db_free_result']($request);
 		}
 
 		// Mark the cannot_access and cannot_post bans as being 'hit'.
-		if (isset($_SESSION['ban']['cannot_access']) || isset($_SESSION['ban']['cannot_post']) || isset($_SESSION['ban']['cannot_login']))
-			log_ban(array_merge(isset($_SESSION['ban']['cannot_access']) ? $_SESSION['ban']['cannot_access']['ids'] : array(), isset($_SESSION['ban']['cannot_post']) ? $_SESSION['ban']['cannot_post']['ids'] : array(), isset($_SESSION['ban']['cannot_login']) ? $_SESSION['ban']['cannot_login']['ids'] : array()));
+		if (isset($_SESSION['ban']['cannot_access']) || isset($_SESSION['ban']['cannot_post']) || isset($_SESSION['ban']['cannot_login'])) {
+					log_ban(array_merge(isset($_SESSION['ban']['cannot_access']) ? $_SESSION['ban']['cannot_access']['ids'] : array(), isset($_SESSION['ban']['cannot_post']) ? $_SESSION['ban']['cannot_post']['ids'] : array(), isset($_SESSION['ban']['cannot_login']) ? $_SESSION['ban']['cannot_login']['ids'] : array()));
+		}
 
 		// If for whatever reason the is_activated flag seems wrong, do a little work to clear it up.
 		if ($user_info['id'] && (($user_settings['is_activated'] >= 10 && !$flag_is_activated)
@@ -260,8 +276,9 @@ 
 	if (!isset($_SESSION['ban']['cannot_access']) && !empty($_COOKIE[$cookiename . '_']))
 	{
 		$bans = explode(',', $_COOKIE[$cookiename . '_']);
-		foreach ($bans as $key => $value)
-			$bans[$key] = (int) $value;
+		foreach ($bans as $key => $value) {
+					$bans[$key] = (int) $value;
+		}
 		$request = $smcFunc['db_query']('', '
 			SELECT bi.id_ban, bg.reason, COALESCE(bg.expire_time, 0) AS expire_time
 			FROM {db_prefix}ban_items AS bi
@@ -298,14 +315,15 @@ 
 	if (isset($_SESSION['ban']['cannot_access']))
 	{
 		// We don't wanna see you!
-		if (!$user_info['is_guest'])
-			$smcFunc['db_query']('', '
+		if (!$user_info['is_guest']) {
+					$smcFunc['db_query']('', '
 				DELETE FROM {db_prefix}log_online
 				WHERE id_member = {int:current_member}',
 				array(
 					'current_member' => $user_info['id'],
 				)
 			);
+		}
 
 		// 'Log' the user out.  Can't have any funny business... (save the name!)
 		$old_name = isset($user_info['name']) && $user_info['name'] != '' ? $user_info['name'] : $txt['guest_title'];
@@ -391,9 +409,10 @@ 
 	}
 
 	// Fix up the banning permissions.
-	if (isset($user_info['permissions']))
-		banPermissions();
-}
+	if (isset($user_info['permissions'])) {
+			banPermissions();
+	}
+	}
 
 /**
  * Fix permissions according to ban status.
@@ -404,8 +423,9 @@ 
 	global $user_info, $sourcedir, $modSettings, $context;
 
 	// Somehow they got here, at least take away all permissions...
-	if (isset($_SESSION['ban']['cannot_access']))
-		$user_info['permissions'] = array();
+	if (isset($_SESSION['ban']['cannot_access'])) {
+			$user_info['permissions'] = array();
+	}
 	// Okay, well, you can watch, but don't touch a thing.
 	elseif (isset($_SESSION['ban']['cannot_post']) || (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $user_info['warning']))
 	{
@@ -447,19 +467,20 @@ 
 		call_integration_hook('integrate_warn_permissions', array(&$permission_change));
 		foreach ($permission_change as $old => $new)
 		{
-			if (!in_array($old, $user_info['permissions']))
-				unset($permission_change[$old]);
-			else
-				$user_info['permissions'][] = $new;
+			if (!in_array($old, $user_info['permissions'])) {
+							unset($permission_change[$old]);
+			} else {
+							$user_info['permissions'][] = $new;
+			}
 		}
 		$user_info['permissions'] = array_diff($user_info['permissions'], array_keys($permission_change));
 	}
 
 	// @todo Find a better place to call this? Needs to be after permissions loaded!
 	// Finally, some bits we cache in the session because it saves queries.
-	if (isset($_SESSION['mc']) && $_SESSION['mc']['time'] > $modSettings['settings_updated'] && $_SESSION['mc']['id'] == $user_info['id'])
-		$user_info['mod_cache'] = $_SESSION['mc'];
-	else
+	if (isset($_SESSION['mc']) && $_SESSION['mc']['time'] > $modSettings['settings_updated'] && $_SESSION['mc']['id'] == $user_info['id']) {
+			$user_info['mod_cache'] = $_SESSION['mc'];
+	} else
 	{
 		require_once($sourcedir . '/Subs-Auth.php');
 		rebuildModCache();
@@ -470,14 +491,12 @@ 
 	{
 		$context['open_mod_reports'] = $_SESSION['rc']['reports'];
 		$context['open_member_reports'] = $_SESSION['rc']['member_reports'];
-	}
-	elseif ($_SESSION['mc']['bq'] != '0=1')
+	} elseif ($_SESSION['mc']['bq'] != '0=1')
 	{
 		require_once($sourcedir . '/Subs-ReportedContent.php');
 		$context['open_mod_reports'] = recountOpenReports('posts');
 		$context['open_member_reports'] = recountOpenReports('members');
-	}
-	else
+	} else
 	{
 		$context['open_mod_reports'] = 0;
 		$context['open_member_reports'] = 0;
@@ -497,8 +516,9 @@ 
 	global $user_info, $smcFunc;
 
 	// Don't log web accelerators, it's very confusing...
-	if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
-		return;
+	if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
+			return;
+	}
 
 	$smcFunc['db_insert']('',
 		'{db_prefix}log_banned',
@@ -508,8 +528,8 @@ 
 	);
 
 	// One extra point for these bans.
-	if (!empty($ban_ids))
-		$smcFunc['db_query']('', '
+	if (!empty($ban_ids)) {
+			$smcFunc['db_query']('', '
 			UPDATE {db_prefix}ban_items
 			SET hits = hits + 1
 			WHERE id_ban IN ({array_int:ban_ids})',
@@ -517,7 +537,8 @@ 
 				'ban_ids' => $ban_ids,
 			)
 		);
-}
+	}
+	}
 
 /**
  * Checks if a given email address might be banned.
@@ -533,8 +554,9 @@ 
 	global $txt, $smcFunc;
 
 	// Can't ban an empty email
-	if (empty($email) || trim($email) == '')
-		return;
+	if (empty($email) || trim($email) == '') {
+			return;
+	}
 
 	// Let's start with the bans based on your IP/hostname/memberID...
 	$ban_ids = isset($_SESSION['ban'][$restriction]) ? $_SESSION['ban'][$restriction]['ids'] : array();
@@ -607,16 +629,18 @@ 
 	if ($type == 'post')
 	{
 		$check = isset($_POST[$_SESSION['session_var']]) ? $_POST[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_POST['sc']) ? $_POST['sc'] : null);
-		if ($check !== $sc)
-			$error = 'session_timeout';
+		if ($check !== $sc) {
+					$error = 'session_timeout';
+		}
 	}
 
 	// How about $_GET['sesc']?
 	elseif ($type == 'get')
 	{
 		$check = isset($_GET[$_SESSION['session_var']]) ? $_GET[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_GET['sesc']) ? $_GET['sesc'] : null);
-		if ($check !== $sc)
-			$error = 'session_verify_fail';
+		if ($check !== $sc) {
+					$error = 'session_verify_fail';
+		}
 	}
 
 	// Or can it be in either?
@@ -624,13 +648,15 @@ 
 	{
 		$check = isset($_GET[$_SESSION['session_var']]) ? $_GET[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_GET['sesc']) ? $_GET['sesc'] : (isset($_POST[$_SESSION['session_var']]) ? $_POST[$_SESSION['session_var']] : (empty($modSettings['strictSessionCheck']) && isset($_POST['sc']) ? $_POST['sc'] : null)));
 
-		if ($check !== $sc)
-			$error = 'session_verify_fail';
+		if ($check !== $sc) {
+					$error = 'session_verify_fail';
+		}
 	}
 
 	// Verify that they aren't changing user agents on us - that could be bad.
-	if ((!isset($_SESSION['USER_AGENT']) || $_SESSION['USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) && empty($modSettings['disableCheckUA']))
-		$error = 'session_verify_fail';
+	if ((!isset($_SESSION['USER_AGENT']) || $_SESSION['USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) && empty($modSettings['disableCheckUA'])) {
+			$error = 'session_verify_fail';
+	}
 
 	// Make sure a page with session check requirement is not being prefetched.
 	if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch')
@@ -641,30 +667,35 @@ 
 	}
 
 	// Check the referring site - it should be the same server at least!
-	if (isset($_SESSION['request_referer']))
-		$referrer = $_SESSION['request_referer'];
-	else
-		$referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
+	if (isset($_SESSION['request_referer'])) {
+			$referrer = $_SESSION['request_referer'];
+	} else {
+			$referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
+	}
 	if (!empty($referrer['host']))
 	{
-		if (strpos($_SERVER['HTTP_HOST'], ':') !== false)
-			$real_host = substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':'));
-		else
-			$real_host = $_SERVER['HTTP_HOST'];
+		if (strpos($_SERVER['HTTP_HOST'], ':') !== false) {
+					$real_host = substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':'));
+		} else {
+					$real_host = $_SERVER['HTTP_HOST'];
+		}
 
 		$parsed_url = parse_url($boardurl);
 
 		// Are global cookies on?  If so, let's check them ;).
 		if (!empty($modSettings['globalCookies']))
 		{
-			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $parsed_url['host'], $parts) == 1)
-				$parsed_url['host'] = $parts[1];
+			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $parsed_url['host'], $parts) == 1) {
+							$parsed_url['host'] = $parts[1];
+			}
 
-			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $referrer['host'], $parts) == 1)
-				$referrer['host'] = $parts[1];
+			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $referrer['host'], $parts) == 1) {
+							$referrer['host'] = $parts[1];
+			}
 
-			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $real_host, $parts) == 1)
-				$real_host = $parts[1];
+			if (preg_match('~(?:[^\.]+\.)?([^\.]{3,}\..+)\z~i', $real_host, $parts) == 1) {
+							$real_host = $parts[1];
+			}
 		}
 
 		// Okay: referrer must either match parsed_url or real_host.
@@ -682,12 +713,14 @@ 
 		$log_error = true;
 	}
 
-	if (strtolower($_SERVER['HTTP_USER_AGENT']) == 'hacker')
-		fatal_error('Sound the alarm!  It\'s a hacker!  Close the castle gates!!', false);
+	if (strtolower($_SERVER['HTTP_USER_AGENT']) == 'hacker') {
+			fatal_error('Sound the alarm!  It\'s a hacker!  Close the castle gates!!', false);
+	}
 
 	// Everything is ok, return an empty string.
-	if (!isset($error))
-		return '';
+	if (!isset($error)) {
+			return '';
+	}
 	// A session error occurred, show the error.
 	elseif ($is_fatal)
 	{
@@ -696,13 +729,14 @@ 
 			ob_end_clean();
 			header('HTTP/1.1 403 Forbidden - Session timeout');
 			die;
+		} else {
+					fatal_lang_error($error, isset($log_error) ? 'user' : false);
 		}
-		else
-			fatal_lang_error($error, isset($log_error) ? 'user' : false);
 	}
 	// A session error occurred, return the error to the calling function.
-	else
-		return $error;
+	else {
+			return $error;
+	}
 
 	// We really should never fall through here, for very important reasons.  Let's make sure.
 	trigger_error('Hacking attempt...', E_USER_ERROR);
@@ -718,10 +752,9 @@ 
 {
 	global $modSettings;
 
-	if (isset($_GET['confirm']) && isset($_SESSION['confirm_' . $action]) && md5($_GET['confirm'] . $_SERVER['HTTP_USER_AGENT']) == $_SESSION['confirm_' . $action])
-		return true;
-
-	else
+	if (isset($_GET['confirm']) && isset($_SESSION['confirm_' . $action]) && md5($_GET['confirm'] . $_SERVER['HTTP_USER_AGENT']) == $_SESSION['confirm_' . $action]) {
+			return true;
+	} else
 	{
 		$token = md5(mt_rand() . session_id() . (string) microtime() . $modSettings['rand_seed']);
 		$_SESSION['confirm_' . $action] = md5($token . $_SERVER['HTTP_USER_AGENT']);
@@ -772,9 +805,9 @@ 
 			$return = $_SESSION['token'][$type . '-' . $action][3];
 			unset($_SESSION['token'][$type . '-' . $action]);
 			return $return;
+		} else {
+					return '';
 		}
-		else
-			return '';
 	}
 
 	// This nasty piece of code validates a token.
@@ -805,12 +838,14 @@ 
 		fatal_lang_error('token_verify_fail', false);
 	}
 	// Remove this token as its useless
-	else
-		unset($_SESSION['token'][$type . '-' . $action]);
+	else {
+			unset($_SESSION['token'][$type . '-' . $action]);
+	}
 
 	// Randomly check if we should remove some older tokens.
-	if (mt_rand(0, 138) == 23)
-		cleanTokens();
+	if (mt_rand(0, 138) == 23) {
+			cleanTokens();
+	}
 
 	return false;
 }
@@ -825,14 +860,16 @@ 
 function cleanTokens($complete = false)
 {
 	// We appreciate cleaning up after yourselves.
-	if (!isset($_SESSION['token']))
-		return;
+	if (!isset($_SESSION['token'])) {
+			return;
+	}
 
 	// Clean up tokens, trying to give enough time still.
-	foreach ($_SESSION['token'] as $key => $data)
-		if ($data[2] + 10800 < time() || $complete)
+	foreach ($_SESSION['token'] as $key => $data) {
+			if ($data[2] + 10800 < time() || $complete)
 			unset($_SESSION['token'][$key]);
-}
+	}
+	}
 
 /**
  * Check whether a form has been submitted twice.
@@ -850,37 +887,40 @@ 
 {
 	global $context;
 
-	if (!isset($_SESSION['forms']))
-		$_SESSION['forms'] = array();
+	if (!isset($_SESSION['forms'])) {
+			$_SESSION['forms'] = array();
+	}
 
 	// Register a form number and store it in the session stack. (use this on the page that has the form.)
 	if ($action == 'register')
 	{
 		$context['form_sequence_number'] = 0;
-		while (empty($context['form_sequence_number']) || in_array($context['form_sequence_number'], $_SESSION['forms']))
-			$context['form_sequence_number'] = mt_rand(1, 16000000);
+		while (empty($context['form_sequence_number']) || in_array($context['form_sequence_number'], $_SESSION['forms'])) {
+					$context['form_sequence_number'] = mt_rand(1, 16000000);
+		}
 	}
 	// Check whether the submitted number can be found in the session.
 	elseif ($action == 'check')
 	{
-		if (!isset($_REQUEST['seqnum']))
-			return true;
-		elseif (!in_array($_REQUEST['seqnum'], $_SESSION['forms']))
+		if (!isset($_REQUEST['seqnum'])) {
+					return true;
+		} elseif (!in_array($_REQUEST['seqnum'], $_SESSION['forms']))
 		{
 			$_SESSION['forms'][] = (int) $_REQUEST['seqnum'];
 			return true;
+		} elseif ($is_fatal) {
+					fatal_lang_error('error_form_already_submitted', false);
+		} else {
+					return false;
 		}
-		elseif ($is_fatal)
-			fatal_lang_error('error_form_already_submitted', false);
-		else
-			return false;
 	}
 	// Don't check, just free the stack number.
-	elseif ($action == 'free' && isset($_REQUEST['seqnum']) && in_array($_REQUEST['seqnum'], $_SESSION['forms']))
-		$_SESSION['forms'] = array_diff($_SESSION['forms'], array($_REQUEST['seqnum']));
-	elseif ($action != 'free')
-		trigger_error('checkSubmitOnce(): Invalid action \'' . $action . '\'', E_USER_WARNING);
-}
+	elseif ($action == 'free' && isset($_REQUEST['seqnum']) && in_array($_REQUEST['seqnum'], $_SESSION['forms'])) {
+			$_SESSION['forms'] = array_diff($_SESSION['forms'], array($_REQUEST['seqnum']));
+	} elseif ($action != 'free') {
+			trigger_error('checkSubmitOnce(): Invalid action \'' . $action . '\'', E_USER_WARNING);
+	}
+	}
 
 /**
  * Check the user's permissions.
@@ -899,16 +939,19 @@ 
 	global $user_info, $smcFunc;
 
 	// You're always allowed to do nothing. (unless you're a working man, MR. LAZY :P!)
-	if (empty($permission))
-		return true;
+	if (empty($permission)) {
+			return true;
+	}
 
 	// You're never allowed to do something if your data hasn't been loaded yet!
-	if (empty($user_info))
-		return false;
+	if (empty($user_info)) {
+			return false;
+	}
 
 	// Administrators are supermen :P.
-	if ($user_info['is_admin'])
-		return true;
+	if ($user_info['is_admin']) {
+			return true;
+	}
 
 	// Let's ensure this is an array.
 	$permission = (array) $permission;
@@ -916,14 +959,16 @@ 
 	// Are we checking the _current_ board, or some other boards?
 	if ($boards === null)
 	{
-		if (count(array_intersect($permission, $user_info['permissions'])) != 0)
-			return true;
+		if (count(array_intersect($permission, $user_info['permissions'])) != 0) {
+					return true;
+		}
 		// You aren't allowed, by default.
-		else
-			return false;
+		else {
+					return false;
+		}
+	} elseif (!is_array($boards)) {
+			$boards = array($boards);
 	}
-	elseif (!is_array($boards))
-		$boards = array($boards);
 
 	$request = $smcFunc['db_query']('', '
 		SELECT MIN(bp.add_deny) AS add_deny
@@ -951,20 +996,23 @@ 
 		while ($row = $smcFunc['db_fetch_assoc']($request))
 		{
 			$result = !empty($row['add_deny']);
-			if ($result == true)
-				break;
+			if ($result == true) {
+							break;
+			}
 		}
 		$smcFunc['db_free_result']($request);
 		return $result;
 	}
 
 	// Make sure they can do it on all of the boards.
-	if ($smcFunc['db_num_rows']($request) != count($boards))
-		return false;
+	if ($smcFunc['db_num_rows']($request) != count($boards)) {
+			return false;
+	}
 
 	$result = true;
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$result &= !empty($row['add_deny']);
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$result &= !empty($row['add_deny']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	// If the query returned 1, they can do it... otherwise, they can't.
@@ -1031,9 +1079,10 @@ 
 
 	// If you're doing something on behalf of some "heavy" permissions, validate your session.
 	// (take out the heavy permissions, and if you can't do anything but those, you need a validated session.)
-	if (!allowedTo(array_diff($permission, $heavy_permissions), $boards))
-		validateSession();
-}
+	if (!allowedTo(array_diff($permission, $heavy_permissions), $boards)) {
+			validateSession();
+	}
+	}
 
 /**
  * Return the boards a user has a certain (board) permission on. (array(0) if all.)
@@ -1052,8 +1101,9 @@ 
 	global $user_info, $smcFunc;
 
 	// Arrays are nice, most of the time.
-	if (!is_array($permissions))
-		$permissions = array($permissions);
+	if (!is_array($permissions)) {
+			$permissions = array($permissions);
+	}
 
 	/*
 	 * Set $simple to true to use this function as it were in SMF 2.0.x.
@@ -1065,13 +1115,14 @@ 
 	// Administrators are all powerful, sorry.
 	if ($user_info['is_admin'])
 	{
-		if ($simple)
-			return array(0);
-		else
+		if ($simple) {
+					return array(0);
+		} else
 		{
 			$boards = array();
-			foreach ($permissions as $permission)
-				$boards[$permission] = array(0);
+			foreach ($permissions as $permission) {
+							$boards[$permission] = array(0);
+			}
 
 			return $boards;
 		}
@@ -1103,31 +1154,32 @@ 
 	{
 		if ($simple)
 		{
-			if (empty($row['add_deny']))
-				$deny_boards[] = $row['id_board'];
-			else
-				$boards[] = $row['id_board'];
-		}
-		else
+			if (empty($row['add_deny'])) {
+							$deny_boards[] = $row['id_board'];
+			} else {
+							$boards[] = $row['id_board'];
+			}
+		} else
 		{
-			if (empty($row['add_deny']))
-				$deny_boards[$row['permission']][] = $row['id_board'];
-			else
-				$boards[$row['permission']][] = $row['id_board'];
+			if (empty($row['add_deny'])) {
+							$deny_boards[$row['permission']][] = $row['id_board'];
+			} else {
+							$boards[$row['permission']][] = $row['id_board'];
+			}
 		}
 	}
 	$smcFunc['db_free_result']($request);
 
-	if ($simple)
-		$boards = array_unique(array_values(array_diff($boards, $deny_boards)));
-	else
+	if ($simple) {
+			$boards = array_unique(array_values(array_diff($boards, $deny_boards)));
+	} else
 	{
 		foreach ($permissions as $permission)
 		{
 			// never had it to start with
-			if (empty($boards[$permission]))
-				$boards[$permission] = array();
-			else
+			if (empty($boards[$permission])) {
+							$boards[$permission] = array();
+			} else
 			{
 				// Or it may have been removed
 				$deny_boards[$permission] = isset($deny_boards[$permission]) ? $deny_boards[$permission] : array();
@@ -1163,10 +1215,11 @@ 
 
 
 	// Moderators are free...
-	if (!allowedTo('moderate_board'))
-		$timeLimit = isset($timeOverrides[$error_type]) ? $timeOverrides[$error_type] : $modSettings['spamWaitTime'];
-	else
-		$timeLimit = 2;
+	if (!allowedTo('moderate_board')) {
+			$timeLimit = isset($timeOverrides[$error_type]) ? $timeOverrides[$error_type] : $modSettings['spamWaitTime'];
+	} else {
+			$timeLimit = 2;
+	}
 
 	call_integration_hook('integrate_spam_protection', array(&$timeOverrides, &$timeLimit));
 
@@ -1193,8 +1246,9 @@ 
 	if ($smcFunc['db_affected_rows']() != 1)
 	{
 		// Spammer!  You only have to wait a *few* seconds!
-		if (!$only_return_result)
-			fatal_lang_error($error_type . '_WaitTime_broken', false, array($timeLimit));
+		if (!$only_return_result) {
+					fatal_lang_error($error_type . '_WaitTime_broken', false, array($timeLimit));
+		}
 
 		return true;
 	}
@@ -1212,11 +1266,13 @@ 
  */
 function secureDirectory($path, $attachments = false)
 {
-	if (empty($path))
-		return 'empty_path';
+	if (empty($path)) {
+			return 'empty_path';
+	}
 
-	if (!is_writable($path))
-		return 'path_not_writable';
+	if (!is_writable($path)) {
+			return 'path_not_writable';
+	}
 
 	$directoryname = basename($path);
 
@@ -1228,9 +1284,9 @@ 
 
 RemoveHandler .php .php3 .phtml .cgi .fcgi .pl .fpl .shtml';
 
-	if (file_exists($path . '/.htaccess'))
-		$errors[] = 'htaccess_exists';
-	else
+	if (file_exists($path . '/.htaccess')) {
+			$errors[] = 'htaccess_exists';
+	} else
 	{
 		$fh = @fopen($path . '/.htaccess', 'w');
 		if ($fh)
@@ -1243,9 +1299,9 @@ 
 		$errors[] = 'htaccess_cannot_create_file';
 	}
 
-	if (file_exists($path . '/index.php'))
-		$errors[] = 'index-php_exists';
-	else
+	if (file_exists($path . '/index.php')) {
+			$errors[] = 'index-php_exists';
+	} else
 	{
 		$fh = @fopen($path . '/index.php', 'w');
 		if ($fh)
@@ -1273,11 +1329,12 @@ 
 		$errors[] = 'index-php_cannot_create_file';
 	}
 
-	if (!empty($errors))
-		return $errors;
-	else
-		return true;
-}
+	if (!empty($errors)) {
+			return $errors;
+	} else {
+			return true;
+	}
+	}
 
 /**
 * This sets the X-Frame-Options header.
@@ -1290,14 +1347,16 @@ 
 	global $modSettings;
 
 	$option = 'SAMEORIGIN';
-	if (is_null($override) && !empty($modSettings['frame_security']))
-		$option = $modSettings['frame_security'];
-	elseif (in_array($override, array('SAMEORIGIN', 'DENY')))
-		$option = $override;
+	if (is_null($override) && !empty($modSettings['frame_security'])) {
+			$option = $modSettings['frame_security'];
+	} elseif (in_array($override, array('SAMEORIGIN', 'DENY'))) {
+			$option = $override;
+	}
 
 	// Don't bother setting the header if we have disabled it.
-	if ($option == 'DISABLE')
-		return;
+	if ($option == 'DISABLE') {
+			return;
+	}
 
 	// Finally set it.
 	header('x-frame-options: ' . $option);

Sources/ManageBans.php

Braces +257 added lines, -207 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Ban center. The main entrance point for all ban center functions.
@@ -120,10 +121,11 @@ 
 	}
 
 	// Create a date string so we don't overload them with date info.
-	if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0]))
-		$context['ban_time_format'] = $user_info['time_format'];
-	else
-		$context['ban_time_format'] = $matches[0];
+	if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
+			$context['ban_time_format'] = $user_info['time_format'];
+	} else {
+			$context['ban_time_format'] = $matches[0];
+	}
 
 	$listOptions = array(
 		'id' => 'ban_list',
@@ -201,16 +203,19 @@ 
 					'function' => function($rowData) use ($txt)
 					{
 						// This ban never expires...whahaha.
-						if ($rowData['expire_time'] === null)
-							return $txt['never'];
+						if ($rowData['expire_time'] === null) {
+													return $txt['never'];
+						}
 
 						// This ban has already expired.
-						elseif ($rowData['expire_time'] < time())
-							return sprintf('<span class="red">%1$s</span>', $txt['ban_expired']);
+						elseif ($rowData['expire_time'] < time()) {
+													return sprintf('<span class="red">%1$s</span>', $txt['ban_expired']);
+						}
 
 						// Still need to wait a few days for this ban to expire.
-						else
-							return sprintf('%1$d&nbsp;%2$s', ceil(($rowData['expire_time'] - time()) / (60 * 60 * 24)), $txt['ban_days']);
+						else {
+													return sprintf('%1$d&nbsp;%2$s', ceil(($rowData['expire_time'] - time()) / (60 * 60 * 24)), $txt['ban_days']);
+						}
 					},
 				),
 				'sort' => array(
@@ -320,8 +325,9 @@ 
 		)
 	);
 	$bans = array();
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$bans[] = $row;
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$bans[] = $row;
+	}
 
 	$smcFunc['db_free_result']($request);
 
@@ -363,8 +369,9 @@ 
 {
 	global $txt, $modSettings, $context, $scripturl, $smcFunc, $sourcedir;
 
-	if ((isset($_POST['add_ban']) || isset($_POST['modify_ban']) || isset($_POST['remove_selection'])) && empty($context['ban_errors']))
-		BanEdit2();
+	if ((isset($_POST['add_ban']) || isset($_POST['modify_ban']) || isset($_POST['remove_selection'])) && empty($context['ban_errors'])) {
+			BanEdit2();
+	}
 
 	$ban_group_id = isset($context['ban']['id']) ? $context['ban']['id'] : (isset($_REQUEST['bg']) ? (int) $_REQUEST['bg'] : 0);
 
@@ -373,11 +380,10 @@ 
 	createToken('admin-bet');
 	$context['form_url'] = $scripturl . '?action=admin;area=ban;sa=edit';
 
-	if (!empty($context['ban_errors']))
-		foreach ($context['ban_errors'] as $error)
+	if (!empty($context['ban_errors'])) {
+			foreach ($context['ban_errors'] as $error)
 			$context['error_messages'][$error] = $txt[$error];
-
-	else
+	} else
 	{
 		// If we're editing an existing ban, get it from the database.
 		if (!empty($ban_group_id))
@@ -413,12 +419,13 @@ 
 						'data' => array(
 							'function' => function($ban_item) use ($txt)
 							{
-								if (in_array($ban_item['type'], array('ip', 'hostname', 'email')))
-									return '<strong>' . $txt[$ban_item['type']] . ':</strong>&nbsp;' . $ban_item[$ban_item['type']];
-								elseif ($ban_item['type'] == 'user')
-									return '<strong>' . $txt['username'] . ':</strong>&nbsp;' . $ban_item['user']['link'];
-								else
-									return '<strong>' . $txt['unknown'] . ':</strong>&nbsp;' . $ban_item['no_bantype_selected'];
+								if (in_array($ban_item['type'], array('ip', 'hostname', 'email'))) {
+																	return '<strong>' . $txt[$ban_item['type']] . ':</strong>&nbsp;' . $ban_item[$ban_item['type']];
+								} elseif ($ban_item['type'] == 'user') {
+																	return '<strong>' . $txt['username'] . ':</strong>&nbsp;' . $ban_item['user']['link'];
+								} else {
+																	return '<strong>' . $txt['unknown'] . ':</strong>&nbsp;' . $ban_item['no_bantype_selected'];
+								}
 							},
 							'style' => 'text-align: left;',
 						),
@@ -556,8 +563,9 @@ 
 					$context['ban']['from_user'] = true;
 
 					// Would be nice if we could also ban the hostname.
-					if ((preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $context['ban_suggestions']['main_ip']) == 1 || isValidIPv6($context['ban_suggestions']['main_ip'])) && empty($modSettings['disableHostnameLookup']))
-						$context['ban_suggestions']['hostname'] = host_from_ip($context['ban_suggestions']['main_ip']);
+					if ((preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $context['ban_suggestions']['main_ip']) == 1 || isValidIPv6($context['ban_suggestions']['main_ip'])) && empty($modSettings['disableHostnameLookup'])) {
+											$context['ban_suggestions']['hostname'] = host_from_ip($context['ban_suggestions']['main_ip']);
+					}
 
 					$context['ban_suggestions']['other_ips'] = banLoadAdditionalIPs($context['ban_suggestions']['member']['id']);
 				}
@@ -625,8 +633,9 @@ 
 			'items_per_page' => $items_per_page,
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) == 0)
-		fatal_lang_error('ban_not_found', false);
+	if ($smcFunc['db_num_rows']($request) == 0) {
+			fatal_lang_error('ban_not_found', false);
+	}
 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
@@ -663,18 +672,15 @@ 
 			{
 				$ban_items[$row['id_ban']]['type'] = 'ip';
 				$ban_items[$row['id_ban']]['ip'] = range2ip($row['ip_low'], $row['ip_high']);
-			}
-			elseif (!empty($row['hostname']))
+			} elseif (!empty($row['hostname']))
 			{
 				$ban_items[$row['id_ban']]['type'] = 'hostname';
 				$ban_items[$row['id_ban']]['hostname'] = str_replace('%', '*', $row['hostname']);
-			}
-			elseif (!empty($row['email_address']))
+			} elseif (!empty($row['email_address']))
 			{
 				$ban_items[$row['id_ban']]['type'] = 'email';
 				$ban_items[$row['id_ban']]['email'] = str_replace('%', '*', $row['email_address']);
-			}
-			elseif (!empty($row['id_member']))
+			} elseif (!empty($row['id_member']))
 			{
 				$ban_items[$row['id_ban']]['type'] = 'user';
 				$ban_items[$row['id_ban']]['user'] = array(
@@ -740,9 +746,10 @@ 
 	$search_list += array('ips_in_messages' => 'banLoadAdditionalIPsMember', 'ips_in_errors' => 'banLoadAdditionalIPsError');
 
 	$return = array();
-	foreach ($search_list as $key => $callable)
-		if (is_callable($callable))
+	foreach ($search_list as $key => $callable) {
+			if (is_callable($callable))
 			$return[$key] = call_user_func($callable, $member_id);
+	}
 
 	return $return;
 }
@@ -767,8 +774,9 @@ 
 			'current_user' => $member_id,
 		)
 	);
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$message_ips[] = inet_dtop($row['poster_ip']);
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$message_ips[] = inet_dtop($row['poster_ip']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	return $message_ips;
@@ -793,8 +801,9 @@ 
 			'current_user' => $member_id,
 		)
 	);
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-	    $error_ips[] = inet_dtop($row['ip']);
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+		    $error_ips[] = inet_dtop($row['ip']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	return $error_ips;
@@ -835,11 +844,13 @@ 
 		$ban_info['cannot']['login'] = !empty($ban_info['full_ban']) || empty($_POST['cannot_login']) ? 0 : 1;
 
 		// Adding a new ban group
-		if (empty($_REQUEST['bg']))
-			$ban_group_id = insertBanGroup($ban_info);
+		if (empty($_REQUEST['bg'])) {
+					$ban_group_id = insertBanGroup($ban_info);
+		}
 		// Editing an existing ban group
-		else
-			$ban_group_id = updateBanGroup($ban_info);
+		else {
+					$ban_group_id = updateBanGroup($ban_info);
+		}
 
 		if (is_numeric($ban_group_id))
 		{
@@ -850,9 +861,10 @@ 
 		$context['ban'] = $ban_info;
 	}
 
-	if (isset($_POST['ban_suggestions']))
-		// @TODO: is $_REQUEST['bi'] ever set?
+	if (isset($_POST['ban_suggestions'])) {
+			// @TODO: is $_REQUEST['bi'] ever set?
 		$saved_triggers = saveTriggers($_POST['ban_suggestions'], $ban_info['id'], isset($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0, isset($_REQUEST['bi']) ? (int) $_REQUEST['bi'] : 0);
+	}
 
 	// Something went wrong somewhere... Oh well, let's go back.
 	if (!empty($context['ban_errors']))
@@ -862,8 +874,9 @@ 
 		$context['ban_suggestions'] = array_merge($context['ban_suggestions'], getMemberData((int) $_REQUEST['u']));
 
 		// Not strictly necessary, but it's nice
-		if (!empty($context['ban_suggestions']['member']['id']))
-			$context['ban_suggestions']['other_ips'] = banLoadAdditionalIPs($context['ban_suggestions']['member']['id']);
+		if (!empty($context['ban_suggestions']['member']['id'])) {
+					$context['ban_suggestions']['other_ips'] = banLoadAdditionalIPs($context['ban_suggestions']['member']['id']);
+		}
 		return BanEdit();
 	}
 	$context['ban_suggestions']['saved_triggers'] = !empty($saved_triggers) ? $saved_triggers : array();
@@ -910,10 +923,11 @@ 
 
 	foreach ($suggestions as $key => $value)
 	{
-		if (is_array($value))
-			$triggers[$key] = $value;
-		else
-			$triggers[$value] = !empty($_POST[$value]) ? $_POST[$value] : '';
+		if (is_array($value)) {
+					$triggers[$key] = $value;
+		} else {
+					$triggers[$value] = !empty($_POST[$value]) ? $_POST[$value] : '';
+		}
 	}
 
 	$ban_triggers = validateTriggers($triggers);
@@ -921,16 +935,18 @@ 
 	// Time to save!
 	if (!empty($ban_triggers['ban_triggers']) && empty($context['ban_errors']))
 	{
-		if (empty($ban_id))
-			addTriggers($ban_group, $ban_triggers['ban_triggers'], $ban_triggers['log_info']);
-		else
-			updateTriggers($ban_id, $ban_group, array_shift($ban_triggers['ban_triggers']), $ban_triggers['log_info']);
+		if (empty($ban_id)) {
+					addTriggers($ban_group, $ban_triggers['ban_triggers'], $ban_triggers['log_info']);
+		} else {
+					updateTriggers($ban_id, $ban_group, array_shift($ban_triggers['ban_triggers']), $ban_triggers['log_info']);
+		}
+	}
+	if (!empty($context['ban_errors'])) {
+			return $triggers;
+	} else {
+			return false;
+	}
 	}
-	if (!empty($context['ban_errors']))
-		return $triggers;
-	else
-		return false;
-}
 
 /**
  * This function removes a bunch of triggers based on ids
@@ -944,14 +960,17 @@ 
 {
 	global $smcFunc, $scripturl;
 
-	if ($group_id !== false)
-		$group_id = (int) $group_id;
+	if ($group_id !== false) {
+			$group_id = (int) $group_id;
+	}
 
-	if (empty($group_id) && empty($items_ids))
-		return false;
+	if (empty($group_id) && empty($items_ids)) {
+			return false;
+	}
 
-	if (!is_array($items_ids))
-		$items_ids = array($items_ids);
+	if (!is_array($items_ids)) {
+			$items_ids = array($items_ids);
+	}
 
 	$log_info = array();
 	$ban_items = array();
@@ -989,8 +1008,7 @@ 
 					'bantype' => ($is_range ? 'ip_range' : 'main_ip'),
 					'value' => $ban_items[$row['id_ban']]['ip'],
 				);
-			}
-			elseif (!empty($row['hostname']))
+			} elseif (!empty($row['hostname']))
 			{
 				$ban_items[$row['id_ban']]['type'] = 'hostname';
 				$ban_items[$row['id_ban']]['hostname'] = str_replace('%', '*', $row['hostname']);
@@ -998,8 +1016,7 @@ 
 					'bantype' => 'hostname',
 					'value' => $row['hostname'],
 				);
-			}
-			elseif (!empty($row['email_address']))
+			} elseif (!empty($row['email_address']))
 			{
 				$ban_items[$row['id_ban']]['type'] = 'email';
 				$ban_items[$row['id_ban']]['email'] = str_replace('%', '*', $row['email_address']);
@@ -1007,8 +1024,7 @@ 
 					'bantype' => 'email',
 					'value' => $ban_items[$row['id_ban']]['email'],
 				);
-			}
-			elseif (!empty($row['id_member']))
+			} elseif (!empty($row['id_member']))
 			{
 				$ban_items[$row['id_ban']]['type'] = 'user';
 				$ban_items[$row['id_ban']]['user'] = array(
@@ -1041,8 +1057,7 @@ 
 				'ban_group' => $group_id,
 			)
 		);
-	}
-	elseif (!empty($items_ids))
+	} elseif (!empty($items_ids))
 	{
 		$smcFunc['db_query']('', '
 			DELETE FROM {db_prefix}ban_items
@@ -1067,13 +1082,15 @@ 
 {
 	global $smcFunc;
 
-	if (!is_array($group_ids))
-		$group_ids = array($group_ids);
+	if (!is_array($group_ids)) {
+			$group_ids = array($group_ids);
+	}
 
 	$group_ids = array_unique($group_ids);
 
-	if (empty($group_ids))
-		return false;
+	if (empty($group_ids)) {
+			return false;
+	}
 
 	$smcFunc['db_query']('', '
 		DELETE FROM {db_prefix}ban_groups
@@ -1097,21 +1114,23 @@ 
 {
 	global $smcFunc;
 
-	if (empty($ids))
-		$smcFunc['db_query']('truncate_table', '
+	if (empty($ids)) {
+			$smcFunc['db_query']('truncate_table', '
 			TRUNCATE {db_prefix}log_banned',
 			array(
 			)
 		);
-	else
+	} else
 	{
-		if (!is_array($ids))
-			$ids = array($ids);
+		if (!is_array($ids)) {
+					$ids = array($ids);
+		}
 
 		$ids = array_unique($ids);
 
-		if (empty($ids))
-			return false;
+		if (empty($ids)) {
+					return false;
+		}
 
 		$smcFunc['db_query']('', '
 			DELETE FROM {db_prefix}log_banned
@@ -1137,8 +1156,9 @@ 
 {
 	global $context, $smcFunc;
 
-	if (empty($triggers))
-		$context['ban_erros'][] = 'ban_empty_triggers';
+	if (empty($triggers)) {
+			$context['ban_erros'][] = 'ban_empty_triggers';
+	}
 
 	$ban_triggers = array();
 	$log_info = array();
@@ -1147,39 +1167,39 @@ 
 	{
 		if (!empty($value))
 		{
-			if ($key == 'member')
-				continue;
+			if ($key == 'member') {
+							continue;
+			}
 
 			if ($key == 'main_ip')
 			{
 				$value = trim($value);
 				$ip_parts = ip2range($value);
-				if (!checkExistingTriggerIP($ip_parts, $value))
-					$context['ban_erros'][] = 'invalid_ip';
-				else
+				if (!checkExistingTriggerIP($ip_parts, $value)) {
+									$context['ban_erros'][] = 'invalid_ip';
+				} else
 				{
 					$ban_triggers['main_ip'] = array(
 						'ip_low' => $ip_parts['low'],
 						'ip_high' => $ip_parts['high']
 					);
 				}
-			}
-			elseif ($key == 'hostname')
+			} elseif ($key == 'hostname')
 			{
-				if (preg_match('/[^\w.\-*]/', $value) == 1)
-					$context['ban_erros'][] = 'invalid_hostname';
-				else
+				if (preg_match('/[^\w.\-*]/', $value) == 1) {
+									$context['ban_erros'][] = 'invalid_hostname';
+				} else
 				{
 					// Replace the * wildcard by a MySQL wildcard %.
 					$value = substr(str_replace('*', '%', $value), 0, 255);
 
 					$ban_triggers['hostname']['hostname'] = $value;
 				}
-			}
-			elseif ($key == 'email')
+			} elseif ($key == 'email')
 			{
-				if (preg_match('/[^\w.\-\+*@]/', $value) == 1)
-					$context['ban_erros'][] = 'invalid_email';
+				if (preg_match('/[^\w.\-\+*@]/', $value) == 1) {
+									$context['ban_erros'][] = 'invalid_email';
+				}
 
 				// Check the user is not banning an admin.
 				$request = $smcFunc['db_query']('', '
@@ -1193,15 +1213,15 @@ 
 						'email' => $value,
 					)
 				);
-				if ($smcFunc['db_num_rows']($request) != 0)
-					$context['ban_erros'][] = 'no_ban_admin';
+				if ($smcFunc['db_num_rows']($request) != 0) {
+									$context['ban_erros'][] = 'no_ban_admin';
+				}
 				$smcFunc['db_free_result']($request);
 
 				$value = substr(strtolower(str_replace('*', '%', $value)), 0, 255);
 
 				$ban_triggers['email']['email_address'] = $value;
-			}
-			elseif ($key == 'user')
+			} elseif ($key == 'user')
 			{
 				$user = preg_replace('~&amp;#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $smcFunc['htmlspecialchars']($value, ENT_QUOTES));
 
@@ -1215,8 +1235,9 @@ 
 						'username' => $user,
 					)
 				);
-				if ($smcFunc['db_num_rows']($request) == 0)
-					$context['ban_erros'][] = 'invalid_username';
+				if ($smcFunc['db_num_rows']($request) == 0) {
+									$context['ban_erros'][] = 'invalid_username';
+				}
 				list ($value, $isAdmin) = $smcFunc['db_fetch_row']($request);
 				$smcFunc['db_free_result']($request);
 
@@ -1224,25 +1245,25 @@ 
 				{
 					unset($value);
 					$context['ban_erros'][] = 'no_ban_admin';
+				} else {
+									$ban_triggers['user']['id_member'] = $value;
 				}
-				else
-					$ban_triggers['user']['id_member'] = $value;
-			}
-			elseif (in_array($key, array('ips_in_messages', 'ips_in_errors')))
+			} elseif (in_array($key, array('ips_in_messages', 'ips_in_errors')))
 			{
 				// Special case, those two are arrays themselves
 				$values = array_unique($value);
 				// Don't add the main IP again.
-				if (isset($triggers['main_ip']))
-					$values = array_diff($values, array($triggers['main_ip']));
+				if (isset($triggers['main_ip'])) {
+									$values = array_diff($values, array($triggers['main_ip']));
+				}
 				unset($value);
 				foreach ($values as $val)
 				{
 					$val = trim($val);
 					$ip_parts = ip2range($val);
-					if (!checkExistingTriggerIP($ip_parts, $val))
-						$context['ban_erros'][] = 'invalid_ip';
-					else
+					if (!checkExistingTriggerIP($ip_parts, $val)) {
+											$context['ban_erros'][] = 'invalid_ip';
+					} else
 					{
 						$ban_triggers[$key][] = array(
 							'ip_low' => $ip_parts['low'],
@@ -1255,15 +1276,16 @@ 
 						);
 					}
 				}
+			} else {
+							$context['ban_erros'][] = 'no_bantype_selected';
 			}
-			else
-				$context['ban_erros'][] = 'no_bantype_selected';
 
-			if (isset($value) && !is_array($value))
-				$log_info[] = array(
+			if (isset($value) && !is_array($value)) {
+							$log_info[] = array(
 					'value' => $value,
 					'bantype' => $key,
 				);
+			}
 		}
 	}
 	return array('ban_triggers' => $ban_triggers, 'log_info' => $log_info);
@@ -1283,8 +1305,9 @@ 
 {
 	global $smcFunc, $context;
 
-	if (empty($group_id))
-		$context['ban_errors'][] = 'ban_id_empty';
+	if (empty($group_id)) {
+			$context['ban_errors'][] = 'ban_id_empty';
+	}
 
 	// Preset all values that are required.
 	$values = array(
@@ -1309,18 +1332,21 @@ 
 	foreach ($triggers as $key => $trigger)
 	{
 		// Exceptions, exceptions, exceptions...always exceptions... :P
-		if (in_array($key, array('ips_in_messages', 'ips_in_errors')))
-			foreach ($trigger as $real_trigger)
+		if (in_array($key, array('ips_in_messages', 'ips_in_errors'))) {
+					foreach ($trigger as $real_trigger)
 				$insertTriggers[] = array_merge($values, $real_trigger);
-		else
-			$insertTriggers[] = array_merge($values, $trigger);
+		} else {
+					$insertTriggers[] = array_merge($values, $trigger);
+		}
 	}
 
-	if (empty($insertTriggers))
-		$context['ban_errors'][] = 'ban_no_triggers';
+	if (empty($insertTriggers)) {
+			$context['ban_errors'][] = 'ban_no_triggers';
+	}
 
-	if (!empty($context['ban_errors']))
-		return false;
+	if (!empty($context['ban_errors'])) {
+			return false;
+	}
 
 	$smcFunc['db_insert']('',
 		'{db_prefix}ban_items',
@@ -1348,15 +1374,19 @@ 
 {
 	global $smcFunc, $context;
 
-	if (empty($ban_item))
-		$context['ban_errors'][] = 'ban_ban_item_empty';
-	if (empty($group_id))
-		$context['ban_errors'][] = 'ban_id_empty';
-	if (empty($trigger))
-		$context['ban_errors'][] = 'ban_no_triggers';
+	if (empty($ban_item)) {
+			$context['ban_errors'][] = 'ban_ban_item_empty';
+	}
+	if (empty($group_id)) {
+			$context['ban_errors'][] = 'ban_id_empty';
+	}
+	if (empty($trigger)) {
+			$context['ban_errors'][] = 'ban_no_triggers';
+	}
 
-	if (!empty($context['ban_errors']))
-		return;
+	if (!empty($context['ban_errors'])) {
+			return;
+	}
 
 	// Preset all values that are required.
 	$values = array(
@@ -1397,8 +1427,9 @@ 
  */
 function logTriggersUpdates($logs, $new = true, $removal = false)
 {
-	if (empty($logs))
-		return;
+	if (empty($logs)) {
+			return;
+	}
 
 	$log_name_map = array(
 		'main_ip' => 'ip_range',
@@ -1409,14 +1440,15 @@ 
 	);
 
 	// Log the addion of the ban entries into the moderation log.
-	foreach ($logs as $log)
-		logAction('ban' . ($removal == true ? 'remove' : ''), array(
+	foreach ($logs as $log) {
+			logAction('ban' . ($removal == true ? 'remove' : ''), array(
 			$log_name_map[$log['bantype']] => $log['value'],
 			'new' => empty($new) ? 0 : 1,
 			'remove' => empty($removal) ? 0 : 1,
 			'type' => $log['bantype'],
 		));
-}
+	}
+	}
 
 /**
  * Updates an existing ban group
@@ -1430,12 +1462,15 @@ 
 {
 	global $smcFunc, $context;
 
-	if (empty($ban_info['name']))
-		$context['ban_errors'][] = 'ban_name_empty';
-	if (empty($ban_info['id']))
-		$context['ban_errors'][] = 'ban_id_empty';
-	if (empty($ban_info['cannot']['access']) && empty($ban_info['cannot']['register']) && empty($ban_info['cannot']['post']) && empty($ban_info['cannot']['login']))
-		$context['ban_errors'][] = 'ban_unknown_restriction_type';
+	if (empty($ban_info['name'])) {
+			$context['ban_errors'][] = 'ban_name_empty';
+	}
+	if (empty($ban_info['id'])) {
+			$context['ban_errors'][] = 'ban_id_empty';
+	}
+	if (empty($ban_info['cannot']['access']) && empty($ban_info['cannot']['register']) && empty($ban_info['cannot']['post']) && empty($ban_info['cannot']['login'])) {
+			$context['ban_errors'][] = 'ban_unknown_restriction_type';
+	}
 
 	if (!empty($ban_info['id']))
 	{
@@ -1450,8 +1485,9 @@ 
 			)
 		);
 
-		if ($smcFunc['db_num_rows']($request) == 0)
-			$context['ban_errors'][] = 'ban_not_found';
+		if ($smcFunc['db_num_rows']($request) == 0) {
+					$context['ban_errors'][] = 'ban_not_found';
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
@@ -1469,13 +1505,15 @@ 
 				'new_ban_name' => $ban_info['name'],
 			)
 		);
-		if ($smcFunc['db_num_rows']($request) != 0)
-			$context['ban_errors'][] = 'ban_name_exists';
+		if ($smcFunc['db_num_rows']($request) != 0) {
+					$context['ban_errors'][] = 'ban_name_exists';
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
-	if (!empty($context['ban_errors']))
-		return $ban_info['id'];
+	if (!empty($context['ban_errors'])) {
+			return $ban_info['id'];
+	}
 
 	$smcFunc['db_query']('', '
 		UPDATE {db_prefix}ban_groups
@@ -1519,10 +1557,12 @@ 
 {
 	global $smcFunc, $context;
 
-	if (empty($ban_info['name']))
-		$context['ban_errors'][] = 'ban_name_empty';
-	if (empty($ban_info['cannot']['access']) && empty($ban_info['cannot']['register']) && empty($ban_info['cannot']['post']) && empty($ban_info['cannot']['login']))
-		$context['ban_errors'][] = 'ban_unknown_restriction_type';
+	if (empty($ban_info['name'])) {
+			$context['ban_errors'][] = 'ban_name_empty';
+	}
+	if (empty($ban_info['cannot']['access']) && empty($ban_info['cannot']['register']) && empty($ban_info['cannot']['post']) && empty($ban_info['cannot']['login'])) {
+			$context['ban_errors'][] = 'ban_unknown_restriction_type';
+	}
 
 	if (!empty($ban_info['name']))
 	{
@@ -1537,13 +1577,15 @@ 
 			)
 		);
 
-		if ($smcFunc['db_num_rows']($request) == 1)
-			$context['ban_errors'][] = 'ban_name_exists';
+		if ($smcFunc['db_num_rows']($request) == 1) {
+					$context['ban_errors'][] = 'ban_name_exists';
+		}
 		$smcFunc['db_free_result']($request);
 	}
 
-	if (!empty($context['ban_errors']))
-		return;
+	if (!empty($context['ban_errors'])) {
+			return;
+	}
 
 	// Yes yes, we're ready to add now.
 	$ban_info['id'] = $smcFunc['db_insert']('',
@@ -1560,8 +1602,9 @@ 
 		1
 	);
 
-	if (empty($ban_info['id']))
-		$context['ban_errors'][] = 'impossible_insert_new_bangroup';
+	if (empty($ban_info['id'])) {
+			$context['ban_errors'][] = 'impossible_insert_new_bangroup';
+	}
 
 	return $ban_info['id'];
 }
@@ -1586,24 +1629,24 @@ 
 	$ban_group = isset($_REQUEST['bg']) ? (int) $_REQUEST['bg'] : 0;
 	$ban_id = isset($_REQUEST['bi']) ? (int) $_REQUEST['bi'] : 0;
 
-	if (empty($ban_group))
-		fatal_lang_error('ban_not_found', false);
+	if (empty($ban_group)) {
+			fatal_lang_error('ban_not_found', false);
+	}
 
 	if (isset($_POST['add_new_trigger']) && !empty($_POST['ban_suggestions']))
 	{
 		saveTriggers($_POST['ban_suggestions'], $ban_group, 0, $ban_id);
 		redirectexit('action=admin;area=ban;sa=edit' . (!empty($ban_group) ? ';bg=' . $ban_group : ''));
-	}
-	elseif (isset($_POST['edit_trigger']) && !empty($_POST['ban_suggestions']))
+	} elseif (isset($_POST['edit_trigger']) && !empty($_POST['ban_suggestions']))
 	{
 		// The first replaces the old one, the others are added new (simplification, otherwise it would require another query and some work...)
 		saveTriggers(array_shift($_POST['ban_suggestions']), $ban_group, 0, $ban_id);
-		if (!empty($_POST['ban_suggestions']))
-			saveTriggers($_POST['ban_suggestions'], $ban_group);
+		if (!empty($_POST['ban_suggestions'])) {
+					saveTriggers($_POST['ban_suggestions'], $ban_group);
+		}
 
 		redirectexit('action=admin;area=ban;sa=edit' . (!empty($ban_group) ? ';bg=' . $ban_group : ''));
-	}
-	elseif (isset($_POST['edit_trigger']))
+	} elseif (isset($_POST['edit_trigger']))
 	{
 		removeBanTriggers($ban_id);
 		redirectexit('action=admin;area=ban;sa=edit' . (!empty($ban_group) ? ';bg=' . $ban_group : ''));
@@ -1634,8 +1677,7 @@ 
 			),
 			'is_new' => true,
 		);
-	}
-	else
+	} else
 	{
 		$request = $smcFunc['db_query']('', '
 			SELECT
@@ -1652,8 +1694,9 @@ 
 				'ban_group' => $ban_group,
 			)
 		);
-		if ($smcFunc['db_num_rows']($request) == 0)
-			fatal_lang_error('ban_not_found', false);
+		if ($smcFunc['db_num_rows']($request) == 0) {
+					fatal_lang_error('ban_not_found', false);
+		}
 		$row = $smcFunc['db_fetch_assoc']($request);
 		$smcFunc['db_free_result']($request);
 
@@ -1702,8 +1745,9 @@ 
 		removeBanTriggers($_POST['remove']);
 
 		// Rehabilitate some members.
-		if ($_REQUEST['entity'] == 'member')
-			updateBanMembers();
+		if ($_REQUEST['entity'] == 'member') {
+					updateBanMembers();
+		}
 
 		// Make sure the ban cache is refreshed.
 		updateSettings(array('banLastUpdated' => time()));
@@ -1816,8 +1860,7 @@ 
 			'default' => 'bi.ip_low, bi.ip_high, bi.ip_low',
 			'reverse' => 'bi.ip_low DESC, bi.ip_high DESC',
 		);
-	}
-	elseif ($context['selected_entity'] === 'hostname')
+	} elseif ($context['selected_entity'] === 'hostname')
 	{
 		$listOptions['columns']['banned_entity']['data'] = array(
 			'function' => function($rowData) use ($smcFunc)
@@ -1829,8 +1872,7 @@ 
 			'default' => 'bi.hostname',
 			'reverse' => 'bi.hostname DESC',
 		);
-	}
-	elseif ($context['selected_entity'] === 'email')
+	} elseif ($context['selected_entity'] === 'email')
 	{
 		$listOptions['columns']['banned_entity']['data'] = array(
 			'function' => function($rowData) use ($smcFunc)
@@ -1842,8 +1884,7 @@ 
 			'default' => 'bi.email_address',
 			'reverse' => 'bi.email_address DESC',
 		);
-	}
-	elseif ($context['selected_entity'] === 'member')
+	} elseif ($context['selected_entity'] === 'member')
 	{
 		$listOptions['columns']['banned_entity']['data'] = array(
 			'sprintf' => array(
@@ -1907,8 +1948,9 @@ 
 		)
 	);
 	$ban_triggers = array();
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$ban_triggers[] = $row;
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$ban_triggers[] = $row;
+	}
 	$smcFunc['db_free_result']($request);
 
 	return $ban_triggers;
@@ -1964,8 +2006,9 @@ 
 		validateToken('admin-bl');
 
 		// 'Delete all entries' button was pressed.
-		if (!empty($_POST['removeAll']))
-			removeBanLogs();
+		if (!empty($_POST['removeAll'])) {
+					removeBanLogs();
+		}
 		// 'Delete selection' button was pressed.
 		else
 		{
@@ -2174,12 +2217,15 @@ 
 	$low = inet_dtop($low);
 	$high = inet_dtop($high);
 
-	if ($low == '255.255.255.255') return 'unknown';
-	if ($low == $high)
-	    return $low;
-	else
-	    return $low . '-' . $high;
-}
+	if ($low == '255.255.255.255') {
+		return 'unknown';
+	}
+	if ($low == $high) {
+		    return $low;
+	} else {
+		    return $low . '-' . $high;
+	}
+	}
 
 /**
  * Checks whether a given IP range already exists in the trigger list.
@@ -2255,15 +2301,17 @@ 
 	$memberEmailWild = array();
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
-		if ($row['id_member'])
-			$memberIDs[$row['id_member']] = $row['id_member'];
+		if ($row['id_member']) {
+					$memberIDs[$row['id_member']] = $row['id_member'];
+		}
 		if ($row['email_address'])
 		{
 			// Does it have a wildcard - if so we can't do a IN on it.
-			if (strpos($row['email_address'], '%') !== false)
-				$memberEmailWild[$row['email_address']] = $row['email_address'];
-			else
-				$memberEmails[$row['email_address']] = $row['email_address'];
+			if (strpos($row['email_address'], '%') !== false) {
+							$memberEmailWild[$row['email_address']] = $row['email_address'];
+			} else {
+							$memberEmails[$row['email_address']] = $row['email_address'];
+			}
 		}
 	}
 	$smcFunc['db_free_result']($request);
@@ -2314,14 +2362,15 @@ 
 	}
 
 	// We welcome our new members in the realm of the banned.
-	if (!empty($newMembers))
-		$smcFunc['db_query']('', '
+	if (!empty($newMembers)) {
+			$smcFunc['db_query']('', '
 			DELETE FROM {db_prefix}log_online
 			WHERE id_member IN ({array_int:new_banned_members})',
 			array(
 				'new_banned_members' => $newMembers,
 			)
 		);
+	}
 
 	// Find members that are wrongfully marked as banned.
 	$request = $smcFunc['db_query']('', '
@@ -2348,9 +2397,10 @@ 
 	}
 	$smcFunc['db_free_result']($request);
 
-	if (!empty($updates))
-		foreach ($updates as $newStatus => $members)
+	if (!empty($updates)) {
+			foreach ($updates as $newStatus => $members)
 			updateMemberData($members, array('is_activated' => $newStatus));
+	}
 
 	// Update the latest member and our total members as banning may change them.
 	updateStats('member');

Spacing +5 added lines, -5 removed lines

@@ -283,11 +283,11 @@ 
 			if (removeItems == 0)
 			{
 				e.preventDefault();
-				return alert("'. $txt['select_item_check'] .'");
+				return alert("'. $txt['select_item_check'] . '");
 			}
 
 
-			return confirm("'. $txt['ban_remove_selected_confirm'] .'");
+			return confirm("'. $txt['ban_remove_selected_confirm'] . '");
 		});',
 	);
 
@@ -488,7 +488,7 @@ 
 						'value' => '
 						<input type="submit" name="remove_selection" value="' . $txt['ban_remove_selected_triggers'] . '" class="button"> <a class="button" 
 						href="' .
-							$scripturl	. '?action=admin;area=ban;sa=edittrigger;bg=' . $ban_group_id . '">' . $txt['ban_add_trigger'] . '</a>',
+							$scripturl . '?action=admin;area=ban;sa=edittrigger;bg=' . $ban_group_id . '">' . $txt['ban_add_trigger'] . '</a>',
 						'style' => 'text-align: right;',
 					),
 					array(
@@ -508,11 +508,11 @@ 
 			if (removeItems == 0)
 			{
 				e.preventDefault();
-				return alert("'. $txt['select_item_check'] .'");
+				return alert("'. $txt['select_item_check'] . '");
 			}
 
 
-			return confirm("'. $txt['ban_remove_selected_confirm'] .'");
+			return confirm("'. $txt['ban_remove_selected_confirm'] . '");
 		});',
 			);
 			createList($listOptions);