SimpleMachines / SMF2.1

Sources/Subs-Calendar.php

Braces +224 added lines, -163 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Get all birthdays within the given time range.
@@ -60,8 +61,7 @@ 
 				'max_year' => $year_high,
 			)
 		);
-	}
-	else
+	} else
 	{
 		$result = $smcFunc['db_query']('birthday_array', '
 			SELECT id_member, real_name, YEAR(birthdate) AS birth_year, birthdate
@@ -91,10 +91,11 @@ 
 	$bday = array();
 	while ($row = $smcFunc['db_fetch_assoc']($result))
 	{
-		if ($year_low != $year_high)
-			$age_year = substr($row['birthdate'], 5) < substr($high_date, 5) ? $year_high : $year_low;
-		else
-			$age_year = $year_low;
+		if ($year_low != $year_high) {
+					$age_year = substr($row['birthdate'], 5) < substr($high_date, 5) ? $year_high : $year_low;
+		} else {
+					$age_year = $year_low;
+		}
 
 		$bday[$age_year . substr($row['birthdate'], 4)][] = array(
 			'id' => $row['id_member'],
@@ -108,8 +109,9 @@ 
 	ksort($bday);
 
 	// Set is_last, so the themes know when to stop placing separators.
-	foreach ($bday as $mday => $array)
-		$bday[$mday][count($array) - 1]['is_last'] = true;
+	foreach ($bday as $mday => $array) {
+			$bday[$mday][count($array) - 1]['is_last'] = true;
+	}
 
 	return $bday;
 }
@@ -133,8 +135,9 @@ 
 	static $timezone_array = array();
 	require_once($sourcedir . '/Subs.php');
 	
-	if (empty($timezone_array['default']))
-		$timezone_array['default'] = timezone_open(date_default_timezone_get());
+	if (empty($timezone_array['default'])) {
+			$timezone_array['default'] = timezone_open(date_default_timezone_get());
+	}
 
 	$low_object = date_create($low_date);
 	$high_object = date_create($high_date);
@@ -161,8 +164,9 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($result))
 	{
 		// If the attached topic is not approved then for the moment pretend it doesn't exist
-		if (!empty($row['id_first_msg']) && $modSettings['postmod_active'] && !$row['approved'])
-			continue;
+		if (!empty($row['id_first_msg']) && $modSettings['postmod_active'] && !$row['approved']) {
+					continue;
+		}
 
 		// Force a censor of the title - as often these are used by others.
 		censorText($row['title'], $use_permissions ? false : true);
@@ -170,12 +174,14 @@ 
 		// Get the various time and date properties for this event
 		list($start, $end, $allday, $span, $tz, $tz_abbrev) = buildEventDatetimes($row);
 		
-		if (empty($timezone_array[$tz]))
-			$timezone_array[$tz] = timezone_open($tz);
+		if (empty($timezone_array[$tz])) {
+					$timezone_array[$tz] = timezone_open($tz);
+		}
 
 		// Sanity check
-		if (!empty($start['error_count']) || !empty($start['warning_count']) || !empty($end['error_count']) || !empty($end['warning_count']))
-			continue;
+		if (!empty($start['error_count']) || !empty($start['warning_count']) || !empty($end['error_count']) || !empty($end['warning_count'])) {
+					continue;
+		}
 
 		// Get set up for the loop
 		$start_object = date_create($row['start_date'] . (!$allday ? ' ' . $row['start_time'] : ''), $timezone_array[$tz]);
@@ -239,8 +245,8 @@ 
 			);
 
 			// If we're using permissions (calendar pages?) then just ouput normal contextual style information.
-			if ($use_permissions)
-				$events[date_format($cal_date, 'Y-m-d')][] = array_merge($eventProperties, array(
+			if ($use_permissions) {
+							$events[date_format($cal_date, 'Y-m-d')][] = array_merge($eventProperties, array(
 					'href' => $row['id_board'] == 0 ? '' : $scripturl . '?topic=' . $row['id_topic'] . '.0',
 					'link' => $row['id_board'] == 0 ? $row['title'] : '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0">' . $row['title'] . '</a>',
 					'can_edit' => allowedTo('calendar_edit_any') || ($row['id_member'] == $user_info['id'] && allowedTo('calendar_edit_own')),
@@ -248,9 +254,10 @@ 
 					'can_export' => !empty($modSettings['cal_export']) ? true : false,
 					'export_href' => $scripturl . '?action=calendar;sa=ical;eventid=' . $row['id_event'] . ';' . $context['session_var'] . '=' . $context['session_id'],
 				));
+			}
 			// Otherwise, this is going to be cached and the VIEWER'S permissions should apply... just put together some info.
-			else
-				$events[date_format($cal_date, 'Y-m-d')][] = array_merge($eventProperties, array(
+			else {
+							$events[date_format($cal_date, 'Y-m-d')][] = array_merge($eventProperties, array(
 					'href' => $row['id_topic'] == 0 ? '' : $scripturl . '?topic=' . $row['id_topic'] . '.0',
 					'link' => $row['id_topic'] == 0 ? $row['title'] : '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0">' . $row['title'] . '</a>',
 					'can_edit' => false,
@@ -260,6 +267,7 @@ 
 					'poster' => $row['id_member'],
 					'allowed_groups' => explode(',', $row['member_groups']),
 				));
+			}
 
 			date_add($cal_date, date_interval_create_from_date_string('1 day'));
 		}
@@ -269,8 +277,9 @@ 
 	// If we're doing normal contextual data, go through and make things clear to the templates ;).
 	if ($use_permissions)
 	{
-		foreach ($events as $mday => $array)
-			$events[$mday][count($array) - 1]['is_last'] = true;
+		foreach ($events as $mday => $array) {
+					$events[$mday][count($array) - 1]['is_last'] = true;
+		}
 	}
 
 	ksort($events);
@@ -290,11 +299,12 @@ 
 	global $smcFunc;
 
 	// Get the lowest and highest dates for "all years".
-	if (substr($low_date, 0, 4) != substr($high_date, 0, 4))
-		$allyear_part = 'event_date BETWEEN {date:all_year_low} AND {date:all_year_dec}
+	if (substr($low_date, 0, 4) != substr($high_date, 0, 4)) {
+			$allyear_part = 'event_date BETWEEN {date:all_year_low} AND {date:all_year_dec}
 			OR event_date BETWEEN {date:all_year_jan} AND {date:all_year_high}';
-	else
-		$allyear_part = 'event_date BETWEEN {date:all_year_low} AND {date:all_year_high}';
+	} else {
+			$allyear_part = 'event_date BETWEEN {date:all_year_low} AND {date:all_year_high}';
+	}
 
 	// Find some holidays... ;).
 	$result = $smcFunc['db_query']('', '
@@ -314,10 +324,11 @@ 
 	$holidays = array();
 	while ($row = $smcFunc['db_fetch_assoc']($result))
 	{
-		if (substr($low_date, 0, 4) != substr($high_date, 0, 4))
-			$event_year = substr($row['event_date'], 5) < substr($high_date, 5) ? substr($high_date, 0, 4) : substr($low_date, 0, 4);
-		else
-			$event_year = substr($low_date, 0, 4);
+		if (substr($low_date, 0, 4) != substr($high_date, 0, 4)) {
+					$event_year = substr($row['event_date'], 5) < substr($high_date, 5) ? substr($high_date, 0, 4) : substr($low_date, 0, 4);
+		} else {
+					$event_year = substr($low_date, 0, 4);
+		}
 
 		$holidays[$event_year . substr($row['event_date'], 4)][] = $row['title'];
 	}
@@ -343,10 +354,12 @@ 
 	isAllowedTo('calendar_post');
 
 	// No board?  No topic?!?
-	if (empty($board))
-		fatal_lang_error('missing_board_id', false);
-	if (empty($topic))
-		fatal_lang_error('missing_topic_id', false);
+	if (empty($board)) {
+			fatal_lang_error('missing_board_id', false);
+	}
+	if (empty($topic)) {
+			fatal_lang_error('missing_topic_id', false);
+	}
 
 	// Administrator, Moderator, or owner.  Period.
 	if (!allowedTo('admin_forum') && !allowedTo('moderate_board'))
@@ -364,12 +377,14 @@ 
 		if ($row = $smcFunc['db_fetch_assoc']($result))
 		{
 			// Not the owner of the topic.
-			if ($row['id_member_started'] != $user_info['id'])
-				fatal_lang_error('not_your_topic', 'user');
+			if ($row['id_member_started'] != $user_info['id']) {
+							fatal_lang_error('not_your_topic', 'user');
+			}
 		}
 		// Topic/Board doesn't exist.....
-		else
-			fatal_lang_error('calendar_no_topic', 'general');
+		else {
+					fatal_lang_error('calendar_no_topic', 'general');
+		}
 		$smcFunc['db_free_result']($result);
 	}
 }
@@ -457,14 +472,16 @@ 
 	if (!empty($calendarOptions['start_day']))
 	{
 		$nShift -= $calendarOptions['start_day'];
-		if ($nShift < 0)
-			$nShift = 7 + $nShift;
+		if ($nShift < 0) {
+					$nShift = 7 + $nShift;
+		}
 	}
 
 	// Number of rows required to fit the month.
 	$nRows = floor(($month_info['last_day']['day_of_month'] + $nShift) / 7);
-	if (($month_info['last_day']['day_of_month'] + $nShift) % 7)
-		$nRows++;
+	if (($month_info['last_day']['day_of_month'] + $nShift) % 7) {
+			$nRows++;
+	}
 
 	// Fetch the arrays for birthdays, posted events, and holidays.
 	$bday = $calendarOptions['show_birthdays'] ? getBirthdayRange($month_info['first_day']['date'], $month_info['last_day']['date']) : array();
@@ -477,8 +494,9 @@ 
 	{
 		$calendarGrid['week_days'][] = $count;
 		$count++;
-		if ($count == 7)
-			$count = 0;
+		if ($count == 7) {
+					$count = 0;
+		}
 	}
 
 	// Iterate through each week.
@@ -495,8 +513,9 @@ 
 		{
 			$nDay = ($nRow * 7) + $nCol - $nShift + 1;
 
-			if ($nDay < 1 || $nDay > $month_info['last_day']['day_of_month'])
-				$nDay = 0;
+			if ($nDay < 1 || $nDay > $month_info['last_day']['day_of_month']) {
+							$nDay = 0;
+			}
 
 			$date = sprintf('%04d-%02d-%02d', $year, $month, $nDay);
 
@@ -514,8 +533,9 @@ 
 	}
 
 	// What is the last day of the month?
-	if ($is_previous === true)
-		$calendarGrid['last_of_month'] = $month_info['last_day']['day_of_month'];
+	if ($is_previous === true) {
+			$calendarGrid['last_of_month'] = $month_info['last_day']['day_of_month'];
+	}
 
 	// We'll use the shift in the template.
 	$calendarGrid['shift'] = $nShift;
@@ -549,8 +569,9 @@ 
 	{
 		// Here we offset accordingly to get things to the real start of a week.
 		$date_diff = $day_of_week - $calendarOptions['start_day'];
-		if ($date_diff < 0)
-			$date_diff += 7;
+		if ($date_diff < 0) {
+					$date_diff += 7;
+		}
 		$new_timestamp = mktime(0, 0, 0, $month, $day, $year) - $date_diff * 86400;
 		$day = (int) strftime('%d', $new_timestamp);
 		$month = (int) strftime('%m', $new_timestamp);
@@ -680,18 +701,20 @@ 
 	{
 		foreach ($date_events as $event_key => $event_val)
 		{
-			if (in_array($event_val['id'], $temp))
-				unset($calendarGrid['events'][$date][$event_key]);
-			else
-				$temp[] = $event_val['id'];
+			if (in_array($event_val['id'], $temp)) {
+							unset($calendarGrid['events'][$date][$event_key]);
+			} else {
+							$temp[] = $event_val['id'];
+			}
 		}
 	}
 
 	// Give birthdays and holidays a friendly format, without the year
-	if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0]))
-		$date_format = '%b %d';
-	else
-		$date_format = str_replace(array('%Y', '%y', '%G', '%g', '%C', '%c', '%D'), array('', '', '', '', '', '%b %d', '%m/%d'), $matches[0]);
+	if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
+			$date_format = '%b %d';
+	} else {
+			$date_format = str_replace(array('%Y', '%y', '%G', '%g', '%C', '%c', '%D'), array('', '', '', '', '', '%b %d', '%m/%d'), $matches[0]);
+	}
 
 	foreach (array('birthdays', 'holidays') as $type)
 	{
@@ -790,8 +813,9 @@ 
 		// Holidays between now and now + days.
 		for ($i = $now; $i < $now + $days_for_index; $i += 86400)
 		{
-			if (isset($cached_data['holidays'][strftime('%Y-%m-%d', $i)]))
-				$return_data['calendar_holidays'] = array_merge($return_data['calendar_holidays'], $cached_data['holidays'][strftime('%Y-%m-%d', $i)]);
+			if (isset($cached_data['holidays'][strftime('%Y-%m-%d', $i)])) {
+							$return_data['calendar_holidays'] = array_merge($return_data['calendar_holidays'], $cached_data['holidays'][strftime('%Y-%m-%d', $i)]);
+			}
 		}
 	}
 	
@@ -803,8 +827,9 @@ 
 			$loop_date = strftime('%Y-%m-%d', $i);
 			if (isset($cached_data['birthdays'][$loop_date]))
 			{
-				foreach ($cached_data['birthdays'][$loop_date] as $index => $dummy)
-					$cached_data['birthdays'][strftime('%Y-%m-%d', $i)][$index]['is_today'] = $loop_date === $today['date'];
+				foreach ($cached_data['birthdays'][$loop_date] as $index => $dummy) {
+									$cached_data['birthdays'][strftime('%Y-%m-%d', $i)][$index]['is_today'] = $loop_date === $today['date'];
+				}
 				$return_data['calendar_birthdays'] = array_merge($return_data['calendar_birthdays'], $cached_data['birthdays'][$loop_date]);
 			}
 		}	
@@ -819,8 +844,9 @@ 
 			$loop_date = strftime('%Y-%m-%d', $i);
 
 			// No events today? Check the next day.
-			if (empty($cached_data['events'][$loop_date]))
-				continue;
+			if (empty($cached_data['events'][$loop_date])) {
+							continue;
+			}
 
 			// Loop through all events to add a few last-minute values.
 			foreach ($cached_data['events'][$loop_date] as $ev => $event)
@@ -833,9 +859,9 @@ 
 				{
 					unset($cached_data['events'][$loop_date][$ev]);
 					continue;
+				} else {
+									$duplicates[$this_event['topic'] . $this_event['title']] = true;
 				}
-				else
-					$duplicates[$this_event['topic'] . $this_event['title']] = true;
 
 				// Might be set to true afterwards, depending on the permissions.
 				$this_event['can_edit'] = false;
@@ -843,16 +869,19 @@ 
 				$this_event['date'] = $loop_date;
 			}
 
-			if (!empty($cached_data['events'][$loop_date]))
-				$return_data['calendar_events'] = array_merge($return_data['calendar_events'], $cached_data['events'][$loop_date]);
+			if (!empty($cached_data['events'][$loop_date])) {
+							$return_data['calendar_events'] = array_merge($return_data['calendar_events'], $cached_data['events'][$loop_date]);
+			}
 		}
 	}
 
 	// Mark the last item so that a list separator can be used in the template.
-	for ($i = 0, $n = count($return_data['calendar_birthdays']); $i < $n; $i++)
-		$return_data['calendar_birthdays'][$i]['is_last'] = !isset($return_data['calendar_birthdays'][$i + 1]);
-	for ($i = 0, $n = count($return_data['calendar_events']); $i < $n; $i++)
-		$return_data['calendar_events'][$i]['is_last'] = !isset($return_data['calendar_events'][$i + 1]);
+	for ($i = 0, $n = count($return_data['calendar_birthdays']); $i < $n; $i++) {
+			$return_data['calendar_birthdays'][$i]['is_last'] = !isset($return_data['calendar_birthdays'][$i + 1]);
+	}
+	for ($i = 0, $n = count($return_data['calendar_events']); $i < $n; $i++) {
+			$return_data['calendar_events'][$i]['is_last'] = !isset($return_data['calendar_events'][$i + 1]);
+	}
 
 	return array(
 		'data' => $return_data,
@@ -900,37 +929,46 @@ 
 		if (isset($_POST['start_date']))
 		{
 			$d = date_parse($_POST['start_date']);
-			if (!empty($d['error_count']) || !empty($d['warning_count']))
-				fatal_lang_error('invalid_date', false);
-			if (empty($d['year']))
-				fatal_lang_error('event_year_missing', false);
-			if (empty($d['month']))
-				fatal_lang_error('event_month_missing', false);
-		}
-		elseif (isset($_POST['start_datetime']))
+			if (!empty($d['error_count']) || !empty($d['warning_count'])) {
+							fatal_lang_error('invalid_date', false);
+			}
+			if (empty($d['year'])) {
+							fatal_lang_error('event_year_missing', false);
+			}
+			if (empty($d['month'])) {
+							fatal_lang_error('event_month_missing', false);
+			}
+		} elseif (isset($_POST['start_datetime']))
 		{
 			$d = date_parse($_POST['start_datetime']);
-			if (!empty($d['error_count']) || !empty($d['warning_count']))
-				fatal_lang_error('invalid_date', false);
-			if (empty($d['year']))
-				fatal_lang_error('event_year_missing', false);
-			if (empty($d['month']))
-				fatal_lang_error('event_month_missing', false);
+			if (!empty($d['error_count']) || !empty($d['warning_count'])) {
+							fatal_lang_error('invalid_date', false);
+			}
+			if (empty($d['year'])) {
+							fatal_lang_error('event_year_missing', false);
+			}
+			if (empty($d['month'])) {
+							fatal_lang_error('event_month_missing', false);
+			}
 		}
 		// The 2.0 way
 		else
 		{
 			// No month?  No year?
-			if (!isset($_POST['month']))
-				fatal_lang_error('event_month_missing', false);
-			if (!isset($_POST['year']))
-				fatal_lang_error('event_year_missing', false);
+			if (!isset($_POST['month'])) {
+							fatal_lang_error('event_month_missing', false);
+			}
+			if (!isset($_POST['year'])) {
+							fatal_lang_error('event_year_missing', false);
+			}
 
 			// Check the month and year...
-			if ($_POST['month'] < 1 || $_POST['month'] > 12)
-				fatal_lang_error('invalid_month', false);
-			if ($_POST['year'] < $modSettings['cal_minyear'] || $_POST['year'] > $modSettings['cal_maxyear'])
-				fatal_lang_error('invalid_year', false);
+			if ($_POST['month'] < 1 || $_POST['month'] > 12) {
+							fatal_lang_error('invalid_month', false);
+			}
+			if ($_POST['year'] < $modSettings['cal_minyear'] || $_POST['year'] > $modSettings['cal_maxyear']) {
+							fatal_lang_error('invalid_year', false);
+			}
 		}
 	}
 
@@ -940,8 +978,9 @@ 
 	// If they want to us to calculate an end date, make sure it will fit in an acceptable range.
 	if (isset($_POST['span']))
 	{
-		if (($_POST['span'] < 1) || (!empty($modSettings['cal_maxspan']) && $_POST['span'] > $modSettings['cal_maxspan']))
-			fatal_lang_error('invalid_days_numb', false);
+		if (($_POST['span'] < 1) || (!empty($modSettings['cal_maxspan']) && $_POST['span'] > $modSettings['cal_maxspan'])) {
+					fatal_lang_error('invalid_days_numb', false);
+		}
 	}
 
 	// There is no need to validate the following values if we are just deleting the event.
@@ -951,24 +990,29 @@ 
 		if (empty($_POST['start_date']) && empty($_POST['start_datetime']))
 		{
 			// No day?
-			if (!isset($_POST['day']))
-				fatal_lang_error('event_day_missing', false);
+			if (!isset($_POST['day'])) {
+							fatal_lang_error('event_day_missing', false);
+			}
 
 			// Bad day?
-			if (!checkdate($_POST['month'], $_POST['day'], $_POST['year']))
-				fatal_lang_error('invalid_date', false);
+			if (!checkdate($_POST['month'], $_POST['day'], $_POST['year'])) {
+							fatal_lang_error('invalid_date', false);
+			}
 		}
 
-		if (!isset($_POST['evtitle']) && !isset($_POST['subject']))
-			fatal_lang_error('event_title_missing', false);
-		elseif (!isset($_POST['evtitle']))
-			$_POST['evtitle'] = $_POST['subject'];
+		if (!isset($_POST['evtitle']) && !isset($_POST['subject'])) {
+					fatal_lang_error('event_title_missing', false);
+		} elseif (!isset($_POST['evtitle'])) {
+					$_POST['evtitle'] = $_POST['subject'];
+		}
 
 		// No title?
-		if ($smcFunc['htmltrim']($_POST['evtitle']) === '')
-			fatal_lang_error('no_event_title', false);
-		if ($smcFunc['strlen']($_POST['evtitle']) > 100)
-			$_POST['evtitle'] = $smcFunc['substr']($_POST['evtitle'], 0, 100);
+		if ($smcFunc['htmltrim']($_POST['evtitle']) === '') {
+					fatal_lang_error('no_event_title', false);
+		}
+		if ($smcFunc['strlen']($_POST['evtitle']) > 100) {
+					$_POST['evtitle'] = $smcFunc['substr']($_POST['evtitle'], 0, 100);
+		}
 		$_POST['evtitle'] = str_replace(';', '', $_POST['evtitle']);
 	}
 }
@@ -995,8 +1039,9 @@ 
 	);
 
 	// No results, return false.
-	if ($smcFunc['db_num_rows'] === 0)
-		return false;
+	if ($smcFunc['db_num_rows'] === 0) {
+			return false;
+	}
 
 	// Grab the results and return.
 	list ($poster) = $smcFunc['db_fetch_row']($request);
@@ -1130,8 +1175,9 @@ 
 	call_integration_hook('integrate_modify_event', array($event_id, &$eventOptions, &$event_columns, &$event_parameters));
 
 	$column_clauses = array();
-	foreach ($event_columns as $col => $crit)
-		$column_clauses[] = $col . ' = ' . $crit;
+	foreach ($event_columns as $col => $crit) {
+			$column_clauses[] = $col . ' = ' . $crit;
+	}
 
 	$smcFunc['db_query']('', '
 		UPDATE {db_prefix}calendar
@@ -1216,8 +1262,9 @@ 
 	);
 
 	// If nothing returned, we are in poo, poo.
-	if ($smcFunc['db_num_rows']($request) === 0)
-		return false;
+	if ($smcFunc['db_num_rows']($request) === 0) {
+			return false;
+	}
 
 	$row = $smcFunc['db_fetch_assoc']($request);
 	$smcFunc['db_free_result']($request);
@@ -1225,8 +1272,9 @@ 
 	list($start, $end, $allday, $span, $tz, $tz_abbrev) = buildEventDatetimes($row);
 
 	// Sanity check
-	if (!empty($start['error_count']) || !empty($start['warning_count']) || !empty($end['error_count']) || !empty($end['warning_count']))
-		return false;
+	if (!empty($start['error_count']) || !empty($start['warning_count']) || !empty($end['error_count']) || !empty($end['warning_count'])) {
+			return false;
+	}
 
 	$return_value = array(
 		'boards' => array(),
@@ -1363,24 +1411,27 @@ 
 
 	// Set $span, in case we need it
 	$span = isset($eventOptions['span']) ? $eventOptions['span'] : (isset($_POST['span']) ? $_POST['span'] : 0);
-	if ($span > 0)
-		$span = !empty($modSettings['cal_maxspan']) ? min($modSettings['cal_maxspan'], $span - 1) : $span - 1;
+	if ($span > 0) {
+			$span = !empty($modSettings['cal_maxspan']) ? min($modSettings['cal_maxspan'], $span - 1) : $span - 1;
+	}
 
 	// Define the timezone for this event, falling back to the default if not provided
-	if (!empty($eventOptions['tz']) && in_array($eventOptions['tz'], timezone_identifiers_list(DateTimeZone::ALL_WITH_BC)))
-		$tz = $eventOptions['tz'];
-	elseif (!empty($_POST['tz']) && in_array($_POST['tz'], timezone_identifiers_list(DateTimeZone::ALL_WITH_BC)))
-		$tz = $_POST['tz'];
-	else
-		$tz = getUserTimezone();
+	if (!empty($eventOptions['tz']) && in_array($eventOptions['tz'], timezone_identifiers_list(DateTimeZone::ALL_WITH_BC))) {
+			$tz = $eventOptions['tz'];
+	} elseif (!empty($_POST['tz']) && in_array($_POST['tz'], timezone_identifiers_list(DateTimeZone::ALL_WITH_BC))) {
+			$tz = $_POST['tz'];
+	} else {
+			$tz = getUserTimezone();
+	}
 
 	// Is this supposed to be an all day event, or should it have specific start and end times?
-	if (isset($eventOptions['allday']))
-		$allday = $eventOptions['allday'];
-	elseif (empty($_POST['allday']))
-		$allday = false;
-	else
-		$allday = true;
+	if (isset($eventOptions['allday'])) {
+			$allday = $eventOptions['allday'];
+	} elseif (empty($_POST['allday'])) {
+			$allday = false;
+	} else {
+			$allday = true;
+	}
 
 	// Input might come as individual parameters...
 	$start_year = isset($eventOptions['year']) ? $eventOptions['year'] : (isset($_POST['year']) ? $_POST['year'] : null);
@@ -1407,10 +1458,12 @@ 
 	$end_time_string = isset($eventOptions['end_time']) ? $eventOptions['end_time'] : (isset($_POST['end_time']) ? $_POST['end_time'] : null);
 
 	// If the date and time were given in separate strings, combine them
-	if (empty($start_string) && isset($start_date_string))
-		$start_string = $start_date_string . (isset($start_time_string) ? ' ' . $start_time_string : '');
-	if (empty($end_string) && isset($end_date_string))
-		$end_string = $end_date_string . (isset($end_time_string) ? ' ' . $end_time_string : '');
+	if (empty($start_string) && isset($start_date_string)) {
+			$start_string = $start_date_string . (isset($start_time_string) ? ' ' . $start_time_string : '');
+	}
+	if (empty($end_string) && isset($end_date_string)) {
+			$end_string = $end_date_string . (isset($end_time_string) ? ' ' . $end_time_string : '');
+	}
 
 	// If some form of string input was given, override individually defined options with it
 	if (isset($start_string))
@@ -1501,10 +1554,11 @@ 
 	if ($start_object >= $end_object)
 	{
 		$end_object = date_create(sprintf('%04d-%02d-%02d %02d:%02d:%02d', $start_year, $start_month, $start_day, $start_hour, $start_minute, $start_second) . ' ' . $tz);
-		if ($span > 0)
-			date_add($end_object, date_interval_create_from_date_string($span . ' days'));
-		else
-			date_add($end_object, date_interval_create_from_date_string('1 hour'));
+		if ($span > 0) {
+					date_add($end_object, date_interval_create_from_date_string($span . ' days'));
+		} else {
+					date_add($end_object, date_interval_create_from_date_string('1 hour'));
+		}
 	}
 
 	// Is $end_object too late?
@@ -1517,9 +1571,9 @@ 
 			{
 				$end_object = date_create(sprintf('%04d-%02d-%02d %02d:%02d:%02d', $start_year, $start_month, $start_day, $start_hour, $start_minute, $start_second) . ' ' . $tz);
 				date_add($end_object, date_interval_create_from_date_string($modSettings['cal_maxspan'] . ' days'));
+			} else {
+							$end_object = date_create(sprintf('%04d-%02d-%02d %02d:%02d:%02d', $start_year, $start_month, $start_day, '11', '59', '59') . ' ' . $tz);
 			}
-			else
-				$end_object = date_create(sprintf('%04d-%02d-%02d %02d:%02d:%02d', $start_year, $start_month, $start_day, '11', '59', '59') . ' ' . $tz);
 		}
 	}
 
@@ -1532,8 +1586,7 @@ 
 		$start_time = null;
 		$end_time = null;
 		$tz = null;
-	}
-	else
+	} else
 	{
 		$start_time = date_format($start_object, 'H:i:s');
 		$end_time = date_format($end_object, 'H:i:s');
@@ -1559,19 +1612,21 @@ 
 	// First, try to create a better date format, ignoring the "time" elements.
 	if (empty($date_format))
 	{
-		if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0]))
-			$date_format = '%F';
-		else
-			$date_format = $matches[0];
+		if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
+					$date_format = '%F';
+		} else {
+					$date_format = $matches[0];
+		}
 	}
 
 	// We want a fairly compact version of the time, but as close as possible to the user's settings.
 	if (empty($time_format))
 	{
-		if (preg_match('~%[HkIlMpPrRSTX](?:[^%]*%[HkIlMpPrRSTX])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0]))
-			$time_format = '%k:%M';
-		else
-			$time_format = str_replace(array('%I', '%H', '%S', '%r', '%R', '%T'), array('%l', '%k', '', '%l:%M %p', '%k:%M', '%l:%M'), $matches[0]);
+		if (preg_match('~%[HkIlMpPrRSTX](?:[^%]*%[HkIlMpPrRSTX])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) {
+					$time_format = '%k:%M';
+		} else {
+					$time_format = str_replace(array('%I', '%H', '%S', '%r', '%R', '%T'), array('%l', '%k', '', '%l:%M %p', '%k:%M', '%l:%M'), $matches[0]);
+		}
 	}
 
 	// Should this be an all day event?
@@ -1581,11 +1636,13 @@ 
 	$span = 1 + date_interval_format(date_diff(date_create($row['start_date']), date_create($row['end_date'])), '%d');
 
 	// We need to have a defined timezone in the steps below
-	if (empty($row['timezone']))
-		$row['timezone'] = getUserTimezone();
+	if (empty($row['timezone'])) {
+			$row['timezone'] = getUserTimezone();
+	}
 
-	if (empty($timezone_array[$row['timezone']]))
-		$timezone_array[$row['timezone']] = timezone_open($row['timezone']);
+	if (empty($timezone_array[$row['timezone']])) {
+			$timezone_array[$row['timezone']] = timezone_open($row['timezone']);
+	}
 
 	// Get most of the standard date information for the start and end datetimes
 	$start = date_parse($row['start_date'] . (!$allday ? ' ' . $row['start_time'] : ''));
@@ -1633,8 +1690,9 @@ 
 	global $smcFunc, $context, $user_info, $modSettings, $user_settings;
 	static $member_cache = array();
 
-	if (is_null($id_member) && $user_info['is_guest'] == false)
-		$id_member = $context['user']['id'];
+	if (is_null($id_member) && $user_info['is_guest'] == false) {
+			$id_member = $context['user']['id'];
+	}
 
 	//check if the cache got the data
 	if (isset($id_member) && isset($member_cache[$id_member]))
@@ -1663,11 +1721,13 @@ 
 		$smcFunc['db_free_result']($request);
 	}
 
-	if (empty($timezone) || !in_array($timezone, timezone_identifiers_list(DateTimeZone::ALL_WITH_BC)))
-		$timezone = isset($modSettings['default_timezone']) ? $modSettings['default_timezone'] : date_default_timezone_get();
+	if (empty($timezone) || !in_array($timezone, timezone_identifiers_list(DateTimeZone::ALL_WITH_BC))) {
+			$timezone = isset($modSettings['default_timezone']) ? $modSettings['default_timezone'] : date_default_timezone_get();
+	}
 
-	if (isset($id_member))
-		$member_cache[$id_member] = $timezone;
+	if (isset($id_member)) {
+			$member_cache[$id_member] = $timezone;
+	}
 
 	return $timezone;
 }
@@ -1696,8 +1756,9 @@ 
 		)
 	);
 	$holidays = array();
-	while ($row = $smcFunc['db_fetch_assoc']($request))
-		$holidays[] = $row;
+	while ($row = $smcFunc['db_fetch_assoc']($request)) {
+			$holidays[] = $row;
+	}
 	$smcFunc['db_free_result']($request);
 
 	return $holidays;

Themes/default/Errors.template.php

Braces +24 added lines, -17 removed lines

@@ -23,13 +23,13 @@ 
 {
 	global $context, $txt;
 
-	if (!empty($context['simple_action']))
-		echo '
+	if (!empty($context['simple_action'])) {
+			echo '
 		<strong>
 			', $context['error_title'], '
 		</strong><br>
 		<div ', $context['error_code'], 'class="padding">', $context['error_message'], '</div>';
-	else
+	} else
 	{
 		echo '
 	<div id="fatal_error">
@@ -82,21 +82,23 @@ 
 						&nbsp;&nbsp;', $txt['apply_filter_of_type'], ':';
 
 	$error_types = array();
-	foreach ($context['error_types'] as $type => $details)
-		$error_types[] = ($details['is_selected'] ? '<img src="' . $settings['images_url'] . '/selected.png" alt=""> ' : '') . '<a href="' . $details['url'] . '" ' . ($details['is_selected'] ? 'style="font-weight: bold;"' : '') . ' title="' . $details['description'] . '">' . $details['label'] . '</a>';
+	foreach ($context['error_types'] as $type => $details) {
+			$error_types[] = ($details['is_selected'] ? '<img src="' . $settings['images_url'] . '/selected.png" alt=""> ' : '') . '<a href="' . $details['url'] . '" ' . ($details['is_selected'] ? 'style="font-weight: bold;"' : '') . ' title="' . $details['description'] . '">' . $details['label'] . '</a>';
+	}
 
 	echo '
 						', implode('&nbsp;|&nbsp;', $error_types), '
 					</td>
 				</tr>';
 
-	if ($context['has_filter'])
-		echo '
+	if ($context['has_filter']) {
+			echo '
 				<tr>
 					<td colspan="3" class="windowbg">
 						<strong>&nbsp;&nbsp;', $txt['applying_filter'], ':</strong> ', $context['filter']['entity'], ' ', $context['filter']['value']['html'], '&nbsp;&nbsp;[<a href="', $scripturl, '?action=admin;area=logs;sa=errorlog', $context['sort_direction'] == 'down' ? ';desc' : '', '">', $txt['clear_filter'], '</a>]
 					</td>
 				</tr>';
+	}
 
 	echo '
 				<tr>
@@ -107,11 +109,12 @@ 
 				</tr>';
 
 	// No errors, then show a message
-	if (count($context['errors']) == 0)
-		echo '
+	if (count($context['errors']) == 0) {
+			echo '
 				<tr class="windowbg">
 					<td class="centertext" colspan="2">', $txt['errlog_no_entries'], '</td>
 				</tr>';
+	}
 
 	// we have some errors, must be some mods installed :P
 	foreach ($context['errors'] as $error)
@@ -125,19 +128,21 @@ 
 							<a href="', $scripturl, '?action=admin;area=logs;sa=errorlog', $context['sort_direction'] == 'down' ? '' : ';desc', $context['has_filter'] ? $context['filter']['href'] : '', '" title="', $txt['reverse_direction'], '"><span class="generic_icons sort_' . $context['sort_direction'] . '"></span></a>
 							', $error['time'], '<br>';
 
-		if (!empty($error['member']['ip']))
-			echo '
+		if (!empty($error['member']['ip'])) {
+					echo '
 							<a href="', $scripturl, '?action=admin;area=logs;sa=errorlog', $context['sort_direction'] == 'down' ? ';desc' : '', ';filter=ip;value=', $error['member']['ip'], '" title="', $txt['apply_filter'], ': ', $txt['filter_only_ip'], '"><span class="generic_icons filter centericon"></span></a>
 							<strong><a href="', $scripturl, '?action=trackip;searchip=', $error['member']['ip'], '">', $error['member']['ip'], '</a></strong>&nbsp;&nbsp;<br>';
+		}
 
 		echo '
 						</div>
 						<div style="float: left; width: 50%; line-height: 1.8em; padding: 0 4px;">';
 
-		if ($error['member']['session'] != '')
-			echo '
+		if ($error['member']['session'] != '') {
+					echo '
 							<a href="', $scripturl, '?action=admin;area=logs;sa=errorlog', $context['sort_direction'] == 'down' ? ';desc' : '', ';filter=session;value=', $error['member']['session'], '" title="', $txt['apply_filter'], ': ', $txt['filter_only_session'], '"><span class="generic_icons filter centericon"></span></a>
 							', $error['member']['session'], '<br>';
+		}
 
 		echo '
 							<a href="', $scripturl, '?action=admin;area=logs;sa=errorlog', $context['sort_direction'] == 'down' ? ';desc' : '', ';filter=error_type;value=', $error['error_type']['type'], '" title="', $txt['apply_filter'], ': ', $txt['filter_only_type'], '"><span class="generic_icons filter centericon"></span></a>
@@ -151,8 +156,8 @@ 
 							<a style="display: table-cell;" href="', $error['url']['html'], '">', $error['url']['html'], '</a>
 						</div>';
 
-		if (!empty($error['file']))
-			echo '
+		if (!empty($error['file'])) {
+					echo '
 						<div style="float: left; width: 100%; padding: 4px 0; line-height: 1.6em; border-top: 1px solid #e3e3e3;">
 							<a style="display: table-cell; padding: 4px; width: 20px; vertical-align: top;" href="', $scripturl, '?action=admin;area=logs;sa=errorlog', $context['sort_direction'] == 'down' ? ';desc' : '', ';filter=file;value=', $error['file']['search'], '" title="', $txt['apply_filter'], ': ', $txt['filter_only_file'], '"><span class="generic_icons filter"></span></a>
 							<div>
@@ -160,6 +165,7 @@ 
 								', $txt['line'], ': ', $error['file']['line'], '
 							</div>
 						</div>';
+		}
 
 		echo '
 					</td>
@@ -187,9 +193,10 @@ 
 				</div>
 			</div>';
 
-	if ($context['sort_direction'] == 'down')
-		echo '
+	if ($context['sort_direction'] == 'down') {
+			echo '
 			<input type="hidden" name="desc" value="1">';
+	}
 
 	echo '
 			<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '">

Sources/LogInOut.php

Braces +158 added lines, -124 removed lines

@@ -14,8 +14,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Ask them for their login information. (shows a page for the user to type
@@ -29,8 +30,9 @@ 
 	global $txt, $context, $scripturl, $user_info;
 
 	// You are already logged in, go take a tour of the boards
-	if (!empty($user_info['id']))
-		redirectexit();
+	if (!empty($user_info['id'])) {
+			redirectexit();
+	}
 
 	// We need to load the Login template/language file.
 	loadLanguage('Login');
@@ -57,10 +59,11 @@ 
 	);
 
 	// Set the login URL - will be used when the login process is done (but careful not to send us to an attachment).
-	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
-		$_SESSION['login_url'] = $_SESSION['old_url'];
-	elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false)
-		unset($_SESSION['login_url']);
+	if (isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	} elseif (isset($_SESSION['login_url']) && strpos($_SESSION['login_url'], 'dlattach') !== false) {
+			unset($_SESSION['login_url']);
+	}
 
 	// Create a one time token.
 	createToken('login');
@@ -83,8 +86,9 @@ 
 	global $cookiename, $modSettings, $context, $sourcedir, $maintenance;
 
 	// Check to ensure we're forcing SSL for authentication
-	if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-		fatal_lang_error('login_ssl_required');
+	if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+			fatal_lang_error('login_ssl_required');
+	}
 
 	// Load cookie authentication stuff.
 	require_once($sourcedir . '/Subs-Auth.php');
@@ -102,19 +106,20 @@ 
 			list (,, $timeout) = $smcFunc['json_decode']($_COOKIE[$cookiename], true);
 
 			// That didn't work... Maybe it's using serialize?
-			if (is_null($timeout))
-				list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
-		}
-		elseif (isset($_SESSION['login_' . $cookiename]))
+			if (is_null($timeout)) {
+							list (,, $timeout) = safe_unserialize($_COOKIE[$cookiename]);
+			}
+		} elseif (isset($_SESSION['login_' . $cookiename]))
 		{
 			list (,, $timeout) = $smcFunc['json_decode']($_SESSION['login_' . $cookiename]);
 
 			// Try for old format
-			if (is_null($timeout))
-				list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
+			if (is_null($timeout)) {
+							list (,, $timeout) = safe_unserialize($_SESSION['login_' . $cookiename]);
+			}
+		} else {
+					trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
 		}
-		else
-			trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);
 
 		$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
 		updateMemberData($user_info['id'], array('password_salt' => $user_settings['password_salt']));
@@ -127,10 +132,11 @@ 
 			list ($tfamember, $tfasecret, $exp, $state, $preserve) = $tfadata;
 
 			// If we're preserving the cookie, reset it with updated salt
-			if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp)
-				setTFACookie(3153600, $user_info['password_salt'], hash_salt($user_settings['tfa_backup'], $user_settings['password_salt']), true);
-			else
-				setTFACookie(-3600, 0, '');
+			if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp) {
+							setTFACookie(3153600, $user_info['password_salt'], hash_salt($user_settings['tfa_backup'], $user_settings['password_salt']), true);
+			} else {
+							setTFACookie(-3600, 0, '');
+			}
 		}
 
 		setLoginCookie($timeout - time(), $user_info['id'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
@@ -141,20 +147,20 @@ 
 	elseif (isset($_GET['sa']) && $_GET['sa'] == 'check')
 	{
 		// Strike!  You're outta there!
-		if ($_GET['member'] != $user_info['id'])
-			fatal_lang_error('login_cookie_error', false);
+		if ($_GET['member'] != $user_info['id']) {
+					fatal_lang_error('login_cookie_error', false);
+		}
 
 		$user_info['can_mod'] = allowedTo('access_mod_center') || (!$user_info['is_guest'] && ($user_info['mod_cache']['gq'] != '0=1' || $user_info['mod_cache']['bq'] != '0=1' || ($modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']))));
 
 		// Some whitelisting for login_url...
-		if (empty($_SESSION['login_url']))
-			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
+		if (empty($_SESSION['login_url'])) {
+					redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
+		} elseif (!empty($_SESSION['login_url']) && (strpos($_SESSION['login_url'], 'http://') === false && strpos($_SESSION['login_url'], 'https://') === false))
 		{
 			unset ($_SESSION['login_url']);
 			redirectexit(empty($user_settings['tfa_secret']) ? '' : 'action=logintfa');
-		}
-		else
+		} else
 		{
 			// Best not to clutter the session data too much...
 			$temp = $_SESSION['login_url'];
@@ -165,8 +171,9 @@ 
 	}
 
 	// Beyond this point you are assumed to be a guest trying to login.
-	if (!$user_info['is_guest'])
-		redirectexit();
+	if (!$user_info['is_guest']) {
+			redirectexit();
+	}
 
 	// Are you guessing with a script?
 	checkSession();
@@ -174,18 +181,21 @@ 
 	spamProtection('login');
 
 	// Set the login_url if it's not already set (but careful not to send us to an attachment).
-	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false))
-		$_SESSION['login_url'] = $_SESSION['old_url'];
+	if ((empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'dlattach') === false && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0) || (isset($_GET['quicklogin']) && isset($_SESSION['old_url']) && strpos($_SESSION['old_url'], 'login') === false)) {
+			$_SESSION['login_url'] = $_SESSION['old_url'];
+	}
 
 	// Been guessing a lot, haven't we?
-	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3)
-		fatal_lang_error('login_threshold_fail', 'login');
+	if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3) {
+			fatal_lang_error('login_threshold_fail', 'login');
+	}
 
 	// Set up the cookie length.  (if it's invalid, just fall through and use the default.)
-	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1))
-		$modSettings['cookieTime'] = 3153600;
-	elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600))
-		$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1)) {
+			$modSettings['cookieTime'] = 3153600;
+	} elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 && $_POST['cookielength'] <= 525600)) {
+			$modSettings['cookieTime'] = (int) $_POST['cookielength'];
+	}
 
 	loadLanguage('Login');
 	// Load the template stuff.
@@ -305,8 +315,9 @@ 
 			$other_passwords[] = crypt(md5($_POST['passwrd']), md5($_POST['passwrd']));
 
 			// Snitz style - SHA-256.  Technically, this is a downgrade, but most PHP configurations don't support sha256 anyway.
-			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256'))
-				$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256')) {
+							$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));
+			}
 
 			// phpBB3 users new hashing.  We now support it as well ;).
 			$other_passwords[] = phpBB3_password_check($_POST['passwrd'], $user_settings['passwd']);
@@ -326,27 +337,29 @@ 
 			// Some common md5 ones.
 			$other_passwords[] = md5($user_settings['password_salt'] . $_POST['passwrd']);
 			$other_passwords[] = md5($_POST['passwrd'] . $user_settings['password_salt']);
-		}
-		elseif (strlen($user_settings['passwd']) == 40)
+		} elseif (strlen($user_settings['passwd']) == 40)
 		{
 			// Maybe they are using a hash from before the password fix.
 			// This is also valid for SMF 1.1 to 2.0 style of hashing, changed to bcrypt in SMF 2.1
 			$other_passwords[] = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));
 
 			// BurningBoard3 style of hashing.
-			if (!empty($modSettings['enable_password_conversion']))
-				$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			if (!empty($modSettings['enable_password_conversion'])) {
+							$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));
+			}
 
 			// Perhaps we converted to UTF-8 and have a valid password being hashed differently.
 			if ($context['character_set'] == 'UTF-8' && !empty($modSettings['previousCharacterSet']) && $modSettings['previousCharacterSet'] != 'utf8')
 			{
 				// Try iconv first, for no particular reason.
-				if (function_exists('iconv'))
-					$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				if (function_exists('iconv')) {
+									$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));
+				}
 
 				// Say it aint so, iconv failed!
-				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding'))
-					$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding')) {
+									$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
+				}
 			}
 		}
 
@@ -376,8 +389,9 @@ 
 			$_SESSION['failed_login'] = isset($_SESSION['failed_login']) ? ($_SESSION['failed_login'] + 1) : 1;
 
 			// Hmm... don't remember it, do you?  Here, try the password reminder ;).
-			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold'])
-				redirectexit('action=reminder');
+			if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold']) {
+							redirectexit('action=reminder');
+			}
 			// We'll give you another chance...
 			else
 			{
@@ -388,8 +402,7 @@ 
 				return;
 			}
 		}
-	}
-	elseif (!empty($user_settings['passwd_flood']))
+	} elseif (!empty($user_settings['passwd_flood']))
 	{
 		// Let's be sure they weren't a little hacker.
 		validatePasswordFlood($user_settings['id_member'], $user_settings['member_name'], $user_settings['passwd_flood'], true);
@@ -406,8 +419,9 @@ 
 	}
 
 	// Check their activation status.
-	if (!checkActivation())
-		return;
+	if (!checkActivation()) {
+			return;
+	}
 
 	DoLogin();
 }
@@ -419,8 +433,9 @@ 
 {
 	global $sourcedir, $txt, $context, $user_info, $modSettings, $scripturl;
 
-	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode']))
-		fatal_lang_error('no_access', false);
+	if (!$user_info['is_guest'] || empty($context['tfa_member']) || empty($modSettings['tfa_mode'])) {
+			fatal_lang_error('no_access', false);
+	}
 
 	loadLanguage('Profile');
 	require_once($sourcedir . '/Class-TOTP.php');
@@ -428,8 +443,9 @@ 
 	$member = $context['tfa_member'];
 
 	// Prevent replay attacks by limiting at least 2 minutes before they can log in again via 2FA
-	if (time() - $member['last_login'] < 120)
-		fatal_lang_error('tfa_wait', false);
+	if (time() - $member['last_login'] < 120) {
+			fatal_lang_error('tfa_wait', false);
+	}
 
 	$totp = new \TOTP\Auth($member['tfa_secret']);
 	$totp->setRange(1);
@@ -443,8 +459,9 @@ 
 	if (!empty($_POST['tfa_code']) && empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$code = $_POST['tfa_code'];
 
@@ -454,20 +471,19 @@ 
 
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']), !empty($_POST['tfa_preserve']));
 			redirectexit();
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
 			$context['tfa_error'] = true;
 			$context['tfa_value'] = $_POST['tfa_code'];
 		}
-	}
-	elseif (!empty($_POST['tfa_backup']))
+	} elseif (!empty($_POST['tfa_backup']))
 	{
 		// Check to ensure we're forcing SSL for authentication
-		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-			fatal_lang_error('login_ssl_required');
+		if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+					fatal_lang_error('login_ssl_required');
+		}
 
 		$backup = $_POST['tfa_backup'];
 
@@ -481,8 +497,7 @@ 
 			));
 			setTFACookie(3153600, $member['id_member'], hash_salt($member['tfa_backup'], $member['password_salt']));
 			redirectexit('action=profile;area=tfasetup;backup');
-		}
-		else
+		} else
 		{
 			validatePasswordFlood($member['id_member'], $member['member_name'], $member['passwd_flood'], false, true);
 
@@ -505,8 +520,9 @@ 
 {
 	global $context, $txt, $scripturl, $user_settings, $modSettings;
 
-	if (!isset($context['login_errors']))
-		$context['login_errors'] = array();
+	if (!isset($context['login_errors'])) {
+			$context['login_errors'] = array();
+	}
 
 	// What is the true activation status of this account?
 	$activation_status = $user_settings['is_activated'] > 10 ? $user_settings['is_activated'] - 10 : $user_settings['is_activated'];
@@ -518,8 +534,9 @@ 
 		return false;
 	}
 	// Awaiting approval still?
-	elseif ($activation_status == 3)
-		fatal_lang_error('still_awaiting_approval', 'user');
+	elseif ($activation_status == 3) {
+			fatal_lang_error('still_awaiting_approval', 'user');
+	}
 	// Awaiting deletion, changed their mind?
 	elseif ($activation_status == 4)
 	{
@@ -527,8 +544,7 @@ 
 		{
 			updateMemberData($user_settings['id_member'], array('is_activated' => 1));
 			updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 0 ? $modSettings['unapprovedMembers'] - 1 : 0)));
-		}
-		else
+		} else
 		{
 			$context['disable_login_hashing'] = true;
 			$context['login_errors'][] = $txt['awaiting_delete_account'];
@@ -568,8 +584,9 @@ 
 	setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], hash_salt($user_settings['passwd'], $user_settings['password_salt']));
 
 	// Reset the login threshold.
-	if (isset($_SESSION['failed_login']))
-		unset($_SESSION['failed_login']);
+	if (isset($_SESSION['failed_login'])) {
+			unset($_SESSION['failed_login']);
+	}
 
 	$user_info['is_guest'] = false;
 	$user_settings['additional_groups'] = explode(',', $user_settings['additional_groups']);
@@ -591,16 +608,18 @@ 
 			'id_member' => $user_info['id'],
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) == 1)
-		$_SESSION['first_login'] = true;
-	else
-		unset($_SESSION['first_login']);
+	if ($smcFunc['db_num_rows']($request) == 1) {
+			$_SESSION['first_login'] = true;
+	} else {
+			unset($_SESSION['first_login']);
+	}
 	$smcFunc['db_free_result']($request);
 
 	// You've logged in, haven't you?
 	$update = array('member_ip' => $user_info['ip'], 'member_ip2' => $_SERVER['BAN_CHECK_IP']);
-	if (empty($user_settings['tfa_secret']))
-		$update['last_login'] = time();
+	if (empty($user_settings['tfa_secret'])) {
+			$update['last_login'] = time();
+	}
 	updateMemberData($user_info['id'], $update);
 
 	// Get rid of the online entry for that old guest....
@@ -614,8 +633,8 @@ 
 	$_SESSION['log_time'] = 0;
 
 	// Log this entry, only if we have it enabled.
-	if (!empty($modSettings['loginHistoryDays']))
-		$smcFunc['db_insert']('insert',
+	if (!empty($modSettings['loginHistoryDays'])) {
+			$smcFunc['db_insert']('insert',
 			'{db_prefix}member_logins',
 			array(
 				'id_member' => 'int', 'time' => 'int', 'ip' => 'inet', 'ip2' => 'inet',
@@ -627,13 +646,15 @@ 
 				'id_member', 'time'
 			)
 		);
+	}
 
 	// Just log you back out if it's in maintenance mode and you AREN'T an admin.
-	if (empty($maintenance) || allowedTo('admin_forum'))
-		redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
-	else
-		redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
-}
+	if (empty($maintenance) || allowedTo('admin_forum')) {
+			redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
+	} else {
+			redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
+	}
+	}
 
 /**
  * Logs the current user out of their account.
@@ -649,13 +670,15 @@ 
 	global $sourcedir, $user_info, $user_settings, $context, $smcFunc, $cookiename, $modSettings;
 
 	// Make sure they aren't being auto-logged out.
-	if (!$internal)
-		checkSession('get');
+	if (!$internal) {
+			checkSession('get');
+	}
 
 	require_once($sourcedir . '/Subs-Auth.php');
 
-	if (isset($_SESSION['pack_ftp']))
-		$_SESSION['pack_ftp'] = null;
+	if (isset($_SESSION['pack_ftp'])) {
+			$_SESSION['pack_ftp'] = null;
+	}
 
 	// It won't be first login anymore.
 	unset($_SESSION['first_login']);
@@ -683,8 +706,9 @@ 
 
 	// And some other housekeeping while we're at it.
 	$salt = substr(md5(mt_rand()), 0, 4);
-	if (!empty($user_info['id']))
-		updateMemberData($user_info['id'], array('password_salt' => $salt));
+	if (!empty($user_info['id'])) {
+			updateMemberData($user_info['id'], array('password_salt' => $salt));
+	}
 
 	if (!empty($modSettings['tfa_mode']) && !empty($user_info['id']) && !empty($_COOKIE[$cookiename . '_tfa']))
 	{
@@ -693,10 +717,11 @@ 
 		list ($tfamember, $tfasecret, $exp, $state, $preserve) = $tfadata;
 
 		// If we're preserving the cookie, reset it with updated salt
-		if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp)
-			setTFACookie(3153600, $user_info['id'], hash_salt($user_settings['tfa_backup'], $salt), true);
-		else
-			setTFACookie(-3600, 0, '');
+		if (isset($tfamember, $tfasecret, $exp, $state, $preserve) && $preserve && time() < $exp) {
+					setTFACookie(3153600, $user_info['id'], hash_salt($user_settings['tfa_backup'], $salt), true);
+		} else {
+					setTFACookie(-3600, 0, '');
+		}
 	}
 
 	session_destroy();
@@ -704,14 +729,13 @@ 
 	// Off to the merry board index we go!
 	if ($redirect)
 	{
-		if (empty($_SESSION['logout_url']))
-			redirectexit('', $context['server']['needs_login_fix']);
-		elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
+		if (empty($_SESSION['logout_url'])) {
+					redirectexit('', $context['server']['needs_login_fix']);
+		} elseif (!empty($_SESSION['logout_url']) && (strpos($_SESSION['logout_url'], 'http://') === false && strpos($_SESSION['logout_url'], 'https://') === false))
 		{
 			unset ($_SESSION['logout_url']);
 			redirectexit();
-		}
-		else
+		} else
 		{
 			$temp = $_SESSION['logout_url'];
 			unset($_SESSION['logout_url']);
@@ -744,8 +768,9 @@ 
 function phpBB3_password_check($passwd, $passwd_hash)
 {
 	// Too long or too short?
-	if (strlen($passwd_hash) != 34)
-		return;
+	if (strlen($passwd_hash) != 34) {
+			return;
+	}
 
 	// Range of characters allowed.
 	$range = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
@@ -756,8 +781,9 @@ 
 	$salt = substr($passwd_hash, 4, 8);
 
 	$hash = md5($salt . $passwd, true);
-	for (; $count != 0; --$count)
-		$hash = md5($hash . $passwd, true);
+	for (; $count != 0; --$count) {
+			$hash = md5($hash . $passwd, true);
+	}
 
 	$output = substr($passwd_hash, 0, 12);
 	$i = 0;
@@ -766,21 +792,25 @@ 
 		$value = ord($hash[$i++]);
 		$output .= $range[$value & 0x3f];
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 8;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 8;
+		}
 
 		$output .= $range[($value >> 6) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
-		if ($i < 16)
-			$value |= ord($hash[$i]) << 16;
+		if ($i < 16) {
+					$value |= ord($hash[$i]) << 16;
+		}
 
 		$output .= $range[($value >> 12) & 0x3f];
 
-		if ($i++ >= 16)
-			break;
+		if ($i++ >= 16) {
+					break;
+		}
 
 		$output .= $range[($value >> 18) & 0x3f];
 	}
@@ -812,8 +842,9 @@ 
 		require_once($sourcedir . '/Subs-Auth.php');
 		setLoginCookie(-3600, 0);
 
-		if (isset($_SESSION['login_' . $cookiename]))
-			unset($_SESSION['login_' . $cookiename]);
+		if (isset($_SESSION['login_' . $cookiename])) {
+					unset($_SESSION['login_' . $cookiename]);
+		}
 	}
 
 	// We need a member!
@@ -827,8 +858,9 @@ 
 	}
 
 	// Right, have we got a flood value?
-	if ($password_flood_value !== false)
-		@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	if ($password_flood_value !== false) {
+			@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);
+	}
 
 	// Timestamp or number of tries invalid?
 	if (empty($number_tries) || empty($time_stamp))
@@ -844,15 +876,17 @@ 
 		$number_tries = $time_stamp < time() - 20 ? 2 : $number_tries;
 
 		// They are trying too fast, make them wait longer
-		if ($time_stamp < time() - 10)
-			$time_stamp = time();
+		if ($time_stamp < time() - 10) {
+					$time_stamp = time();
+		}
 	}
 
 	$number_tries++;
 
 	// Broken the law?
-	if ($number_tries > 5)
-		fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	if ($number_tries > 5) {
+			fatal_lang_error('login_threshold_brute_fail', 'login', [$member_name]);
+	}
 
 	// Otherwise set the members data. If they correct on their first attempt then we actually clear it, otherwise we set it!
 	updateMemberData($id_member, array('passwd_flood' => $was_correct && $number_tries == 1 ? '' : $time_stamp . '|' . $number_tries));

Themes/default/Memberlist.template.php

Braces +27 added lines, -18 removed lines

@@ -26,9 +26,10 @@ 
 		<div class="cat_bar">
 			<h3 class="catbg">
 				<span class="floatleft">', $txt['members_list'], '</span>';
-		if (!isset($context['old_search']))
-				echo '
+		if (!isset($context['old_search'])) {
+						echo '
 				<span class="floatright">', $context['letter_links'], '</span>';
+		}
 		echo '
 			</h3>
 		</div>';
@@ -43,19 +44,22 @@ 
 	foreach ($context['columns'] as $key => $column)
 	{
 		// @TODO maybe find something nicer?
-		if ($key == 'email_address' && !$context['can_send_email'])
-			continue;
+		if ($key == 'email_address' && !$context['can_send_email']) {
+					continue;
+		}
 
 		// This is a selected column, so underline it or some such.
-		if ($column['selected'])
-			echo '
+		if ($column['selected']) {
+					echo '
 					<th scope="col" class="', $key, isset($column['class']) ? ' ' . $column['class'] : '', ' selected" style="width: auto;"' . (isset($column['colspan']) ? ' colspan="' . $column['colspan'] . '"' : '') . '>
 						<a href="' . $column['href'] . '" rel="nofollow">' . $column['label'] . '</a><span class="generic_icons sort_' . $context['sort_direction'] . '"></span></th>';
+		}
 		// This is just some column... show the link and be done with it.
-		else
-			echo '
+		else {
+					echo '
 					<th scope="col" class="', $key, isset($column['class']) ? ' ' . $column['class'] : '', '"', isset($column['width']) ? ' style="width: ' . $column['width'] . '"' : '', isset($column['colspan']) ? ' colspan="' . $column['colspan'] . '"' : '', '>
 						', $column['link'], '</th>';
+		}
 	}
 	echo '
 				</tr>
@@ -74,9 +78,10 @@ 
 					</td>
 					<td class="lefttext">', $member['link'], '</td>';
 
-		if (!isset($context['disabled_fields']['website']))
-			echo '
+		if (!isset($context['disabled_fields']['website'])) {
+					echo '
 					<td class="centertext website_url">', $member['website']['url'] != '' ? '<a href="' . $member['website']['url'] . '" target="_blank"><span class="generic_icons www" title="' . $member['website']['title'] . '"></span></a>' : '', '</td>';
+		}
 
 		// Group and date.
 		echo '
@@ -89,11 +94,12 @@ 
 					<td class="centertext" style="white-space: nowrap; width: 15px">', $member['posts'], '</td>
 					<td class="centertext statsbar" style="width: 120px">';
 
-			if (!empty($member['post_percent']))
-				echo '
+			if (!empty($member['post_percent'])) {
+							echo '
 						<div class="bar" style="width: ', $member['post_percent'] + 4, 'px;">
 							<div style="width: ', $member['post_percent'], 'px;"></div>
 						</div>';
+			}
 
 			echo '
 					</td>';
@@ -102,9 +108,10 @@ 
 		// Show custom fields marked to be shown here
 		if (!empty($context['custom_profile_fields']['columns']))
 		{
-			foreach ($context['custom_profile_fields']['columns'] as $key => $column)
-				echo '
+			foreach ($context['custom_profile_fields']['columns'] as $key => $column) {
+							echo '
 					<td class="righttext">', $member['options'][$key], '</td>';
+			}
 		}
 
 		echo '
@@ -112,11 +119,12 @@ 
 		}
 	}
 	// No members?
-	else
-		echo '
+	else {
+			echo '
 				<tr>
 					<td colspan="', $context['colspan'], '" class="windowbg">', $txt['search_no_results'], '</td>
 				</tr>';
+	}
 
 				echo '
 			</tbody>
@@ -129,9 +137,10 @@ 
 			<div class="pagelinks floatleft">', $context['page_index'], '</div>';
 
 	// If it is displaying the result of a search show a "search again" link to edit their criteria.
-	if (isset($context['old_search']))
-		echo '
+	if (isset($context['old_search'])) {
+			echo '
 			<a class="button_link" href="', $scripturl, '?action=mlist;sa=search;search=', $context['old_search_value'], '">', $txt['mlist_search_again'], '</a>';
+	}
 	echo '
 		</div>
 	</div>';

Sources/Profile-Actions.php

Braces +117 added lines, -86 removed lines

@@ -13,8 +13,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Activate an account.
@@ -48,8 +49,9 @@ 
 		logAction('approve_member', array('member' => $memID), 'admin');
 
 		// If we are doing approval, update the stats for the member just in case.
-		if (in_array($user_profile[$memID]['is_activated'], array(3, 4, 5, 13, 14, 15)))
-			updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 1 ? $modSettings['unapprovedMembers'] - 1 : 0)));
+		if (in_array($user_profile[$memID]['is_activated'], array(3, 4, 5, 13, 14, 15))) {
+					updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 1 ? $modSettings['unapprovedMembers'] - 1 : 0)));
+		}
 
 		// Make sure we update the stats too.
 		updateStats('member', false);
@@ -76,8 +78,9 @@ 
 	$issueErrors = array();
 
 	// Doesn't hurt to be overly cautious.
-	if (empty($modSettings['warning_enable']) || ($context['user']['is_owner'] && !$cur_profile['warning']) || !allowedTo('issue_warning'))
-		fatal_lang_error('no_access', false);
+	if (empty($modSettings['warning_enable']) || ($context['user']['is_owner'] && !$cur_profile['warning']) || !allowedTo('issue_warning')) {
+			fatal_lang_error('no_access', false);
+	}
 
 	// Get the base (errors related) stuff done.
 	loadLanguage('Errors');
@@ -135,16 +138,18 @@ 
 
 		// This cannot be empty!
 		$_POST['warn_reason'] = isset($_POST['warn_reason']) ? trim($_POST['warn_reason']) : '';
-		if ($_POST['warn_reason'] == '' && !$context['user']['is_owner'])
-			$issueErrors[] = 'warning_no_reason';
+		if ($_POST['warn_reason'] == '' && !$context['user']['is_owner']) {
+					$issueErrors[] = 'warning_no_reason';
+		}
 		$_POST['warn_reason'] = $smcFunc['htmlspecialchars']($_POST['warn_reason']);
 
 		$_POST['warning_level'] = (int) $_POST['warning_level'];
 		$_POST['warning_level'] = max(0, min(100, $_POST['warning_level']));
-		if ($_POST['warning_level'] < $context['min_allowed'])
-			$_POST['warning_level'] = $context['min_allowed'];
-		elseif ($_POST['warning_level'] > $context['max_allowed'])
-			$_POST['warning_level'] = $context['max_allowed'];
+		if ($_POST['warning_level'] < $context['min_allowed']) {
+					$_POST['warning_level'] = $context['min_allowed'];
+		} elseif ($_POST['warning_level'] > $context['max_allowed']) {
+					$_POST['warning_level'] = $context['max_allowed'];
+		}
 
 		// Do we actually have to issue them with a PM?
 		$id_notice = 0;
@@ -152,8 +157,9 @@ 
 		{
 			$_POST['warn_sub'] = trim($_POST['warn_sub']);
 			$_POST['warn_body'] = trim($_POST['warn_body']);
-			if (empty($_POST['warn_sub']) || empty($_POST['warn_body']))
-				$issueErrors[] = 'warning_notify_blank';
+			if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
+							$issueErrors[] = 'warning_notify_blank';
+			}
 			// Send the PM?
 			else
 			{
@@ -190,8 +196,8 @@ 
 		if (empty($issueErrors))
 		{
 			// Log what we've done!
-			if (!$context['user']['is_owner'])
-				$smcFunc['db_insert']('',
+			if (!$context['user']['is_owner']) {
+							$smcFunc['db_insert']('',
 					'{db_prefix}log_comments',
 					array(
 						'id_member' => 'int', 'member_name' => 'string', 'comment_type' => 'string', 'id_recipient' => 'int', 'recipient_name' => 'string-255',
@@ -203,14 +209,14 @@ 
 					),
 					array('id_comment')
 				);
+			}
 
 			// Make the change.
 			updateMemberData($memID, array('warning' => $_POST['warning_level']));
 
 			// Leave a lovely message.
 			$context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success'];
-		}
-		else
+		} else
 		{
 			// Try to remember some bits.
 			$context['warning_data'] = array(
@@ -229,8 +235,9 @@ 
 	{
 		$warning_body = !empty($_POST['warn_body']) ? trim(censorText($_POST['warn_body'])) : '';
 		$context['preview_subject'] = !empty($_POST['warn_sub']) ? trim($smcFunc['htmlspecialchars']($_POST['warn_sub'])) : '';
-		if (empty($_POST['warn_sub']) || empty($_POST['warn_body']))
-			$issueErrors[] = 'warning_notify_blank';
+		if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
+					$issueErrors[] = 'warning_notify_blank';
+		}
 
 		if (!empty($_POST['warn_body']))
 		{
@@ -254,8 +261,9 @@ 
 	{
 		// Fill in the suite of errors.
 		$context['post_errors'] = array();
-		foreach ($issueErrors as $error)
-			$context['post_errors'][] = $txt[$error];
+		foreach ($issueErrors as $error) {
+					$context['post_errors'][] = $txt[$error];
+		}
 	}
 
 
@@ -272,9 +280,10 @@ 
 		$modSettings['warning_mute'] => $txt['profile_warning_effect_mute'],
 	);
 	$context['current_level'] = 0;
-	foreach ($context['level_effects'] as $limit => $dummy)
-		if ($context['member']['warning'] >= $limit)
+	foreach ($context['level_effects'] as $limit => $dummy) {
+			if ($context['member']['warning'] >= $limit)
 			$context['current_level'] = $limit;
+	}
 
 	$listOptions = array(
 		'id' => 'view_warnings',
@@ -337,11 +346,12 @@ 
 							' . $warning['reason'] . '
 						</div>';
 
-						if (!empty($warning['id_notice']))
-							$ret .= '
+						if (!empty($warning['id_notice'])) {
+													$ret .= '
 						<div class="floatright">
 							<a href="' . $scripturl . '?action=moderate;area=notice;nid=' . $warning['id_notice'] . '" onclick="window.open(this.href, \'\', \'scrollbars=yes,resizable=yes,width=400,height=250\');return false;" target="_blank" title="' . $txt['profile_warning_previous_notice'] . '"><span class="generic_icons filter centericon"></span></a>
 						</div>';
+						}
 
 						return $ret;
 					},
@@ -413,8 +423,9 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// If we're not warning for a message skip any that are.
-		if (!$context['warning_for_message'] && strpos($row['body'], '{MESSAGE}') !== false)
-			continue;
+		if (!$context['warning_for_message'] && strpos($row['body'], '{MESSAGE}') !== false) {
+					continue;
+		}
 
 		$context['notification_templates'][] = array(
 			'title' => $row['template_title'],
@@ -424,16 +435,18 @@ 
 	$smcFunc['db_free_result']($request);
 
 	// Setup the "default" templates.
-	foreach (array('spamming', 'offence', 'insulting') as $type)
-		$context['notification_templates'][] = array(
+	foreach (array('spamming', 'offence', 'insulting') as $type) {
+			$context['notification_templates'][] = array(
 			'title' => $txt['profile_warning_notify_title_' . $type],
 			'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($context['warning_for_message']) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]),
 		);
+	}
 
 	// Replace all the common variables in the templates.
-	foreach ($context['notification_templates'] as $k => $name)
-		$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $context['warning_for_message'] . ']' . un_htmlspecialchars($context['warned_message_subject']) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => $txt['regards_team']));
-}
+	foreach ($context['notification_templates'] as $k => $name) {
+			$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $context['warning_for_message'] . ']' . un_htmlspecialchars($context['warned_message_subject']) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => $txt['regards_team']));
+	}
+	}
 
 /**
  * Get the number of warnings a user has. Callback for $listOptions['get_count'] in issueWarning()
@@ -517,10 +530,11 @@ 
 {
 	global $txt, $context, $modSettings, $cur_profile;
 
-	if (!$context['user']['is_owner'])
-		isAllowedTo('profile_remove_any');
-	elseif (!allowedTo('profile_remove_any'))
-		isAllowedTo('profile_remove_own');
+	if (!$context['user']['is_owner']) {
+			isAllowedTo('profile_remove_any');
+	} elseif (!allowedTo('profile_remove_any')) {
+			isAllowedTo('profile_remove_own');
+	}
 
 	// Permissions for removing stuff...
 	$context['can_delete_posts'] = !$context['user']['is_owner'] && allowedTo('moderate_forum');
@@ -547,10 +561,11 @@ 
 
 	// @todo Add a way to delete pms as well?
 
-	if (!$context['user']['is_owner'])
-		isAllowedTo('profile_remove_any');
-	elseif (!allowedTo('profile_remove_any'))
-		isAllowedTo('profile_remove_own');
+	if (!$context['user']['is_owner']) {
+			isAllowedTo('profile_remove_any');
+	} elseif (!allowedTo('profile_remove_any')) {
+			isAllowedTo('profile_remove_own');
+	}
 
 	checkSession();
 
@@ -576,8 +591,9 @@ 
 		list ($another) = $smcFunc['db_fetch_row']($request);
 		$smcFunc['db_free_result']($request);
 
-		if (empty($another))
-			fatal_lang_error('at_least_one_admin', 'critical');
+		if (empty($another)) {
+					fatal_lang_error('at_least_one_admin', 'critical');
+		}
 	}
 
 	// This file is needed for the deleteMembers function.
@@ -656,8 +672,9 @@ 
 					)
 				);
 				$topicIDs = array();
-				while ($row = $smcFunc['db_fetch_assoc']($request))
-					$topicIDs[] = $row['id_topic'];
+				while ($row = $smcFunc['db_fetch_assoc']($request)) {
+									$topicIDs[] = $row['id_topic'];
+				}
 				$smcFunc['db_free_result']($request);
 
 				// Actually remove the topics. Ignore recycling if we want to perma-delete things...
@@ -680,8 +697,9 @@ 
 			// This could take a while... but ya know it's gonna be worth it in the end.
 			while ($row = $smcFunc['db_fetch_assoc']($request))
 			{
-				if (function_exists('apache_reset_timeout'))
-					@apache_reset_timeout();
+				if (function_exists('apache_reset_timeout')) {
+									@apache_reset_timeout();
+				}
 
 				removeMessage($row['id_msg']);
 			}
@@ -689,8 +707,9 @@ 
 		}
 
 		// Only delete this poor members account if they are actually being booted out of camp.
-		if (isset($_POST['deleteAccount']))
-			deleteMembers($memID);
+		if (isset($_POST['deleteAccount'])) {
+					deleteMembers($memID);
+		}
 	}
 	// Do they need approval to delete?
 	elseif (!empty($modSettings['approveAccountDeletion']) && !allowedTo('moderate_forum'))
@@ -741,18 +760,18 @@ 
 		{
 			foreach ($costs as $duration => $cost)
 			{
-				if ($cost != 0)
-					$cost_array[$duration] = $cost;
+				if ($cost != 0) {
+									$cost_array[$duration] = $cost;
+				}
 			}
-		}
-		else
+		} else
 		{
 			$cost_array['fixed'] = $costs['fixed'];
 		}
 
-		if (empty($cost_array))
-			unset($context['subscriptions'][$id]);
-		else
+		if (empty($cost_array)) {
+					unset($context['subscriptions'][$id]);
+		} else
 		{
 			$context['subscriptions'][$id]['member'] = 0;
 			$context['subscriptions'][$id]['subscribed'] = false;
@@ -765,13 +784,15 @@ 
 	foreach ($gateways as $id => $gateway)
 	{
 		$gateways[$id] = new $gateway['display_class']();
-		if (!$gateways[$id]->gatewayEnabled())
-			unset($gateways[$id]);
+		if (!$gateways[$id]->gatewayEnabled()) {
+					unset($gateways[$id]);
+		}
 	}
 
 	// No gateways yet?
-	if (empty($gateways))
-		fatal_error($txt['paid_admin_not_setup_gateway']);
+	if (empty($gateways)) {
+			fatal_error($txt['paid_admin_not_setup_gateway']);
+	}
 
 	// Get the current subscriptions.
 	$request = $smcFunc['db_query']('', '
@@ -786,8 +807,9 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// The subscription must exist!
-		if (!isset($context['subscriptions'][$row['id_subscribe']]))
-			continue;
+		if (!isset($context['subscriptions'][$row['id_subscribe']])) {
+					continue;
+		}
 
 		$context['current'][$row['id_subscribe']] = array(
 			'id' => $row['id_sublog'],
@@ -801,8 +823,9 @@ 
 			'status_text' => $row['status'] == 0 ? ($row['payments_pending'] ? $txt['paid_pending'] : $txt['paid_finished']) : $txt['paid_active'],
 		);
 
-		if ($row['status'] == 1)
-			$context['subscriptions'][$row['id_subscribe']]['subscribed'] = true;
+		if ($row['status'] == 1) {
+					$context['subscriptions'][$row['id_subscribe']]['subscribed'] = true;
+		}
 	}
 	$smcFunc['db_free_result']($request);
 
@@ -853,21 +876,25 @@ 
 	if (isset($_GET['confirm']) && isset($_POST['sub_id']) && is_array($_POST['sub_id']))
 	{
 		// Hopefully just one.
-		foreach ($_POST['sub_id'] as $k => $v)
-			$ID_SUB = (int) $k;
+		foreach ($_POST['sub_id'] as $k => $v) {
+					$ID_SUB = (int) $k;
+		}
 
-		if (!isset($context['subscriptions'][$ID_SUB]) || $context['subscriptions'][$ID_SUB]['active'] == 0)
-			fatal_lang_error('paid_sub_not_active');
+		if (!isset($context['subscriptions'][$ID_SUB]) || $context['subscriptions'][$ID_SUB]['active'] == 0) {
+					fatal_lang_error('paid_sub_not_active');
+		}
 
 		// Simplify...
 		$context['sub'] = $context['subscriptions'][$ID_SUB];
 		$period = 'xx';
-		if ($context['sub']['flexible'])
-			$period = isset($_POST['cur'][$ID_SUB]) && isset($context['sub']['costs'][$_POST['cur'][$ID_SUB]]) ? $_POST['cur'][$ID_SUB] : 'xx';
+		if ($context['sub']['flexible']) {
+					$period = isset($_POST['cur'][$ID_SUB]) && isset($context['sub']['costs'][$_POST['cur'][$ID_SUB]]) ? $_POST['cur'][$ID_SUB] : 'xx';
+		}
 
 		// Check we have a valid cost.
-		if ($context['sub']['flexible'] && $period == 'xx')
-			fatal_lang_error('paid_sub_not_active');
+		if ($context['sub']['flexible'] && $period == 'xx') {
+					fatal_lang_error('paid_sub_not_active');
+		}
 
 		// Sort out the cost/currency.
 		$context['currency'] = $modSettings['paid_currency_code'];
@@ -880,8 +907,7 @@ 
 			$context['cost'] = sprintf($modSettings['paid_currency_symbol'], $context['value']) . '/' . $txt[$_POST['cur'][$ID_SUB]];
 			// The period value for paypal.
 			$context['paypal_period'] = strtoupper(substr($_POST['cur'][$ID_SUB], 0, 1));
-		}
-		else
+		} else
 		{
 			// Real cost...
 			$context['value'] = $context['sub']['costs']['fixed'];
@@ -898,13 +924,15 @@ 
 		foreach ($gateways as $id => $gateway)
 		{
 			$fields = $gateways[$id]->fetchGatewayFields($context['sub']['id'] . '+' . $memID, $context['sub'], $context['value'], $period, $scripturl . '?action=profile;u=' . $memID . ';area=subscriptions;sub_id=' . $context['sub']['id'] . ';done');
-			if (!empty($fields['form']))
-				$context['gateways'][] = $fields;
+			if (!empty($fields['form'])) {
+							$context['gateways'][] = $fields;
+			}
 		}
 
 		// Bugger?!
-		if (empty($context['gateways']))
-			fatal_error($txt['paid_admin_not_setup_gateway']);
+		if (empty($context['gateways'])) {
+					fatal_error($txt['paid_admin_not_setup_gateway']);
+		}
 
 		// Now we are going to assume they want to take this out ;)
 		$new_data = array($context['sub']['id'], $context['value'], $period, 'prepay');
@@ -912,16 +940,19 @@ 
 		{
 			// What are the details like?
 			$current_pending = array();
-			if ($context['current'][$context['sub']['id']]['pending_details'] != '')
-				$current_pending = $smcFunc['json_decode']($context['current'][$context['sub']['id']]['pending_details'], true);
+			if ($context['current'][$context['sub']['id']]['pending_details'] != '') {
+							$current_pending = $smcFunc['json_decode']($context['current'][$context['sub']['id']]['pending_details'], true);
+			}
 			// Don't get silly.
-			if (count($current_pending) > 9)
-				$current_pending = array();
+			if (count($current_pending) > 9) {
+							$current_pending = array();
+			}
 			$pending_count = 0;
 			// Only record real pending payments as will otherwise confuse the admin!
-			foreach ($current_pending as $pending)
-				if ($pending[3] == 'payback')
+			foreach ($current_pending as $pending) {
+							if ($pending[3] == 'payback')
 					$pending_count++;
+			}
 
 			if (!in_array($new_data, $current_pending))
 			{
@@ -966,9 +997,9 @@ 
 
 		// Quit.
 		return;
+	} else {
+			$context['sub_template'] = 'user_subscription';
+	}
 	}
-	else
-		$context['sub_template'] = 'user_subscription';
-}
 
 ?>
\ No newline at end of file