SimpleMachines /
SMF2.1
@@ -11,8 +11,9 @@ discard block |
||
| 11 | 11 | * @version 2.1 Beta 4 |
| 12 | 12 | */ |
| 13 | 13 | |
| 14 | -if (!defined('SMF')) |
|
| 14 | +if (!defined('SMF')) { |
|
| 15 | 15 | die('No direct access...'); |
| 16 | +} |
|
| 16 | 17 | |
| 17 | 18 | /** |
| 18 | 19 | * Used for the "custom search index" option |
@@ -54,8 +55,9 @@ discard block |
||
| 54 | 55 | return; |
| 55 | 56 | } |
| 56 | 57 | |
| 57 | - if (empty($modSettings['search_custom_index_config'])) |
|
| 58 | - return; |
|
| 58 | + if (empty($modSettings['search_custom_index_config'])) { |
|
| 59 | + return; |
|
| 60 | + } |
|
| 59 | 61 | |
| 60 | 62 | $this->indexSettings = $smcFunc['json_decode']($modSettings['search_custom_index_config'], true); |
| 61 | 63 | |
@@ -117,21 +119,23 @@ discard block |
||
| 117 | 119 | |
| 118 | 120 | $subwords = text2words($word, $this->min_word_length, true); |
| 119 | 121 | |
| 120 | - if (empty($modSettings['search_force_index'])) |
|
| 121 | - $wordsSearch['words'][] = $word; |
|
| 122 | + if (empty($modSettings['search_force_index'])) { |
|
| 123 | + $wordsSearch['words'][] = $word; |
|
| 124 | + } |
|
| 122 | 125 | |
| 123 | 126 | // Excluded phrases don't benefit from being split into subwords. |
| 124 | - if (count($subwords) > 1 && $isExcluded) |
|
| 125 | - continue; |
|
| 126 | - else |
|
| 127 | + if (count($subwords) > 1 && $isExcluded) { |
|
| 128 | + continue; |
|
| 129 | + } else |
|
| 127 | 130 | { |
| 128 | 131 | foreach ($subwords as $subword) |
| 129 | 132 | { |
| 130 | 133 | if ($smcFunc['strlen']($subword) >= $this->min_word_length && !in_array($subword, $this->bannedWords)) |
| 131 | 134 | { |
| 132 | 135 | $wordsSearch['indexed_words'][] = $subword; |
| 133 | - if ($isExcluded) |
|
| 134 | - $wordsExclude[] = $subword; |
|
| 136 | + if ($isExcluded) { |
|
| 137 | + $wordsExclude[] = $subword; |
|
| 138 | + } |
|
| 135 | 139 | } |
| 136 | 140 | } |
| 137 | 141 | } |
@@ -152,8 +156,9 @@ discard block |
||
| 152 | 156 | $query_where = array(); |
| 153 | 157 | $query_params = $search_data['params']; |
| 154 | 158 | |
| 155 | - if ($query_params['id_search']) |
|
| 156 | - $query_select['id_search'] = '{int:id_search}'; |
|
| 159 | + if ($query_params['id_search']) { |
|
| 160 | + $query_select['id_search'] = '{int:id_search}'; |
|
| 161 | + } |
|
| 157 | 162 | |
| 158 | 163 | $count = 0; |
| 159 | 164 | foreach ($words['words'] as $regularWord) |
@@ -162,30 +167,37 @@ discard block |
||
| 162 | 167 | $query_params['complex_body_' . $count++] = empty($modSettings['search_match_words']) || $search_data['no_regexp'] ? '%' . strtr($regularWord, array('_' => '\\_', '%' => '\\%')) . '%' : '[[:<:]]' . addcslashes(preg_replace(array('/([\[\]$.+*?|{}()])/'), array('[$1]'), $regularWord), '\\\'') . '[[:>:]]'; |
| 163 | 168 | } |
| 164 | 169 | |
| 165 | - if ($query_params['user_query']) |
|
| 166 | - $query_where[] = '{raw:user_query}'; |
|
| 167 | - if ($query_params['board_query']) |
|
| 168 | - $query_where[] = 'm.id_board {raw:board_query}'; |
|
| 170 | + if ($query_params['user_query']) { |
|
| 171 | + $query_where[] = '{raw:user_query}'; |
|
| 172 | + } |
|
| 173 | + if ($query_params['board_query']) { |
|
| 174 | + $query_where[] = 'm.id_board {raw:board_query}'; |
|
| 175 | + } |
|
| 169 | 176 | |
| 170 | - if ($query_params['topic']) |
|
| 171 | - $query_where[] = 'm.id_topic = {int:topic}'; |
|
| 172 | - if ($query_params['min_msg_id']) |
|
| 173 | - $query_where[] = 'm.id_msg >= {int:min_msg_id}'; |
|
| 174 | - if ($query_params['max_msg_id']) |
|
| 175 | - $query_where[] = 'm.id_msg <= {int:max_msg_id}'; |
|
| 177 | + if ($query_params['topic']) { |
|
| 178 | + $query_where[] = 'm.id_topic = {int:topic}'; |
|
| 179 | + } |
|
| 180 | + if ($query_params['min_msg_id']) { |
|
| 181 | + $query_where[] = 'm.id_msg >= {int:min_msg_id}'; |
|
| 182 | + } |
|
| 183 | + if ($query_params['max_msg_id']) { |
|
| 184 | + $query_where[] = 'm.id_msg <= {int:max_msg_id}'; |
|
| 185 | + } |
|
| 176 | 186 | |
| 177 | 187 | $count = 0; |
| 178 | - if (!empty($query_params['excluded_phrases']) && empty($modSettings['search_force_index'])) |
|
| 179 | - foreach ($query_params['excluded_phrases'] as $phrase) |
|
| 188 | + if (!empty($query_params['excluded_phrases']) && empty($modSettings['search_force_index'])) { |
|
| 189 | + foreach ($query_params['excluded_phrases'] as $phrase) |
|
| 180 | 190 | { |
| 181 | 191 | $query_where[] = 'subject NOT ' . (empty($modSettings['search_match_words']) || $search_data['no_regexp'] ? ' LIKE ' : ' RLIKE ') . '{string:exclude_subject_phrase_' . $count . '}'; |
| 192 | + } |
|
| 182 | 193 | $query_params['exclude_subject_phrase_' . $count++] = empty($modSettings['search_match_words']) || $search_data['no_regexp'] ? '%' . strtr($phrase, array('_' => '\\_', '%' => '\\%')) . '%' : '[[:<:]]' . addcslashes(preg_replace(array('/([\[\]$.+*?|{}()])/'), array('[$1]'), $phrase), '\\\'') . '[[:>:]]'; |
| 183 | 194 | } |
| 184 | 195 | $count = 0; |
| 185 | - if (!empty($query_params['excluded_subject_words']) && empty($modSettings['search_force_index'])) |
|
| 186 | - foreach ($query_params['excluded_subject_words'] as $excludedWord) |
|
| 196 | + if (!empty($query_params['excluded_subject_words']) && empty($modSettings['search_force_index'])) { |
|
| 197 | + foreach ($query_params['excluded_subject_words'] as $excludedWord) |
|
| 187 | 198 | { |
| 188 | 199 | $query_where[] = 'subject NOT ' . (empty($modSettings['search_match_words']) || $search_data['no_regexp'] ? ' LIKE ' : ' RLIKE ') . '{string:exclude_subject_words_' . $count . '}'; |
| 200 | + } |
|
| 189 | 201 | $query_params['exclude_subject_words_' . $count++] = empty($modSettings['search_match_words']) || $search_data['no_regexp'] ? '%' . strtr($excludedWord, array('_' => '\\_', '%' => '\\%')) . '%' : '[[:<:]]' . addcslashes(preg_replace(array('/([\[\]$.+*?|{}()])/'), array('[$1]'), $excludedWord), '\\\'') . '[[:>:]]'; |
| 190 | 202 | } |
| 191 | 203 | |
@@ -198,8 +210,7 @@ discard block |
||
| 198 | 210 | { |
| 199 | 211 | $query_left_join[] = '{db_prefix}log_search_words AS lsw' . $numTables . ' ON (lsw' . $numTables . '.id_word = ' . $indexedWord . ' AND lsw' . $numTables . '.id_msg = m.id_msg)'; |
| 200 | 212 | $query_where[] = '(lsw' . $numTables . '.id_word IS NULL)'; |
| 201 | - } |
|
| 202 | - else |
|
| 213 | + } else |
|
| 203 | 214 | { |
| 204 | 215 | $query_inner_join[] = '{db_prefix}log_search_words AS lsw' . $numTables . ' ON (lsw' . $numTables . '.id_msg = ' . ($prev_join === 0 ? 'm' : 'lsw' . $prev_join) . '.id_msg)'; |
| 205 | 216 | $query_where[] = 'lsw' . $numTables . '.id_word = ' . $indexedWord; |
@@ -235,16 +246,18 @@ discard block |
||
| 235 | 246 | $customIndexSettings = $smcFunc['json_decode']($modSettings['search_custom_index_config'], true); |
| 236 | 247 | |
| 237 | 248 | $inserts = array(); |
| 238 | - foreach (text2words($msgOptions['body'], $customIndexSettings['bytes_per_word'], true) as $word) |
|
| 239 | - $inserts[] = array($word, $msgOptions['id']); |
|
| 249 | + foreach (text2words($msgOptions['body'], $customIndexSettings['bytes_per_word'], true) as $word) { |
|
| 250 | + $inserts[] = array($word, $msgOptions['id']); |
|
| 251 | + } |
|
| 240 | 252 | |
| 241 | - if (!empty($inserts)) |
|
| 242 | - $smcFunc['db_insert']('ignore', |
|
| 253 | + if (!empty($inserts)) { |
|
| 254 | + $smcFunc['db_insert']('ignore', |
|
| 243 | 255 | '{db_prefix}log_search_words', |
| 244 | 256 | array('id_word' => 'int', 'id_msg' => 'int'), |
| 245 | 257 | $inserts, |
| 246 | 258 | array('id_word', 'id_msg') |
| 247 | 259 | ); |
| 260 | + } |
|
| 248 | 261 | } |
| 249 | 262 | |
| 250 | 263 | /** |
@@ -287,8 +300,9 @@ discard block |
||
| 287 | 300 | if (!empty($inserted_words)) |
| 288 | 301 | { |
| 289 | 302 | $inserts = array(); |
| 290 | - foreach ($inserted_words as $word) |
|
| 291 | - $inserts[] = array($word, $msgOptions['id']); |
|
| 303 | + foreach ($inserted_words as $word) { |
|
| 304 | + $inserts[] = array($word, $msgOptions['id']); |
|
| 305 | + } |
|
| 292 | 306 | $smcFunc['db_insert']('insert', |
| 293 | 307 | '{db_prefix}log_search_words', |
| 294 | 308 | array('id_word' => 'string', 'id_msg' => 'int'), |
@@ -430,8 +430,8 @@ |
||
| 430 | 430 | $real_name = $smcFunc['db_case_sensitive'] ? 'LOWER(real_name)' : 'real_name'; |
| 431 | 431 | |
| 432 | 432 | // Searches. |
| 433 | - $member_name_search = $member_name . ' ' . $comparison . ' ' . implode( ' OR ' . $member_name . ' ' . $comparison . ' ', $names_list); |
|
| 434 | - $real_name_search = $real_name . ' ' . $comparison . ' ' . implode( ' OR ' . $real_name . ' ' . $comparison . ' ', $names_list); |
|
| 433 | + $member_name_search = $member_name . ' ' . $comparison . ' ' . implode(' OR ' . $member_name . ' ' . $comparison . ' ', $names_list); |
|
| 434 | + $real_name_search = $real_name . ' ' . $comparison . ' ' . implode(' OR ' . $real_name . ' ' . $comparison . ' ', $names_list); |
|
| 435 | 435 | |
| 436 | 436 | // Search by username, display name, and email address. |
| 437 | 437 | $request = $smcFunc['db_query']('', ' |
@@ -13,8 +13,9 @@ discard block |
||
| 13 | 13 | * @version 2.1 Beta 4 |
| 14 | 14 | */ |
| 15 | 15 | |
| 16 | -if (!defined('SMF')) |
|
| 16 | +if (!defined('SMF')) { |
|
| 17 | 17 | die('No direct access...'); |
| 18 | +} |
|
| 18 | 19 | |
| 19 | 20 | /** |
| 20 | 21 | * Sets the SMF-style login cookie and session based on the id_member and password passed. |
@@ -47,8 +48,9 @@ discard block |
||
| 47 | 48 | if (isset($_COOKIE[$cookiename])) |
| 48 | 49 | { |
| 49 | 50 | // First check for 2.1 json-format cookie |
| 50 | - if (preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+,"3":"[^"]+","4":"[^"]+"~', $_COOKIE[$cookiename]) === 1) |
|
| 51 | - list(,,, $old_domain, $old_path) = $smcFunc['json_decode']($_COOKIE[$cookiename], true); |
|
| 51 | + if (preg_match('~^{"0":\d+,"1":"[0-9a-f]*","2":\d+,"3":"[^"]+","4":"[^"]+"~', $_COOKIE[$cookiename]) === 1) { |
|
| 52 | + list(,,, $old_domain, $old_path) = $smcFunc['json_decode']($_COOKIE[$cookiename], true); |
|
| 53 | + } |
|
| 52 | 54 | |
| 53 | 55 | // Legacy format (for recent 2.0 --> 2.1 upgrades) |
| 54 | 56 | elseif (preg_match('~^a:[34]:\{i:0;i:\d+;i:1;s:(0|128):"([a-fA-F0-9]{128})?";i:2;[id]:\d+;(i:3;i:\d;)?~', $_COOKIE[$cookiename]) === 1) |
@@ -58,15 +60,17 @@ discard block |
||
| 58 | 60 | $cookie_state = (empty($modSettings['localCookies']) ? 0 : 1) | (empty($modSettings['globalCookies']) ? 0 : 2); |
| 59 | 61 | |
| 60 | 62 | // Maybe we need to temporarily pretend to be using local cookies |
| 61 | - if ($cookie_state == 0 && $old_state == 1) |
|
| 62 | - list($old_domain, $old_path) = url_parts(true, false); |
|
| 63 | - else |
|
| 64 | - list($old_domain, $old_path) = url_parts($old_state & 1 > 0, $old_state & 2 > 0); |
|
| 63 | + if ($cookie_state == 0 && $old_state == 1) { |
|
| 64 | + list($old_domain, $old_path) = url_parts(true, false); |
|
| 65 | + } else { |
|
| 66 | + list($old_domain, $old_path) = url_parts($old_state & 1 > 0, $old_state & 2 > 0); |
|
| 67 | + } |
|
| 65 | 68 | } |
| 66 | 69 | |
| 67 | 70 | // Out with the old, in with the new! |
| 68 | - if (isset($old_domain) && $old_domain != $cookie_url[0] || isset($old_path) && $old_path != $cookie_url[1]) |
|
| 69 | - smf_setcookie($cookiename, $smcFunc['json_encode'](array(0, '', 0, $old_domain, $old_path), JSON_FORCE_OBJECT), 1, $old_path, $old_domain); |
|
| 71 | + if (isset($old_domain) && $old_domain != $cookie_url[0] || isset($old_path) && $old_path != $cookie_url[1]) { |
|
| 72 | + smf_setcookie($cookiename, $smcFunc['json_encode'](array(0, '', 0, $old_domain, $old_path), JSON_FORCE_OBJECT), 1, $old_path, $old_domain); |
|
| 73 | + } |
|
| 70 | 74 | } |
| 71 | 75 | |
| 72 | 76 | // Get the data and path to set it on. |
@@ -82,8 +86,9 @@ discard block |
||
| 82 | 86 | smf_setcookie($cookiename, $data, $expiry_time, $cookie_url[1], $cookie_url[0]); |
| 83 | 87 | |
| 84 | 88 | // If subdomain-independent cookies are on, unset the subdomain-dependent cookie too. |
| 85 | - if (empty($id) && !empty($modSettings['globalCookies'])) |
|
| 86 | - smf_setcookie($cookiename, $data, $expiry_time, $cookie_url[1], ''); |
|
| 89 | + if (empty($id) && !empty($modSettings['globalCookies'])) { |
|
| 90 | + smf_setcookie($cookiename, $data, $expiry_time, $cookie_url[1], ''); |
|
| 91 | + } |
|
| 87 | 92 | |
| 88 | 93 | // Any alias URLs? This is mainly for use with frames, etc. |
| 89 | 94 | if (!empty($modSettings['forum_alias_urls'])) |
@@ -99,8 +104,9 @@ discard block |
||
| 99 | 104 | |
| 100 | 105 | $cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies'])); |
| 101 | 106 | |
| 102 | - if ($cookie_url[0] == '') |
|
| 103 | - $cookie_url[0] = strtok($alias, '/'); |
|
| 107 | + if ($cookie_url[0] == '') { |
|
| 108 | + $cookie_url[0] = strtok($alias, '/'); |
|
| 109 | + } |
|
| 104 | 110 | |
| 105 | 111 | $alias_data = $smcFunc['json_decode']($data); |
| 106 | 112 | $alias_data[3] = $cookie_url[0]; |
@@ -151,8 +157,9 @@ discard block |
||
| 151 | 157 | $identifier = $cookiename . '_tfa'; |
| 152 | 158 | $cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies'])); |
| 153 | 159 | |
| 154 | - if ($preserve) |
|
| 155 | - $cookie_length = 81600 * 30; |
|
| 160 | + if ($preserve) { |
|
| 161 | + $cookie_length = 81600 * 30; |
|
| 162 | + } |
|
| 156 | 163 | |
| 157 | 164 | // Get the data and path to set it on. |
| 158 | 165 | $data = $smcFunc['json_encode'](empty($id) ? array(0, '', 0, $cookie_url[0], $cookie_url[1], false) : array($id, $secret, time() + $cookie_length, $cookie_url[0], $cookie_url[1], $preserve), JSON_FORCE_OBJECT); |
@@ -161,8 +168,9 @@ discard block |
||
| 161 | 168 | smf_setcookie($identifier, $data, time() + $cookie_length, $cookie_url[1], $cookie_url[0]); |
| 162 | 169 | |
| 163 | 170 | // If subdomain-independent cookies are on, unset the subdomain-dependent cookie too. |
| 164 | - if (empty($id) && !empty($modSettings['globalCookies'])) |
|
| 165 | - smf_setcookie($identifier, $data, time() + $cookie_length, $cookie_url[1], ''); |
|
| 171 | + if (empty($id) && !empty($modSettings['globalCookies'])) { |
|
| 172 | + smf_setcookie($identifier, $data, time() + $cookie_length, $cookie_url[1], ''); |
|
| 173 | + } |
|
| 166 | 174 | |
| 167 | 175 | $_COOKIE[$identifier] = $data; |
| 168 | 176 | } |
@@ -184,23 +192,28 @@ discard block |
||
| 184 | 192 | $parsed_url = parse_url($boardurl); |
| 185 | 193 | |
| 186 | 194 | // Is local cookies off? |
| 187 | - if (empty($parsed_url['path']) || !$local) |
|
| 188 | - $parsed_url['path'] = ''; |
|
| 195 | + if (empty($parsed_url['path']) || !$local) { |
|
| 196 | + $parsed_url['path'] = ''; |
|
| 197 | + } |
|
| 189 | 198 | |
| 190 | - if (!empty($modSettings['globalCookiesDomain']) && strpos($boardurl, $modSettings['globalCookiesDomain']) !== false) |
|
| 191 | - $parsed_url['host'] = $modSettings['globalCookiesDomain']; |
|
| 199 | + if (!empty($modSettings['globalCookiesDomain']) && strpos($boardurl, $modSettings['globalCookiesDomain']) !== false) { |
|
| 200 | + $parsed_url['host'] = $modSettings['globalCookiesDomain']; |
|
| 201 | + } |
|
| 192 | 202 | |
| 193 | 203 | // Globalize cookies across domains (filter out IP-addresses)? |
| 194 | - elseif ($global && preg_match('~^\d{1,3}(\.\d{1,3}){3}$~', $parsed_url['host']) == 0 && preg_match('~(?:[^\.]+\.)?([^\.]{2,}\..+)\z~i', $parsed_url['host'], $parts) == 1) |
|
| 195 | - $parsed_url['host'] = '.' . $parts[1]; |
|
| 204 | + elseif ($global && preg_match('~^\d{1,3}(\.\d{1,3}){3}$~', $parsed_url['host']) == 0 && preg_match('~(?:[^\.]+\.)?([^\.]{2,}\..+)\z~i', $parsed_url['host'], $parts) == 1) { |
|
| 205 | + $parsed_url['host'] = '.' . $parts[1]; |
|
| 206 | + } |
|
| 196 | 207 | |
| 197 | 208 | // We shouldn't use a host at all if both options are off. |
| 198 | - elseif (!$local && !$global) |
|
| 199 | - $parsed_url['host'] = ''; |
|
| 209 | + elseif (!$local && !$global) { |
|
| 210 | + $parsed_url['host'] = ''; |
|
| 211 | + } |
|
| 200 | 212 | |
| 201 | 213 | // The host also shouldn't be set if there aren't any dots in it. |
| 202 | - elseif (!isset($parsed_url['host']) || strpos($parsed_url['host'], '.') === false) |
|
| 203 | - $parsed_url['host'] = ''; |
|
| 214 | + elseif (!isset($parsed_url['host']) || strpos($parsed_url['host'], '.') === false) { |
|
| 215 | + $parsed_url['host'] = ''; |
|
| 216 | + } |
|
| 204 | 217 | |
| 205 | 218 | return array($parsed_url['host'], $parsed_url['path'] . '/'); |
| 206 | 219 | } |
@@ -219,8 +232,9 @@ discard block |
||
| 219 | 232 | createToken('login'); |
| 220 | 233 | |
| 221 | 234 | // Never redirect to an attachment |
| 222 | - if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false) |
|
| 223 | - $_SESSION['login_url'] = $_SERVER['REQUEST_URL']; |
|
| 235 | + if (strpos($_SERVER['REQUEST_URL'], 'dlattach') === false) { |
|
| 236 | + $_SESSION['login_url'] = $_SERVER['REQUEST_URL']; |
|
| 237 | + } |
|
| 224 | 238 | |
| 225 | 239 | $context['sub_template'] = 'kick_guest'; |
| 226 | 240 | $context['page_title'] = $txt['login']; |
@@ -275,10 +289,12 @@ discard block |
||
| 275 | 289 | $txt['security_wrong'] = sprintf($txt['security_wrong'], isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $txt['unknown'], $_SERVER['HTTP_USER_AGENT'], $user_info['ip']); |
| 276 | 290 | log_error($txt['security_wrong'], 'critical'); |
| 277 | 291 | |
| 278 | - if (isset($_POST[$type . '_hash_pass'])) |
|
| 279 | - unset($_POST[$type . '_hash_pass']); |
|
| 280 | - if (isset($_POST[$type . '_pass'])) |
|
| 281 | - unset($_POST[$type . '_pass']); |
|
| 292 | + if (isset($_POST[$type . '_hash_pass'])) { |
|
| 293 | + unset($_POST[$type . '_hash_pass']); |
|
| 294 | + } |
|
| 295 | + if (isset($_POST[$type . '_pass'])) { |
|
| 296 | + unset($_POST[$type . '_pass']); |
|
| 297 | + } |
|
| 282 | 298 | |
| 283 | 299 | $context['incorrect_password'] = true; |
| 284 | 300 | } |
@@ -291,15 +307,17 @@ discard block |
||
| 291 | 307 | |
| 292 | 308 | // Now go through $_POST. Make sure the session hash is sent. |
| 293 | 309 | $_POST[$context['session_var']] = $context['session_id']; |
| 294 | - foreach ($_POST as $k => $v) |
|
| 295 | - $context['post_data'] .= adminLogin_outputPostVars($k, $v); |
|
| 310 | + foreach ($_POST as $k => $v) { |
|
| 311 | + $context['post_data'] .= adminLogin_outputPostVars($k, $v); |
|
| 312 | + } |
|
| 296 | 313 | |
| 297 | 314 | // Now we'll use the admin_login sub template of the Login template. |
| 298 | 315 | $context['sub_template'] = 'admin_login'; |
| 299 | 316 | |
| 300 | 317 | // And title the page something like "Login". |
| 301 | - if (!isset($context['page_title'])) |
|
| 302 | - $context['page_title'] = $txt['login']; |
|
| 318 | + if (!isset($context['page_title'])) { |
|
| 319 | + $context['page_title'] = $txt['login']; |
|
| 320 | + } |
|
| 303 | 321 | |
| 304 | 322 | // The type of action. |
| 305 | 323 | $context['sessionCheckType'] = $type; |
@@ -322,14 +340,15 @@ discard block |
||
| 322 | 340 | { |
| 323 | 341 | global $smcFunc; |
| 324 | 342 | |
| 325 | - if (!is_array($v)) |
|
| 326 | - return ' |
|
| 343 | + if (!is_array($v)) { |
|
| 344 | + return ' |
|
| 327 | 345 | <input type="hidden" name="' . $smcFunc['htmlspecialchars']($k) . '" value="' . strtr($v, array('"' => '"', '<' => '<', '>' => '>')) . '">'; |
| 328 | - else |
|
| 346 | + } else |
|
| 329 | 347 | { |
| 330 | 348 | $ret = ''; |
| 331 | - foreach ($v as $k2 => $v2) |
|
| 332 | - $ret .= adminLogin_outputPostVars($k . '[' . $k2 . ']', $v2); |
|
| 349 | + foreach ($v as $k2 => $v2) { |
|
| 350 | + $ret .= adminLogin_outputPostVars($k . '[' . $k2 . ']', $v2); |
|
| 351 | + } |
|
| 333 | 352 | |
| 334 | 353 | return $ret; |
| 335 | 354 | } |
@@ -356,18 +375,20 @@ discard block |
||
| 356 | 375 | foreach ($get as $k => $v) |
| 357 | 376 | { |
| 358 | 377 | // Only if it's not already in the $scripturl! |
| 359 | - if (!isset($temp[$k])) |
|
| 360 | - $query_string .= urlencode($k) . '=' . urlencode($v) . ';'; |
|
| 378 | + if (!isset($temp[$k])) { |
|
| 379 | + $query_string .= urlencode($k) . '=' . urlencode($v) . ';'; |
|
| 380 | + } |
|
| 361 | 381 | // If it changed, put it out there, but with an ampersand. |
| 362 | - elseif ($temp[$k] != $get[$k]) |
|
| 363 | - $query_string .= urlencode($k) . '=' . urlencode($v) . '&'; |
|
| 382 | + elseif ($temp[$k] != $get[$k]) { |
|
| 383 | + $query_string .= urlencode($k) . '=' . urlencode($v) . '&'; |
|
| 384 | + } |
|
| 364 | 385 | } |
| 365 | - } |
|
| 366 | - else |
|
| 386 | + } else |
|
| 367 | 387 | { |
| 368 | 388 | // Add up all the data from $_GET into get_data. |
| 369 | - foreach ($get as $k => $v) |
|
| 370 | - $query_string .= urlencode($k) . '=' . urlencode($v) . ';'; |
|
| 389 | + foreach ($get as $k => $v) { |
|
| 390 | + $query_string .= urlencode($k) . '=' . urlencode($v) . ';'; |
|
| 391 | + } |
|
| 371 | 392 | } |
| 372 | 393 | |
| 373 | 394 | $query_string = substr($query_string, 0, -1); |
@@ -390,8 +411,9 @@ discard block |
||
| 390 | 411 | global $scripturl, $user_info, $smcFunc; |
| 391 | 412 | |
| 392 | 413 | // If it's not already an array, make it one. |
| 393 | - if (!is_array($names)) |
|
| 394 | - $names = explode(',', $names); |
|
| 414 | + if (!is_array($names)) { |
|
| 415 | + $names = explode(',', $names); |
|
| 416 | + } |
|
| 395 | 417 | |
| 396 | 418 | $maybe_email = false; |
| 397 | 419 | $names_list = array(); |
@@ -403,10 +425,11 @@ discard block |
||
| 403 | 425 | $maybe_email |= strpos($name, '@') !== false; |
| 404 | 426 | |
| 405 | 427 | // Make it so standard wildcards will work. (* and ?) |
| 406 | - if ($use_wildcards) |
|
| 407 | - $names[$i] = strtr($names[$i], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_', '\'' => ''')); |
|
| 408 | - else |
|
| 409 | - $names[$i] = strtr($names[$i], array('\'' => ''')); |
|
| 428 | + if ($use_wildcards) { |
|
| 429 | + $names[$i] = strtr($names[$i], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_', '\'' => ''')); |
|
| 430 | + } else { |
|
| 431 | + $names[$i] = strtr($names[$i], array('\'' => ''')); |
|
| 432 | + } |
|
| 410 | 433 | |
| 411 | 434 | $names_list[] = '{string:lookup_name_' . $i . '}'; |
| 412 | 435 | $where_params['lookup_name_' . $i] = $names[$i]; |
@@ -419,11 +442,12 @@ discard block |
||
| 419 | 442 | $results = array(); |
| 420 | 443 | |
| 421 | 444 | // This ensures you can't search someones email address if you can't see it. |
| 422 | - if (($use_wildcards || $maybe_email) && allowedTo('moderate_forum')) |
|
| 423 | - $email_condition = ' |
|
| 445 | + if (($use_wildcards || $maybe_email) && allowedTo('moderate_forum')) { |
|
| 446 | + $email_condition = ' |
|
| 424 | 447 | OR (email_address ' . $comparison . ' \'' . implode('\') OR (email_address ' . $comparison . ' \'', $names) . '\')'; |
| 425 | - else |
|
| 426 | - $email_condition = ''; |
|
| 448 | + } else { |
|
| 449 | + $email_condition = ''; |
|
| 450 | + } |
|
| 427 | 451 | |
| 428 | 452 | // Get the case of the columns right - but only if we need to as things like MySQL will go slow needlessly otherwise. |
| 429 | 453 | $member_name = $smcFunc['db_case_sensitive'] ? 'LOWER(member_name)' : 'member_name'; |
@@ -482,10 +506,11 @@ discard block |
||
| 482 | 506 | $context['template_layers'] = array(); |
| 483 | 507 | $context['sub_template'] = 'find_members'; |
| 484 | 508 | |
| 485 | - if (isset($_REQUEST['search'])) |
|
| 486 | - $context['last_search'] = $smcFunc['htmlspecialchars']($_REQUEST['search'], ENT_QUOTES); |
|
| 487 | - else |
|
| 488 | - $_REQUEST['start'] = 0; |
|
| 509 | + if (isset($_REQUEST['search'])) { |
|
| 510 | + $context['last_search'] = $smcFunc['htmlspecialchars']($_REQUEST['search'], ENT_QUOTES); |
|
| 511 | + } else { |
|
| 512 | + $_REQUEST['start'] = 0; |
|
| 513 | + } |
|
| 489 | 514 | |
| 490 | 515 | // Allow the user to pass the input to be added to to the box. |
| 491 | 516 | $context['input_box_name'] = isset($_REQUEST['input']) && preg_match('~^[\w-]+$~', $_REQUEST['input']) === 1 ? $_REQUEST['input'] : 'to'; |
@@ -526,10 +551,10 @@ discard block |
||
| 526 | 551 | ); |
| 527 | 552 | |
| 528 | 553 | $context['results'] = array_slice($context['results'], $_REQUEST['start'], 7); |
| 554 | + } else { |
|
| 555 | + $context['links']['up'] = $scripturl . '?action=pm;sa=send' . (empty($_REQUEST['u']) ? '' : ';u=' . $_REQUEST['u']); |
|
| 556 | + } |
|
| 529 | 557 | } |
| 530 | - else |
|
| 531 | - $context['links']['up'] = $scripturl . '?action=pm;sa=send' . (empty($_REQUEST['u']) ? '' : ';u=' . $_REQUEST['u']); |
|
| 532 | -} |
|
| 533 | 558 | |
| 534 | 559 | /** |
| 535 | 560 | * Outputs each member name on its own line. |
@@ -545,8 +570,9 @@ discard block |
||
| 545 | 570 | $_REQUEST['search'] = trim($smcFunc['strtolower']($_REQUEST['search'])); |
| 546 | 571 | $_REQUEST['search'] = strtr($_REQUEST['search'], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_', '&' => '&')); |
| 547 | 572 | |
| 548 | - if (function_exists('iconv')) |
|
| 549 | - header('Content-Type: text/plain; charset=UTF-8'); |
|
| 573 | + if (function_exists('iconv')) { |
|
| 574 | + header('Content-Type: text/plain; charset=UTF-8'); |
|
| 575 | + } |
|
| 550 | 576 | |
| 551 | 577 | $request = $smcFunc['db_query']('', ' |
| 552 | 578 | SELECT real_name |
@@ -566,14 +592,16 @@ discard block |
||
| 566 | 592 | if (function_exists('iconv')) |
| 567 | 593 | { |
| 568 | 594 | $utf8 = iconv($txt['lang_character_set'], 'UTF-8', $row['real_name']); |
| 569 | - if ($utf8) |
|
| 570 | - $row['real_name'] = $utf8; |
|
| 595 | + if ($utf8) { |
|
| 596 | + $row['real_name'] = $utf8; |
|
| 597 | + } |
|
| 571 | 598 | } |
| 572 | 599 | |
| 573 | 600 | $row['real_name'] = strtr($row['real_name'], array('&' => '&', '<' => '<', '>' => '>', '"' => '"')); |
| 574 | 601 | |
| 575 | - if (preg_match('~&#\d+;~', $row['real_name']) != 0) |
|
| 576 | - $row['real_name'] = preg_replace_callback('~&#(\d+);~', 'fixchar__callback', $row['real_name']); |
|
| 602 | + if (preg_match('~&#\d+;~', $row['real_name']) != 0) { |
|
| 603 | + $row['real_name'] = preg_replace_callback('~&#(\d+);~', 'fixchar__callback', $row['real_name']); |
|
| 604 | + } |
|
| 577 | 605 | |
| 578 | 606 | echo $row['real_name'], "\n"; |
| 579 | 607 | } |
@@ -630,9 +658,9 @@ discard block |
||
| 630 | 658 | |
| 631 | 659 | // Update the database... |
| 632 | 660 | updateMemberData($memID, array('member_name' => $user, 'passwd' => $newPassword_sha1)); |
| 661 | + } else { |
|
| 662 | + updateMemberData($memID, array('passwd' => $newPassword_sha1)); |
|
| 633 | 663 | } |
| 634 | - else |
|
| 635 | - updateMemberData($memID, array('passwd' => $newPassword_sha1)); |
|
| 636 | 664 | |
| 637 | 665 | call_integration_hook('integrate_reset_pass', array($old_user, $user, $newPassword)); |
| 638 | 666 | |
@@ -663,31 +691,37 @@ discard block |
||
| 663 | 691 | $errors = array(); |
| 664 | 692 | |
| 665 | 693 | // Don't use too long a name. |
| 666 | - if ($smcFunc['strlen']($username) > 25) |
|
| 667 | - $errors[] = array('lang', 'error_long_name'); |
|
| 694 | + if ($smcFunc['strlen']($username) > 25) { |
|
| 695 | + $errors[] = array('lang', 'error_long_name'); |
|
| 696 | + } |
|
| 668 | 697 | |
| 669 | 698 | // No name?! How can you register with no name? |
| 670 | - if ($username == '') |
|
| 671 | - $errors[] = array('lang', 'need_username'); |
|
| 699 | + if ($username == '') { |
|
| 700 | + $errors[] = array('lang', 'need_username'); |
|
| 701 | + } |
|
| 672 | 702 | |
| 673 | 703 | // Only these characters are permitted. |
| 674 | - if (in_array($username, array('_', '|')) || preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $username)) != 0 || strpos($username, '[code') !== false || strpos($username, '[/code') !== false) |
|
| 675 | - $errors[] = array('lang', 'error_invalid_characters_username'); |
|
| 704 | + if (in_array($username, array('_', '|')) || preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $username)) != 0 || strpos($username, '[code') !== false || strpos($username, '[/code') !== false) { |
|
| 705 | + $errors[] = array('lang', 'error_invalid_characters_username'); |
|
| 706 | + } |
|
| 676 | 707 | |
| 677 | - if (stristr($username, $txt['guest_title']) !== false) |
|
| 678 | - $errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title'])); |
|
| 708 | + if (stristr($username, $txt['guest_title']) !== false) { |
|
| 709 | + $errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title'])); |
|
| 710 | + } |
|
| 679 | 711 | |
| 680 | 712 | if ($check_reserved_name) |
| 681 | 713 | { |
| 682 | 714 | require_once($sourcedir . '/Subs-Members.php'); |
| 683 | - if (isReservedName($username, $memID, false)) |
|
| 684 | - $errors[] = array('done', '(' . $smcFunc['htmlspecialchars']($username) . ') ' . $txt['name_in_use']); |
|
| 715 | + if (isReservedName($username, $memID, false)) { |
|
| 716 | + $errors[] = array('done', '(' . $smcFunc['htmlspecialchars']($username) . ') ' . $txt['name_in_use']); |
|
| 717 | + } |
|
| 685 | 718 | } |
| 686 | 719 | |
| 687 | - if ($return_error) |
|
| 688 | - return $errors; |
|
| 689 | - elseif (empty($errors)) |
|
| 690 | - return null; |
|
| 720 | + if ($return_error) { |
|
| 721 | + return $errors; |
|
| 722 | + } elseif (empty($errors)) { |
|
| 723 | + return null; |
|
| 724 | + } |
|
| 691 | 725 | |
| 692 | 726 | loadLanguage('Errors'); |
| 693 | 727 | $error = $errors[0]; |
@@ -713,22 +747,26 @@ discard block |
||
| 713 | 747 | global $modSettings, $smcFunc; |
| 714 | 748 | |
| 715 | 749 | // Perform basic requirements first. |
| 716 | - if ($smcFunc['strlen']($password) < (empty($modSettings['password_strength']) ? 4 : 8)) |
|
| 717 | - return 'short'; |
|
| 750 | + if ($smcFunc['strlen']($password) < (empty($modSettings['password_strength']) ? 4 : 8)) { |
|
| 751 | + return 'short'; |
|
| 752 | + } |
|
| 718 | 753 | |
| 719 | 754 | // Is this enough? |
| 720 | - if (empty($modSettings['password_strength'])) |
|
| 721 | - return null; |
|
| 755 | + if (empty($modSettings['password_strength'])) { |
|
| 756 | + return null; |
|
| 757 | + } |
|
| 722 | 758 | |
| 723 | 759 | // Otherwise, perform the medium strength test - checking if password appears in the restricted string. |
| 724 | - if (preg_match('~\b' . preg_quote($password, '~') . '\b~', implode(' ', $restrict_in)) != 0) |
|
| 725 | - return 'restricted_words'; |
|
| 726 | - elseif ($smcFunc['strpos']($password, $username) !== false) |
|
| 727 | - return 'restricted_words'; |
|
| 760 | + if (preg_match('~\b' . preg_quote($password, '~') . '\b~', implode(' ', $restrict_in)) != 0) { |
|
| 761 | + return 'restricted_words'; |
|
| 762 | + } elseif ($smcFunc['strpos']($password, $username) !== false) { |
|
| 763 | + return 'restricted_words'; |
|
| 764 | + } |
|
| 728 | 765 | |
| 729 | 766 | // If just medium, we're done. |
| 730 | - if ($modSettings['password_strength'] == 1) |
|
| 731 | - return null; |
|
| 767 | + if ($modSettings['password_strength'] == 1) { |
|
| 768 | + return null; |
|
| 769 | + } |
|
| 732 | 770 | |
| 733 | 771 | // Otherwise, hard test next, check for numbers and letters, uppercase too. |
| 734 | 772 | $good = preg_match('~(\D\d|\d\D)~', $password) != 0; |
@@ -760,14 +798,16 @@ discard block |
||
| 760 | 798 | ) |
| 761 | 799 | ); |
| 762 | 800 | $groups = array(); |
| 763 | - while ($row = $smcFunc['db_fetch_assoc']($request)) |
|
| 764 | - $groups[] = $row['id_group']; |
|
| 801 | + while ($row = $smcFunc['db_fetch_assoc']($request)) { |
|
| 802 | + $groups[] = $row['id_group']; |
|
| 803 | + } |
|
| 765 | 804 | $smcFunc['db_free_result']($request); |
| 766 | 805 | |
| 767 | - if (empty($groups)) |
|
| 768 | - $group_query = '0=1'; |
|
| 769 | - else |
|
| 770 | - $group_query = 'id_group IN (' . implode(',', $groups) . ')'; |
|
| 806 | + if (empty($groups)) { |
|
| 807 | + $group_query = '0=1'; |
|
| 808 | + } else { |
|
| 809 | + $group_query = 'id_group IN (' . implode(',', $groups) . ')'; |
|
| 810 | + } |
|
| 771 | 811 | } |
| 772 | 812 | |
| 773 | 813 | // Then, same again, just the boards this time! |
@@ -777,10 +817,11 @@ discard block |
||
| 777 | 817 | { |
| 778 | 818 | $boards = boardsAllowedTo('moderate_board', true); |
| 779 | 819 | |
| 780 | - if (empty($boards)) |
|
| 781 | - $board_query = '0=1'; |
|
| 782 | - else |
|
| 783 | - $board_query = 'id_board IN (' . implode(',', $boards) . ')'; |
|
| 820 | + if (empty($boards)) { |
|
| 821 | + $board_query = '0=1'; |
|
| 822 | + } else { |
|
| 823 | + $board_query = 'id_board IN (' . implode(',', $boards) . ')'; |
|
| 824 | + } |
|
| 784 | 825 | } |
| 785 | 826 | |
| 786 | 827 | // What boards are they the moderator of? |
@@ -795,8 +836,9 @@ discard block |
||
| 795 | 836 | 'current_member' => $user_info['id'], |
| 796 | 837 | ) |
| 797 | 838 | ); |
| 798 | - while ($row = $smcFunc['db_fetch_assoc']($request)) |
|
| 799 | - $boards_mod[] = $row['id_board']; |
|
| 839 | + while ($row = $smcFunc['db_fetch_assoc']($request)) { |
|
| 840 | + $boards_mod[] = $row['id_board']; |
|
| 841 | + } |
|
| 800 | 842 | $smcFunc['db_free_result']($request); |
| 801 | 843 | |
| 802 | 844 | // Can any of the groups they're in moderate any of the boards? |
@@ -808,8 +850,9 @@ discard block |
||
| 808 | 850 | 'groups' => $user_info['groups'], |
| 809 | 851 | ) |
| 810 | 852 | ); |
| 811 | - while ($row = $smcFunc['db_fetch_assoc']($request)) |
|
| 812 | - $boards_mod[] = $row['id_board']; |
|
| 853 | + while ($row = $smcFunc['db_fetch_assoc']($request)) { |
|
| 854 | + $boards_mod[] = $row['id_board']; |
|
| 855 | + } |
|
| 813 | 856 | $smcFunc['db_free_result']($request); |
| 814 | 857 | |
| 815 | 858 | // Just in case we've got duplicates here... |
@@ -854,10 +897,12 @@ discard block |
||
| 854 | 897 | global $modSettings; |
| 855 | 898 | |
| 856 | 899 | // In case a customization wants to override the default settings |
| 857 | - if ($httponly === null) |
|
| 858 | - $httponly = !empty($modSettings['httponlyCookies']); |
|
| 859 | - if ($secure === null) |
|
| 860 | - $secure = !empty($modSettings['secureCookies']); |
|
| 900 | + if ($httponly === null) { |
|
| 901 | + $httponly = !empty($modSettings['httponlyCookies']); |
|
| 902 | + } |
|
| 903 | + if ($secure === null) { |
|
| 904 | + $secure = !empty($modSettings['secureCookies']); |
|
| 905 | + } |
|
| 861 | 906 | |
| 862 | 907 | // Intercept cookie? |
| 863 | 908 | call_integration_hook('integrate_cookie', array($name, $value, $expire, $path, $domain, $secure, $httponly)); |
@@ -877,8 +922,9 @@ discard block |
||
| 877 | 922 | function hash_password($username, $password, $cost = null) |
| 878 | 923 | { |
| 879 | 924 | global $sourcedir, $smcFunc, $modSettings; |
| 880 | - if (!function_exists('password_hash')) |
|
| 881 | - require_once($sourcedir . '/Subs-Password.php'); |
|
| 925 | + if (!function_exists('password_hash')) { |
|
| 926 | + require_once($sourcedir . '/Subs-Password.php'); |
|
| 927 | + } |
|
| 882 | 928 | |
| 883 | 929 | $cost = empty($cost) ? (empty($modSettings['bcrypt_hash_cost']) ? 10 : $modSettings['bcrypt_hash_cost']) : $cost; |
| 884 | 930 | |
@@ -910,8 +956,9 @@ discard block |
||
| 910 | 956 | function hash_verify_password($username, $password, $hash) |
| 911 | 957 | { |
| 912 | 958 | global $sourcedir, $smcFunc; |
| 913 | - if (!function_exists('password_verify')) |
|
| 914 | - require_once($sourcedir . '/Subs-Password.php'); |
|
| 959 | + if (!function_exists('password_verify')) { |
|
| 960 | + require_once($sourcedir . '/Subs-Password.php'); |
|
| 961 | + } |
|
| 915 | 962 | |
| 916 | 963 | return password_verify($smcFunc['strtolower']($username) . $password, $hash); |
| 917 | 964 | } |
